how esrm is making a difference - map your show
TRANSCRIPT
How ESRM is Making a DifferenceTom Berkery, Dan Funk, Jeff Sieben
Session # 5311
Panelists
Daniel Funk, CPCI, ARMManager
Discover Financial Services
Thomas Berkery, CSPOLead Security Investigations
and ReportingDiscover Financial Services
Jeff Sieben, CPP, CISSP, PMPIT Security Council Chair
Product ManagerResolver Inc.
What is ESRM?
• Guideline (draft)• Aligns Security to strategy
• All Security Disciplines included
• Context of ESRM – Mission/Vision, Values, Stakeholder, Environment
• Link to ESRM Guideline: https://www.asisonline.org/publications--resources/standards--guidelines/esrm-guideline/executive-summary/
• Initiation to Organizational ESRM
Stakeholders
• Understanding key players
• Wolf pack vs lone wolf (silos)
• Asset owners/decision makers (Extreme Ownership)
• Others
Techniques Available for Managing Risks
How ESRM is Making a Difference
• Sell your program with data• Everyone is trying to purchase insurance
• Try an differentiate yourself from your competitors for a better rate and premium
• Try to make the underwriter comfortable with underwriting the risk
• Keep trust high
Incident Response Procedure• Procedures\process of thorough
and accurate reporting
• Incident reports are being reviewed for accuracy and thoroughness
• Urgency in escalation and notification to senior management and teams responsible for action
Increased Cost of Untimely (Lag) Reporting
• 0-3 day reporting by employer to carrier is the industry standard
• Employers report approximately 70% of their claims within 0-3 days
• Best practices is 80% of all claims should be reported in 0-3 days
• Example - Loss that should have cost $100K that is reported week 2 (7-14 days) after the incident will likely cost an additional 20% or $20K
Risk Management Culture
• All employees (the business)• Training, education, loss prevention
• How to plan, drill
• Helping employees know how to respond
Risk Management – Cyber Example
• Identify the risks
• Size the risks
• Quantify the exposure
• Avoid/Mitigate (cyber team)
• Transfer • Buy Insurance
• Accept
Risk Management – Third Party Technology
• Contingent business interruption
• Using cloud-based vendors
• Large data volumes• Transactions
• System Logs
• Image/Video/Voice processing
• AI/ML
• Autonomous vehicles/drones/robots
• 5G
Q&A