A start-to-finish guide for realistically measuring cybersecurity risk In the newly revised
How to Measure Anything in Cybersecurity Risk Second Edition a pioneering information
security professional and a leader in quantitative analysis methods delivers yet another
eye-opening text applying the quantitative language of risk analysis to cybersecurity. In the
book the authors demonstrate how to quantify uncertainty and shed light on how to measure
seemingly intangible goals. It's a practical guide to improving risk assessment with a
straightforward and simple framework. Advanced methods and detailed advice for a variety of
use cases round out the book which also includes: * A new "Rapid Risk Audit" for a first quick
quantitative risk assessment. * New research on the real impact of reputation damage * New
Bayesian examples for assessing risk with little data * New material on simple measurement and
estimation pseudo-random number generators and advice on combining expert opinion Dispelling
long-held beliefs and myths about information security How to Measure Anything in
Cybersecurity Risk is an essential roadmap for IT security managers CFOs risk and compliance
professionals and even statisticians looking for novel new ways to apply quantitative
techniques to cybersecurity.
