Global Director Cyber Risk
CurrentI was recruited by the newly appointed Chief IT Risk Officer to spearhead the global cyber risk management initiative for the Omnicom enterprise. In this role, I was tasked with developing and maturing the risk program, which involved working closely with various stakeholders across the organization to identify, assess and prioritize cyber risk, and implement effective risk mitigation strategies. With my expertise in cyber security and risk management, I was able to build a robust program that helped the Omnicom enterprise stay ahead of emerging cyber threats and maintain its reputation as a trusted and secure organization. As a co-author of the Omnicom Risk Management Framework, I align the comprehensive risk lifecycle framework with ISO 31000 risk methodology to provide a systematic and flexible approach to managing risk. This framework helps Omnicom identify, assess, and prioritize risks, and develop and execute effective risk management strategies. It also provides guidelines and general principles for risk management processes, including risk identification, analysis, evaluation, treatment, and monitoring. I keep up-to-date with emerging cyber threats and regulatory requirements, seamlessly incorporating this knowledge into Omnicom's cyber risk program. I work closely with the incident response team to provide intelligence on increased emerging threats, which are added to the risk register and presented to the risk committee. As the owner of Omnicom's integrated risk management system, I design and integrate a holistic and automated approach to risk assessment and management across the enterprise, including numerous certification frameworks and risk acceptances. I manage risk and assessments for Omnicom's Corporate ISO 27001 and ISMS and effectively manage risk findings, corrective actions, and non-conformities. I also collaborate with internal stakeholders to manage ISO risk.