Join Ray O’Hara, Brian Allen, and John Petruzzi for an informative dialogue around Enterprise Security Risk Management (ESRM), April 11, 2019 at ISC West in Las Vegas.

With the increasing pace of business transformation, reliance on new technologies, supply chains, and board-level accountability, security risks are adapting quickly into enterprise risk and business resiliency conversations.  Enterprise Security Risk Management is a risk-based approach to security management designed to be adaptable and flexible to business environment, no matter how complex or mature.  ESRM provides a foundation for security strategy, whether for a department or a career path.

Learning Objectives:

  1. Understand the principles of ESRM and how it those principles apply to all security practices.
  2. Use ESRM principles to drive security strategy, including: budgeting, reporting, security value, building a methodology to identify an enterprises risk tolerance.
  3. Report security’s value through risk based reporting, versus a traditional reporting method of reporting efficiency and effectiveness of security assignments.


Brian AllenBrian Allen
Cyber Advisory Services
Ernst & Young

Raymond O'Hara Profile PictureRay O’Hara
EVP, International Services and Consulting and Investigations
AS Solution

John Petruzzi
EVP, Northeast Region
G4S Secure Solutions (USA)

Scroll to Top