00
days
:
00
hours
:
00
mins
:
00
secs

Information security risk management: From confusion to a working model

Learn what infosec risk management actually means in practice, how the process should work end to end, and why many organizations struggle to keep it alive.

February 5, 2026
14:00 (EET)
45
minutes
auf Deutsch
på norsk
på Svenska

Reserve your seat

Limited spots available!

Join 10,000+ professionals learning to simplify compliance.

What you'll learn in this webinar

Infosec risk management is the foundation of modern security and compliance, but in many organizations it remains unclear, fragmented, or reduced to an annual Excel exercise.

In this webinar, we’ll break down what infosec risk management actually means in practice, how the process should work end to end, and why many organizations struggle to keep it alive. We’ll then show concrete, proven ways to run risk management continuously and connect it to your broader ISMS work - including practical examples of how this can be done in Cyberday.

Whether you’re building your first risk management process or trying to make an existing one actually work, this session will give you a clear, practical model to follow.

What you’ll learn

  • What infosec risk management really is - and how it differs from vulnerability lists, compliance checklists, and one-off risk assessments
  • How to run a practical, continuous risk management process - from identifying and evaluating risks to treating and monitoring them over time
  • How to turn risk management into an operational system - with clear ownership, workflows, and reporting instead of spreadsheets and fire drills

Webinar is suitable for any people information security key people in organisations, who are interested in systematic information security management and demonstrating good security level for customers.

Webinar agenda

1. What is information security risk management?

  • Main idea
  • Success factors
  • Common challenges

2. Information security risk management process

  • The basic main risk process
  • Best practices for risk evaluation
  • Different approaches to risk management (asset-based, general, change management)

3. Keeping your risk management active

  • Different running methods for risk management
  • Connection to different parts of your ISMS

4. Demo: Building your ISMS in Cyberday

  • Built-in rIsk automation
  • AI assistant support
  • Implementing general infosec risk management

5. Demo: Special risk assessments in Cyberday

  • Change or theme-based assessments
  • Asset-based risk identification

💡 Plenty of additional risk management content available @ Cyberday.ai website

We welcome questions and comments throughout the webinar! These are also an important part of the webinar content.

P.s. Registering for the webinar doesn't commit you to anything. You may also participate either "live" or via the recording, which you will receive automatically via email after the webinar is over.

Risk management in information security is supposed to guide security decisions, but in many organisations it ends up as a static spreadsheet or a once-a-year exercise.

This webinar shows how risk management should actually work in practice and how to keep it useful over time.

You’ll learn a clear, end-to-end model for identifying, evaluating, treating and monitoring risks continuously, and how to connect risk management to the rest of your ISMS instead of running it as a separate process. We’ll also show concrete examples of how this can be done in Cyberday, including automation and AI assisted workflows.

What you’ll gain

  • A clear understanding of what infosec risk management really is, and what it is not
  • A practical model for running risk management continuously, not just during audits
  • Different approaches to identifying and evaluating risks, and when to use each
  • How to move from spreadsheets to an operational system with ownership, workflows and reporting
  • A live demo showing how Cyberday supports ongoing risk management, automation and special assessments

This session is for security leads who want risk management to actually support decision making, compliance and day-to-day security work.

Join live or watch the recording afterwards!

Register now
Get recording
Register now
Your host

Aleksi Pulkkanen

Co-founder & COO, Cyberday
Certified cybersecurity expert with 10+ years helping organizations achieve compliance. Led 200+ companies through ISO 27001 certification with proven automation frameworks.

Webinar FAQ

Is ISO 27001 same as ISO27001, IEC 27001 or ISO 27001 standard?

Yes you will find many kind of references to ISO 27001 information security standards. The official the full name of ISO 27001 is “ISO/IEC 27001 – Information technology — Security techniques — Information security management systems — Requirements.”

ISO 27001 is the leading international standard focused on information security, published by these two mentioned organizations, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Both of these are leading international organizations that develop international standards.

ISO 27001 standard is the main part of a set of standards developed to handle information security: the ISO/IEC 27000 series. The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT/technical/cybersecurity issues.

27001 ISO, framework ISO 27001, ISO 27k... all refer to the same thing.

Why is ISO 27001 important?

Not only does the standard provide companies with the necessary know-how for protecting their most valuable information, but a company can also get certified against ISO 27001 and, in this way, prove to its customers and partners that it safeguards their data. ISO 27001 certification is probably the best proof for customers that information security is taken seriously and systematically managed in the organization.

Individuals can also get ISO 27001-certified by attending a course and passing the exam and, in this way, prove their skills to potential employers.

Because it is an international standard, ISO 27001 is easily recognized all around the world, increasing business opportunities for organizations and professionals.

How do I register for the webinar?

Click yourself to the desired webinar from the list above and fill out the registration form at the bottom of the page.

If you wish, you can also subscribe to our free newsletter, in which we provide weekly the most important digital security news with short interpretations and a list of upcoming webinars.

We use the Livestorm webinar software and you need to accept its termos of use when registering.

Can I get a recording of the webinar?

Yes - you will automatically receive a link to the recording in your email if you have registered for the webinar. You can also forward the recording to your colleagues if you wish.

How do I take part on the webinar?

Once registered, you will receive a message in your email with a direct link to the webinar room. You'll need a personal passcode, which can also be found in the email.

Chrome, Firefox, or Safari are recommended for participation, but with all modern browsers the webinar usually works great.

What if I can't make it?

No worries - you will automatically receive a link to the recording in your email and you can participate by viewing it at a time that suits you. If the webinar raises questions, you can ask, for example, directly at team@cyberday.ai.

Manage your ISMS

Build an ISMS in minutes with AI. Made for EU compliance.

With Cyberday, you can manage all EU frameworks through one connected ISMS built for real improvement, not audits. FastTrack gets you running in minutes, whether starting from scratch or importing your existing setup.

Start your free trial now ->

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free trial
Book a meeting
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security

Reserve your seat

Limited spots available!

Join 10,000+ professionals learning to simplify compliance.

Join our monthly admin recap

By registering in advance, you'll ensure a spot in the live session. After the live session you can fill this form to receive the video recording.