Quantitative Cybersecurity Risk Management

Total time
Trainer
Martin Holzke
Location
At location
Starting date and place

Quantitative Cybersecurity Risk Management

ISO in the Sun
Logo ISO in the Sun

Tip: need more info about the programme, starting date or price? Request information for free!

Starting dates and places

placeArrecife, Lanzarote
8 Apr 2024 until 12 Apr 2024

Description

This five-day course covers hands-on essential quantitative skills necessary to deal with complex decisions in cybersecurity mainly based on the book “How to measure anything in cybersecurity risk” by Douglas W. Hubbard et al.

Overview:
This course enables participants to develop the necessary expertise to apply quantitative methods to improve critical business decisions related to cybersecurity risks in an organization.

Participants will also gain a thorough understanding why commonly applied “best practice” methods in risk management systematically lead to invalid results.

Moreover, participants will gain a comprehensive understanding of scientifically valid methods and statistical literacy.

Th…

Read the complete description

Frequently asked questions

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

Didn't find what you were looking for? See also: Risk Management, Governance, Retail (Management), Project Management, and Risk Analysis.

This five-day course covers hands-on essential quantitative skills necessary to deal with complex decisions in cybersecurity mainly based on the book “How to measure anything in cybersecurity risk” by Douglas W. Hubbard et al.

Overview:
This course enables participants to develop the necessary expertise to apply quantitative methods to improve critical business decisions related to cybersecurity risks in an organization.

Participants will also gain a thorough understanding why commonly applied “best practice” methods in risk management systematically lead to invalid results.

Moreover, participants will gain a comprehensive understanding of scientifically valid methods and statistical literacy.

The course consists of a mix of presentation, discussion and practical exercises based on real-world examples.

Outline:
The need for better cybersecurity risk management
The cybersecurity challenges
Why ISO standards and regulation are not giving you the answers you are looking for
Common misconceptions about statistics
Why consensus does not help to do better decisions
Why expert experience does not improve estimates
You have less data than you wish for, but you have more data than you think
The flaw of averages
Why risk matrices are wrong and can't be fixed
Bias and noise
Risk Identification Toolbox
Assumptions and Brainstorming
Catalogs
Bow-Tie Diagrams
Mitre Attack Framework
Risk Analysis Toolbox
Laplace Rule of Succession
Laplace Rule of Succession
Expert Elicitation (Calibration, Aggregation Methods)
Monte Carlo Simulation
Loss-Exceedance Curves and Bayes Probability
Log-Odds-Ratio
Dempster-Shafer-Theory
Risk Evaluation Toolbox
Principal Components Analysis
A/B Testing

Objectives:
Completion of this course will enable students to
Understand why a defective risk management is the biggest single risk for any organization
Apply mathematical methods to real world problems to improve decision quality
Advise organizations on valid approaches to cybersecurity risk management
Help organizations to make better decisions

Audience:
This course is aimed at students with (future) roles like:

CxO and senior managers
Project managers, consultants and team members implementing risk management
Auditors requiring more cyber security risk insight

Prerequisites:
Basic knowledge of Information Systems is recommended.

Basic MS Excel knowledge.

Notebook with MS Excel and R-Studio installed.

Examination and Certification:
This course has been designed and is delivered by msdd.neT GmbH and their trainers.

Attendees will receive a certificate of completion.

Individual as well as Integrated Management Systems addressing Risk, Information Security, Business Continuity, (IT) Services and other areas are getting ever more important for ever more organisations. As conformity with the respective ISO standards increasingly becomes a requirement to do business, management and their staff wonder how to get there.

ISO in the Sun is an ongoing series of courses on Risk, Information Security, Business Continuity, Service, Project and Integrated Management hosted by SoftQualM in the beautiful surroundings of Lanzarote in the Canary Islands, Spain. This is the ideal opportunity to combine your continuing professional education with a break in the sun, and even save compared to attending similar courses in the typical metropolitan settings. Students come from all kinds of industries and sizes of organisation, from freelance consultants and auditors to EU institutions. 

Stay up-to-date on new reviews

There are no reviews yet.

Share your review

Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate £1.- to Stichting Edukans.
Martin Holzke
Martin Holzke
ISO in the Sun: Continuing Professional Education in beautiful Lanzarote

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

Download a free information brochure

(optional)
(optional)
(optional)
(optional)
(optional)
(optional)
We store your personal details, and share them with ISO in the Sun, in order to help you along via email and potentially via phone. You can find more info in our privacy policy.