How much should your organization spend on information security? What’s the potential cost of a major hack or data breach? What’s the risk that your enterprise will be hit by a cyberattack? How can you measure the benefits of your investment in cybersecurity?

Today’s businesses wrestle with these questions every day. On one hand, they look at their growing IT security expenditures and wonder whether they are spending too much – or not enough. On the other hand, the likelihood of a major data compromise – and the associated costs – have never been higher.

Cybersecurity: Costs, Risks, and Benefits will help you answer many of these difficult questions. This online event, hosted by the editors of Dark Reading, brings together IT security leaders, business executives, and cyber threat experts will provide you with a holistic view of the costs and benefits of information security investments.

If you’re a top executive, you need to be able to measure the risks and benefits of IT security in order to gauge the right amount of investment. If you’re an IT security professional, you need to be able to make a solid business case for hiring more staff and buying new technology. In either case, by attending you’ll get some formulas to help you evaluate the costs and benefits of IT security.

You will also get insight on how to measure risks and the performance of your IT security initiatives, so that you can evaluate the role that data security plays in your own organization, and the potential impact of future threats.



Find out the extensive toll a breach can take on an organization, and explore the investments needed to protect it.



Understand the likelihood of your organization being breached and whether cyber insurance is worth the investment.


IT Security

Get information as to the costs of IT security, cost management, and demonstrating performance and growth in the efficiency of the IT security department.

What You Will learn

How damaging a breach can be to your business – from a financial, legal, brand, and customer/supplier relationship standpoint.

Ways to manage IT security costs while achieving the greatest efficiency.

Valuable information about cyber insurance policies and whether they can be the answer to the IT security spending question.

Methods for measuring the cost of a breach as well as the likelihood that your organization will suffer such an event.

Ways for measuring IT security performance, as well as justifying the cost of new IT security spending.

How to build a “business case” for IT security and how to demonstrate performance and growth in the efficiency of the IT security department.


KEYNOTE: The Real Costs of a Security Data Breach
11:00am – 11:45am ET (followed by a 15-min Commentary Desk)
Speakers: Chris Novak, Director, Global Investigative Response, Verizon; Matthew Gardiner, Sr. Product Marketing Manager, Mimecast; Tim Wilson, Editor in Chief, Dark Reading

A top expert offers business-level view of a major data breach. The speaker will not only discuss the damage that an attacker can do and the cost to repair it, but potential legal fallout and the impact of a breach on an organization’s brand and customer/supplier relationships.

KEYNOTE: Evaluating and Managing the Costs of IT Security
12:15pm – 1:00pm ET

Speakers: Andrew Morrison, Principal, Deloitte Risk and Financial Advisory Cyber Risk Services; Sara Peters, Senior Editor, Dark Reading

An industry expert discusses the costs associated with enterprise security – not only the technology investment, but personnel costs and administrative overhead. You will get a better sense of the most costly investments made in IT security, and how to manage those costs to get the greatest efficiency.

KEYNOTE: Cyber Insurance: A Risk Management Tool?
1:30pm – 2:15pm ET

Speakers: David Bradford, Chief Strategy Officer & Director of Strategic Partnership Development at Advisen; Tim Wilson, Editor in Chief, Dark Reading

An expert on cyber insurance costs and policies answers questions on whether insurance is an answer to the IT security spending question. You will get answers on how much a cyber insurance policy will cost, how it works, and whether it will cover all of the damage incurred by a major data breach. You will also get advice on whether investing in cyber insurance can lead to reduced investment in cybersecurity technology and staff.

PANEL: Measuring Cybersecurity Risk 
2:45pm – 3:30pm ET

Speakers: Jay Jacobs, Sr. Data Scientist, BitSight Technologies; Jack Jones, Chairman of the FAIR Institute and EVP of Research and Development, RiskLens; Terry Barbounis, Global Architect Evangelist, CenturyLink; Tom Bienkowski, Director DDoS Product Marketing, Arbor Networks; Kelly Jackson Higgins, Executive Editor, Dark Reading

Gauging the potential cost of a cybersecurity breach isn’t just a question of estimating the damage it might cause – it also means evaluating the likelihood of a compromise. In this panel discussion, top security experts will discuss methods for measuring the cost of a breach as well as the likelihood that your organization will suffer such an event in the days ahead. You will get advice to measure the threat to your specific organization, as well as the potential costs, to arrive at a risk model that you can use to make security spending decisions.

