I wrote a piece for risk.net that discusses techniques for integrating a cyber risk taxonomy with an operational risk taxonomy.

It’s behind a paywall, so apologies for that up front, but they do have a free trial.

Its a great article for those that are struggling with aligning the need for cyber risk granularity with an overall operational risk program.