December 2024 S M T W T F S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Blog Stats
- 75,849 hits
Tag Archives: quantitative
The Ponemon Institute’s Data Breach Study
In my opinion, the Ponemon Institute’s Cost of Data Breach Study is eye-opening. If you use a GRC tool that associates dollar amount loss per record, you should probably read this report and make the necessary changes. Increasing the cost … Continue reading
Posted in Security Blog
Tagged 2014, breach, ponemon, quantitative, risk, risk analysis, study, values
Comments Off on The Ponemon Institute’s Data Breach Study
iRisk
iRisk, or the iRisk equation is another quantitative analysis formula. Like most quantitative analysis models, you solve for the risk by calculating the threat and vulnerability, and lower the risk when mitigating or compensating controls are added. Here is where … Continue reading
Posted in Security Blog
Tagged 2014, fair, irisk, ISO 27001, ISO 27005, NIST 800-39, NIST 800-53, octave, quantitative, risk analysis
Comments Off on iRisk
What’s the Risk?
When asked, what’s the risk? I find great pleasure in flexing my ability to break down potential loss in either qualitative or quantitative methods. The FAIR Quantitative Risk Model was taught to me by Jack Jones, the creator. I also … Continue reading
Posted in Security Blog
Tagged 2014, analysis, basel categories, example, fair, isra, qualitative, quantitative, risk analysis
Comments Off on What’s the Risk?