John Sapp is the Chief Information Security Officer at Texas Mutual Insurance Company. With decades of experience leading security programs in highly regulated industries, John specializes in turning real-world breaches into practical lessons on risk management, incident response, and executive communication. He also serves on the Board of Directors at the FAIR Institute, helping advance quantitative risk management practices.
Key Takeaways
First, get a clear picture of how the hack occurred.
Then bring on an outside incident response team.
Involve General Counsel so legal privilege applies.
Prepare for the question “How could you let this happen?”
Turn the answer into a discussion on steps to risk reduction.