July 2024 Event: Forecasting Data Breaches with Dr. Thomas Lee
Data breaches are not as random as you might think. Building upon previous work forecasting fraud among business customers, Dr. Thomas Lee discovered something often overlooked by practitioners: insufficient staffing is a strong predictor of a data breach, and surprisingly, audit staff is just as effective at preventing a data breach as staff working in information technology.
In this session, generously sponsored by Orca Security, Dr. Lee will demonstrate how cybersecurity data breaches can be accurately forecasted based on the number of employees overall, and the number of employees with certain certifications related to cybersecurity, including the CISSP and the CISA certifications. Attendees will learn how this approach of measuring cybersecurity could help their organizations set risk appetite goals in terms of the expected frequency of data breaches, and how to right-size the cybersecurity team and manage third-party data breach risk to meet these goals.
Speaker Biography
Dr. Thomas Lee is the CEO of VivoSecurity, a Silicon Valley-based company focused on data collection, regression modeling, and AI to bring predictability to the randomness of data breaches. In cybersecurity, Dr. Lee has developed models to forecast fraud in online banking, the probability of PII data breaches, the likelihood of lawsuits and costs in the event of a PII data breach, and the probability of a shareholder lawsuit for public companies in the event of a stock drop. He has also developed models to forecast PII data breaches by state and in the healthcare industry.
Dr. Lee has been an invited speaker at numerous prestigious conferences and workshops, including the Richmond Fed research conference, O.R.X events in Toronto and Milan, OpRisk North America, ACAMS panels, and various ISACA chapters across North America. He holds multiple patents and publications in peer-reviewed journals and earned his BS degrees in Physics and Electrical Engineering from the University of Washington, and an MS and PhD in Biophysics from the University of Chicago.
Key Topics Covered Will Include:
Understanding the predictors of data breaches, with a focus on staffing levels.
How to forecast cybersecurity data breaches based on employee certifications such as CISSP and CISA.
Setting risk appetite goals for data breach frequency.
Strategies for right-sizing your cybersecurity team and managing third-party data breach risks.
Why Attend?
Learn practical strategies for predicting and preventing data breaches within your organization.
Understand how to set and achieve risk appetite goals related to data breaches.
Network with fellow cybersecurity professionals and industry leaders.
Equip yourself with the knowledge and tools to enhance your organization’s cybersecurity posture.
Agenda:
5:30 - 6:00 | In-person Networking
5:55 - 6:00 | Virtual Session Starts
6:00 - 6:15 | ISSA Chapter Business
6:15 - 7:00 | Presentation
7:00 - 8:00 | Food & Refreshments