�ݺ�ߣshows by User: DoKeunCho

�ݺ�ߣshows by User: DoKeunCho / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: DoKeunCho / Mon, 30 Jan 2017 03:16:51 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: DoKeunCho A simple approach for cyber threat operational risk /slideshow/a-simple-approach-for-cyber-threat-operational-risk/71524782 asimpleapproachforcyberthreatoperationalrisk-170130031651
Operational risk assessment on cyber threats requires art of reasonable guessing. Scenario based assessment surely helps the guessing process but two key success factors to remember: (i) build a mutually exclusive but collectively comprehensive list of scenarios and (ii) assess a scenario’s likelihood and impact separately by focusing on attack path’s likelihood and ultimate outcome’s impact. The latter will help not just computing risk capital requirements but also help justifying how much value a security enforcement measures can deliver by lowering the threat’s likelihood. This approach can reasonably assess a wide range of threats from simple DoS attacks to complex APTs. ]]>
Operational risk assessment on cyber threats requires art of reasonable guessing. Scenario based assessment surely helps the guessing process but two key success factors to remember: (i) build a mutually exclusive but collectively comprehensive list of scenarios and (ii) assess a scenario’s likelihood and impact separately by focusing on attack path’s likelihood and ultimate outcome’s impact. The latter will help not just computing risk capital requirements but also help justifying how much value a security enforcement measures can deliver by lowering the threat’s likelihood. This approach can reasonably assess a wide range of threats from simple DoS attacks to complex APTs. ]]> Mon, 30 Jan 2017 03:16:51 GMT /slideshow/a-simple-approach-for-cyber-threat-operational-risk/71524782 DoKeunCho@slideshare.net(DoKeunCho) A simple approach for cyber threat operational risk DoKeunCho Operational risk assessment on cyber threats requires art of reasonable guessing. Scenario based assessment surely helps the guessing process but two key success factors to remember: (i) build a mutually exclusive but collectively comprehensive list of scenarios and (ii) assess a scenario’s likelihood and impact separately by focusing on attack path’s likelihood and ultimate outcome’s impact. The latter will help not just computing risk capital requirements but also help justifying how much value a security enforcement measures can deliver by lowering the threat’s likelihood. This approach can reasonably assess a wide range of threats from simple DoS attacks to complex APTs. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/asimpleapproachforcyberthreatoperationalrisk-170130031651-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> Operational risk assessment on cyber threats requires art of reasonable guessing. Scenario based assessment surely helps the guessing process but two key success factors to remember: (i) build a mutually exclusive but collectively comprehensive list of scenarios and (ii) assess a scenario’s likelihood and impact separately by focusing on attack path’s likelihood and ultimate outcome’s impact. The latter will help not just computing risk capital requirements but also help justifying how much value a security enforcement measures can deliver by lowering the threat’s likelihood. This approach can reasonably assess a wide range of threats from simple DoS attacks to complex APTs.

A simple approach for cyber threat operational risk from Do-Keun Cho

]]> 113 2 https://cdn.slidesharecdn.com/ss_thumbnails/asimpleapproachforcyberthreatoperationalrisk-170130031651-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-DoKeunCho-48x48.jpg?cb=1546475827 Internal audit manager with both financial and IT risk management expertise Certifications include Certified Public Accountant (CPA), Financial Risk Manager (FRM), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Fraud Examiner (CFE) and Japanese-Language Proficiency Test (JLPT) N1.