Speaker

Johan Botha, Chair, South Africa Chapter, FAIR Institute

Johan Botha

Chair, South Africa Chapter, FAIR Institute

Johan Botha, the Chair of the South Africa Chapter of the FAIR Institute, is an experienced management consultant and trainer, with over 16 years of Governance, Risk and Compliance (GRC) Management and information security experience. Johan specialises in cybersecurity and cyber risk quantification, combining the NIST CSF and Open FAIR (Factor Analysis of Information Risk) standards to assist organisations to assess, quantify and report cyber risk.

Johan Botha will be speaking on the following topic:

14:30
Quantifying cyber risk - bridging the divide between technology and the Board

Cybersecurity is being considered as a top-three risk by most organisations today as cyber-attacks, online fraud and internal threats make a material impact on their businesses. And, while boards and executives expect to be informed about cyber risk, they are not getting the answers they want. Too often, cyber risk reporting is filled with technical jargon and colourful but hard to understand risk registers and heat maps. Those responsible for cybersecurity - from the Board and the CEO on down - are urgently looking for better ways to measure and report risk that will enable well-informed decision-making, regarding questions such as:

  • What are the organisation's top cyber risks and how much exposure do they represent expressed in financial terms?
  • Which cyber risk management investments matter most?
  • Are they investing enough (or too much) in cyber risk management?

This presentation will provide an overview of a pragmatic solution and approach to cyber risk quantification that is based on the Open Group's Open FAIR risk quantification standard that enables Chief Information Security and Chief Risk Officers with the means to bridge the divide between IT and information security on the one side, and the Board and executive management on the other. Open FAIR provides a model for understanding, analysing and measuring information risk in financial terms, thereby addressing the current challenges of cyber risk reporting and enabling the organisation to prioritise effectively, making trade-offs and choosing cost-effective cyber risk mitigation solutions.

  • Understanding the current challenges to measuring and reporting cyber risk
  • Examining a solution to quantifying cyber risk that enables well-informed cyber risk decision-making
  • Understand how the FAIR methodology, coupled with software, can empower information security and risk professionals to improve cyber risk reporting

Event Sponsor

Diamond Sponsor

Platinum Sponsors

Security Survey & Executive Roundtable Sponsor

Gold Sponsors

Silver Sponsors

Bronze Sponsors

Display Sponsors

Showcase Sponsor

Sponsor

Endorsed by