Shifting Left Sooner: Building Cyber Resilience with the Allies You Didn’t Know You Needed

What happens when you teach Cyber Security to Business Analysts? They become valuable cyber resilience allies who can leverage their position, skills and techniques to bring visibility to security & privacy needs starting at the beginning discovery stage of a project rather than later.

Through the journey of a Cyber Curious Business Analyst (BA), you’ll have an introduction to some of the tools, techniques and approaches that can be used to bring visibility to and acceptance of, security & privacy needs, controls and requirements starting at the discovery stage and onward throughout the lifecycle of a project. This talk will discuss some of the benefits of building an alliance with a Cyber Curious BA who already speaks the language of the business and who can help build a security and privacy aware culture from the middle outward in ways you may not have seen before. This presentation will be of interest to C-Suite, Project / Program Leadership, Security & Privacy Leads and their team, students looking to break into the industry, professionals wanting to pivot into the industry from other roles and of course, other Cyber Curious Business Analysts!

B-Sides Ottawa events have had such a profound impact on me personally and professionally that I’d like to pay it forward to this amazing community in case this talk or my story may be able to help some seasoned folks and those just starting out and finding their path to a role in cyber security. As a Senior Business Analyst (BA) with CISSP certification, I am in a very small group that is spread out worldwide. Both on the current transformation program I am working on as well as through collaborating with others in this unique position, I am working towards leveling up visibility of Cyber Security sooner in IT projects/programs through exploring ways to integrate security and privacy needs into business analysis techniques, tools and processes. Along with that work, one of the fundamental pieces has been teaching core cyber security concepts to BAs while showing security and privacy leaders what BAs can do as co-champions and allies for their integrated cyber resiliency cause. This is how I am currently contributing to creating cyber resilience in health care and other industries (in the future) in Canada and I want to share that knowledge to enable others to do the same. Technical Requirements: If accepted, I will present and speak to some power point slides so will be bringing a laptop if you have something to hook it up to.