“Steve and I met through his leadership of the New York City FAIR Chapter. His commitment to the chapter and the programs it supports have been an invaluable resource to business leaders who make decisions about risk. Beyond his direct support of the NY chapter, Steve is recognized as an authority on quantitative risk measurement and his presentations at industry conferences are insightful and well attended. As he and I have similar professional responsibilities, I have relied on him as a great sounding board and source of good ideas. Steve is a first team, varsity player and I recommend his work with enthusiasm.”
About
Steve Reznik is an industry leading risk management professional focused on making…
Activity
-
Tonight, as we have done for the last two decades, Whitley Hall at #TAMUC will light up in remembrance of the 9/11 tragedy. The lights will stay on…
Tonight, as we have done for the last two decades, Whitley Hall at #TAMUC will light up in remembrance of the 9/11 tragedy. The lights will stay on…
Liked by Steve Reznik
-
The CISOs of today who don't embrace cyber risk quantification will quickly find themselves behind the curve of tomorrow. The ability to express…
The CISOs of today who don't embrace cyber risk quantification will quickly find themselves behind the curve of tomorrow. The ability to express…
Liked by Steve Reznik
Education
Volunteer Experience
-
Founder & Chair of Greater New York City Area Chapter
Founder & Chair of Greater New York City Area Chapter
FAIR Institute
-
Marching Band Pit Crew
Marching Band Pit Crew
West Orange High School
-
Author, Reviewer
Author, Reviewer
ISACA
Publications
-
What's in Your Risk Assessment?
RSA Conference, San Franciso, CA
Not all risk assessments are created equal. And many compliant methods are not useful for running the business. This session will accelerate your approach to the high quality decision data desired by internal stakeholders while making your external stakeholders smile.
Other authorsSee publication -
Cyber Risk Panelist - IIB Information Security & Operational Resiliency Conference
Institute of International Bankers, New York, NY
Enhancing Your Cyber Risk Management to Meet Increased Expectations: Steve was one of four panelists who discussed regulators’ increased focus on cyber risk management and methods being implemented to identify and mitigate this risk.
Other authorsSee publication -
Pen Testing Your Board Pitch: An Interactive Exercise
FAIRCON 2019, Washington DC
In one of the most closely listened-to panel discussions of the 2019 FAIR Conference: “Pen-Testing Your Board Pitch,” starring two veteran board members, James Lam (E*TRADE) and Chris Inglis (FedEx), presented attendees with a rare opportunity to hear directly from the source what board directors want to know before bestowing their support – or throwing you out of the room.
The session began with two skits – one cringe-inducing, one applause-generating. In the first dramatization, two…In one of the most closely listened-to panel discussions of the 2019 FAIR Conference: “Pen-Testing Your Board Pitch,” starring two veteran board members, James Lam (E*TRADE) and Chris Inglis (FedEx), presented attendees with a rare opportunity to hear directly from the source what board directors want to know before bestowing their support – or throwing you out of the room.
The session began with two skits – one cringe-inducing, one applause-generating. In the first dramatization, two self-confident but old-school and still using qualitative reporting infosec executives played by Jeff Welgan of CyberVista and Steve Reznik of ADP brief the board (played by James and Chris) of an imaginary bank on their security posture after a data breach at a competitor bank, complete with a colorful heat map presentation...Other authorsSee publication -
All-in-One Matrix: Regulatory Compliance Risk Assessment Overview for FAIR Practitioners
FAIR Institute Blog
Check out this resource for mapping what you are doing now to what the regulators and standards bodies are asking for.
Other authorsSee publication -
Three FAIR Use Cases
FAIR Institute Breakfast at RSA Conference
This is my short presentation to the FAIR Breakfast during the 2019 RSA Conference on how to:
-Create a common risk view
-Make risk-aware business decisions
-Select better metrics -
What Makes a Good KRI? Using FAIR to Discover Meaningful Metrics
RSA Conference, San Francisco, CA
WARNING! Viewer discretion is advised. This presentation contains talking emojis, slides with more numbers than words, and a brief instance of drama. Watching it may change your definition of risk and enable you to make better decisions.
-
Key Risk Indicators: A Quantitative Approach
FAIRCON 2018, Pittsburg, PA
Marta and I present a case study using sensitivity analysis to tweak risk factors and illustrate the effect on a baseline risk assessment. For instance, a decrease of one percent in vulnerability reduces loss exposure by the same amount as does responding to an incident 10% faster.
Other authorsSee publication -
Reporting Risk Analysis Results to Decision Makers
FAIR NYC Chapter Meeting
-
FAIR Practitioner Panelist
FAIRCON 2016, Charlotte, NC
FAIR Practitioner Panel: "How to Build a Quantitative Risk Management Program"
Other authorsSee publication -
COBIT 5 for Risk (Task Force)
ISACA
-
IT Risk Management Training Course
ISACA Training Week, Boston, MA
-
Risk Workshops Based on COBIT 5
IIA/ISACA GRC Conference, Phoenix, AZ and at the ISACA Information Security and Risk Management (ISRM) Conference, Las Vegas, NV
-
Enterprise Risk Management and IT
ISRM Conference, Las Vegas, NV
-
Implementation and Operational Issues of The Risk IT Framework
ISRM Conference, Las Vegas, NV
-
Monitoring Internal Control Systems and IT (Contributor)
ISACA
-
Make 'MyCOBIT' Your COBIT
The COBIT Focus Newsletter, Volume 1, January 2008, ISACA
My thoughts on enterprise risk assessment and using COBIT in a relational database format to create a risk and control matrix. I've continued to develop these approaches with clients and embedded them into The Risk IT Framework.
-
Back to Business with IT Governance
The Journal of Corporate Accounting and Finance, Volume 18, Number 6, Sep/Oct 2007, Wiley Periodicals, Inc.
Abstract: "Recent surveys continue to show a serious weakness in how corporate executives and boards are involving themselves with critical IT risks."
Here I provide advice to CEOs who want to take charge of IT governance and focus on the needs of IT people. I'm proud of the article's behavioral based maturity model and used it while developing the process maturity model for The Risk IT Framework.
Recommendations received
-
LinkedIn User
1 person has recommended Steve Join now to view
More activity by Steve
Executive Spotlight and Entrepreneur Speakers on this Sunday's Passage to Profit Show! Pavita Howe - Rutgers Entrepreneurs Juan Salinas -…
Liked by Steve Reznik
How lovely is this?? This electrician’s firm dropped this round to a child in the home where they had been working for 6 weeks and the child had…
Liked by Steve Reznik
Quantitative Risk Analysis is becoming more and more crucial to both modern decision making and the effective management of risk. So here's a Fun…
Liked by Steve Reznik
Congratulations to the winner of our HP 2 giveaway! Michelle G, may you have MANY years of enjoyment from your new guitar!
Liked by Steve Reznik
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Steve Reznik in United States
-
Steve Reznik
Sales Manager at Absolute Appliances
-
Steve Reznik
V.P. at Southwest Securities
-
Steve Reznik
--
-
Steve Reznik
--
6 others named Steve Reznik in United States are on LinkedIn
See others named Steve Reznik