What kind of results are you seeing from CRQ (cyber risk quantification) so far?
VP of IT and Platform Strategy and Product Management in Telecommunication, 1,001 - 5,000 employees
Generally good...though this is always a bit of an art vs. a science. None the less, without CRQ, its difficult to prioritize, etc. and by creating this type of model we are better able to focus on the things that matter vs. the things we "think" matter. CIO in Energy and Utilities, 11 - 50 employees
It has helped me a lot to make the board realize the potential damage to business due to poor technology security and the investments needed to minimize risks.IT Strategist in Government, 1,001 - 5,000 employees
Better understanding of the higher risk and higher priority threats, reducing "noise" for the operational teams.Senior Vice President, Engineering in Software, 1,001 - 5,000 employees
It allowed us to better understand and quantify the financial impact of cyber threats, make data-driven decisions, and prioritize our cybersecurity investments based on their most significant risks.Director of IT in Software, 201 - 500 employees
Helps you represent the cyber risk with clear business terms i.e easier to explain to the board of directors or executives how the cyber risk (can/will) affects the revenue and profit. CISO in Software, 10,001+ employees
It helps to drive easier cross organizational decisions without agenda debates and opinions.Computer Science Lecturer in Education, 51 - 200 employees
From the CRQ process we are assessing the potential financial impact of an individual cyber threat to our business, evaluate operational risk, efforts to reduce risk, risk exposure, and risk mitigation.If we find out that a specific risk exposure is still high, we re-direct our investments to the relevant cyber control. This way, our cyber risk mitigation efforts become more proactive and productive.
Director in Manufacturing, 1,001 - 5,000 employees
CRQ has helped be more objective and share metrics with leaders in IT and the Business to clarify what the company is facing as the threat landscape evolves. Top business leaders generally prefer when there is a clear methodology and process to ranking and prioritizing and this has helped communicate the risks we face. It also helps deciding where to spend limited dollars and labor hours.CTO in Software, 11 - 50 employees
It helps us prioritize risk mitigation efforts, optimize risk management strategies, enhance communication and decision-making, and facilitate risk transfer.Content you might like
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Attack Detection & Analysis22%
Vulnerability assessment and patching54%
Security Awareness Training15%
Incident Response8%
Other (comment below)0%
507 PARTICIPANTS
ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees
I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read more0-1 minutes5%
2-4 minutes31%
5-8 minutes23%
9-15 minutes9%
15-30 minutes5%
31+minutes3%
We haven't experienced a DDoS attack this year.21%
546 PARTICIPANTS
Director Global Network / Security Architecture and Automation in Finance (non-banking), 10,001+ employees
Nothing ever dies in Enterprise. Why did Broadcom Software buy Symantec and VMWare, why did SDX Central post a story today about MPLS and how it lives on. Why is the hot news about cloud repatriation becuase a terrible app ...read more