Concurrent Session B - Corralling Cyber Operational Risk Controls and Measurement: GRI and FAIR Institute presented at ICRMC 2019

by Thomas Davies, Jack Sejas,

Summary : There’s an old saying in marketing that “Half of your marketing dollars are wasted. You just don’t know which half.” Given the common state of cyber risk measurement practices today, you have to wonder whether the same is true of cyber-related controls. In this session, the panel will discuss some of the challenges that currently limit our profession's ability to identify and focus on the things that matter most, or understand the value of our controls. It will also discuss some of the misperceptions and challenges regarding cyber risk measurement that inhibit broader adoption of better risk measurement methods, and steps you can take to help make a difference.