Presented by Tom Ruoff, Principal Consultant • Image Source
Organizations face rapidly evolving cyber threats, yet many still view technology as a cost center rather than a strategic partner. This presentation reframes the conversation by translating technical risks into business and financial terms leaders understand. Attendees will learn how to identify Business Essential Functions (BEFs), quantify operational and financial impacts, and apply practical risk‑estimation methods. By establishing a common language of risk, leaders can align priorities, invest where it matters most, and meaningfully reduce enterprise exposure. The session equips both executives and IT teams with tools to build consensus and drive smarter, outcome‑based cybersecurity decisions.
Tom Ruoff serves as Principal Consultant for ImageSource, Inc. providing cybersecurity consulting services (risk assessments, threat hunting, pen testing, breach remediation, security architectures, policies, business impact assessment) to commercial clients including Native American Tribes and Tribal Casinos, he is also a founder and current CEO of Zorse Cyber. Tom retired from the Dept of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA) in June 2023, as Chief, Methodology Branch, supervising vulnerability assessments for elections, power generation/distribution, and pipelines, and Federal Government IT systems. Before DHS, Tom was the Director of Systems Division at Northrop Grumman, developing cross domain solutions (CDS) for National Security Agency (NSA) and Central Intelligence Agency (CIA). Air Force veteran with tours at NSA, CIA element of the National Geospatial-Intelligence Agency, and Defense Intelligence Agency He is a Level III Federally Certified Program Manager, PMP, CISSP, CMMI Associate, MS/BS degrees in physics and electrical engineering.
