Risk management is the cornerstone of effective governance and cybersecurity in an era defined by rapid technological innovation. The Risk Management Conference 2025 is designed to equip professionals in IT audit, cybersecurity, and governance with the tools and insights necessary to navigate complex risk landscapes.
This conference explores cutting-edge approaches to risk management, with a focus on the NIST Risk Management Framework (RMF) and other industry-leading frameworks that empower organizations to identify, assess, and mitigate risks effectively. Attendees will gain actionable knowledge on:
- Implementing and tailoring risk management frameworks to align with organizational goals and compliance requirements
- Addressing the unique risks posed by emerging technologies such as artificial intelligence and cloud computing
- Strengthening governance structures to drive accountability and resilience
- Practical case studies showcasing successful risk management strategies in real-world scenarios
Whether you’re focused on AI risks, securing cloud environments, or enhancing your organization’s governance practices, this conference offers the expertise, practical guidance, and collaborative opportunities to advance your risk management strategies. Join us to gain the insights and frameworks you need to navigate today’s risks and prepare for tomorrow’s challenges.
Registration closes on June 25th @ 2pm.
Agenda
08:30 AM – 09:30 AM
Cyber Risk Management in Practice: A Strategic Playbook for CISOs
Presenter: Russell Eubanks (Cyverity, SANS Institute)
Balancing risk reduction with business enablement isn’t just a theory—it’s a challenge cybersecurity leaders face daily. Cyber Risk Management in Practice: A Strategic Playbook for CISOs is a presentation designed for CISOs, cybersecurity executives, and program managers who need more than frameworks—they need guidance they can act on.
In this session, Russell Eubanks, Principal Instructor at the SANS Institute and Managing Partner at Cyverity, will discuss the practical elements of an effective cybersecurity risk management program. He’ll explain how to evaluate your current cybersecurity posture, prioritize safeguard investments using a “good, better, best” model, and close the gap between today’s risk realities and tomorrow’s security goals.
Attendees will be introduced to a structured approach from the Cybersecurity Risk Foundation’s Governance and Risk Model (CRF-GRM), a proven methodology for turning cybersecurity strategy into repeatable action. You’ll leave with concrete steps to build a risk-informed roadmap, embed cybersecurity into business decision-making, and create a continuous improvement cycle.
Whether strengthening your existing risk management program or building one from the ground up, this webcast offers real-world techniques and strategic insight to help you make smarter, more defensible decisions.
09:30 AM – 10:30 AM
Building Strong Governance for Accountability and Resilience
Presenter: Elizabeth Dunsmoor (Shared Assessments)
Learn how to strengthen governance structures to drive accountability and organizational resilience. The session will cover:
- Governance Models – Overview of effective governance models and their key components
- Accountability Mechanisms – Strategies for establishing clear accountability and oversight
- Resilience Building – Enhancing organizational resilience through robust governance practices
10:30 AM – 11:30 AM
A Fireside chat on “AI in the Crosshairs: Legal, Risk and Cybersecurity Challenges in the Age of Generative AI”
Presenters: Nick Lockett (ADL Solicitors) and Sushila Nair (Cybernetic LLC)
Artificial Intelligence, particularly Generative AI (GenAI), is reshaping industries with its innovative capabilities, from content creation to complex decision-making. However, with these advancements come significant cybersecurity and legal challenges. In this one-hour fireside chat, a cybersecurity expert and a legal professional will dive into the complex interplay between AI technology and its risks.
The discussion will explore how GenAI is both a tool and a target in cybersecurity, examining its role in threat detection as well as its misuse for creating deep fakes and automating cyberattacks. From a legal standpoint, the conversation will delve into data privacy concerns, intellectual property issues, regulatory implications, and ethical considerations surrounding AI use and development, considering EU,UK and US AI laws and Codes of Practice and how this impacts on competition in the AI field. Together, the speakers will offer practical insights into securing AI-driven systems and ensuring compliance with emerging legal frameworks.
This engaging dialogue aims to provide actionable strategies for managing AI’s risks while embracing its potential, catering to professionals navigating this transformative.
11:30 AM – 12:30 AM