In this episode, we are joined by Dan Elliott (Principal for Cyber Security Risk Consulting – Zurich Resilience Solutions) as we delve into the critical topic of aligning cyber leaders with business objectives. We explore the challenges of communicating cyber risks effectively, dissect the need for a common language in cybersecurity, and discuss the evolving role of CISOs as business enablers. Join us as we tackle the intricacies of cyber risk management, the importance of understanding business goals, and the quest for a universal language in the cyber world.
Dan Elliott is the Principal for Cyber Security Risk Consulting at Zurich Resilience Solutions (ZRS) Canada and is responsible for supporting ZRS’s clients in making risk-based cybersecurity decisions to improve their overall organizational resilience. Dan has over 15 years of experience in national security and risk management and brings a unique perspective to cyber risk, having spent six years as an Intelligence Officer with the Canadian Security Intelligence Service (CSIS). Prior to that, he spent nearly a decade in law enforcement and intelligence, investigating multinational criminal organisations both online and in person. He evaluates cyber risk with the knowledge of international threat actors and the potential impact they pose to businesses and critical infrastructure, helping organizations improve their overall risk posture.
Dan is also trained in multiple cyber risk management frameworks and holds specialized expertise in stakeholder management and strategic program design. He speaks internationally about the communication challenges that exist between traditional technical professionals and business leaders. He is a regional board member of the Risk and Insurance Management Society (RIMS), a Risk Fellow (RF) and is a Certified Risk Management Professional (CRMP and CRM). Dan is a contributing member of the Cybersecurity Advisors Network (CyAN), a volunteer member with ISACA and is accredited as Certified in Risk and Information Systems Controls (CRISC).