Key Learning Points:
- Methods that feel good vs. methods that work: What the research shows and why we must abandon the “Risk Matrix”
- A simple method for expressing uncertainty and risk in a mathematically sound manner
- An overview of how we can improve methods further even when data is limited.
Level: All
Doug Hubbard will present how flaws in the most popular risk assessment methods in cybersecurity may be the biggest cybersecurity risk in your firm. He will show research which debunks the “Risk Matrix” and the use of qualitative scores and scales in risk assessment. He will also show how some simple quantitative methods, which have already been used by real organizations, have shown a measurable improvement in estimates and decisions. He will also show how that method can be improved when you are ready for more even when data seems limited.
About Douglas Hubbard
Douglas Hubbard is the inventor of the Applied Information Economics (AIE) and founder of Hubbard Decision Research (HDR). He is the author of How to Measure Anything: Finding the Value of Intangibles in Business, The Failure of Risk Management: Why It’s Broken and How to Fix It, and Pulse: The New Science of Harnessing Internet Buzz to Track Threats and Opportunities. He has sold over 100,000 copies of his books in five different languages. AIE is a practical combination of several quantitative analysis methods which Douglas has applied in many industries for over 20 years.
