%20(3).png)
Convert cyber risk governance from lofty words to measurable business readiness
Develop board capacity to challenge management, and provide evidence to regulators
Improve cybersecurity leadership through cross-functional collaborations
Collaborate with risk and legal departments to assess and present business risk
Embed and frame cyber risk in leadership and Board strategic business reviews
Drive risk frameworks and metrics tied to business outcomes
Elevate incident reporting to business impact management
ACSC uniquely enables cyber risk governance success through member-driven practice sharing and cross-function collaboration
-
Member-shared case studies
-
Action-oriented small group convenings and member conferences
-
Key takeaways to share through briefing summaries and reports
Cyber Risk Governance Program
Cyber risk governance is now at a pivotal point. Federal regulators and courts are demanding higher cybersecurity standards of Boards and executive staff members. Cyber risk frameworks, metrics and measurement, the evolving CISO role and more are in the balance.
The ASCS Cyber Risk Governance Program (five collaborative sessions in 2023)
is specifically designed to drive awareness, knowledge, and best practice sharing:
Cyber Governance and Risk:
Getting Ahead of the Regulators
March 30, 2023
Foley Hoag, Boston
​
Session Focus
Regulators are raising the stakes for board cyber governance. Collaboration between CISOs, risk officers and legal counsels is now vital. This session focused on emerging regulatory challenges, how to frame key messages and metrics, and effective cross-functional collaborations.
​
Briefing Summaries
Managing and Communicating Cyber Risk as Business Risk:
Priority-setting and Performance Metrics
June 22, 2023
​
Session Focus
-
Embedding and framing cyber risk in leadership and Board strategic business reviews
-
Collaborations with risk and legal to assess and present business risk
-
Effective models to communicate priority-setting and performance metrics
​
Lead Organizations
-
​Michael Tran Duff and Sonya Ross, Harvard University
-
John Schramm and Angela Homm, Munich Re
Cyber Insurance & Risk Management
July 27, 2023
​
Session Focus
-
Marketplace update
-
Insurance and risk transference
-
Managing exclusions
-
Satisfying performance requirements, earning premium discounts
-
Insurer additional value - access to service providers during incident
​
Lead Organizations
-
​Howard Panensky & Meredith Schnur, Marsh McLennan
-
Lauren Crean, State Street
Embedding Risk in Strategic Decision-making
September 28, 2023
​
Session Focus
-
Risk identification and management strategies
-
Collaboration with lines of business
-
Incorporating and acting on risk management into systems, processes, acquisitions, and digital transformations
​
Lead Organizations
-
​Gernette Wright and John Clarke, Schneider Electric
-
TBA soon
Risk Management Culture in Practice:
Organizational Models and Metrics
Special Session during the Annual Conference
at the Federal Reserve Bank of Boston
November 8, 2023
​
Session Focus
-
Leadership and staff cross-functional collaborations
-
Accountability assessment and performance tracking
​
Lead Organizations
-
To be announced