Cyber Risk Forum 2021

No content found

No content found

No content found

No content found



Jump to:


PRMIA & Dell Welcome Address

10:00 am to 10:15 am
Presenter: Ken Radigan, PRM, Chief Executive Officer

Ken Radigan is currently the CEO of the Professional Risk Managers’ International Association (PRMIA). Ken also served as Board Member, Treasurer, Chairs of the Finance and Ethics Committees, and Director of the New York Chapter for PRMIA. Ken is also a lecturer at Columbia University’s Master of Professional Studies in Insurance Management. Ken also served as the Chief Risk Officer (CRO) for US and Bermuda platforms of Aspen. Prior to this, Ken was the CRO for the Casualty and Global Risk Solutions Divisions of AIG. Ken had worked at AIG for over 25 years and during this time he had the following responsibilities:

  • CRO Casualty and Global Risk Solutions
  • Director of corporate catastrophe modeling
  • Product line manager for the Environmental Protection Programs
  • Product line manager for the Cleanup Cost Cap programs
  • Actuarial analyst for the corporate actuarial department.

Ken was the inventor of two US Patents on Nuclear Decommissioning Insurance. Ken has a Bachelor of Arts degree with a major in Mathematics from the University of Dayton and has the following professional designations:

  • Professional Risk Manager, PRM
  • Chatered Property Casualty Underwriter, CPCU
  • Associate in Risk Management, ARM
  • Associate in Surplus Lines Insurance, ASLI
  • FINRA Series Certificaations: 6,63,66, and 7

Megan Wright-Shadle, Small Business Associations Lead, Dell Technologies

Megan Wright will celebrate 5 years with Dell Technologies this upcoming June. Throughout her career at Dell she has worked as a Client & Enterprise Solution Specialist as well as Sales Coach to the Dell Small Business Advisors in North America. In recent years, Megan has worked with the Small Business Strategic Partnership team holding the role as Account Executive & Business Development Manager. As a dedicated Account Executive, Megan worked to empower entrepreneurs and small business owners in confidently navigating the right technology solutions, custom fit for their business through consultations both remote and onsite. Megan now holds the role as North America Strategic Partnerships Small Business Associations Team Lead.
Back to top


Keynote: Measuring and Managing Cyber Risk: a FAIR Approach

10:15 am to 11:00 am
Keynote Speaker: Nicola Sanna, President, FAIR Institute; CEO, RiskLens

A serial high-tech entrepreneur, my passion is to help large organizations close the gap that separates IT from the business.
My current focus is on helping translate cyber security risk in a common financial language that everyone can understand so that cyber risk can be proactively managed from the business perspective. Factor Analysis of Information Risk (FAIR) has emerged as the standard Value at Risk (VaR) framework for cybersecurity and operational risk. The FAIR Institute is a non-profit professional organization dedicated to advancing the discipline of measuring and managing information risk.

It provides information risk, cybersecurity and business executives with the standards and best practices to help organizations measure, manage and report on information risk from the business perspective. The FAIR Institute and its community focus on innovation, education and sharing of best practices to advance FAIR and the information risk management profession.

Back to top

Panel: Practical Implications of Managing Cyber Risk in Financial Terms

11:00 am to 11:45 am
Moderator: Nicola Sanna, President, FAIR Institute; CEO, RiskLens

A serial high-tech entrepreneur, my passion is to help large organizations close the gap that separates IT from the business.
My current focus is on helping translate cyber security risk in a common financial language that everyone can understand so that cyber risk can be proactively managed from the business perspective. Factor Analysis of Information Risk (FAIR) has emerged as the standard Value at Risk (VaR) framework for cybersecurity and operational risk. The FAIR Institute is a non-profit professional organization dedicated to advancing the discipline of measuring and managing information risk.

It provides information risk, cybersecurity and business executives with the standards and best practices to help organizations measure, manage and report on information risk from the business perspective. The FAIR Institute and its community focus on innovation, education and sharing of best practices to advance FAIR and the information risk management profession.

