decision theory | BlogInfoSec.com

Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Search

Tag Archives: decision theory

Why the “Risk = Threats x Vulnerabilities x Impact” Formula is Mathematical Nonsense

August 23, 2010 – 6:00 am – Every now and then I will find a security practitioner presenting the following formula when discussing information security risk analysis (ISRA). Risks = Threats x Vulnerabilities x Impact In some versions of this formula, the word “Consequence” is sometimes substituted for…

By Jeff Lowder | Posted in Risk Analysis | Also tagged expected utility, expected value, featured, Risk Analysis | Comments (6)

Decision Theory is the Foundation for Information Security Risk Management

August 18, 2010 – 6:00 am – Disclaimer: I originally wrote the following text as a post to a mailing list in 2005, but it still seems applicable today. The more I read the writings of various information security professionals about information security risk analysis (ISRA), the more I’m struck by the following…

By Jeff Lowder | Posted in Risk Analysis | Also tagged featured, inductive logic, probability, Risk Analysis | Comments (3)

BlogInfoSec.com

Search

Tag Archives: decision theory

Why the “Risk = Threats x Vulnerabilities x Impact” Formula is Mathematical Nonsense

Decision Theory is the Foundation for Information Security Risk Management

BlogInfoSec.com Sponsors

BlogInfoSec.com Partners

Qualified Writer?

Subscribe to Our Newsletter:

Authors

Categories

Recent Comments