Tag Archives: quantitative

The Ponemon Institute’s Data Breach Study

Posted on May 15, 2014 by Carmelo

In my opinion, the Ponemon Institute’s Cost of Data Breach Study is eye-opening. If you use a GRC tool that associates dollar amount loss per record, you should probably read this report and make the necessary changes. Increasing the cost … Continue reading →

Posted in Security Blog | Tagged 2014, breach, ponemon, quantitative, risk, risk analysis, study, values | Comments Off

iRisk

Posted on March 24, 2014 by Carmelo

iRisk, or the iRisk equation is another quantitative analysis formula. Like most quantitative analysis models, you solve for the risk by calculating the threat and vulnerability, and lower the risk when mitigating or compensating controls are added. Here is where … Continue reading →

Posted in Security Blog | Tagged 2014, fair, irisk, ISO 27001, ISO 27005, NIST 800-39, NIST 800-53, octave, quantitative, risk analysis | Comments Off

What’s the Risk?

Posted on March 7, 2014 by Carmelo

When asked, what’s the risk? I find great pleasure in flexing my ability to break down potential loss in either qualitative or quantitative methods. The FAIR Quantitative Risk Model was taught to me by Jack Jones, the creator. I also … Continue reading →

Posted in Security Blog | Tagged 2014, analysis, basel categories, example, fair, isra, qualitative, quantitative, risk analysis | Comments Off

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

Tag Archives: quantitative

The Ponemon Institute’s Data Breach Study

Share

iRisk

Share

What’s the Risk?

Share

Blog Stats