Uncommon Wisdom: Lessons from Two Decades of Cyber Risk Quantification

Thank you for your request.

Here is the video you requested.

A recent Gartner survey discovered that 80% of security leaders utilize the least sophisticated form of Cyber Risk Quantification (CRQ). Standard CRQ methods involve a combination of estimation, approximation and guesswork. The process typically involves many manual calculations, which makes the quantification biased and error-prone. These CRQ efforts consume significant time and effort while yielding low-confidence results. CRQ findings are out-of-date and not easily actionable. This lack of trust and actionability with legacy CRQ techniques has limited its usefulness for both senior executives and operational teams.

Join Chris Novak, world-renowned cybersecurity executive at Verizon and advisor at CISA, and Gaurav Banga, Founder and CEO of Balbix, to discuss Cyber Risk Quantification. Chris and Gaurav have spent over two decades observing and helping CRQ efforts at various organizations, and in this session they will discuss their findings and insights.

Some topics that Chris and Gaurav will debate: 

  • What are the various options for implementing CRQ?
  • Why do so many organizations fail to get CRQ right?
  • How do you set yourself up for success if you are considering CRQ?
  • What are the benefits seen by organizations who have implemented CRQ the right way?