« Return to Blog Listing

Video Now Available: Quantifying Cloud Risk

Video Now Available: Quantifying Cloud Risk

by Jack Jones on Dec 1, 2016 8:00:00 AM

Quantifying Cloud Risk.pngIn September 2016, I had an opportunity to give a presentation at this year’s (ISC)² Security Congress on measuring cloud-related risk using FAIR. Within the presentation I described a specific cloud-related decision one organization faced, and the set of analyses that were done to inform that decision. I also discuss the analysis process that was followed, some of the basic requirements for performing solid risk measurement, as well as some of the challenges we face as a profession when it comes to analyzing and communicating risk. 

I invite you to watch my recorded presentation by clicking the button below.


This post was written by Jack Jones

Jack Jones is Co-Founder and Chief Risk Scientist of RiskLens. He has worked in technology for over 30 years, the past 28 years in information security and risk management. He has a decade of experience as a Chief Information Security Officer (CISO) with three different companies, including a Fortune 100 financial services company. His work there was recognized in 2006 when he received the Information Systems Security Association (ISSA) Excellence in the Field of Security Practices award. In 2007, he was selected as a finalist for the Information Security Executive of the Year, Central United States, and in 2012, he was honored with the CSO Compass Award for leadership in risk management. Jones, who lives in Spokane, Washington, has served on the ISACA CRISC Certification Committee and RiskIT Task Force, as well as the ISC2 Ethics Committee. He is the author and creator of the Factor Analysis of Information Risk (FAIR) framework. He writes about that system in his book Measuring and Managing Information Risk: A FAIR Approach, which was inducted into the Cyber Security Canon in 2016, as a must-read in the profession.

Connect with Jack

Sign Up for Blog Updates

Recent Posts

Popular Posts