Undertaking an information security risk assessment
Julian Meyrick, Vice President, Security Services Europe, IBM gives an extended session on undertaking an information security risk assessment at today’s conference. Juliian’s session provided a step by step guide to undertaking a risk assessment of information security risks and cyber security issues organisations/services may face.
Julian Meyrick’ s full presentation is available for download at the end of this page.
In his presentation Julian made the following comments;
"the government are worried about this as things have been built without security in mind. It may be due to cost but always more costly to add security retrospectively"
"There is a need for a risk culture. Staff are your best defence. They are a fantastic set of sensors but they need to be educated."
"IBM are currently working with University Hospitals of Leicester to make them a fully paperless digital hospital"
Julian described a framework for effective security management built around core practices which establishes a structure that allows the mapping of security initiatives to executive-level language. This systematic approach to security can help better optimise resources and investments, protecting what is essential to your mission and defending your organization/service against evolving threats.
Julian answered key questions like:
- What are my current exposures, and how do I implement capabilities to address security exposures?
- Am I allocating resources to the right priorities?
- How do I more effectively communicate security at an executive level?
The cyber threat is today's battlefield; a business risk to every organisation and a global challenge that requires a global capability.
Julian leads IBM's Security Services Division in Europe, delivering security consulting, security implementation services and managed security services to clients. Julian has been assisting government to raise awareness of the business risk posed by the cyber security threat since 2005 and has lectured to the Warwick University Cyber Security and Management MSc Course.
From 2010 to 2012 Julian was a Partner in the Aerospace & Defence practice in IBM Global Business Services. Julian was invited to lecture at the UK Defence Academy's Centre for Defence Acquisition in 2011 and 2012 and contributed articles in 2010 to Military Logistics International and the MOD's Defence Contracts Bulleting on enabling Contracting For Availability in the land environment.
From 2005 to 2009 Julian led IBM’s Defence & Security team in the UK as the Client Director, Defence & Security, responsible for IBM’s business relationship with the UK Ministry of Defence, the Home Office and Ministry of Justice within the UK Public Sector.
Julian has a long standing interest in defence & security policy and has been an active member of the Royal United Services Institute since 2002. Julian has been an active contributor to several industry associations including UKCeB as a member of the Defence Reference Group and was invited to be a founder member of the Intellect Defence & Security Board in November 2006.
In previous roles Julian has worked in IBM's corporate headquarters in New York and was selected to be Executive Assistant to the Chairman of IBM Europe, Middle East and Africa in Paris in 2004.
Julian joined IBM in 1995 after serving six years in the Royal Green Jackets in the British Army, including serving as the Regimental Signals Officer.
Future conferences of interest:
Electronic Document Management in Healthcare: Delivering a Paperless NHS
Wednesday 1 July 2015
Manchester Conference Centre, Manchester
Download: Julian Meyrick Full Presentation12 May 2015