Subjective vs objective risk assessment

preview_player
Показать описание
A recent Gartner survey discovered that 80% of security leaders utilize the least sophisticated form of Cyber Risk Quantification (CRQ). Standard CRQ methods involve a combination of estimation, approximation and guesswork. The process typically involves many manual calculations, which makes the quantification biased and error-prone. These CRQ efforts consume significant time and effort while yielding low-confidence results. CRQ findings are out-of-date and not easily actionable. This lack of trust and actionability with legacy CRQ techniques has limited its usefulness for both senior executives and operational teams.

Chris Novak, world-renowned cybersecurity executive at Verizon and advisor at CISA, and Gaurav Banga, Founder and CEO of Balbix, discuss Cyber Risk Quantification.

Chris and Gaurav have spent over two decades observing and helping CRQ efforts at various organizations, and in this session they will discuss their findings and insights.

What are the various options for implementing CRQ?
Why do so many organizations fail to get CRQ right?
How do you set yourself up for success if you are considering CRQ?
What are the benefits seen by organizations who have implemented CRQ the right way?
Рекомендации по теме