New ISACA Paper Enables Enterprises to Use Cyberrisk Quantification to Improve Approach to Cybersecurity Risk
illi News/10126455

SCHAUMBURG, Ill.--(BUSINESS WIRE)--Cyberrisk quantification (CRQ) expresses cybersecurity risk in terms of monetary value to the enterprise, translating technology concerns into business concerns. A new white paper from ISACA, Cyberrisk Quantification, addresses the importance of acquiring useful data and amplifying it as part of a CRQ analysis.

The white paper outlines considerations related to measurement—exploring verbal, ordinal and ratio scales and the issues involved with each—as well as dives into the methods for gathering data, including external sources, internal data sources, and the opinions of subject matter experts.

Cybersecurity practitioners can then learn about how Monte Carlo Simulations can be used to transform quantified inputs into CRQ outputs, as well as how to integrate CRQ with other risk assessment methods, including control-based assessments and vulnerability assessments and static/dynamic code analysis.

More on illi News

• $430 Million 2026 Revenue Forecast; 26% Organic Growth; $500,000 Stock Dividend Highlight a Powerful AI & Digital Transformation Story: IQSTEL $IQST
• Wzzph Deploys 5-Million-TPS Trading Engine with Hot-Cold Wallet Architecture Serving 500,000 Active Users Across Latin America
• Preston Dermatology & Skin Surgery Center and Dr. Sheel Desai Solomon Dominate Raleigh's Best Awards from The News & Observer
• $73.6 Million Multi-Year Backlog and Florida State Term Contract Drive Momentum for AI-Cybersecurity Pioneer: Cycurion, Inc. (N A S D A Q: CYCU) $CYCU
• Year-Round Deals for Customers With Square Signs

"CRQ can be a critical enabler of improving organizations' approach to cyber risk. However, cybersecurity measurement can bring its own set of challenges, including accurately gathering data and addressing issues with verbal and ordinal scales used to measure the risk," says Paul Phillips, CISA, CISM, MBA, ISACA IT risk professional practices lead. "By understanding the CRQ techniques and additional risk assessment methods that can be implemented, as well as acquiring the right data from both internal and external sources along with SME insights, enterprises can have a clearer picture of the overarching threat landscape."

This topic will be addressed in further depth at the upcoming complimentary webinar "Quantifying Cyber Risk," on 10 June 2021 at 12:00 PM (EDT) / 11:00 AM (CDT) / 9:00 AM (PDT) / 4:00 PM (UTC), presented by Jack Freund, Ph.D., Head of Cyber Risk Methodology at VisibleRisk, and Jack Jones, Chief Risk Scientist, RiskLens and Chairman of the FAIR Institute. To register, visit www.isaca.org/education/online-events/lms_w061021.

More on illi News

• SecurePII Raises US$3.5M (A$5M) to Unlock AI and Compliance for Voice Data and Expands Global Presence
• The Data Diva Talks Privacy Podcast Celebrates Six Years, Nears One Million Downloads Globally
• Peter Coe Verbica Stands with Rural Families and Horse Owners: "Keep Horses Classified as Livestock"
• The Mobile-First Company Raises $12M to Build Simple, Powerful Software for Small Teams
• Lick Pineapple Flavored Massage Oil Outperforming and Enticing

For a complimentary copy of Cyberrisk Quantification, visit www.isaca.org/bookstore/bookstore-wht_papers-digital/whpcrq. Additional ISACA cybersecurity resources can be found at www.isaca.org/training-and-events/cybersecurity.

About ISACA

ISACA® (www.isaca.org) is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation.

---

Show All News | Report Violation