Roger Callahan

Abstract: Organizations’ approach to cybersecurity have matured and have recognized the necessity to perform enterprise risk management efforts. The NIST Cybersecurity Framework has significantly helped organizations communicate and structure the examination of important elements of enterprise cybersecurity. Underlying its efforts is the requirement to undertake a risk assessment effort. What are some of the broadly adopted frameworks used for improving risk assessments and establishing critical risks to be mitigated? This panel will highlight several of the frameworks and methodologies for analyzing and measuring information technology risks. Panelist will share their perspectives and experiences performing and leading risk management efforts; and offer some practical guidance for those involved in risk management.

Roger M. Callahan, Managing Director – Information Assurance Advisory, LLC
Roger Callahan has over 50 years of prior experience spanning executive management and engineering responsibilities within both the National Security community and the Financial Services industry. He served as the Director for Information Assurance in the Office of the Assistant Secretary of Defense for Command, Control, Communications and Intelligence (1995-1998). At Bank of America (1998-2008) he was a Senior Vice President within the Corporate Information Security Organization and was responsible for developing the Bank of America information security policy and program foundations. Since 2008, he has provided cybersecurity-related advice and support to a variety of clients through his consulting company.