Lisa Young, CISSP, CISA, CISM.
Vice President of Cyber Risk Engineering, Axio

Lisa Young is Vice President, Cyber Risk Engineering of Axio and collaborates with organizations to build resilience capabilities with a specific focus on integrated risk management program design and implementation, strategic and operational metrics, and cybersecurity risk quantification. Previously, Lisa was a senior engineer at CERT at the SEI of Carnegie Mellon University. In this role, Lisa was responsible for applied research in risk and resilience management, including teaching courses on CERT-RMM, the OCTAVE® risk-based assessment method, and the Measuring What Matters: Security Metrics Workshop based on the G-Q-I-M methodology.

Lisa managed many high-profile engagements during her tenure at CERT, including the successful implementation of an enterprise risk management initiative for a FORTUNE 500 organization and improvements in the vendor risk assessment process for a large European financial institution. Lisa co-authored the CERT Resilience Management Model (CERT-RMM) and the OCTAVE Allegro Risk Assessment Method.

Lisa has earned a BA degree in Business Administration from the University of South Florida and a MS in Cybersecurity Public Policy from the University of Maryland University College. Lisa maintains the CISA, CISM, CISSP certifications, and the CERT Resilience Management Model Lead Appraiser and instructor credentials.

Cyber Risk: Government-Industry (Public-Private) Partnership Success Story

Cybersecurity is a team sport! Especially when critical infrastructure is distributed across a vast geography, owned and managed by non-governmental entities, and nefarious actors are trying to steal valuable information from your citizens.

This talk will discuss areas where industry, government, and academia have teamed up to raise awareness of cyber threats and potential solutions to better protect and sustain critical infrastructure.