Source: Global Security Mag
22 Oct 2018
The Information Security Forum (ISF), the trusted source that senior security professionals and board members turn to for strategic and practical guidance on information security and risk management, today announced the release of Using Quantitative Techniques in Information Risk Analysis.
Their latest report helps organizations to extract value from uncertainty by accurately estimating and calculating their information risk. While qualitative techniques are still encouraged by the ISF for many organizations, the possibilities presented in Using Quantitative Techniques in Information Risk Analysis provide an alternative method which delivers value through the application of rigorous and testable techniques that enable organizations to accurately measure their exposure to loss. The report explains three techniques – estimating, calibrating and reviewing – that are essential for understanding and undertaking quantitative information risk analysis.
“To direct investment and manage exposure to loss, organizations need to embrace the unknown – learning how to measure and reduce their uncertainty,” said Steve Durbin, Managing Director of the Information Security Forum. “Quantitative techniques provide an arsenal of tools that account for uncertainty, with the potential for accurate measurement of information risk to direct meaningful decision making. These techniques have been tested through trial and error in numerous industries – insurance, healthcare, oil and finance -and can be used with the promise of accumulative value over time.”