Panelist: James Lam, President, James Lam & Associates

James C. Lam is the president of James Lam & Associates, a Boston-based risk management consulting firm. James is also a director on two corporate boards, serving as Chair of the Board of Directors of Recology and Char of the Audit Committee of RiskLens. Between 2012 and 2020, James served as Chair of the Risk Oversight Committee of E*TRADE Financial. His prior positions include president of ERisk, partner of Oliver Wyman, and chief risk officer of Fidelity Investments. James has been recognized in the NACD Directorship 100, Directors & Boards “Directors to Watch,” Treasury & Risk “100 Most Influential People in Finance,” and GARP inaugural “Risk Manager of the Year.” He is a best-selling author of three ERM books published by Wiley. James is certified by the Software Engineering Institute of Carnegie Mellon in Cybersecurity Oversight.

Panelist: Harold Macenaro, Digital Risk Officer, Banco de Credito de Peru

Harold Marcenaro currently serves as Head of Head of Non-Financial Risks at BCP and is responsible for transforming the bank’s risk management function to enable an agile, digital bank. Previously he has led the Enterprise Risk Management, Marketing, Retail Credit Risk, and Credit Card teams at BCP, and held positions in IT, strategy, and investment banking. Furthermore, he has been a board member at several companies, and is currently a member of Patronato BCP, Colegio Altair, and TedxTukuy councils. Harold holds an MBA from The Wharton School, an MSc in Risk Management from NYU Stern, and a BA in Economics from Universidad del Pacífico.

Panelist: Tony Martin-Vegue, Sr. Information Security Risk Engineer, Netflix

Tony Martin-Vegue is a writer, speaker, and risk expert with a passion for data-driven decision-making. He uses his expertise in economics, cyber risk quantification, and information security to advise senior operational and security leaders on how to integrate evidence-based risk analysis into business strategy. Martin-Vegue serves on the board of the Society of Information Risk Analysts and is the co-chair of the San Francisco chapter of the FAIR Institute—2 professional organizations dedicated to advancing risk quantification.

Back to top

Presentation: Modern Cybersecurity Architecture via the Dell Hybrid Cybersecurity Framework

12:00 pm to 1:00 pm
Presenter: Ed Hagopian, Senior Manager Cybersecurity, Dell

Ed Hagopian is presently the Senior Manager for the Enterprise Security Architecture practice at Dell Technologies. A polymath with over 25 years’ experience in the IT industry, he has lead and helped build a number of world class IT architectural practices throughout his career. Along with developing a DevSecOps practice that extended security expertise into product teams via an IT Security Mentorship program, his previous roles include Enterprise Architect, Program and Product Manager, and Account Technology Strategist for Microsoft to name a few. He is based out of Milwaukee, WI with his wife and three children where his free time is spent on pursuits such as 3D Printing, Blacksmithing, Woodworking, Music, Microcontrollers, and IoT technologies.

Back to top  

Day 2 Welcome Address

10:00 am to 10:05 am
Justin McCarthy, Chair, PRMIA Institute; Member of the Global Board, PRMIA

Justin McCarthy has worked in risk management roles in many firms, including Bank of America Merrill Lynch, PricewaterhouseCoopers and with the Irish Financial Regulator. This work has allowed him to see the changes in risk management since through and beyond the recent global financial crisis. His work on the PRISM risk based supervision framework with the Irish Regulator included exposure to banking, funds and insurance risk practices as well as the quantitative work done on the related impact models and the challenge in feeding valid financial data to these models.However, previous to this he worked in EMC as a network engineer which included cyber security work; EMC is now part of Dell.

He is Chair of the Global Board of the Professional Risk Managers' International Association Institute (PRMIA Institute). This is the research arm of the professional body and education organisation for risk managers globally and has a network of over 50,000 around the world. Justin has a BSc from University College Cork and an MBA from the Michael Smurfit Graduate School of Business at University College Dublin. He is currently completing his Corporate Director Certificate at Harvard Business School. During the more IT part of his career he held several related certifications including the Cisco Certified Network Professional (CCNP), Cisco Certified Design Professional (CCDP), Check Point Certified Expert (CCSE) & Certified Information Systems Security Professional (CISSP).

