all InfoSec news
The Role of Risk Quantification in Communication with Boards
Security Boulevard securityboulevard.com
Imagine this scene in the Boardroom of Company A. There is a heated discussion about cyber security risks. The CISO and IT security professionals have explained malware and ransomware, DDoS attacks, and zero-day exploits and have ranked each risk as high, medium, or low. The CISO wants all medium risks to be mitigated, but Management feels differently, mainly because multiple risks are deemed medium. They are uncomfortable with the term “probably likely.” They want to understand how that differs from …
attacks boardroom boards ciso communication cyber cyber security cyber security risks ddos ddos attacks explained exploits high it security low malware management medium professionals quantification ransomware risk risks role security security professionals security risks zero-day