Skip navigation Jump to main navigation

Fall Update

At SPS this fall, all courses, other than pre-established online courses, will be offered face-to-face in our New York City classrooms. Some of these face-to-face courses will be offered in the HyFlex format to ensure that all of our students can make progress toward their degree requirements, if faced with delays due to student visas or vaccination effectiveness wait times.
Close alert

Cyber Risk Case Study: A Scenario-Based Approach to Identifying and Mitigating Key Threats

Cybersecurity threats continue to expand in number and complexity, and finding an approach to managing them effectively is elusive.

Organizations are struggling to (a) prioritize among the myriad cyber risks; (b) make a business case for recommended mitigation; and (c) draw a rigorous, defensible line in the sand limiting the scope of cyber risk management. In this session, we begin with the current state of cybersecurity risks.

Then, we discuss how a value-based ERM approach uses deterministic scenarios and quantitative models to (a) sort out which cyber risk scenarios to focus on; (b) support mitigation decisions with robust risk-reward data; and (c) define a “cyber risk appetite” to contain the focus of cyber risk management to a manageable level. We will then share some early lessons from a case study that is starting to successfully apply this approach and enhance its cyber risk management, particularly surrounding their use of vendors.

Attendees will learn:

  • How to better prioritize among a disparate and growing set of cyber risks
  • What data is used to make the business case for targeted cyber risk mitigation
  • An approach to defining “cyber risk appetite"