SANS Risk Quantification Survey

Qualitative approaches to risk assessment and management are largely the norm. But today, leadership is demanding additional insight into how much cyber security costs – and what are the benefits to the organization. A framework that financially quantifies cyber risk allows a CISO to report to key organizational decision makers – executive management, Board of Directors -- in a language these stakeholders can clearly understand -- how do investments in security align with the organizational business and protect its business.

This 2022 SANS study explores how organizations can leverage a data-driven approach that draws on advanced analytics, rich information sources and insurance-validated risk models to create a framework that takes cybersecurity risk management to the next level – one that is both realistic and affordable.

Join Barbara Filkins, Research Director for the SANS Analyst Program, and Phillipe Vuilleumier, Head of Group Security, Swisscom, as they discuss the findings from this study, including the following questions:

  • What are challenges that organizations face in quantifying cyber risk? Are these approaches financially oriented – or can they be?
  • How do organizations judge the effectiveness of their risk management activities? Does this correlate with their current investment in cyber risk management?
  • Do organizations view financial risk quantification as too costly or time consuming to pursue and, if so, what are the barriers?
  • If financial risk quantification is available at a reasonable investment, how could this approach improve cyber risk management in their organization?
  • Register today to be among the first to receive the associated whitepaper written by SANS instructor and network security expert Ian Reynolds.

Sponsors

Kovrr_logo.png