Skip to content

The Risk Dr ®

Tag: NIST

Positive Risk, ISACA Journal, and more NIST

ISACA asked me to write a short piece on my Journal article about risk communication. They published that here. I also wrote a blog post for the @ISACA newsletter about the trouble with positive risk. Lastly, NIST released an update to their ERM-Cyber integration standard and my friends at the FAIR Institute asked me to…

31 July 2020

·

@ISACA, FAIR Institute, NIST, Risk
Cyber Risk Frameworks, MITRE ATT&CK, and Risk Communication in the ISACA Journal

Interviewed by Phil Venables, published in the ISACA Journal and Dark Reading, and more thoughts on NIST and CVSS

13 May 2020

·

Frameworks, NIST, Risk, Risk Communication, Standards, Threat
Feb Update! Davos, NIST, Cloud Smart, and Risk Mgmt Maturity

NIST webinar, app rationalization for Federal Cloud Smart policy, Risk Mgmt Maturity report, and Davos

11 February 2020

·

Economics, FAIR, FAIR Institute, NIST, Presentations, Public Sector, Publications, Risk, Webinar
Always Mistrust New Risk Equations

There’s a cynical meme out there about mistrusting new (as well as proprietary) encryption methods. Unless its been around long enough to suffer the slings and arrows of academic and practitioner criticism, its probably not worth entrusting your security to it. I’m hereby extending this in a new corollary: All claims of “new” equations…

2 August 2015

·

Quantification, Risk, Standards

The Risk Dr ®

Subscribe Subscribed
- The Risk Dr ®
- Already have a WordPress.com account? Log in now.