Series: How to Manage Cybersecurity Risk

Superforecasting Cyber Risk Management

Superforecasting Cyber Risk Management

Image Explained: Survey data meshes with ops and claims data to support CISO’s decisions. Surveys are of superforecasters – trained security experts that forecast risk like bookies.   “Probability is expectation founded upon partial knowledge.” –– George Boole...

read more
Insurance Thinking Meets The Security Practitioner

Insurance Thinking Meets The Security Practitioner

Graph Briefly Explained: This graph models the probability of exceeding a cyber insurance limit. Three types of events (perils) are considered: data breach, business email compromise, and ransomware. The total risk line aggregates the likelihoods and impacts together....

read more
How To Manage Cybersecurity Risk: Series Introduction

How To Manage Cybersecurity Risk: Series Introduction

“All models are wrong, but some are useful...and some are measurably more useful than others.” - George Box with addendum by Doug Hubbard   Graph Briefly Explained: This is a cloud breach risk model. It uses the NIST Cybersecurity Framework (NIST CSF)1  functions...

read more