Presentation by: Thomas Ruoff, President of Zorse Cyber, and Chief Process Officer for Control Cyber Risk

Tom Ruoff has over 25 years in cybersecurity and is currently President, Zorse Cyber and Chief Process Officer, Control Cyber Risk. Over the last 5 years he has provided cybersecurity consulting services to over 12 Native American Tribes. His last position at the Dept of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA)(14 years) was the Chief, Methodology Branch/Vulnerability Management. Prior to DHS, Tom was the Director of Systems Division at Northrop Grumman, developing of cross domain solution (CDS) systems for NSA and CIA. Tom spent 4 years with Booz|Allan|Hamilton supporting Intelligence Community clients and is an Air Force veteran with assignments including National Security Agency, National Geospatial-Intelligence Agency, and Defense Intelligence Agency. Certifications include Level III Federally Certified Program Manager, PMP, CISSP, and CMMI Associate. He has a MS in physics and is a graduate of the United States Air Force Test Pilot School.

Session description: This presentation provides the audience information and materials to understand and conduct a cybersecurity risk assessment. Unique information includes methods to discover and document enterprise business essential functions, express disruption of the business essential functions in response and recover cost terms ($), and approaches for estimation. This presentation is intended for IT and Cybersecurity practitioners’ and leaders but is general enough in language and examples for managers to understand the concepts. Attendees will come away from the session with the ability to engage their enterprise customers, other Directors and managers, to prioritize services and construct an operationally useful Business Continuity Plan.