Effective Risk Management

  • TYPE: Combined Session DATE: Tuesday, October 08, 2019 TIME: 15:45-16:45 LOCATION: Ballroom


Organizations are at a tipping point, overwhelmed by cyber events, day to day operations, budget, and availability. Increasing triggers are compounding the problem along with increasing standards, compliance, and an overabundance of next best tools resulting in unsustainability.

A rapid-fire session will engage attendees on a pragmatic approach to risk reduction through a pragmatic CyberSecurity which simplifies the approach. Bringing clarity and focus to risk reduction efforts, while adhering to structure and standards is critical Organizations will benefit from a risk-based approach, prioritize efforts, reduction of gaps, impacts, and overall risk. The result is a move from continuous busy work is replaced by continuous improvement, reactive response is replaced by proactive efforts.

A corresponding PowerPoint and Excel Spreadsheet will be provided to attendees, kick-starting their move to pragmatic CyberSecurity and Risk Management.

Key takeaways:

1) CyberSecurity is not about tactical solutions, but requires very real strategic thinking. 
2) To maximize the update and effectiveness of strategic CyberSecurity, a pragmatic approach is best. one key option in Pragmatic CyberSecurity is using a risk based approach while embedding risk management into the equation. 
3) Slowing down the shotgun approach to an endless cycle of tactical tools procurement and failed implementations is understanding 'why' you are doing what you area doing. Then, prioritizing efforts and focus will lead to the successful adoption of the overall program as well as adoption of tools.


Bruce Hafner, President and Cofounder of ClearArmor, is focused on bringing a pragmatic approach to CyberSecurity and Integrated Risk Management. In his role as President, ClearArmor has brought its flagship product, CSRP (CyberSecurity Resource Planning) to market. CSRP was born after...

What are the cyber threats posed to natural gas?  What's the state of cyber defense for our pipelines?  Downstream Natural Gas Information Sharing and Analysis Center (DNG-ISAC) Threat Analyst will provide an overview of the dynamic cyber and physical threats faced by the natural gas and pipeline sub-sector in 2019 and 2020.  Industry data will be summarized to paint a picture of current challenges to the safety and operation of our national critical energy infrastructure using insights provided by industry executives and security professionals.  We'll explore how natural gas operational intelligence has benefited cross-sector and public partners.


In this presentation, I'll discuss how leveraging the MITRE ATT&CK framework to overlay your current technologies, will help you articulate and formalize back to the business metrics around your current defensive capabilities, the technical threats you are protecting the business from and how you are minimizing business risk.


Stephan is the Founder and CTO of AttackIQ. He is a 20 year veteran of information security, servicing clients ranging from startups to multinational corporations as a pentester, security and risk consultant, solutions architect and head of research and development. He has presented at numerous...

Log in to download presentations:  


Session Links

Washington, D.C. - USA


CyberNext Summit 2019

Registration fee:
€1000.00 $1250.00 S$1600.00 11000.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • Oct 08 - 10, 2019 Washington, D.C. - USA