filmov
tv
Partner Insights: Risk Quantification Strategy for the Fortune 500
Показать описание
How do the world’s largest companies measure cyber risk?
In this video, Kavitha Srinivasulu, Global Head of Cyber Risk and Data Privacy – BFSI – R&C at TCS, shares her insights about risk quantification strategies for the Fortune 500 with Paul Kelly, Former Global Head of Cybersecurity Risk, Compliance, & Remediation at HSBC and Gaurav Banga, Founder and CEO of Balbix.
In the course of their discussion, they explain why and how company leaders are using cyber risk quantification (CRQ), the challenges with CRQ, considerations when starting a CRQ program and the future of CRQ.
Some key takeaways:
1. Company leaders need better CRQ in order to make more informed decisions. Risk scoring systems that use high, medium and low (or red, amber, green) don’t work to capture the exploding complexity of the threat landscape. As Kavitha puts it,”there came a point where senior management was unable to understand as there are thousands of risks and thousands of priorities.” Automatic quantification of cybersecurity risks in monetary terms is the way forward.
2. CRQ makes managing risk easier. For large organizations, data and tool silos are a big challenge. The general sentiment of Kavitha’s and Paul’s commentary on this topic is that by unifying data across all these tools, everyone can have a clear and consistent view of the vulnerabilities that need to be prioritized and addressed first.
3. Considerations for people rethinking how they manage risk. The old system of subjective risk assessment is outdated. As Paul says, “CRQ helps you scale, measure and track your risk over time. It helps you make objective business decisions and bridge the gap between business leaders and cyber security leaders.” Kavitha and Gaurav were in violent agreement.
Sections:
0:00 - Session introduction
0:24 - Speaker introductions
0:52 - Why company leaders use CRQ
5:05 - The challenges with CRQ
8:13 - How are teams approaching CRQ today
13:08 - The consequences of only focusing on controls
17:40 - Considerations when starting a CRQ program
23:12 - The future of CRQ
In this video, Kavitha Srinivasulu, Global Head of Cyber Risk and Data Privacy – BFSI – R&C at TCS, shares her insights about risk quantification strategies for the Fortune 500 with Paul Kelly, Former Global Head of Cybersecurity Risk, Compliance, & Remediation at HSBC and Gaurav Banga, Founder and CEO of Balbix.
In the course of their discussion, they explain why and how company leaders are using cyber risk quantification (CRQ), the challenges with CRQ, considerations when starting a CRQ program and the future of CRQ.
Some key takeaways:
1. Company leaders need better CRQ in order to make more informed decisions. Risk scoring systems that use high, medium and low (or red, amber, green) don’t work to capture the exploding complexity of the threat landscape. As Kavitha puts it,”there came a point where senior management was unable to understand as there are thousands of risks and thousands of priorities.” Automatic quantification of cybersecurity risks in monetary terms is the way forward.
2. CRQ makes managing risk easier. For large organizations, data and tool silos are a big challenge. The general sentiment of Kavitha’s and Paul’s commentary on this topic is that by unifying data across all these tools, everyone can have a clear and consistent view of the vulnerabilities that need to be prioritized and addressed first.
3. Considerations for people rethinking how they manage risk. The old system of subjective risk assessment is outdated. As Paul says, “CRQ helps you scale, measure and track your risk over time. It helps you make objective business decisions and bridge the gap between business leaders and cyber security leaders.” Kavitha and Gaurav were in violent agreement.
Sections:
0:00 - Session introduction
0:24 - Speaker introductions
0:52 - Why company leaders use CRQ
5:05 - The challenges with CRQ
8:13 - How are teams approaching CRQ today
13:08 - The consequences of only focusing on controls
17:40 - Considerations when starting a CRQ program
23:12 - The future of CRQ
0:28:36
![[Webinar] Risk Quantification](https://i.ytimg.com/vi/iB5tz0KN428/hqdefault.jpg)
0:41:25
0:36:15
0:51:08
1:57:55
0:32:13
0:59:31
0:00:57
0:50:18
1:11:04
0:46:31
0:02:10
0:33:57
0:13:41
0:30:02
1:01:04
0:01:05
0:30:56
0:30:21
0:35:28
1:28:44
0:49:39
0:41:19
0:01:01