A major problem with cybersecurity programs today: CISOs get the budgets they’re believed to deserve, not the budgets they need. Cybersecurity program design and budgeting is traditionally driven by the current program and budget, and any enhancements are based on this set. However, this is an ineffective application of business discipline. This session highlights the economics of cybersecurity and provides a framework for determining the costs of vulnerabilities. Applying machine learning allows for an accurate risk optimization of the budget so CISOs can cost-justify the program they need.
Learning Objectives:
Apply cyber risk quantification knowing its limitations and how to augment them.
Weigh the costs of countermeasures against the costs of the vulnerabilities they’re designed to mitigate.
Determine the most cost-effective countermeasures and present the desired program to budget-approving authorities.
