On Thursday 12 November at 9:30 am Brussels / 7:30 pm Sydney, CyAN will hold its second CyAN-Sky Thinking Sessions on another mind-blogging issue: how CISOs can best measure the risk of their organisation.
Threat Information Sharing vs Risk Information Sharing, what is best for the CISOs?
Thursday 12 November, 9:30 am Brussels / 7:30 pm Sydney
– A 60′ virtual and interactive session among peers –
The issue
When CISOs engage with their board, they have to provide compelling information, so the company can define the level of cyber risk it wants to accept, and the right level of investment it agrees to make to limit its exposure. What are these “compelling information”? What language are the CEO and the CxOs most likely to understand?
Two approaches are possible: CISOs can provide information on threats, such as data on the critical vulnerabilities in the infrastructure of the company, with a plan to build capacity to mitigate these threats. Or they can provide information on the risks faced by the organisation, with an assessment of the cybersecurity posture of the organisation. For the first approach, CISOs can rely on a rich offering of threat information sharing solutions and initiatives. For the second approach, the offering and the adoption seem to be less mature, and the very concept of Risk Information Sharing seems to be in its early days. Is this a reality or a perception? Should CISOs embrace a risk-based approach, with what possible pitfalls and expected outcomes?
The panelists
François Thill, Director Information Security, Ministry of Economy of Luxembourg and Fergus Brooks, in charge of Cyber Recovery Planning at the Commonwealth Bankd will engage in a dialogue with Peter Coroneos, VP international of CyAN and CEO of ICON Cyber, moderated by Jean-Christophe Le Toquin, President of CyAN and expert associated with Avisa Partners.
What is a CyAN-Sky Thinking Session ?
It names originates from the blue-sky thinking, which means thinking with an open mind.
In a 1 hour online session, the panellists coming from different parts of the world exchange views and learn from each other. They prepare their intervention to make the conversation as useful as possible to a multi-disciplinary audience of professionals, but they do so with humility by bringing more questions than answers. They speak openly to learn, not to preach. The worst-case scenario is that they get away from the session with fresh ideas and feel energised by the other panellists. The ideal scenario is that they get inspired by the participants from the broader community.
How to participate?
This online session is open to all members of CyAN, but also to other cyber professionals who apply at least 48 hours in advance by email sent to contact[at]cyan.network. The organisers reserve their right to approve or decline the applications.