In this talk I will present the case on how the the National Electrical Corporation of Ecuador, the main actor of the energy industry in Ecuador, has created, implemented and operates its risk management strategy and its impacts to the country.
Starting from the proposal of an Information Security Strategic Plan, risk management has come a long way inside our organization. I will show how we implemented our risk assessment and mitigation methodology, and how we integrated it to change management, governance, operations, compliance, and how we introduced the topic into the board of directors for budget decisions. Finally, I will guide you through our research and improvement
This presentation will discuss how to implement innovative security through the Risk Management process in the Electric Industry. Recent research into recent security breaches points to the lack of relationship between cybersecurity and Risk Management at the organizational executive level. Security Issues at the executive level are best presented in terms of risk to the business rather than FUD (Fear, Uncertainty, and Doubt).
This presentation will give an example of how organizations are connecting the dots from the strategic level to implementing security solutions at the tactical level using innovative methodologies.
