VS21 Assessing and Managing Cyber Risk: An Approach for Chief Risk Officers (CROs)

Simply investing in cyber security controls isn’t enough, as countless victims of cyber-attacks have learned the hard way. This session will offer valuable insights and recommendations for Chief Risk Officers (CROs) and C-suite decision makers about how to move beyond simply ticking a box to ensuring their cyber security investments are effective and working as intended to provide risk assurance.

In this lesson you will learn about:

• The importance of moving from auditing security control existence to security control effectiveness
• Determining the right level of risk for your organization
• How to assess if security controls are working as they should