New framework helps companies quantify risk

The World Economic Forum has released a new framework this week that helps companies calculate the risk of cyberattacks.

The risk calculation has three components — an assessment of a company’s vulnerabilities and defenses, the potential cost of data breaches, and a profile of the attacker.

Security experts praised the framework’s holististic approach towards cyberrisk.

“The framework’s orientation towards probabilistic models of possible losses from attacks will keep businesses focused on minimizing total possible losses rather than building hard brittle shells around their networks,” said Lance Cottrell, chief scientist at Herndon, VA-based security firm Ntrepid Corp.

To read this article in full or to leave a comment, please click here