Securing The Universe

RSA Blog: Bad Decisions Made Faster: How Qualitative Security Risk Assessments Are Making Things Worse

By William Donaldson on December 4, 2020 • ( Leave a comment )

Derek Brink posted the following on the RSA Blog: Bad Decisions Made Faster: How Qualitative Security Risk Assessments Are Making Things Worse (https://blogs.rsa.com/bad-decisions-made-faster-qualitative-security-risk-assessments-making-things-worse/). It’s another argument against qualitative risk analysis. Research and analyze the debate of quantitative versus qualitative risk analysis. In cybersecurity, risk assessment and risk management […]

Scenario: Harry and Mae’s Inc. Case Study- Asset and Vulnerability Value, Risk Exposure, and Likelihood

By William Donaldson on December 4, 2020 • ( Leave a comment )

Dear Harry and Mae’s Inc.’s I.T. Staff and Executives, Per your request, I have taken the identified threats to your assets a step further by applying the following rankings: asset value, vulnerability value, likelihood, and risk exposure. I calculated the below chart by deciphering the value of the […]

Risk Sensitivity, Exposure, and Thresholds

By William Donaldson on December 4, 2020 • ( Leave a comment )

List and explain at least three questions to ask organizational personnel to determine risk sensitivity, exposure, and thresholds. Why are they good questions, and how will these answers help risk management? While it is better to already have an organization’s risk sensitivity, exposure, and thresholds figured out before […]