Research News Hubb
Advertisement Banner
  • Home
  • Global Trends
  • Market Research
  • Contact
No Result
View All Result
  • Home
  • Global Trends
  • Market Research
  • Contact
No Result
View All Result
Research News Hubb
No Result
View All Result
Home Market Research

Call It What You Want, Cyber Risk Quantification Is Now A Must

admin by admin
February 3, 2023
in Market Research


What do Live Nation’s Taylor Swift ticketing debacle and cyber risk have in common? Bad assumptions. Whether you confidently believe you can anticipate record ticket demand or believe your payment processing infrastructure is secure enough to handle it – that belief is based on an assumption. And that assumption is based on the past performance of existing models. In Live Nation’s case, the models were wrong.

Cybersecurity faces the same problem. Our security “models” (frameworks, standards) don’t tell us how likely or severe a cyber risk is in monetary terms to the business, making it unlikely that we’ll know whether we’re secure enough. Further complicating the matter, many popular security standards refer to themselves as “risk management” frameworks, promising to measure and manage risk. In practice, they tell us which controls to implement, how to classify threats and vulnerabilities, or provide qualitative assessment criteria (like one-five ordinal scales) which have proven to be useless for decision making. We’re managing aspects of risk without knowing the full extent of the risk itself.

My new report, Start Your Cyber Risk Quantification With The Right Framework, guides CISOs through the pros and cons of traditional risk frameworks, defines criteria for a quantitative risk model, and outlines the building blocks for a successful implementation. Consider that:

  • By overlaying a quantitative model on existing security frameworks, we stop making implicit assumptions about risk. Just because a control assessment identifies insufficient security controls doesn’t mean they equate to “high risks.” On the other hand, if those controls were designed to prevent bot attacks and mediate network traffic spikes during an unprecedented concert ticket sale, quantitative modeling would’ve shown vital probability and loss estimates, which could’ve been used to put preventative measures in place before the sale.
  • Cyber risk is complex. The business can only normalize a risk event’s likelihood and impact when it is quantified financially. Your cybersecurity frameworks aren’t really risk management frameworks – and they don’t need to be. But we do need models to help us reliably measure our cyber risk. Enter the Cyber Value-At-Risk (VaR) model.
  • In 2023, CISOs are under pressure to better manage cyber risk. But you can’t manage what you can’t measure. Models like FAIR (“Factor Analysis of Information Risk”) provide a quantitative approach to help CISOs assess and communicate their cyber risk. Don’t let assumptions about your current frameworks and standards stifle your risk management maturity.

Want to learn more? Schedule a guidance session or inquiry with me and look for my upcoming research about how to create a business case for CRQ and how to successfully launch a CRQ pilot.



Source link

Previous Post

Has Football Fumbled? What Brands Need to Know.

Next Post

Marketing During a Recession: Finding Consequence of an Economic Downturn

Next Post

Marketing During a Recession: Finding Consequence of an Economic Downturn

Recommended

3 Food Packaging Trends to Watch

7 months ago

AI In Collaboration Tools Is A Tech Problem In Need Of A Human Solution

2 weeks ago

Clusters of Human Nerve Cells Proliferate in Rat Brains, Explain Scientists

3 months ago

Consumers Push Back On Price, Forcing Companies To Seek New Growth

2 weeks ago

COVID-19 Pandemic Pushed Preventive Vaccine Market Value Toward $100 Billion

1 month ago

Battery Thermal Management Systems and the Role of Lithium-Ion Batteries

4 months ago

© Research News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • Global Trends
  • Market Research
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • Global Trends
  • Market Research
  • Contact

© 2022 Research News Hubb All rights reserved.