Each year the World Economic Forum releases their Global Risk Report around the time of the annual Davos conference. This year’s report is out and below are notes on the “cyber” content to help others speed-read through those sections (in the event you don’t read the whole thing). Their expert panel is far from infallible,… Continue reading
Post Category → Risk Assessment
Data Driven Security Roundup: betaPERT, Shiny, Honeypots, Passwords & Reproducible Research
Jay Jacobs (@jayjacobs)—my co-author of the soon-to-be-released book [Data-Driven Security](http://amzn.to/ddsec)—& I have been hard at work over at the book’s [sister-blog](http://dds.ec/blog) cranking out code to help security domain experts delve into the dark art of data science. We’ve covered quite a bit of ground since January 1st, but I’m using this post to focus more… Continue reading
Bahrain eGov Conference “Risk Reality” Slides
For those finding this post from the Bahrain eGov conference, I’d like to re-extend a hearty “Thank you!” for being one of most engaging, interactive and intelligent audiences I’ve ever experienced. I truly enjoyed talking with all of you. You can find the slides on my Dropbox [PDF] and please do not hesitate to bounce… Continue reading
Is Your Organization Ready For a Risk Management Program?
While the slides will be officially available from SIRA web site in the not-too-distant future—complete with video (for all the talks)—I figured it wouldn’t hurt to put them up here as well. Keynote version PDF version My sincere thanks, again, to @jayjacobs and the SIRA board for allowing me to have the privilege of being… Continue reading
RLRAA – Real Life Risk Assessment Acronyms
UPDATE: I have intentionally cross-posted this to my SIRA blog since the combined wit & intelligence of the folks there trumps anything I could do alone here. All the following newly-minted risk assessment types have been inspired by actual situations. Hopefully you get to stick to just the proper OCTAVE/FAIR/NIST/etc. ones where you practice. HARA… Continue reading