It is imperative that our field evolves common cyber-risk analysis practices beyond purely qualitative models and embraces data-driven methodologies. This session will tackle the challenges and supposed limitations of quantitative analysis head on by comparing two data-confidentiality scenarios. These scenarios appear similar on the surface, but quantitative analysis reveals meaningful differences.
1: Debunk myths about the impossibility of applying quantitative analysis to cyber.
2: Learn from real-world examples of how common risk models hide meaningful differences between scenarios.
3: Gain approachable tools that can be used to analyze similar use cases in own environment.
Risk analysis, data analytics.