I’m continuing my long series of posts that describe how to implement an information security program. Currently, we’re in the section I call “How to Measure Cyber Risks.” Now it’s…
For each cyber risk you want to measure, you’ll need to set a target score. This score represents how well the organization needs to be able to perform the cybersecurity…
Using our semi-formal, semi-quantitative approach, we’ll need a way to measure cyber risk in order to use data to manage it. Managerial Approach Because we’re taking a managerial approach to…
An essential function of a cybersecurity program is the management of cyber risk. You’ll manage it on a daily basis as part of the operational functions and projects your team…
Over the next several posts on this blog, I’ll describe how to measure, understand, and manage cyber risks at an executive level. We’ll build on everything that we’ve covered so…
In last week’s blog, we introduced the idea of designing and building your cybersecurity program for risk management and compliance. Let’s continue with some examples. A Data Security Example To…
My previous blog posts in the series have led us to this next step: Designing and building your cybersecurity program to achieve both your cyber risk management and compliance goals….
As we discussed in a previous post, being resilient to cyber-attacks and cyber failures is one of the four major goals of a Cyber Risk Management Program. The best way…
Remember when Sarah Palin’s email account was hacked in late 2008? Here’s what Wired said about it: …the Palin hack didn’t require any real skill. Instead, the hacker simply reset…