How FAIR Helps the Cybersecurity Industry “Speak the Language of Business” With Risk Quantification
In a previous article, we discussed confronting cybersecurity with data, particularly quantifiable metrics. The cybersecurity industry traditionally has measured and conveyed cyber risk in subjective qualitative terms and concepts. This has led to a disconnect from its business leadership peers, especially as cybersecurity continues to get escalated to the boardroom with emerging changes from the Securities and Exchange Commission (SEC), as well as broad concerns for cyber risks. In this article, we discuss a popular quantitative risk management framework that addresses the concern.
Access to this content requires a Premium or Corporate or Vendor plan.
Gloss