risk assessment :: BlogInfoSec.com

Tag Archives: risk assessment

The Personalization of Risk

December 19, 2011 – 6:00 am – I realized when I received several comments regarding my September 12, 2011 column “Risk Mismanagement – Scoring vs. Monte Carlo vs. Scoring” from Doug Hubbard and others, that I hadn’t been clear enough in my description of what I had termed “subjective risk.” It also seems that it…

By C. Warren Axelrod | Posted in General, Risk Analysis | Also tagged Monte Carlo, objective risk, personalizing risk, risk, risk scoring, spotlight, subjective risk | Comments (0)

Risk Mismanagement – Scoring vs. Monte Carlo vs. Scoring

September 12, 2011 – 6:00 am – I finally got to read Douglas Hubbard’s book “The Failure of Risk Management: Why It’s Broken and How to Fix It” (Wiley, 2009). As I have written in other columns about Hubbard’s prior book “How to Measure Anything: Finding the Value of Intangibles in Business” (Wiley, 2007; Second…

By C. Warren Axelrod | Posted in CSO/CISO Perspectives, Human Elements, Risk Analysis | Also tagged COBIT, Douglas Hubbard, FAIR, FRAP, Monte Carlo, NIST, OCTAVE, PMI, risk, risk managment, spotlight, Yoo Hoo | Comments (4)

Learned Lessons Are Not the Whole Picture

August 2, 2010 – 6:00 am – I am certainly a strong proponent of learning from disasters, as asserted in my June 14, 2010 column “Cyber Lessons Learned from the Gulf Oil Catastrophe,” for example. Consequently I felt somewhat vindicated in that view by an article by William J, Broad on the front page of the Science…

By C. Warren Axelrod | Posted in Contingency Planning, Risk Analysis | Also tagged defense in depth, disaster planning, disaster recovery, spotlight | Comments (0)

Black Swans … or Oil Victims?

June 29, 2010 – 9:15 am – There is an article in The New York Times Magazine of June 6, 2010 by David Leonhardt with the title “Underestimating Risk: What the oil spill and the financial crisis have in common.” It is in a section called “The Way We Live Now,” and next to the section heading there is a drawing of…

By C. Warren Axelrod | Posted in Contingency Planning, Risk Analysis | Also tagged black swans, David Leonhardt, disaster planning, disaster recovery, electromagnetic pulse attack, EMP, Gulf oil disaster, NERC, risk, spotlight, William R. Forstchen | Comments (1)

Down the PCI Rabbit Hole in Search of Better Risk Measurements

November 6, 2008 – 6:00 am – Decision-making is often a product of risk assessment and prioritization. Currently, I have several deliverables pending for work, a carpentry project at home and this article to write. As I decide which to address, I quickly, and in many cases, unconsciously, analyze what I am placing at risk…

By Patrick Foley | Posted in Risk Analysis, Security Metrics, Technical | Also tagged featured, information security metrics, metrics, PCI, risk, sarbanes-oxley | Comments (0)

BlogInfoSec.com

Tag Archives: risk assessment

The Personalization of Risk

Risk Mismanagement – Scoring vs. Monte Carlo vs. Scoring

Learned Lessons Are Not the Whole Picture

Black Swans … or Oil Victims?

Down the PCI Rabbit Hole in Search of Better Risk Measurements

Translate Into Selected Language

Qualified Writer?

Categories