Pittsburgh ISSA March Meeting

Join us on March 17th, 2026!
​​Featured Speaker: Matt Tolbert
Topic: Establishing an Effective Risk Appetite Using the FAIR Framework
Organizations struggle with defining a clear, actionable risk appetite—one that aligns business objectives with measurable, defensible cybersecurity decisions. This session brings clarity to that challenge through the internationally recognized FAIR (Factor Analysis of Information Risk) model, a quantitative framework designed to help leaders understand, measure, and communicate cyber risk in financial terms.

About the Presentation
Matt Tolbert will break down what makes a risk appetite effective, not just documented. Drawing on industry guidance and his experience presenting on cyber risk appetite at major conferences, he will explore:
•     How FAIR provides a common language and structure for defining risk appetite
•     Why quantitative metrics outperform vague labels like low, medium, and high
•     How to establish thresholds, KPIs, and KRIs that align with business priorities
•     Practical steps for integrating FAIR into governance, reporting, and decision‑making
This session is ideal for security leaders, risk managers, analysts, and anyone responsible for communicating risk to executives or boards. FAIR’s structured approach helps eliminate ambiguity and ensures stakeholders share a consistent understanding of risk tolerance and tradeoffs.

About the Speaker Matt Tolbert | LinkedIn
Matt Tolbert is a respected cybersecurity and risk specialist known for his work on cyber risk appetite development. He has presented on this topic at industry events, including sessions focused on establishing effective cyber risk appetite and aligning it with organizational strategy. His expertise spans risk quantification, cloud security considerations, and the development of meaningful KPIs, KRIs, and compliance thresholds.
Matt’s background and thought leadership make him uniquely equipped to guide organizations seeking to modernize their risk management programs using FAIR.

Thank You to Our Sponsor ZScaler | Victor Zayac
This meeting is proudly sponsored by ZScaler (www.zscaler.com). We extend our sincere thanks to Victor Zayac LinkedIn and ZScaler for supporting the Pittsburgh ISSA community and making this event possible. Their partnership helps us continue delivering high‑value educational sessions and fostering meaningful professional connections.

Date: Tuesday, February 17, 2026
Time: 5:30 PM – 7:00 PM (Presentation starts at 6:00 PM)
Location: Hackers Guild PGH - 2247 Babcock Blvd - Pittsburgh, PA 15237

Who Should Attend
Security engineers, vulnerability analysts, CISOs, SOC teams, researchers, and anyone responsible for assessing or prioritizing security risk will find this session especially valuable.