YoVDO

Policy Implications of Faulty Cyber Risk Models and How to Fix Them

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Risk Management Courses Data Collection Courses Research Methodology Courses

Course Description

Overview

Explore the critical impact of accurate cyber risk data on security policies in this 46-minute Black Hat conference talk. Delve into a data-driven analysis of historical cyber incidents, focusing on events affecting multiple organizations. Examine the frequency and economic costs of cyber events, challenging common assumptions about breach likelihood and losses. Investigate how misunderstandings of incident propagation across supply chains can hinder effective third-party risk management. Consider the potential for an inter-organizational approach to security policies and practices. Learn how studying past events can inform future risk appetite and cyber insurance decisions. Evaluate the consequences of poor risk data on regulatory and compliance requirements. Gain insights from speakers Wade Baker and David Severski on improving cyber risk models and their policy implications.

Syllabus

Introduction
About Scientia
Myth
Cost
Cost Per Record
Cost Per Revenue
Frequency
Policy Implications
How do we replace cost per record
Losses are disproportionate
Ripples across the wrist
American Medical Collections Agency breach
How common are these types of incidents
The iceberg
The ripple effect
Multiparty losses
Hat Tip
How can we fix it
Collect better data
Conduct better research


Taught by

Black Hat

Related Courses

Introduction to Finance
University of Michigan via Coursera
Information Security and Risk Management in Context
University of Washington via Coursera
Financial Engineering and Risk Management
Columbia University via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Caries Management by Risk Assessment (CAMBRA)
University of California, San Francisco via Coursera