Fraud Management & Cybercrime , Governance & Risk Management , Insider Threat

Tips on Articulating Cyber Risks and Insider Threats

Randy Trzeciak and Brett Tucker of Carnegie Mellon University Discuss New Approaches
Brett Tucker (left) and Randy Trzeciak of Carnegie Mellon University

Communication of cyber risks to executives using enterprise risk methodologies is imperative for improving incident prevention, according to Randy Trzeciak and Brett Tucker of Carnegie Mellon University. They discuss the Octave Forte 10-step process for managing cyber risks.

See Also: Ransomware Response Essential: Fixing Initial Access Vector

In a video interview with Information Security Media Group at RSA Conference 2019 in San Francisco, Trzeciak and Tucker discuss:

  • Building case studies to articulate insider threats to executives;
  • The Octave Forte process;
  • Building a cyber risk framework that is scalable and industry agnostic.

Trzeciak, director of the national insider threat center at Carnegie Mellon University, works at the Software Engineering Institute, where his team researches threats that trusted insiders pose to the U.S. government, industry and academia.

Tucker is the technical manager of cybersecurity risk at Carnegie Mellon University's SEI. He has 19 years of experience in the public and private sectors. Previously, Tucker was the global risk manager for Westinghouse, where he managed the corporate enterprise risk portfolio and global insurance programs.


About the Author

Nick Holland

Nick Holland

Former Director, Banking and Payments

Holland focused on the intersection of digital banking, payments and security technologies. He has spoken at a variety of conferences and events, including Mobile World Congress, Money2020, Next Bank and SXSW, and has been quoted by The Wall Street Journal, CNN Money, MSNBC, NPR, Forbes, Fortune, BusinessWeek, Time Magazine, The Economist and the Financial Times.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.