MetricsCenter Articles
Stuff to read on security metrics.
Risk Management
Latest entries to this category....
MetricsCenter Articles
August 27th, 2008 · No Comments
Tags: Risk · Risk Management
FAIR Risk Webinar for Cisco
June 3rd, 2008 · No Comments
Jack Jones of RMI will be doing a preso for the Cisco InfoSec Leadership Forum. I would love to see this but I’ll be on vacation. Maybe I’ll catch the replay if they have one. You can sign up here: http://tinyurl.com/5wgh2s
Tags: Risk Management
What exactly is an open-ended problem?
April 21st, 2008 · 1 Comment
What exactly is an open-ended problem? It’s a problem with no obviously right answer. This uncertainty causes great discomfort for many that are accustomed to approaching problems as if there is a single right answer. This, however, is a sign of underdeveloped critical thinking ability.
Jack posted a bit on the [...]
Tags: Critical Thinking · Models · Risk Management
AIG Perfect Example of Private Insurance
October 3rd, 2007 · 1 Comment
Another nice bit of information about insurance markets from the Cyberinsurance article I blogged earlier:
Fire insurance markets thus involve not only underwriters, agents, and clients, but also code writers, inspectors, and vendors of products and services for fire prevention and protection. Although government remains involved, well-functioning markets for fire insurance keep the responsibility [...]
Tags: Risk · Risk Management · insurance
Don’t Regulate Cyberinsurance Markets
October 3rd, 2007 · 4 Comments
Any such security regulation can only reduce the amount of wealth and comfort the economy produces because it is foisting one man’s values upon another – “for the public good”.
At Bejtlich’s recommendation, I read with great interest Cyberinsurance in IT Security Management by Walter S. Baer and Andrew Parkinson. The bulk of the paper [...]
Tags: Economics · Free Markets · Risk · Risk Management · Security · insurance