A Better Way to Measure Cyber RisksConsultant Benjamin Dean on Using Cyber Metrics to Help Predict Risks
CISOs are increasingly being asked by management and boards to predict what the cost of a breach or cyber incident might be. But most still need to develop good predictive metrics, says Benjamin Dean, president of Iconoclast Tech.
Dean says CISOs actually can, with relative accuracy, estimate what the cost of a breach might be based on a number of factors, including attacker intent, data at risk and previous cyber events.
- Lessons for the cyber age from the atomic age about potential risks;
- Why increasing network complexity leads to unanticipated system failures; and
- Why the potential costs of cyber events need to be demonstrated to boards and management.
Dean has worked within the intersection of technology, economics and public policy for the past decade. He currently serves as a technology exchange fellow at the Center for Democracy and Technology in Washington, and previously served as a fellow for cyberecurity and internet governance at Columbia University in New York. He also spent time as a policy analyst at the Organization for Economic Cooperation and Development in Paris.