ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "#4 Business Risk & Risk Ownership (with Bill Schultz)"
Episode Synopsis
Does the CISO own all cyber related risks to the business? It depends, but in many businesses that is the default position. Who is responsible for risk identification and analysis; identification, rating and selection of treatment options; and for managing residual risks within the defined risk appetite? Is it the security function, the business service owner, the application owner, the data owner, or is it potentially none of these? Should we not logically separate risk management responsibility and risk ownership? What about systemic risks?In this episode regular hosts Martin and Maurice are joined by Bill Schultz from Vanderbilt University Medical Center to discuss cyber risk management. We’ll discuss our ideas, VUMC’s architected approaches, and the realities of cyber risk management in a business where lives are at risk and privacy is paramount.
More episodes of the podcast Attributive Security
#13 Blindsided by an Unknown Unknown
08/11/2021
#10 Supply Chain Risk (with Vincent Thiele)
13/05/2021
#9 Privacy: Security's New Clothes?
06/04/2021
#8 Certifications - Value or Vanity
22/02/2021
#7 Risk & Risk Appetite (with Jaco Jacobs)
21/12/2020
In God we trust