Name
C2. Achieving Continuous Risk Management
Date & Time
Wednesday, May 10, 2017, 2:00 PM - 3:00 PM
Speakers
Max Blumenthal - Sandia Labs
Christie Gross - Sandia National Labs
Max Blumenthal Christie Gross
Description
Session Description:
 
It is a persistent challenge to maintain a healthy risk posture within an organization. Sandia's implementation of NIST continuous monitoring provides ongoing awareness and analysis of security control effectiveness. Participants will see a working RMF solution using RSA Archer Assessment & Authorization and Continuous Monitoring. Archer provides a unifying solution by correlating and normalizing data from manual and automated assessments, providing heightened situational awareness and quantitative risk assessment capabilities. Participants will learn how to integrate process and technology to implement continuous monitoring and data analytics. Sandia will share lessons learned and steps integral to implementing continuous monitoring in any organization.
Location Name
Room 708/710
Full Address
Colorado Convention Center
700 14th Street
Denver, CO 80202
United States
Category
Audit, Risk & Compliance
Learner Objectives
After completion of this session, the learner will be able to:
  • Strategically approach continuous monitoring
  • Integrate assessment, monitoring & risk processes
  • Establish quantitative enterprise risk analysis 
  • Begin to develop a full risk management framework
Speaker Bio(s)
Max Blumenthal is a senior member of the technical staff at Sandia National Labs. Prior to Sandia, he has worked for CERT, developing tools to analyze supply chain risks and with DHS to predict and prevent phishing attacks. He has a MS in Information Security Policy and Management from Carnegie Mellon University. Christie Gross is a senior cyber assurance staff member at Sandia National Labs specializing in risk management framework planning and implementation. She has worked to create centralized, automated processes for assessments, continuous monitoring, and risk analysis. She has an MS in Information Systems Assurance from the University of New Mexico.
Sorting Order
6