Which cyber risk quant model do you use?

458 views2 Comments

Principal Information Security Officer in Education, 10,001+ employees

We've trained on FAIR (Factor Analysis of Information Risk) from the FAIR Institute (https://www.fairinstitute.org/) -- one of the leading Cyber Risk Quantitative Models.

Senior Information Security Manager in Software, 501 - 1,000 employees

FAIR (Factor analysis of information risk)
https://www.fairinstitute.org/

Content you might like

Prominent enterprises require both internal and external security teams to protect their systems.

Security Strategy & Roadmap Risk Management Outsourcing & Managed Services

Strongly agree11%

Agree68%

Neutral19%

Disagree1%

Strongly disagree0%

Other (please specify)0%

371 PARTICIPANTS

1.3k views

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & Leadership Strategy & Architecture Cloud +57 more

CTO in Software, 201 - 500 employees

Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.

142 19 Replies

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRC Threat & Vulnerability Management

ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees

I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read more

Would anyone be willing to share best practices about how their organization deals with ensuring Cookie Compliance, specifically to GDPR rules? Where should this sort of compliance review sit in an organization? The particular issue we have is who should review new web deployments that use cookies and to make the decisions on whether Cookies are Strictly Necessary or Functionality Cookies. For example is a Cookie required for a Live Chat to work Functionality or Strictly Necessary? Our Security team does not consider taking on these compliance reviews as their domain, as Cookie Compliance is not an internal security matter and the Data Protection team has a limited interest as the GDPR rules around Cookies apply in case of any Cookie being used by a website, whether or not it contains personal data.

Security & GRC Regulatory Compliance

52 views

Shadow IT: Is it getting better or worse at your org?

Awareness & Training IT Strategy & Roadmap Risk Management

Better37%

Worse38%

About the same as always23%

N/A1%

141 PARTICIPANTS

2.5k views1 Comment