The Seven Steps to Automating Cyber Risk: A Fireside Chat with Michael Rasmussen

Enhance your organization's security value in 2023 with Alfahive’s best practices in risk quantification and management
Oops! Something went wrong while submitting the form.

Webinar Speakers

Webinar Speakers
Michael Rasmussen
The GRC Pundit & Analyst
Anil Gandharve
President & Co-CEO
Hosted by
Isaiah Mcgowan
Principal Product Manager

Webinar Summary

An overview of the current state of the cyber risk landscape

Michael Rasmussen provides an overview of the current state of the cyber risk landscape.

  • Emphasis on the complexity of modern organizations with distributed and interconnected structures.
  • Cyber risk landscape marked by constant disruption and the need to address new threats and vulnerabilities.
  • Business environment is dynamic, undergoing continuous changes in technology, regulations, employees, and third-party relationships.
  • Inevitability of cyber-attacks highlighted, including phishing, ransomware, and data breaches across industries.
  • Focus on digital resilience and accountability through regulations like the EU's Digital Operational Resilience Act and the Bank of England's guidance.
  • Recognition that cyber risk management involves the entire business, not just IT departments.
  • Attacks target not only large corporations but also small and medium-sized businesses.
  • Evolution of cyber risk management strategies crucial due to the ever-changing landscape.
  • Failure to manage cyber risks can lead to severe financial, operational, and reputational damage.
  • Automation plays a role in streamlining tasks, enhancing efficiency, reducing human errors, and enabling strategic decision-making.

The Seven steps in automating Cyber risk management journey

Walkthrough of each step in the journey:

1. Plan Assessment: Discuss the purpose, importance, and common practices in planning an assessment, and how automation can streamline this process.

2. Evaluate Controls: Talk about evaluating internal and third-party controls, highlighting the role of automation.

3. Estimate Risk Likelihood: Discuss how automation can help in accurately estimating risk likelihood.

4. Estimate Business Impact: Discuss the role of automation in determining the potential business impact of cyber risks.

5. Prioritize Risk Treatment: Discuss how automation aids in prioritizing risk treatment strategies.

6. Reporting: Talk about the importance of effective reporting in cyber risk management and how automation can help.

7. Continuous Monitoring: Wrap up with a discussion on the role of automation in continuous monitoring.

A case study demonstrating how automation has transformed the cyber risk management journey of a large retail organisation

  • The case study showcases successful automation technology implementation in a complex retail setting.
  • Challenges included fragmented control assessment, risk analysis, and decision-making processes across multiple brands, countries, and online channels.
  • Manual practices involving spreadsheets and emails for control state collection hindered actionable risk insights.
  • Automation solution from Alfahive was introduced to address these challenges.
  • The platform automated control state collection and considered both internal and external threat perspectives, leveraging MITRE attack and defend techniques.
  • Holistic view enabled quantified risk analysis using pre-built business impact analysis templates.
  • Productivity of risk analysts increased by 100%, enabling more assessments within the same time frame.
  • Automation technology facilitated better reporting, presenting risk insights in business-contextual terms for improved engagement with leadership.
  • Data-driven decisions on risk reduction investments became possible, optimizing fixed time and resources.
  • The integrated approach of automation demonstrated its potential to effectively tackle complex challenges and create significant impacts in intricate business environments.

Key take aways of the discussion

In summary, successful risk assessment involves evaluating current practices, assembling the right team, utilizing appropriate technology, implementing changes incrementally, and remaining flexible to address changing risks. This holistic approach ensures a proactive stance in managing and mitigating potential threats within an organization.


Listen in to the interesting questions put to the speakers and their responses.

What’s a Rich Text element?

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually.

Static and dynamic content editing

1. A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

How to customize formatting for each rich text

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

Join us in our upcoming webinar where we will discuss the limitations of manual risk management.

Gain valuable insights on how to -
  • Assess your organization's readiness for the switch
  • Implement best practices
  • Monitor and continuously improve your cyber risk automation over time
  • Effectively communicate cyber risk value to key stakeholders.
Making the switch to automated
cyber risk management
Michael Rasmussen
The GRC Pundit & Analyst
24th May
1500 GMT
0800 PT
High, medium, or low-risk ratings don’t mean anything to me. They lack business context. Now we can have a much more meaningful conversation based on an independent piece of technology.
Director of IT
Governance & Compliance

Seven steps to automate cyber risk journey.

Cyber Risk Automation
Assess. Quantify. Prioritize.

The webinar will provide valuable insights and practical guidance on limitations and challenges of manual cyber risk management processes. It also touches on the crucial topic of process improvements over time and best practices.
The Seven Steps to Automating Cyber Risk: A Fireside Chat with Michael Rasmussen!
Register for the webinar >
Microsoft Teams Webinar
29th August at 1400 GMT | 0700 PT
Guest Speaker
Michael Rasmussen
The GRC Pundit & Analyst
Guest Speaker
Michael Rasmussen
The GRC Pundit & Analyst