He is originally from Schull, west Cork and lives in Cork city, Ireland.

Back to top

Fireside Chat: Operational Resilience & Cyber

10:05 am to 10:45 am

Moderator: Justin McCarthy

Justin McCarthy has worked in risk management roles in many firms, including Bank of America Merrill Lynch, PricewaterhouseCoopers and with the Irish Financial Regulator. This work has allowed him to see the changes in risk management since through and beyond the recent global financial crisis. His work on the PRISM risk based supervision framework with the Irish Regulator included exposure to banking, funds and insurance risk practices as well as the quantitative work done on the related impact models and the challenge in feeding valid financial data to these models.However, previous to this he worked in EMC as a network engineer which included cyber security work; EMC is now part of Dell.

He is Chair of the Global Board of the Professional Risk Managers' International Association Institute (PRMIA Institute). This is the research arm of the professional body and education organisation for risk managers globally and has a network of over 50,000 around the world. Justin has a BSc from University College Cork and an MBA from the Michael Smurfit Graduate School of Business at University College Dublin. He is currently completing his Corporate Director Certificate at Harvard Business School. During the more IT part of his career he held several related certifications including the Cisco Certified Network Professional (CCNP), Cisco Certified Design Professional (CCDP), Check Point Certified Expert (CCSE) & Certified Information Systems Security Professional (CISSP).

He is originally from Schull, west Cork and lives in Cork city, Ireland.

Panelist: Amit Lakhani, Global Head of IT & 3rd Party Risk, Credit Agricole

Amit Lakhani has wide and varied experiences in managing risks across key areas such as cyber security, fraud and third party services risks for organisations of all sizes. He started his career working as a consultant with Accenture where he developed and deployed multi-million dollar programmes involving compliance and risk elements, especially information security and cyber risks. Further, Amit worked at large multinational  organisations in his role at KPMG driving strategic decision-making, investments and risk reduction programmes.

In his current role at BNP Paribas, Amit looks after IT, third party/vendor risk management and fraud risks across the Corporate and Institutional Banking division for BNP Paribas. Having been a key contributor, he has recently taken over fraud risk management under his wing. His team was instrumental in developing an analytics tool to measure and real-time report on some abnormal signals to detect fraud (“weak signals”). He has developed and is embedding the anti-fraud risk management initiatives and more importantly raising the risks at Boards and Executive Committee levels to have clear visibility on the identification, assessment, monitoring and reporting of these risks. The global role entails him to face up to regulators across many geographies, develop and establish solutions that address key specific risks that BNP Paribas faces in its operations.

Panelist: Julien Haye, Global Head Non-Financial Risk, Fidelity International

Julien Haye joined Fidelity International (FIL) in July 2017 as Head of Non-Financial Risk in London and has over twenty years’ experience in the Financial industry. In his current role, Julien partners with FIL’s top management and Board, leveraging risk insights to improve the firm’s operating model resiliency and scalability, and product offering through effective risk management and culture, and to continuously improve the firm’s client outcome and journey. Julien joined Fidelity from DWS, where his role was Global Conduct Officer and UK Chief Risk Officer. He joined Deutsche Bank in 2012 where he held various positions in Risk Oversight and ICAAP, before joining the 3 Lines of Defense Programme as Risk & Control Assessment Lead. In addition to his work with Deutsche Bank, Julien has worked for several financial services institutions in Treasury, Risk, Capital Management, Programme Management and Trading. 

Julien is passionate about people, art and design. For many years he has led the LGBT diversity and inclusion agenda at the firms he worked for, mentoring young professionals and entrepreneurs to help them to reach their potential and supporting non-profit organisations. Julien leads the Global LGBT inclusion strategy for FIL working closely with senior management and the HR team to nurture FIL’s inclusive and diverse culture. Having worked in less inclusive environments Julien recognises the importance of promoting the benefits of a diverse workforce therefore creating an environment where everyone can be themselves and to be a role model for LGBT colleagues. Julien has an MBA and is FRM certified and he is also a Stonewall Ambassador.

