The Need for Real-Time Risk ManagementDavid Walter of RSA Archer on the Role of Artificial Intelligence
As companies go through a digital transformation, they need to move toward real-time risk management - and artificial intelligence can play a critical role, says David Walter, vice president of RSA Archer.
Risk management techniques are changing dramatically, Walter says in an interview with Information Security Media Group.
"Traditionally, a risk assessment was done as a manual process," he says. "It was very qualitative in nature. It would be done by questionnaires. ... The pace of business today requires us to no longer have that mindset. ... Business is moving too quickly. ... So risk management, therefore, can't be on the sidelines looking reactively in a manual way. It needs to be inline and embedded in the business. ..."
Artificial intelligence can play a key role in automating risk management to provide a real-time view of risks, he contends.
Organizational Structure Shifts
Meanwhile, the organizational structure for security is shifting, Walter says.
"The CISO has traditionally been responsible for cybersecurity risk and has always reported into IT," he notes. "Today, most often, I am seeing them report now to the chief risk officer or the chief financial officer so that the company can get a more comprehensive view of risks across the organization and no longer have risk siloed in different parts of the organization."
In this audio interview (see link below photo), Walter offers insights on:
- Developing an integrated risk management framework;
- Adopting new technologies to enhance risk management capabilities;
- Quantifying and mapping business risks.
Walter has global responsibility for the RSA Archer GRC product line. During Walter's 11 years with RSA Archer, he has served in many capacities, including general manager of GRC in EMEA, director of product marketing and strategy and director of product management. As a public accountant and former CFO and internal auditor, he has been responsible for developing many of the solutions in the RSA Archer GRC suite. Earlier, he used the suite when he worked at the Washington Post Co.