Anna Lezhikova
Anna Lezhikova is a cyber security consultant based in Wellington, New Zealand. She combines her experience in sociology, business management, communications, and IT to help companies to run and grow their business securely in the digital age. Armed with a Master's degree in Sociology, an MBA, and a Diploma in Machine Learning and Artificial Intelligence, Anna's expertise is fortified by practical know-how as a full-stack and DevSecOps engineer. This unique blend equips her with the capability to see problems from different perspectives and come up with holistic solutions.
Session
In security, poor risk assessment leads to wasted resources or catastrophic breaches. Traditional frameworks like NIST RMF and FAIR help—but often fail to address human biases, vague "High/Medium/Low" ratings, and misaligned priorities. This 3.5-hour workshop equips security specialists with calibrated estimation techniques to quantify risks more accurately. Through hands-on exercises, case studies, and probabilistic thinking, you’ll learn to move beyond guesswork, communicate risks effectively, and make data-driven security decisions. Leave with practical tools to answer critical questions: How likely is this threat? What’s the real impact? Where should we invest first?
Key Takeaways:
✔️ Fix overconfidence and cognitive biases in risk assessment
✔️ Apply calibration methods for sharper estimates
✔️ Justify security decisions with clearer, evidence-based reasoning