Reporting Cyber Risk is More than a Traffic Light
Using "high, medium, low" or "red, yellow, green" to measure cyber risk is not enough. This method is outdated, unreliable and insufficient. CEOs and other C-Suite executives require an approach that helps them decide which cyber controls - financial, technical physical, administrative - are worth the investment and priority. When the financial impact of potential cyber events is objectively defined, the security organization stands united with the enterprise.
Download this whitepaper to learn how to talk cyber risk in dollars and sense.