Jack Jones and Doug Hubbard explain how to measure what matters on the new frontier of risk management.
by Nikhil Chawla
The CISO is confronting countless “swords of damocles.” Each one seems critical. Each one is waiting to drop on their head. Their job is to eliminate those risks before they drop. Unfortunately, security is expensive and budgets are limited. Where to start when you only get to pick one, two, or three things to mitigate out of dozens of possibilities? The straight forward answer is, “Just shoot for getting the biggest bang for you’re buck!” This is easier said than done. The risk of some yet to happen event causing real impact is highly uncertain. The value of security control in mitigating those risks are also uncertain. And, the range of impacts that can occur add more fuel to the fire of uncertainty. This podcast bring the foremost thinkers on modeling cyber risk together – to discuss modern approaches for measuring risk and deciding on the best way forward economically. Meaning, the best way forward in terms of both cost as risk reduction.
Managing risk successfully at any level requires an understanding of a concept called “probability.” As both an insurance company (risk transfer) and a cyber risk management company, Resilience relies on understanding probabilities to price our services and to guide our clients to greater levels of cyber resilience. As we often receive questions from our clients […]
Heat maps are among the most widely used—and debated—tools for risk managers worldwide to communicate risks in their registries or project portfolios. Despite their popularity, we advise leaders seeking transparency in discussing risk and value to avoid relying on them. What are heat maps? Risk managers often use heat maps (or risk matrices) to represent […]
I talk a lot about value-at-risk among my colleagues, with our customers, and the broader market. Value-at-risk may be the single most important measure to grasp, without which one cannot accurately measure risk transfer, excess risk, risk acceptance, and return on controls. Yet, these are all important concepts that leadership in modern organizations need to […]
Spotify
Apple Podcast
Google Podcast