04 (1) 04 (1)

Michele Kim | Fitch Ratings

Evolving from Annual Security Compliance Training to Risk-Based Policy and Training

WATCH ALL HRMCON SESSIONS

 

Cyber Vigilance
evolving from compliance training to HRM

Security awareness and training is rapidly evolving. Five years ago many organizations only engaged employees in improving security vigilance through annual security compliance training. During this session hear Fitch's progressive journey from check-the-box annual compliance training to a robust Human Risk Management program and policies that utilizes public recognition for vigilance and targeted interventions for risky behaviors. Finally, hear how Fitich is planning to strengthen its HRM program with individual and departmental human risk scorecareds. 
Kim, Michele 4x5

Meet Michele Kim

With 15+ years of experience in the IT and financial services industry, Michelle is a seasoned cybersecurity and risk management professional who leads the Technology Risk function at Fitch Ratings, a global leader in credit ratings and research. Her mission is to ensure the security, integrity, and compliance of Fitch's technology infrastructure, applications, and data, and to provide strategic guidance and support to the business on technology risk matters. Michele's expertise spans information security, cyber security, business information risk, vulnerability management, governance risk and compliance (GRC), identity and access management (IAM), security awareness, communications, executive reporting, program management, project management, and business analysis. Michele has successfully implemented and managed multiple security initiatives, frameworks, and tools across the organization, and has received the GTO RARE Award for outstanding contributions. Michele is also certified in CISM, GSEC, GSTRT, and ITIL, and speaks Korean fluently.

Watch HRMCon on Demand now!

3-4

Unveiling the Adversary: War Stories and Discoveries from the Human Element

David Kennedy, TrustedSec

Play Button David T

Targeting Awareness of Emerging Cyber Threats

David Tunley, Rivian

Play Button Panel

More sessions available

Hear from more than 20 speakers!

Human element breaches remain perfunctory, with one touted silver bullet: security awareness and training (SA&T). This is a market that has grown exponentially and yet, with all this training and quizzing, human-related breaches continue to increase year over year. Join us for this session to examine the major expected changes in SA&T as the industry transitions to an approach that centers on behavior: human risk management. This new approach prioritizes positively influencing behavior and instilling a security culture within organizations. The session will provide attendees with Forrester’s definition of human risk management and answer questions like: What are the drivers and challenges of security awareness and training? How is the human risk management market maturing? What are the challenges, opportunities, and practicalities of moving from SA&T to human risk management?
Burn, Jess- Swirl

Jess Burn Biography

Jess is a principal analyst at Forrester serving security and risk (S&R) professionals. She contributes to Forrester’s research on the role of the CISO with a focus on security talent management. Additionally, Jess covers incident response and crisis management, and email security. Prior to her analyst role, Jess spent eight years as a principal advisor on Forrester’s Security & Risk Council. In this role, she was a trusted partner to a network of CISOs and S&R leaders, making and communicating critical decisions about and investments in their programs. Before she was an advisor, Jess led a Forrester Consulting practice focused on helping tech and service providers with their business and go-to-market strategies. Jess holds a Bachelor of Arts in communications, with concentrations in English and marketing, from the University of Connecticut.

# # # # # # # # # # # #