“Cybersecurity practitioners are overloaded with new threats, new vulnerabilities, new tools, and with constant pressure to keep pace with their organizations’ ever changing needs. To address this complexity and variability, we need the knowledge, mechanisms,...

“Companies can mitigate, transfer, or ignore their cyber risk. But in order to smartly manage it, CISOs must first quantify their risk. This book arms the CISO of the future with the tools needed to make business relevant decisions. These tools will empower...

“How to Measure Anything in Cybersecurity Risk makes a strong case for quantifying what organizations are up against. This book is equally valuable for technical security practitioners, risk and compliance professionals as well as security leaders. It provides...

“Whether you are a quantified risk skeptic or fan, this book will teach you new ways to think about the problem. I consider it mandatory reading for our field.” John “Four” Flynn, CISO, Amazon Stores

Forward by Stuart McClure: CEO of Cylance “What the authors of this book have done is begin to define a framework and a set of algorithms and metrics to do exactly what the industry has long thought impossible, or at least futile: measure security risk.” Continue...