Practical Approach to Implement a Security Risk Management Program

Walk the line between risk and reward!

We all have a part to play in the risk management framework as we work to protect our customers, employees and partners that ultimately shape the success of any company. Come learn the importance of security risk management at Expedia Group and how the team applies the framework to our everyday work.

Attendees of this presentation will gain insight into:

• Why does security risk management matter?
• What is security risk management Lifecycle?
• How do we quantify, score and aggregate security risks?
• How do we remediate and report security risks?
• What can we do in next month, 3 months and one year to get a security risk management program up and running?

Presenter Bios:

Brandon has over 15 years’ combined experience in various risk and compliance capacities, including external consulting, internal audit, and business and security risk and compliance oversight. 10 of these years have been at Expedia Group, where he has developed a strong knowledge of how Expedia operates from both a technology and business/financial point of view, and how to best achieve efficiencies and compliance within that framework.

Krishna Sheshabhattar, Senior Manager, Security Compliance, Expedia Group

Krishna has over 8 years’ experience in risk, compliance and audit functions. He spent the last year 4 years at Expedia Group’s Security GRC and Corporate Audit Services (CAS) teams. Recently, he has been working on developing and implementing Security Risk Management program and helping with Third Party Vendor Risk Program. Earlier at Expedia, he has led and managed IT audits, risk assessments of different operational processes in addition to completing annual SOX compliance requirements. Prior to Expedia, Krishna worked at Microsoft and PwC.

Location: Virtual Meeting

Pricing: Members - Free; Non-members - $20

Instructional delivery method: Online

CPE credit(s): 1 hour