In episode 105 of Cybersecurity Where You Are, Sean Atkinson discusses the importance of context in maturing how you use cyber risk quantification to build cases for risk treatment strategies.

Here are some highlights from our episode:

• 01:56. The inspiration for an episode on cyber risk quantification
• 02:38. How to situate risk quantification in your business processes
• 08:56. Traps to avoid when quantifying cyber risks
• 12:12. How the quantification process relates to controls implementation
• 16:50. Why the right people and data can help you build something sustainable
• 23:19. Three lenses for examining cyber risk
• 26:50. Different means for communicating risk to stakeholders

Resources

• Quantitative Risk Analysis: Its Importance and Implications
• FAIR: A Framework for Revolutionizing Your Risk Analysis
• CIS Critical Security Controls®
• CIS Risk Assessment Method
• 6 Truths of Cyber Risk Quantification
• Society of Information Risk Analysts

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].