Lead independent risk management transformation initiatives for cyber risk governance and oversight functions and activities.- Formed dedicated cyber risk management committee chartered with independently assessing and measuring the bank’s aggregate cyber risk exposure and overseeing front line activities to manage.- Created and implemented new cyber risk governance and oversight data model, processes, and cyber risk taxonomy to continuously assess, aggregate and report the bank’s comprehensive cyber risk exposure leveraging COSO, COBIT, NIST CSF and controls standards.- Led transformation of enterprise cyber risk appetite and key risk indicators for executive and board reporting highlighting acute cyber risk exposure areas and priority investments to mitigate to appetite.- Led transformation of the risk organization’s information security risk monitoring plan and activities to prioritize oversight of critical risk mitigation programs and processes in accordance with relevant regulatory requirements and expectations including FFIEC, GLBA, HIPPA, etc.- Mentored resources across the second line of defense technology and information risk oversight organization to raise risk acumen and improve quality of assessments, findings and results through various risk assessment programs, e.g., Risk and Controls Self Assurance (RCSA).

Franklin Cyber Risk Consulting provides clients valuable cyber risk and loss information to inform their security investment decisions and activities. Our proprietary Cyber Loss Assessment (CLA) methodology allows organizations to understand their cyber Risk Security Investment Effectiveness Ratio, or RiskSIER (TM), providing deep insights into whether their security spending is over or under allocated, or optimized to their actual loss experience annually.

Built and led innovative programs and capabilities including:- Cyber Risk Management- Advanced Red Team- Cyber Simulations program- Cyber Threat Intelligence- Industry Partnerships- Data breach response - Security correlation and analysis / hunting- Compliance and Certification assessments including SOX, GLBA, SOC 2- Third Party information security risk assessment and managementFormer board member of the Financial Services Information Sharing & Analysis Center (FS-ISAC) and current board member of the National Cyber Forensics & Training Alliance (NCFTA).