In September 2016, I had an opportunity to give a presentation at this year’s (ISC)² Security Congress on measuring cloud-related risk using FAIR.
Within the presentation I described a specific cloud-related decision one organization faced, and the set of analyses that were done to inform that decision. I also discuss the analysis process that was followed, some of the basic requirements for performing solid risk measurement, as well as some of the challenges we face as a profession when it comes to analyzing and communicating risk. I invite you to watch my recorded presentation by clicking the button below.