A new book I had the pleasure of editing, along with Diane Maurice and David Fairman, has been recently released. I received my copies today and I’m very happy with the results. This was an interesting project to work on and a problem space that is very modern and moving fast. I was very pleased with the authors I got to work with (Tony Martin-Vegue and Patrick McConnell). They did a great job covering their perspective of the topic (Quantification and Governance).
You can pick up a copy here.
I’m pleased to announce that I will be speaking again at Cyber Risk NA this year. I’ll be on a panel discussion about Modelling Cyber Risk (full program agenda here)
I’ll see you in New York on the 20th of March.
I wrote a piece for risk.net that discusses techniques for integrating a cyber risk taxonomy with an operational risk taxonomy.
It’s behind a paywall, so apologies for that up front, but they do have a free trial.
Its a great article for those that are struggling with aligning the need for cyber risk granularity with an overall operational risk program.
I’m pleased to announce that a new book has been published that includes a chapter that I wrote on Cybersecurity and Technology Risk. I was approached by the good folks at Risk Books on contributing some original Cyber content in their new publication on Operational Risk. I choose to address the general risks in the domain and paid special attention on how to define risks (risk syntax) to avoid the problems of defining control deficiencies as risk.
The other chapters in the book are really great too! There are discussions of blockchain, Big Data, Privacy, OpRisk modeling and quantification, and emerging risk.
You can pick up your copy of Operational Risk Perspectives: Cyber, Big Data, and Emerging Risks at the Risk Books website (including eBook).
It’s a busy week for me. In addition to the webinar this Friday, next Monday (23 March) I’ll be holding a workshop at 11:00 AM in the Data Quality track of the OpRisk North America conference. I’ll be talking about financial metrics, risk appetite, volatility trends, and scenario analysis. You can’t have quality data without quantification, so that will be a big part of my presentation.