Bring Your Appetite: Aligning Cybersecurity Risk with Enterprise Strategy

Cybersecurity risk isn’t a side dish—it belongs at the head table of enterprise risk management. In this session, Ian Frist, Director of Governance, Risk & Compliance at Corning, explores how organizations can stop treating cyber risk as a siloed technical concern and start integrating it into their broader risk appetite framework. Using real-world stories from the trenches (without naming names), Ian will unpack the consequences of misaligned appetites—where security teams over-restrict or under-protect due to unclear enterprise priorities. He’ll challenge the common misconception that cybersecurity risk appetite is just about controls and compliance, and show how it’s really about leadership, business context, and strategic clarity.

Attendees will leave with:

• A practical framework for aligning cyber risk appetite with enterprise risk appetite

• Tips for communicating risk appetite across technical and non-technical stakeholders

• A fresh perspective on how to “serve” cybersecurity risk in a way that satisfies the whole organization

Whether you’re a seasoned GRC leader or just pulling up a chair to the risk table, this session will help you bring your appetite—and leave with a full plate of actionable insights.