The Risk Dr ®

Category: NIST

Positive Risk, ISACA Journal, and more NIST

ISACA asked me to write a short piece on my Journal article about risk communication. They published that here. I also wrote a blog post for the @ISACA newsletter about the trouble with positive risk. Lastly, NIST released an update to their ERM-Cyber integration standard and my friends at the FAIR Institute asked me to…

31 July 2020

·

@ISACA, FAIR Institute, NIST, Risk
Cyber Risk Frameworks, MITRE ATT&CK, and Risk Communication in the ISACA Journal

Interviewed by Phil Venables, published in the ISACA Journal and Dark Reading, and more thoughts on NIST and CVSS

13 May 2020

·

Frameworks, NIST, Risk, Risk Communication, Standards, Threat
Feb Update! Davos, NIST, Cloud Smart, and Risk Mgmt Maturity

NIST webinar, app rationalization for Federal Cloud Smart policy, Risk Mgmt Maturity report, and Davos

11 February 2020

·

Economics, FAIR, FAIR Institute, NIST, Presentations, Public Sector, Publications, Risk, Webinar
RSA 2020, NIST CSF, and Dark Reading

First off, I’m very pleased to announce that I will be presenting again next year at the RSA Conference. My session is called “Maturing Cyber-Risk Management Practices: Framework and Next Steps” (EZCL-R01). This will be done as a Collaborative Learning Session (a new RSAC format). I’ll lead a discussion then turn it over to the…

6 December 2019

·

Book, FAIR, FAIR Institute, HITRUST, ICYMI, NIST, Presentations, Publications, Risk, RiskLens, RSA