Binary Risk Analysis: Presented by Ben Sapiro
Security risk analysis techniques are either too complex to be understood by the business or too simple to provide repeatable and meaningful results. Without a proper understanding of the risk associated with security events, businesses are likely to misunderstand the risk that security professionals are working to control.
This talk will discuss a new, peer reviewed, technique called Binary Risk Analysis. The technique is easy to use, enables quick structured conversations about risk and works with existing risk management frameworks. The technique has been released to the community under a creative commons license.
Ben Sapiro is an independent consultant currently working with one of North America’s largest mining corporations to improve and expand their information security program. Prior to his consulting work Ben was a research director at TELUS Security Labs and helped publish multiple studies on Canadian IT Security practices. Ben’s currently working on bringing an easy to use risk assessment technique to the IT Security community to aid them in their conversations with business.