Members’ Webinar
From Controls to Consequences: How Boards Actually Experience cyber Risk
Malcolm Kafesu, Cybersecurity Leader & GRC Practitioner, CISM, CRISC, CISA, MBCS
12.30 to 13.45
Wednesday 14th January 2026
This session challenges the traditional control-centric view of cyber risk and reframes it through the lens that matters most to executive leadership, business consequence. Drawing on real world governance experience, the webinar explores why cyber risk so often fails at the translation layer between technical teams and decision makers.
Attendees will learn how to move beyond compliance matrix and maturity models to articulate cyber risk in terms of operational disruption, regulatory exposure, financial impact, and reputational harm. The session also highlights the often overlooked a human dimension of risk, not as a training issue, but as a governance variable that materially influences outcomes.
Designed for risk, audit, and security leaders, the webinar provides practical mental models and communication techniques that can be applied immediately to elevate board level cyber conversations.
Malcolm Kafesu is a cybersecurity leader and speaker known for his work on The Human Firewall, a people-first approach to cybersecurity. Drawing on experience across governance, risk, AI assurance, and security operations, Malcolm focuses on how culture, clarity, and employee behaviour shape real cyber resilience. In this session, he explores why the human layer remains the most powerful and most overlooked defence in modern cybersecurity.
Please note, for those members who hold an ISACA certification, attendance for the full session provides 1 CPE.