Assessing Risks Monetarily for Better Decision-MakingArcher IRM's Sam O'Brien on Operational Resilience and Quantitative Risks
In order to make good risk-based decisions quickly, it is important to assess risks quantitatively instead of making decisions based on personal experiences, says Sam O'Brien, the vice president of sales and go-to-market, Asia Pacific and Japan, at Archer IRM.
"Decision-makers are always going to consider risks and rewards. Too often these decisions are based on historical data, which can be heavily skewed by personal experiences, hunches, etc.," O'Brien says. "Quantitative risk assessment is actually the key to enable organization to get across the breadth of their risk universe. What I do see coming in now, especially for risks that have strategic impact, is the ability to enable a true 'dollars and cents' conversation around these risks. I see that becoming extremely important."
In a video interview with Information Security Media Group, O'Brien also discusses:
- How to achieve operational resilience;
- How to assess vendors against control frameworks and regulations;
- How to balance cyber capabilities to mitigate threats.
O'Brien is vice president of sales and go-to-market, Asia Pacific and Japan at Archer IRM. He helps organizations meet and exceed their risk and compliance goals. He began his career as a practitioner before moving into consulting and then into GRC and IRM technology transformation.