Although it’s quickly fading in the rearview mirror, the April 2018 RSA Conference underscored growing interest in a more disciplined style of cyber risk management that mirrors traditional business risk management.
There was plenty of buzz at the conference around blockchain, machine learning, cyber warfare — and the imminent implementation of the General Data Protection Regulation (GDPR). However, the major theme of the event centered around the management of cyber risks.
Speak the Language of Business Risk
For many IT security practitioners, cyber risk management is a double-edged sword. It stimulates greater educational opportunities to help security professionals translate technical jargon into the language of business risk, which the C-suite and board of directors can more easily understand. This increased attention can also unleash a cacophony of competing marketing messages from different vendors — further muddying the waters and creating more confusion.
The conference also highlighted the fact that security is indeed a board-level issue. The president of the RSA, Rohit Ghai, referenced a survey in his keynote which revealed that 89 percent of respondents from the…
