CISO Stories Podcast: A Cost-Effective Approach to Security Risk Management

Risk management is arguably one of the most important functions of the CISO. So, how does the CISO establish the value proposition for an investment? Jack Jones, Chief Risk Scientist at RiskLens, discusses using a well-tested risk framework to evaluate and compare the current state of loss exposure and the expected reduction from applying a set of alternative controls - check it out...

 

jjones-0-5
About the Guest

Jack Jones

Chief Risk Scientist at RiskLens

Jack has worked in information security for over thirty-five years, including ten years of experience as a CISO with three different companies, including a Fortune 100 company. His work was recognized in 2006 with the ISSA Excellence in the Field of Security Practices award. 

In 2012 Jack received the CSO Compass award for risk management leadership. An adjunct professor at Carnegie Mellon University, he teaches in the CRO and CISO executive programs. Jack also created the “Factor Analysis of Information Risk” (FAIR) model adopted as an international standard. 

Currently, Jack is the Chief Risk Scientist at RiskLens and Chairman of the FAIR Institute, an award-winning global non-profit organization. He has also co-authored a book on FAIR entitled “Measuring and Managing Information Risk, a FAIR Approach'' which was inducted into the Cyber Security Canon in 2016. He also contributed to a book entitled “CISO Compass”, which was inducted into the Cyber Security Canon in 2020.

About the Hosts

sam-hex-hs

Sam Curry

Chief Security Officer at Cybereason

Sam Curry (@samjcurry) is CSO at Cybereason and is a Visiting Fellow at the National Security Institute.  Previously, Sam was CTO and CISO for Arbor Networks (NetScout) and was CSO and SVP R&D at MicroStrategy in addition to holding senior security roles at McAfee and CA. He spent 7 years at RSA, the Security Division of EMC as Chief Technologist and SVP of Product.

Sam also has over 20 patents in security from his time as a security architect, has been a leader in two successful startups and is a board member of the Cybersecurity Coalition, of SSH Communications and of Sequitur Labs.

todd-fitzgerald-hex-hs

Todd Fitzgerald

Vice President, Cybersecurity Strategy at Cybersecurity Collaborative

Todd Fitzgerald (@securityfitz) has built information Fortune 500/large company security programs for 20 years. 

Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. 

Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

CISO Stories Podcast

About The CISO Stories Podcast

The Cybersecurity Collaborative, in conjunction with Cybereason, is proud to present the CISO Stories Podcast. Each week CISO Stories takes a deep dive on security leadership with top security professionals from across the public and private sectors who share their insights and expertise with the community.

The Cybersecurity Collaborative is a unique membership community enabling cybersecurity leaders to work together in a trusted environment. To learn more, visit: https://www.securityweekly.com/csc.

All Episodes of CISO Stories Podcast