Clik here to view.
Stuart King – Information Security Annoyances – Response 2
In my last post, I provided some thoughts on one of Stuart King’s Top 5 Information Security Annoyances; specifically, security awareness programs. In this post, I want to touch on Stuart’s comments...
View ArticleClik here to view.
The Risk Is Right.
Of particular interest to me right now is the appropriate risk amount to report on for any given issue. Being IT folks –warning broad stroke in progress – we prefer to want “precise” numbers that are...
View ArticleClik here to view.
Simple Risk Model (Part 1 of 5): Simulate Loss Frequency #1
Let’s start this series by defining risk. I am going to use the FAIR definition of risk which is: the probable frequency and probable magnitude of future loss. From a modeling perspective, I need at...
View ArticleClik here to view.
Simple Risk Model (Part 2 of 5): Simulate Loss Frequency #2
Part 1 In part one of this series we looked at how we can simulate loss frequency for values less then 1 (less then one occurrence per year). We generated a random value, compared it to 0.1000, and...
View ArticleClik here to view.
Simple Risk Model (Part 3 of 5): Simulate Loss Magnitude
Part 1 – Simulate Loss Frequency Method 1 Part 2 – Simulate Loss Frequency Method 2 In parts one and two of this series we looked at two methods for simulating loss frequency. Method one – while useful...
View Article