Last Day to Get an iPad mini, Surface Go 2, or Take $300 Off with OnDemand Training - Register Today!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

How to Present Cyber Security Risk to Senior Leadership

  • Thursday, June 25, 2020 at 10:30 AM EDT (2020-06-25 14:30:00 UTC)
  • James Tarala

You can now attend the webcast using your mobile device!



In an age when data breaches are a daily occurrence, senior leadership teams and boards of directors want assurances that their cyber security programs are doing what is required to defend their organization. But at the same time security teams are struggling to quantify risk or find effective strategies for presenting risk to leadership in a way that clearly communicates the reality of the risk an organization is accepting. Even security professionals are struggling to agree how to define or measure risk effectively.

In this presentation, James Tarala will share lessons learned from research into risk management and his experiences communicating about risk to boards of directors and C-Suite leadership teams. He will present specific strategies to consider when measuring risk, communicating risk, and helping security teams realistically setting expectations with business stakeholders. While this topic traditionally has been a nebulous, vague conversation, in this presentation, listeners will learn actionable steps to communicating risk in more effective ways.

Speaker Bio

James Tarala

James Tarala is a senior instructor with the SANS Institute, a courseware author, and an editor for many SANS auditing and security courses. He is a principal consultant with Enclave Hosting, LLC, where he specializes in the design of IT security architectures for large enterprises and critical functional areas, including wireless infrastructures, email networks and Microsoft-based directory services. As an independent security auditor, James consults with companies on security management, operations management and regulatory compliance, and provides training for internal security audit and compliance management teams.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.