Calculating the Cost of Cyber Business Risk And Using it to Drive IT Investment Decisions

Thursday, November 3rd 2016 5:30 PM – 9:00 PM

Calculating the Cost of Cyber Business Risk

IT security threats are increasing yet budgets are flat. How can a risk or security professional comfortably choose the right investment decisions to lower organization risk from these threats?

Join Richard Van Horn (VP Data Protection, JPMC) and Mark Coderre (CISO and National Practice Director, OpenSky) along with other New York area Risk Leaders to discuss methods for building a stable yet adaptive model for calculating the inherent cost of cyber business risks, and then using it to drive IT security investment decisions.

Learn how to filter noise from the media and product vendors and stand tall when the board questions your security investments. Discussion topics include:

  • Sustainable methods for calculating the inherent cost of cyber business risk
  • How to handle residual risk
  • Correct cadence for incorporating changes
  • How to tie in Operational Risk, Cyber Insurance and Risk Hedging

For more information, please contact Theresa Herrera at or (201) 376-0025

Event Details:

Thursday, November 3rd 2016
5:30-6:30pm Cocktails, 6:30-7:30pm Discussion/Presentation, 7:30-9:00pm Dinner

The Capital Grille
120 Broadway
New York
NY 10271

Event Registration Form


Mark is OpenSky’s Chief Information Security Officer, a National Practice Director, and formerly Chief Security Architect at Aetna. He contributes to many industry forums including National Strategy for Trusted Identities in Cyber Space, Medical Device Innovation Safety and Security Consortium, and the Department of Homeland Security Cyber Incident Data and Analysis Group. He is a Ponemon Institute Fellow with over 25 years experience working to help organizations master risk in an increasingly digital world.

Richard Van Horn, CRISC


Richard has been in the world of IT Governance, Risk & Control over 20 years, and is currently a Vice President at JP Morgan Chase. His career has evolved along with the field, from working as an IT Auditor at the Federal Reserve Bank of Boston, to implementing enterprise security solutions at Fidelity Investments, to managing IT Risk at Goldman Sachs, the CIT Group, DTCC and now JP Morgan Chase. He is certified as a Certified Information Systems Auditor (CISA) and Certified Risk and Information Systems Control (CRISC) from the Information Systems Audit and Control Association (ISACA).