Chapter 3

Cyber Risk Management: A New Era of Enterprise Risk Management

Abstract

This chapter sets out by discussing risk as a multidimensional concept and its different interpretations in natural and social science, the “relatively objective” nature of risk, decision theory, acceptable risk, the microeconomic and macroeconomic risks within enterprise risk management, and how cyber risk is spilling over into all areas of enterprise risk. This chapter then provides a review on current methods in use for cyber risk management, including risk assessment, risk classification, threat modeling, vulnerability assessment, impact analysis, risk mitigation, effectiveness assessment, and continuous monitoring. Current quantitative and qualitative risk models ...

Get Digital Asset Valuation and Cyber Risk Measurement now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.