Episode 113: Cyber Risk Prioritization as Ransomware Defense

 

 

In episode 113 of Cybersecurity Where You Are, Tony Sager is joined by Phyllis Lee, VP of SBP Content Development at the Center for Internet Security^® (CIS^®); Adam Bobrow, Co-Founder and President of Veribo Analytics; and Sridevi Joshi, Co-Founder and CEO of Veribo Analytics. Together, they discuss how the Business Impact Analysis tool created by CIS and Veribo Analytics empowers individuals and organizations to use cyber risk prioritization as a basis for their ransomware defense strategy.

Here are some highlights from our episode:

• 04:35. Background on the impetus for the tool's development
• 07:57. How our understanding of cybersecurity risk differs from other areas of risk
• 12:21. Insight into Sridevi's learning process about cyber risk prioritization as a technologist
• 18:23. How the development process of the Business Impact Analysis tool got underway
• 21:05. What went into the process of translating the goal into tooling
• 31:34. Reflections on the tool's reception and what's next

Resources

• CIS Critical Security Controls Implementation Groups
• CIS Community Defense Model 2.0
• CIS Controls Self Assessment Tool (CIS CSAT)
• SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies
• 4.3 Establish a Bureau of Cyber Statistics
• FAIR: A Framework for Revolutionizing Your Risk Analysis
• Reasonable Cybersecurity
• How to Measure Anything in Cybersecurity
• Episode 107: Continuous Improvement via Secure by Design
• Episode 105: Context in Cyber Risk Quantification

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].