Presenters: Aaron Fister
Identify and prioritizing cyber risks is a major concern of the IT industry. With limited budgets and resources, tradeoffs must be made where time and effort is spent. Cyber Quantitative Risk Analysis (CQRA) is an option for modeling of cyber risk. CQRA is made up of two major components. Expert data estimation techniques and the use of a Monte Carlo simulation to model risk. The results of the analysis can then be used to compare and prioritize risks.
This talk will present a fictional example applying the methodology. A brief overview of the estimation technique and modeling method are covered. Strengths and weaknesses as well areas of research and future directions of the methodology are discussed.
Aaron Fister is currently a Ph.D. student at the University of Oklahoma. His areas of study are public management, risk perception, and data science. He has 15 years of IT and Information Security experience in the financial services, retail, and government sectors and holds the CISSP, CISA, and CISM professional security certifications. He has completed a Bachelor of Science degree from Iowa State University and a Master of Science from the University of Oklahoma. Aaron is a coauthor of the open access textbook Quantitative Research Methods for Political Science, Public Policy, and Public Administration. Aaron has previously taught workshops and classes on statistics, data science, and quantitative text analysis. His research interest is studying how individual and organizational dynamics influence cyber risk.
5400 University Ave
West Des Moines, IA 50266