Using Data to Estimate Cyber Risk Financial Implications – Paul Sand – CSP #123
The CISO who can speak to the financial implications of cyber risk will be able to successfully work amongst the C-suite and in the board room to prioritize and address cyber initiatives. Building a view of the financial implications of those risks based on real data enhances not only the CISO’s decision-making ability but also the CISO’s credibility with stakeholders. Join us as we take a look at how industry and enterprise data sources can be leveraged to build a view of the financial implications of cyber risk to set the stage for making quality decisions.
Guest
Paul Sand, is Vice President, Technology Risk Officer, at the Federal Home Loan Bank of Chicago where he is responsible for oversight of the bank’s technology risk including information security risk, physical security and personnel safety. He chairs the bank’s Technology Risk Subcommittee and is a voting member of the Operational Risk Oversight Committee. FHBLC is a $100 billion wholesale bank that provides liquidity to retail financial institutions involved in home based lending. He is a named inventor on 21 US Patents spanning the disciplines of cyber security, physical security, public safety, voice communications, and data communications. He has contributed to standards developed by the National Institute of Standards and Technology (NIST), co-authored the Financial Management of Cyber Risk published by the American National Standards Institute (ANSI) and the Internet Security Alliance, and published “Managing Rapidly Changing Cyber Risks” in the October 2018 issue of Intelligent Risk. He is a member of Underwriter’s Laboratory’s (UL) Security Council, the US Secret Service’s Cyber Fraud Task Force (CFTF), and the Federal Bureau of Investigation’s InfraGard program. Paul holds a Secret Level US Government Security Clearance issued through the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS).
Paul holds a Master’s of Science degree in Computer Science from Northwestern University and a Bachelor of Arts degree in Business Administration, History and Political Science, and Computer Science from the University of Jamestown.
Host
Todd Fitzgerald promotes CISO/CPO leadership via the SCMedia CISO STORIES weekly podcast, advisory board participation, and international speaking engagements. Todd serves as VP, Cybersecurity Strategy, Cybersecurity Collaborative. Todd authored 5 books, including #1 New Release (2024) Privacy Leader Compass: A Comprehensive Roadmap for Building and Leading Practical Privacy Programs, and #1 Best-selling (2019-2023) and 2020 CANON Cybersecurity Hall of Fame book, CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers. Named 2016–17 Chicago CISO of the Year, Todd’s senior leadership positions include Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, Wellpoint/National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.
