Cyber Risk Management 101

Summary

In today’s hyper-digitalized world, cybersecurity risks are a major concern for businesses of all industries. This presents a highly complex problem to businesses, which makes the use of accepted concepts and frameworks in Cyber Security Management essential.

• Marcel Zumbühl, CISO of Swiss Post, will discuss common cybersecurity frameworks and how they help organizations manage and control these risks.
• Hans Ulrich Amsler, CISO of Valiant, will then go deeper into how an organization can implement a sensible Cyber Risk Management framework and point to ‘must-haves’ as well as possible stumbling blocks.

By understanding and adopting these frameworks and practices, businesses can effectively mitigate cybersecurity risks and protect their valuable assets. We will also answer these questions:

• Which frameworks and methods help to collect and aggregate this particular risk into a condensed and actionable control environment.
• What discussions does the CISO need to have with the executive management and the board of directors? How can they set the right risk appetite for the organization?

Presenters

• Marcel Zumbühl – CISO Swiss Post, and certified Board Member
  Marcel Zumbühl is Group CISO of Swiss Post Group and member of the Post-IT Executive Board since 2018. He is responsible for all cybersecurity aspects of on of Switzerland’s largest enterprises. Marcel also is certified Member of the Board of Directors at Hacknowledge SA and terreActive AG, the cybersecurity affiliates of Swiss Post. He studied artificial intelligence, math and business administration at the Uni Bern, and is alumni of IMD and Uni Rochester Bern. He held positions in Accenture, Swisscom and Credit Suisse both abroad and in Switzerland. Marcel lectures at ETHZ since 2009 and HSLU in Riskmgmt and Riskcommunication. Marcel is Co-President of Information Security Society Switzerland, Switzerland’s largest organization for cybersecurity professionals. He was awarded with the first-ever Swiss CISO of the Year award 2023.
• Hans Ulrich Amsler – CISO at Valiant Holding
  Ueli Amsler has been leading the IT security at Valiant Bank AG as Chief Information Security Officer (CISO) since February 2023. Prior to this role, he spent 4 ½ years in the army, where he established the Cyber Fusion Center. This center includes the Security Operations Center (SOC), the Computer Emergency Response Team (CERT), a team for situation representation, and an infrastructure team. For 18 months, he additionally took on the leadership of the Cyber Security department, assumed the role of CISO for the Führungsunterstützungsbasis, and was a full member of the executive management. Before that, he was responsible for managing major disruptions at Swisscom for 7 years from the Operation Control Center. His most recent educational achievement is completing a Certificate of Advanced Studies (CAS) in Cyber Security Management at HSLU. Ueli Amsler is 49 years old, married, and has 2 children.

Introduction by Maya Bundt, Board Member Swiss Risk Association and Cyber Strategist.

Agenda

17:45 Doors open – Name Tag Collection
18:00 Welcome & Introduction (Maya Bundt)
18:05 How widely accepted frameworks bring order to a complex problem (Marcel Zumbühl)
18:30 Wie Cyber Risk Management in der Praxis funktioniert (in German, Hans Ulrich Amsler)
18:55 Q&A and Closing ​(moderated by Maya Bundt)
19:30 Networking drinks (all)
20:30 End

Chapter Event

This Chapter Event is available to members and free. We will be presenting one or more speakers to share their knowledge, updates and best practices on a specific risk topic. Within the small groups of risk professionals you can exchange thoughts and test ideas. This event is hosted by chapter Cyber Resilience.