PANEL: Measuring the Performance and Benefit of an IT Security Department
3:45pm – 4:30pm ET

Speakers: JR Cunningham, Sr. Executive Director, Executive Solutions at Optiv; Jeff Pollard, Principal Analyst Serving Security & Risk Professionals, Forrester; Caspian Kilkelly, Security Consultant, Rapid7 Global Services; Adam Vincent, CEO, ThreatConnect; Kelly Sheridan, Associate Editor, Dark Reading

One of the most difficult questions that IT security managers face is how to prove that their efforts are a benefit to the business. In this panel discussion, top security experts discuss methods for measuring IT security performance, as well as justifying the cost of new IT security spending. You will receive recommendations on how to build a “business case” for IT security and how to demonstrate performance and growth in the efficiency of the IT security department.


  • Adam Vincent
    Adam Vincent CEO, ThreatConnect

    Adam is an information security expert and is currently the CEO and a founder at ThreatConnect, Inc. He possesses over a decade of experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security. The culmination of this knowledge has led to the company’s creation of ThreatConnect, the first-of-its-kind threat intelligence platform.

  • Andrew Morrison
    Andrew Morrison Principal with Deloitte Risk & Financial Advisory Cyber Risk Services

    Andrew Morrison is a principal with Deloitte Risk and Financial Advisory Cyber Risk Services where he leads the Resilient practice. Andrew is responsible for Deloitte’s Cyber Incident Response, Cyber Wargaming, and Technical Resilience service lines.  His focus is on the development and delivery of cross-industry services helping clients improve their preparedness for cyber-attacks, and accelerating enterprise business recovery in the wake of cyber incidents.  Andrew primarily serves clients in the financial services industry and focuses on risks within the banking and securities sector.

  • Caspian Kilkelly
    Caspian Kilkelly Security Consultant, Rapid7 Global Services

    Caspian Kilkelly has 20 years of experience in Security, IT operations and management. His security career highlights include physical security consulting, crime prevention, digital forensics, incident response, and information security policy development. He has worked in a variety of fields, including insurance, health, education, and telecommunications. Caspian has spent the last 10 years of his career working as a volunteer with IHE (Integrating Healthcare Enterprise) securing medical devices and software entering the North American market.

  • Chris Novak
    Chris Novak Director, Global Investigative Response, Verizon

    Christopher Novak is a co-founder and the Director of the Verizon Investigative Response Unit a division of the Verizon RISK Team. He is an internationally recognized expert in the field of Investigative Response and Computer Forensics. He has been involved with information security for over a dozen years. Christopher has assisted corporations, government agencies, and attorneys with all matters involving computer forensics, fraud investigations, and crisis management.

  • David Bradford
    David Bradford Chief Strategy Officer and Director of Strategic Partnership Development at Advisen Ltd.

    As Chief Strategy Officer, Dave monitors market trends and advises the CEO and fellow Executive Committee members on developments that can have an impact on the company’s strategic initiatives. As Director of Strategic Partnership Development, he cultivates and manages relationships with companies with complementary products and services. Prior to co-founding Advisen in 2000, Dave spent 20 years in the reinsurance industry in underwriting, marketing and strategy development roles. He was most recently a senior vice president with Swiss Re where he led the Global & National Division of Swiss Re America, a $500 million profit center. Prior to Swiss Re, Dave was a senior vice president at Reliance Reinsurance Corp where he founded and managed the Special Programs Department. Dave began his career as an actuarial analyst and treaty underwriter with Allstate’s Assumed Reinsurance Division.

  • Jack Jones
    Jack Jones Chairman of the FAIR Institute and EVP of Research and Development, RiskLens

    Jack Jones has worked in technology for over thirty years, and information security for over twenty-five years. He has ten years of experience as a CISO with three different companies, including five years at a Fortune 100 financial services company.  Jack is an active member in ISACA, serving on the task force that created the RiskIT framework and playing a lead role in developing the CRISC certification.  He is also the creator of the “Factor Analysis of Information Risk” (FAIR) framework adopted by the Open Group as an international standard.

