How Using Value-at-Risk Can Spur Management Action on Cyber Risk Management
Excerpted from afponline.org:
Managing cyber risk is plagued by a fundamental challenge: how to characterize enterprise cyber risk in a way that lends itself to management action. Classifying risks in broad terms such as “high,” “medium,” or “low” does not truly support effective risk management decisions and resource allocation. …
The great benefit of value-at-risk for cyber risk management is that it both quantifies risk and expresses it in economic terms that can be understood by boards and throughout the executive suite.
Read the article in its entirety on afponline.org.