Preconceptions of Risk

  • TYPE: Combined Session DATE: Wednesday, May 06, 2015 TIME: 12:00-13:00 LOCATION: AUDITORIUM


Risk is often seen as a dirty word in business. It is a thing that needs to be reduced to nothing, and has no possible good use in an organization, especially a security programme. This couldn’t be more wrong! Risk is an inherent part of any business, and yet it is often poorly recognized and leveraged in the security organisation.

In this presentation Thom will look at three areas of the risk conundrum to open the veil on the elusive art of understanding and ultimately measuring risk:

  1. The initial interpretation of risk and how it is often misunderstood.
  2. The measurement of risk, and how some systems work and other don’t.
  3. The effective treatment of risk, and how sometimes the obvious thing to do can be the wrong thing to do.

With the use of analogies and examples, the audience will appreciate that risk assessment, measurement and management is not always as straightforward as it might first seem. The audience will leave with a new appreciation of how risk can be leveraged for good, and not just perceived as bad.


Thom is the Director of Sapient’s Global Security Office, responsible for all aspects of delivery and internal security, risk and compliance, and business continuity across Sapient’s global operations. Having successfully built security and IT programmes from the ground up Thom...

The growing of volume, velocity and variety of Big Data creates new business models for the exploitation of data, for example individual marketing synchronously created out of clickstream data and background knowledge. However, these opportunities arouse privacy concerns. Users lose control over their privacy, and services are uncertain how to keep the trust of their customers in their decent personal data handling.

In this presentation the risk of privacy in the modern communication technology, both Internet and mobile networks, is analyzed. It turns out, that users have to negotiate the risk of privacy between refraining from services, trusting services, using self-data-protection methods and trusting privacy enhancing technologies. Services, on the other hand, have to present themselves as trustworthy with respect of their competent and decent way to handle user data. This presentation identifies the privacy principles and related trust areas and protection means.

Topics of presentation

  • The privacy challenge in the Internet and mobile networks
    • Privacy principles
    • Privacy invading and enhancing technologies
    • esp. permission rights management with mobile apps
  • Risk management
    • Trust and control
    • Trust factors in technical environments
    • Trust factors in IT privacy
  • Negotiating the risk between trust and control mechanisms
    • Privacy risk factors and related trust areas
    • Weaknesses, measures, and remaining trust areas
    • Role and perspectives of self and system data protection


Watch videos:  
Log in to download presentations:  


Session Links


European Identity & Cloud Conference 2015

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 05 - 08, 2015 Munich, Germany