Back to top

Presentation: Key Principles for Managing Cyber Risk

10:45 am to 11:30 am
Moderator: Alex Voicu

Presenter: Kevin Brock, Founder, NewStreet Global Solutions LLC; and former Assistant Director for Intelligence, FBI (Retired) 

Kevin R. Brock spent a 24 year career in the FBI spanning a time that saw the steady migration of crime and espionage to the commercial Internet.  He helped create a new Cyber Division for the FBI in the early 2000’s as well as a new Intelligence Division which he led as an Assistant Director.  He finished his government career as the Principal Deputy Director of the National Counterterrorism Center, an Intelligence Community interagency effort established following the attacks of 9/11.  Mr. Brock currently independently consults on cyber security risk and operational technology matters.  He recently embarked on a new collaborative initiative to provide upgraded, discreet ransomware negotiation capabilities to victim companies and insurers.  

Back to top

Managing Compliance, Audit and Risk Management in the Digital Era

11:45 am to 12:15 pm

Presenter: Seth Shapiro, Executive Vice President & Risk Strategist, USI Insurance Service

Seth has more than 38 years of experience in the insurance industry and advises USI’s clients on a wide array of risk management topics, including enterprise risk management, risk assessment, information security management, contract analysis, and risk financing program design. His role includes helping clients identify and understand risks and design and executing risk programs aligned with their philosophy and risk tolerance; providing analytics and analysis to support good risk decision making; and working with clients to develop a cohesive risk management strategy consistent with their culture, mission, and objectives. Prior to joining USI in 2009, Seth served as Director for the Seattle office for a New York-based firm providing risk and insurance solutions for mid-size to large companies, and as principal consultant and founder of a multi-disciplinary risk management consulting firm. Seth was also Senior Vice President and National Practice Leader for Marsh’s Information Risk Consulting group, where he managed information risk assessments, executive workshops, security policy development, security policy reviews, technology due diligence in M&A, and insurance gap analyses. Seth was also a charter member of Marsh’s original enterprise risk management consulting practice. Seth spent nine years with Aon Corporation, and six years with American Mutual Fire Insurance Company.

Seth graduated with a B.A. from Vanderbilt University and an M.B.A. from the University of South Carolina. He also completed post-graduate studies in Taxation at The Citadel. He has earned several designations: Chartered Property Casualty Underwriter (CPCU), Associate in Risk Management (ARM), Associate in Insurance Services (AIS), Associate in Reinsurance (ARe), and Cyber Risk Manager (CyRM). Seth was an Adjunct Professor of Information Assurance at the University of Washington for eight years and an Adjunct Professor of Risk Management at Seattle University. He is a co-founder of PRMIA, and is co-Regional Director of PRMIA’s Seattle Chapter. He is a member of the Society of Information Risk Analysts, and a Board Member of Northwest Family Business Advisrs.

 Back to top

Presentation: Cyber Hygiene & Importance of Fortifying the Last Mile – The End User

12:15 pm to 12:45 pm
Presenter: Viral Trivedi, Chief Cybersecurity Solutions Officer, Ampcus Cyber

SCCISP, Customer-focused, result-oriented Cybersecurity Sr. Executive with 20 years of leadership experience in outcome-based solutions engineering. An executive leader in Cyber Security with expertise in Risk Management, Privacy, Compliance, Industrial Cyber Security, and IoT. Visionary and Thought Leader in Secure by Design, Cloud Security, Enterprise Security, and IT/OT Security Architectures. Successfully bootstrapped Security Programs for highly complex IT/OT environments with global spans. Developed Secure SDLC, Security Incident Response, and Compliance Programs. Built NIST framework based ICS Cyber Security Architectures. A technology risk management thought leader and cybersecurity subject matter, expert. Experienced in IT, IoT & IIoT governance, operational risk management principles, system security architecture, cybersecurity tools, & techniques, cybersecurity forensics, an audit of information systems and networks, & business continuity processes.

Back to top

Questions?

Contact Us


Looking to further your career?

Become a Member

Sign Up for Mailing List