Claude Mandy

Claude Mandy

Sr Director Analyst
Claude Mandy is a Senior Director Analyst responsible for covering a variety of topics across security, risk management and privacy, focusing primarily on what are the building blocks of successful programs, including strategy, governance, staffing/talent management and organisational design and communication. He brings firsthand experience of building information security, risk management and privacy advisory programs with global scope.
Read More Read Less
Tuesday, 21 June, 2022 / 10:30 AM - 12:00 PM AEST
Workshop: How to Measure the Success of Your Security Awareness Program Without Asking

Security awareness programs are undeniably critical to reducing risk within organizations, but their effectiveness can be difficult to measure without user input. This session will workshop what and how to measure the outcomes and behaviors that demonstrate an understanding of the challenges that users face, rather than using legacy approaches to assess knowledge.

Tuesday, 21 June, 2022 / 03:45 PM - 04:15 PM AEST
Data Storytelling: A Better Way to Communicate Cyber Risk With Data

Data storytelling offers a more engaging means of communicating risk than BI reporting or data visualization alone. This trend is an extension of the now dominant self-service model of BI, combining data visualization with narrative techniques. What is a data story? When and how should data storytelling be used when communicating cyber risk? What new skills and techniques are needed to create compelling data stories?

Wednesday, 22 June, 2022 / 10:15 AM - 11:45 AM AEST
Workshop: Expanding the Business Impact Analysis (BIA) to Meet Your Security, Risk and Privacy Needs

Conducting a business impact analysis (BIA) is a critical step to determining the importance of IT systems to an organization and planning based on their importance. Join us to learn how to adopt a more holistic Integrated Risk Management approach to BIAs to meet the needs of security, risk and privacy functions outside of their normal usage in business continuity and disaster recovery planning.

Wednesday, 22 June, 2022 / 02:30 PM - 03:00 PM AEST
You’ve Got Third-Party Risk Management All Wrong — Why CISOs Need to Rethink Their Approach

Third-party risk management is a regulatory requirement in most highly regulated industries and good practice in all industries. Today's approaches are mired in lengthy and complex assessments of the security controls of the third party and do nothing to manage cyber risk to your organization. This session will discuss how alternative approaches may drive greater value for your organization.

Join us to hear from Gartner experts and thought leaders.