Andrew Brown

About Andrew Brown CTO, Elasticito

This author has not yet filled in any details.
So far Andrew Brown CTO, Elasticito has created 11 blog entries.

Why use the FAIR Model to quantify Cyber Risk for 3rd parties?
Gallery
Why use the FAIR Model to quantify Cyber Risk for 3rd parties?

Blog

Why use the FAIR Model to quantify Cyber Risk for 3rd parties?

Why use the FAIR Model to quantify Cyber Risk for 3rd parties? Historically, questionnaires and or risk scoring have been the traditional tools used to evaluate the risk a 3rd party poses to an organisation. The Findings from questionnaires and risk scoring are often incredibly technical and complicated and are generally presented in heatmap style – red, orange, yellow, green – accompanied by a score and or letter grade, which aren't very useful in quantifying Risk to the business. To understand what the FAIR Model has to offer, let us first look at what we need to articulate to the Board or C-Level. In simplistic terms let’s begin by considering what Risk a 3rd Party could pose to an organisation if they were to share 2,000 data records with them. The Board or C-Level wants to know in financial terms what the cost to business will be if the 3rd Party is breached

By Andrew Brown CTO, Elasticito|2023-03-30T17:09:54+00:00January 28th, 2020|Blog|Comments Off

Previous 12