SUBSCRIBE TO THE BLOG
Stay up-to-date with the latest insights and blog posts from RiskLens.
SEARCH THE BLOG
In this webinar, you’ll learn the why and how of setting up a quantitative cyber and IT risk management program from two experienced hands: Teresa Suarez, Senior Manager, Professional Services for RiskLens, who’s advised many Fortune 1000 companies on launching RiskLens FAIR™-based programs and Risk Consultant Ben Storm, a recent recruit to RiskLens who previously led a FAIR program at a Fortune 500 financial firm.
Teresa explains some of the drivers moving organizations toward quantitative risk management:
All of which expose the inadequacy of traditional, qualitative risk analysis.
As this stack shows, effective risk management starts with an accurate risk model, FAIR, which opens the way for meaningful measurements, effective comparisons among options and decisions made on a cost-benefit basis.
As Teresa explains, to fully realize effective risk management at the enterprise level takes a sophisticated, holistic approach: the RiskLens FAIR Enterprise Model (RF-EM™), which marshals the FAIR model, the RiskLens platform, all the elements of a program (people, process, performance monitoring) and a defined set of outcomes.
But to reach effective risk management generally means to change culture – and that’s where Ben picks up the story, from his experience introducing an enterprise-level FAIR program.
Ben walked through the steps his organization took:
The final level of success, Ben explains, is trust. “Before we were just risk management professionals. But with the power of the RiskLens platform with FAIR, we have ability to be financial stewards for our organizations…And once we’re able to do this, it’s up to us to be able to get to a level of proactive risk analysis where the business relies on us to help guide decisions while they are being made, as it pertains to cyber and operational risk.”
Fill out the form to view the webinar: