Sonia Mishra
Photo Gallery
 |
Sonia Mishra
Additional Info
| Job title of nominated professional (or team name) | Sr. Information Security Risk Management Specialist |
| Company (where nominated professional or team is working) | Cloudflare |
| Website | https://www.cloudflare.com/ |
| Company size (employees) | 1,000 to 4,999 |
| Country | United States |
| Headquarters Region | North America |
Overview
Sonia Mishra is an experienced professional with 10+ years of work experience in Cybersecurity Risk Management in the Banking and Financial Services, Insurance, Technology and SaaS industry.
Currently, She is working at Cloudflare, Inc as a Sr. Information Security Risk Management Specialist. As part of her role, she is responsible for maintaining the Cybersecurity Risk management program for the Organization, leading the Cybersecurity Risk Assessments, identifying and evaluating the risks, proposing mitigation actions and working with multiple executives across the Organization to align and manage those risks.
Previously, she worked at Workday, Inc as a Manager, Cybersecurity Risk Management, Workday, Inc where she managed a team of professionals and led the Cybersecurity Risk Management program for the Organization.
Before joining Workday and Cloudflare, Sonia worked as a Senior Consultant with Deloitte and Touche LLP leading various Cybersecurity Risk Management projects with clients across various industries such as Banking and Financial Services, Insurance, SaaS, technology and Software
Sonia holds a 4 year Engineering Degree from Jagannath Institute Of Engineering & Technology, Jagatpur, India. She also holds a certificate from Harvard University in “Cybersecurity: Managing Risk in the Information Age” and the following industry certifications – CGEIT, CISM and CRISC and ITIL Foundation.
Accomplishments
Sonia Mishra is an experienced professional with 10+ years of work experience in Cybersecurity Risk Management in the Banking and Financial Services, Insurance, Technology and SaaS industry. She has designed and implemented cybersecurity risk management programs across various industries as well as industry certification such as ISO 27001 and NIST CSF.
She had developed and led the first-of-its-kind Semi-quantitative Cybersecurity risk assessment methodology and the Enterprise Cybersecurity Risk Assessment for the Organization. This hybrid approach of risk assessment combined security alerts data from the incident team and analyzed the 14 MITRE attack tactics (such as Privilege escalation, Credential access, Exfiltration etc.) and 200+ techniques tied to these events. Additionally, 100+ subcategories from the NIST CSF framework were mapped to each of the risks and their control effectiveness were identified. This mapping helped in determining the inherent and residual likelihood of a risk. As part of the project, she developed an excel tool to perform the calculation. The assessment helped the Organization identify the top Enterprise Cybersecurity risks that took into account the actual security events data. The hybrid approach allowed the assessment results to be reported in both numerical scales and qualitative scales to cater to various audiences consuming the results for risk prioritization and better decision making. This also resulted in an average savings of USD 4.42 million annually.
Sonia Mishra is playing a pivotal role in defining methodologies to streamline cybersecurity risk management .
Among her recent achievements:
1. Earned the status of Senior Member in IEEE
2. Serves as an “Associate Editor” for the SARC journal
2. Recognized for developing one of its kind Semi-quantitative Cybersecurity Risk Management Methodology
-
Vote for this Nomination
(click the thumbs-up icon to cast your vote)
(0 votes)You need to be a registered member to vote for this nomination. Please register here.
Loading...