The CISO community is abuzz about qualitative and quantitative risk assessments. What is a CISO to do?
This discussion will focus on how to determine a company's most significant cyber risks in financial terms and identify the controls that have the most significant impact on reducing those risks by utilizing both a qualitative and quantitative approach.
Join this Ostrich Cyber-Risk sponsored webinar for a discussion with Arlan McMillian, the Chief Security Officer of Kirkland & Ellis, and Jack Whitsitt, the Director of Cyber Risk Quantification of Ostrich Cyber-Risk.
Meet your speaker:
Jack Whitsitt, Director of CRQ at Ostrich Cyber Risk, is a long-time practitioner and leader in the Cyber Risk Quantification space.
Backed by over two decades of information security experience ranging from manipulating bits and bytes to weighing in on international policy, he also has seven years of quantified decision support experience building FAIR-based programs for organizations large and small. Jack has also spent several years volunteering in non-profit roles advocating for and advancing the state of the art of quantified information risk analysis.
Meet your speaker:
Arlan McMillan is the Chief Security Officer (CSO) for Kirkland & Ellis LLP. Kirkland is the #1 ranked law firm in the world and serves a broad range of clients in private equity, M&A and other corporate transactions, litigation, white collar and government disputes, restructurings and intellectual property matters. Office locations include the US, UK, France, Germany, Saudi Arabia, China & Hong Kong.
As the CSO, Arlan oversees the strategy and delivery of Cyber Security, Physical Security, and Business Continuity Management capabilities firm wide. With over 25 years’ experience in Information Technology and Security, Arlan has led a number of teams developing and delivering security services for top organizations including United Airlines, the City of Chicago and ABN Amro Bank.
Prior to joining Kirkland, Arlan was Chair of ChicagoFIRST, a board member of the Aviation Information Sharing and Analysis Center (A-ISAC), and the Transportation Sector Chief for the FBI-InfraGard Chicago region.
Meet your moderator:
Greg Spicer, Co-Founder @ Ostrich Cyber-Risk
Greg Spicer has several years of experience in cybersecurity, working with organizations to provide solutions to their cybersecurity challenges. He has worked in many sectors, including Legal, Finance, Insurance, Manufacturing, and Healthcare. He was most recently CRO of Braintrace, a Salt Lake City MDR provider, before their successful sale to Sophos in July 2021.
Greg is now the CRO and Co-Founder of Ostrich Cyber-Risk, a leading Cybersecurity Risk Management organization that empowers risk and security teams to proactively assess cyber risk exposure in financial terms. Our Birdseye™ Cyber Risk Management application, grounded in industry benchmarks like NIST CSF, ISO, MITRE, and CRI, combines qualitative risk analysis and quantitative scenario simulation through the Open FAIR™ ontology. This unique approach enables organizations to swiftly prioritize and quantify financial and operational risks in real-time to make informed business decisions on cybersecurity.