Loading Events

« All Events

  • This event has passed.

Elevating Cyber Security Risk Management to the “C-Suite”

October 26, 2017 @ 8:30 am - 4:30 pm EDT


ISACA GWDC is hosting a C-Suite Level Executive Special Seminar.

Despite the increasing visibility and impact of cybersecurity and privacy breaches,
Chief Information Security Officers (CISOs) often struggle to gain sufficient C-Suite
support. Differences in focus and training create communications barriers and CISOs must acquire the tools and skills needed to provide other executives sufficient justification for cybersecurity expenditures. This executive seminar will introduce participants to transferable risk management and communications techniques to gain executive leadership support and improve cybersecurity. The seminar will leverage pragmatic lessons from the private sector and draw on decades of U.S. government investment in systems and root cause analysis.

Participants will delve into two powerful tools to overcome barriers to the
communication of cybersecurity dynamics, dependencies, implications, and solutions.

These tools are storytelling and quantitative risk metrics. These tools can help CISOs and other technical leaders increase awareness, develop business cases for technology investments, and identify performance indicators for return on investment. The seminar will delve into the essential calculations used to frame complex technical issues and potential solutions in terms that are meaningful to executive leaders.

Specific topics include:

  • Mapping high-level strategy to tactical, operational, and financial objectives
  • Driving business cases through metrics that express IT improvement objectives
    and inherent risks using “hard” numbers
  • The 5+2 Step Cycle for Managing Risk used to achieve sustainable substantive
    and cultural change
  • Implementation techniques: Secrets of Story-Telling, The Power of Pilots and
    Success Stories, and The Power of the “Invite and Flashlight”
  • Shifting from compliance-driven to performance-driven risk management to
    improve cybersecurity posture

Registration Fees:
GWDC Members: $375
Other ISACA Members: $400
Non-Members: $425

Note: Please do not contact the venue directly regarding this event. 
Contact one of the GWDC Contacts listed on this page.

Parking and Metro

Use of Metro is encouraged for all GWDC events!  The Hyatt is 2 blocks from the Rosslyn Metro station (Orange/Silver/Blue Line).

Campus Parking. Parking is available for a fee at the Hyatt.  More information can be found here.

Other Parking. For nearby alternatives visit the Arlington County Parking Website. Local Parking Information

Who Should Attend

Chief Information Security Officers (CISOs), Chief Information Officers (CIOs), and
other senior leaders with responsibility or concern for cyber security risks


Session 1: 8:30am – 9:20am
Mapping high level strategy to tactical, operational, and financial objectives

Session 2: 9:30am – 11:10am
Developing business cases through IT improvement and inherent risk metrics

Session 3: 11:20am – 12:10pm
The 5+2 Step Risk Managing Cycle

Lunch: 12:10am – 1:20pm

Session 4: 1:20pm – 3:10pm
Implementation techniques: Secrets of Story-Telling, The Power of Pilots and Success Stories, and The Power of the “Invite and Flashlight”

Session 5: 3:20pm – 4:15pm
Shifting compliance-driven to performance-driven risk management

Learning Objectives

  • Introduce participants to transferable risk management and communications techniques to gain executive leadership support and improve cyber security.
  • Equip participants to use storytelling techniques to improve communications.
  • Explore the computation of quantitative risk metrics to improve business case development and monitor effectiveness of cyber security programs.
  • Introduce techniques to achieve sustainable substantive and cultural change.
  • Help leaders shift from compliance-driven to performance-driven risk management and improve cybersecurity posture


Brian Bernier

Brian Barnier


MBA - University of Michigan

Mr. Barnier is Director/Principal at ValueBridge Advisors (U.S.) and Head of Research at Burnt Oak Capital (UK). He is the author of The Operational Handbook for Financial Companies (Harriman House, Great Britain, 2011), and a contributor to Risk Management in Finance (Wiley, 2009) and Risk and Performance Management: A Guide for Government Decision Makers (Wiley, 2014). Mr. Barnier has worked within multiple industries. He led business initiatives at Ameritech (now AT&T), Lucent (now Nokia), and IBM. The teams he led achieved nine U.S. patents and launched the first secure

Mr. Barnier has worked within multiple industries. He led business initiatives at Ameritech (now AT&T), Lucent (now Nokia), and IBM. The teams he led achieved nine U.S. patents and launched the first secure fintech product and the first security process management product. His service to professional and industry associations includes:

  • Committee member and Board Advisor of the Retirement Income Industry
  • Association Co-chair of the Steering Committee of Open Compliance and Ethics Group (OCEG), past chair of OCEG's Achievement Awards judging panel, and one of the first three Fellows named by this 40,000+ member cross-discipline professional organization focused on more easily achieving principled performance.
  • Served as 2016 Co-chair, Board, World Conference on Disaster Management (leading forum for coordinating emergency response, crisis communication, business continuity, disaster management and broader management of risk),
  • Past co-chair of the Corporate Risk Oversight Committee of the International Corporate Governance Network (about 500 members with about $26T under management)
  • Served on the teams that created Risk IT and COBIT 5 for ISACA. He has been quoted widely and penned over 100 articles. Mr. Barnier serves on the editorial panels for the Electronic Data Processing Audit, Control, and Security Newsletter (EDPACS) and ISACA Journal. He has taught operations, finance, and economics at the graduate level in the U.S., and guest lectured in Russia and Mexico.  In 2014, Mr. Barnier served on the faculty of the Wharton / ABA Stonier Graduate School of Banking. He earned an MBA and BBA both with Distinction and other honors (including Beta Gamma Sigma and Financial Management Honor Society) from The University of Michigan Ross School of Business Administration.


Special Instructions

The seminar will be held at the Rosslyn Hyatt Centric hotel’s Judiciary Hall.  Breakfast and lunch will be provided

All Students: Please arrive at least 15 minutes early to register and get settled before the first session starts.

ISACA Members from Other Chapters: You will need to bring your ISACA Membership Card to the event to verify your ISACA Membership.


Executive Special Seminar presentations are not posted to the chapter website. Materials are provided to the attendees.

Questions about this Event:

Please contact: executive.seminars@isaca-gwdc.org



Earn up to 7 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® GWDC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: http://www.learningmarket.org.

CPE Distribution and Evaluation Survey

CPE's will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day to receive full CPE credit.


CPE-Related Details

Prerequisites and Advance Preparation: 

-For Federal leaders: Obtain list of performance or SES objectives
-Be prepared to discuss your organization's objectives
-Be prepared to discuss or obtain costs for security, not just security narrowly defined, but cost impacts on rest of IT and business entities
-Read: To save your security, learn to move at the speed of the wild, ISACA Now, July 2015

View the video set of The Operational Risk Handbook at Sarder TV:

A Barista, a Shot and Better Security, Taylor & Francis EDPACS, December 2015 (subscribers only)

Program Knowledge Level: C-Suite or Management Experience Preferred.

Delivery Method: Live Classroom


October 26, 2017
8:30 am - 4:30 pm
Event Category:


Hyatt Centric
1325 Wilson Blvd
Arlington, VA 22209 United States
+ Google Map