TOO BIG TO FAIL/too small to worry – Does Organizational Size Matter? Feb 19


Is a business to big to care about a security breach? Is a business to small to worry about being a target of a security breach?

Presentation Description:

Organizational executives have many concerns, cybersecurity initiatives are often a low priority until something happens. Can a large business employ a ‘too big to fail’ strategy? Can a small business employ a ‘too small to worry’ strategy? This session will examine evolving strategies of large organizations dealing with security breaches, and why they may or may not be concerned if they are a target. Conversely, small companies may consider themselves to small to be a target, and therefore think they do not need to worry about cybersecurity.

This session will examine why large organizations may employ a less than optimal strategy for cybersecurity protection. What are the effects on their client base, industry standards, regulatory compliance, negative press, and financial data. We will then compare that strategy to a small business strategy of being to small to worry about being a target. The session will cover real life examples of the effect of cybersecurity breaches on both large and small business, and why everybody should be working proactively to protect the organizations.

The session will wrap up with strategies of how to protect an organization, including outlining steps to building a lasting cybersecurity strategy for breach prevention.


Timothy M. Grace, CISA, CISM, CRISC, CIA

Tim leads the Technology Risk Advisory Services practice for Mueller Prost with more than 35 years of business experience delivering solutions that drive business innovation, optimization, and change within world class organizations. He is a leader in the fields of cybersecurity, information technology, internal audit, privacy, compliance, and risk management. Tim has brought best practices to global organizations and helped drive solutions that strengthen and enhance current technology practices.

As a leader in the information technology industry, Tim is a former President of the St. Louis ISACA chapter (2012 – 2014), and has served on several local and international ISACA committees. Tim holds the Certified Information Systems Auditor (CISA), Certified Information Security Management (CISM), Certified in Risk and Information Systems Compliance (CRISC), as well as the Certified Internal Auditor (CIA) designation from the Institute of Internal Auditors (IIA). Tim graduated from Maryville University with a Bachelor of Science degree, with an Accounting Major, and also has a Master of Business Administration degree, with an emphasis in information Systems.


– 4:30pm – 5:30pm: Registration & Networking

– 5:30pm – 6:30pm: Presentation


Tinga Chicken Nachos

Veggie Platter

Southwest Caesar Salad

Taco Bar

Fajita Bar

Tex-Mex Rice

Squash & Zucchini

Sopapilla Cheesecake

Churros con Chocolate

Soda, Tea, Water

Cash Bar


$25 non-member

Free to chapter members – use your ISACA ID as a promo code during Eventbrite checkout


1 hour of CPE Available