Presentation Summary / Abstract:
Of the many skills that IT security, audit, and risk professionals need, being able to effectively analyze and communicate risk is paramount when having to prioritize issues, justify budgets, or establish policy. While ubiquitous and simple to use, traditional qualitative analysis methods that rely on risk matrices or arbitrary risk rating scales have serious limitations and rarely involve any real rigor.
During this webinar, we will explore factors to consider when selecting a risk analysis framework and some of the key differences between qualitative and quantitative risk analysis. We will then introduce attendees to Open FAIR, which has become a de-facto standard for cyber risk quantification. We will also provide a short case study and live demonstration using a free FAIR analysis tool.
About the Presenters:
Apolonio “Apps” Garcia is the President/CEO of HealthGuard, an Cincinnati, Ohio based company that specializes in healthcare risk management. A US Navy veteran, Apps has 20+ years of experience in healthcare IT and cybersecurity, and has been using the FAIR in hospital settings for over a decade. He is an active member of ISACA, the Infragard Cyber Health Working Group, the American Society of Healthcare Risk Management, the national Healthcare Sector Coordinating Council, the Society of Information Risk Analysts, and numerous industry associations.
Building Block for
An Introduction to Cyber Risk Quantification with FAIR