Using Data to Estimate Cyber Risk Financial Implications – Paul Sand – CSP #123
The CISO who can speak to the financial implications of cyber risk will be able to successfully work amongst the C-suite and in the board room to prioritize and address cyber initiatives. Building a view of the financial implications of those risks based on real data enhances not only the CISO’s decision-making ability but also the CISO’s credibility with stakeholders. Join us as we take a look at how industry and enterprise data sources can be leveraged to build a view of the financial implications of cyber risk to set the stage for making quality decisions.
Paul Sand, is Vice President, Technology Risk Officer, at the Federal Home Loan Bank of Chicago where he is responsible for oversight of the bank’s technology risk including information security risk, physical security and personnel safety. He chairs the bank’s Technology Risk Subcommittee and is a voting member of the Operational Risk Oversight Committee. FHBLC is a $100 billion wholesale bank that provides liquidity to retail financial institutions involved in home based lending. He is a named inventor on 21 US Patents spanning the disciplines of cyber security, physical security, public safety, voice communications, and data communications. He has contributed to standards developed by the National Institute of Standards and Technology (NIST), co-authored the Financial Management of Cyber Risk published by the American National Standards Institute (ANSI) and the Internet Security Alliance, and published “Managing Rapidly Changing Cyber Risks” in the October 2018 issue of Intelligent Risk. He is a member of Underwriter’s Laboratory’s (UL) Security Council, the US Secret Service’s Cyber Fraud Task Force (CFTF), and the Federal Bureau of Investigation’s InfraGard program. Paul holds a Secret Level US Government Security Clearance issued through the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS).
Paul holds a Master’s of Science degree in Computer Science from Northwestern University and a Bachelor of Arts degree in Business Administration, History and Political Science, and Computer Science from the University of Jamestown.
Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.