Join your peers for a virtual Boston Chapter Meeting on Friday, December 12 at 1:30 PM ET. Presentations will demonstrate practical applications of FAIR methodology to current cybersecurity challenges, providing attendees with actionable frameworks for improving risk-based decision making in AI adoption and vulnerability management.

Event Details

Date: Friday, December 12, 2025

Time: 1:30 PM ET

Where: Virtual Meeting

Agenda:

Using FAIR to Demonstrate Value to Stakeholders
Speaker: Mike Schiavone, Manager, Cyber Risk Management, Liberty Mutual Insurance

Overview:

Earning the support and trust of stakeholders is not given. By embracing key Agile principles, risk practitioners and leaders can demonstrate value of change to stakeholders through iterative enhancements and outcome focused vision. Making the change from qualitative to quantitative risk management requires motivated teams that embrace change, deliver frequently, focus on their stakeholders, and continuously improve.

Speaker Background:

Mike Schiavone is Manager of Cyber Risk Management at Liberty Mutual Insurance. He is a cybersecurity professional with 12+ years of experience at Liberty Mutual in application security, threat modeling, and governance, risk, and compliance. Currently leading multiple teams focused on cyber risk quantification and cybersecurity policy governance.

Using FAIR for Third Party Risk Management

Speaker: Patrick Vern, Managing Security Consultant, GuidePoint Security

Speaker Background:

Patrick Vern, Managing Security Consultant at GuidePoint Security, began his career in the cybersecurity industry in 2000. He has delivered high-quality consulting services, both directly and by leading others, in security policy development, third-party risk program design, and third-party risk management as a service. Patrick is currently leading GuidePoint’s Third-Party Risk Management Practice. He has career experience that includes risk assessments, information security policies, risk management programs, and third-party risk management. Patrick holds a Master of Business Administration from the University of Florida and the Certified Information Systems Security Professional (CISSP), among other technical certifications.