  • Jay Jacobs
    Jay Jacobs Sr. Data Scientist, BitSight Technologies

    Jacobs spends his days pouring through data. Prior to joining BitSight, Jacobs spent four years as the Lead Data Analyst on the Verizon DBIR. Jacobs is the Co-Author of Data Driven Security, a book covering data analysis and visualizations for information security, and hosts the Data-Driven Security podcast. Jacobs is also a Co-Founder of the Society of Information Risk Analysts (SIRA) and currently serves on the Board of Directors.

  • Jeff Pollard
    Jeff Pollard Principal Analyst, Forrester

    Jeff Pollard is principal analyst at Forrester, primarily contributing to Forrester’s offerings for security & risk professionals. His research guides client initiatives related to managed security services, security outsourcing, and security economics. He helps senior technology managers with their plans to leverage a composite set of security services to drive business outcomes. His research focuses on integrating security services into operational workflows, incident response processes, threat intelligence applications, and business requirements.

  • JR Cunningham
    JR Cunningham Sr. Executive Director, Executive Solutions at Optiv

    An accomplished innovator and premier thinker in cyber security and risk management with a proven track record of success, J.R. Cunningham has performed executive consulting, architecture, and assessment work across the globe and in a wide variety of industries. J.R. has used his IT, security and business acumen to help build an industry respected executive consulting practice for Optiv. J.R. is known throughout the industry as an evangelist of practical and business aligned security techniques. In addition to his practice leadership, J.R. currently serves as a consulting CISO and CIRO for strategic clients at Optiv.

  • Julian Martin
    Julian Martin VP of Product Marketing, Mimecast

    Julian Martin is the VP of Product Marketing at Mimecast and helps develop and manage the company’s positioning and strategy. With over 18 years’ experience in the IT security industry, he joined Mimecast in 2008 to manage the relationship with Microsoft, establish the channel program and support partner recruitment for the EMEA region. Born and educated in the UK he moved his family permanently to the US in 2012 and is now working on his Boston accent.


    Kelly Jackson Higgins is Executive Editor at Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, CommunicationsWeek, Virginia Business magazine, and other major media properties.

    KELLY SHERIDAN Associate Editor, Dark Reading

    Kelly is Associate Editor at Dark Reading. She previously reported on Microsoft and business IT for InformationWeek, before which she wrote for Insurance & Technology, InformationWeek Education, and Promo Marketing. She loves to travel and spent a year working remotely while living in 13+ countries as part of Remote Year.

  • Matthew Gardiner
    Matthew Gardiner Senior Product Marketing Manager, Mimecast

    Matthew is currently focused on email security, phishing, malware, and cloud security. With more than 15 years focused in security, Matthew’s expertise in various roles includes threat detection & response, network monitoring, SIEM, endpoint threat detection, threat intelligence, identity & access management, Web access management, identity federation, cloud security, and IT compliance at RSA, Netegrity, and CA Technologies.


    Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law.

  • Terry Barbounis
    Terry Barbounis Global Architect Evangelist, CenturyLink

    Terry Barbounisis the Global Architect Evangelist for CenturyLink’s Advanced Technology Solutions (ATS) organization where he’s responsible for collaborating with other solution architects, product management, sales and marketing teams to develop stories that help customers “connect the dots” between real world business challenges, thought leadership best practices, as well as industry insights that will help customers through transformative technology solutions.

  • Tim Wilson

    Tim Wilson is Editor in Chief and co-founder of Dark Reading, UBM Tech’s online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute.

  • Tom Bienkowski
    Tom Bienkowski Director DDoS Product Marketing, Arbor Networks

    Tom has been in the network and security field for over 20 yrs. During this time he worked for large enterprises as a Network Engineer and for multiple network management and security vendors where he has had roles in Sales Engineering /Management, Technical Field Marketing and Product Management. Currently at Arbor Networks he is the Director of Product Marketing focusing on the fixed and mobile Service Provider markets.

Explore Our Virtual Event Environment

Get an insider look at these key spaces in this virtual event, prior to attending:

  • Lobby: Where you arrive once you register and login
  • Content zones: Where you can collect resources like white papers
  • Auditorium: Where you can view keynotes, panels, and spotlight content

Don’t delay! Register today to get a clear understanding of the risks your organization faces, information on how to measure risks and the performance of your IT security initiatives – so that you can evaluate the role that data security plays in your own organization, and the potential impact of future threats. Register today!


Diamond Sponsors


Platinum Sponsors