Skærp dine evner indenfor IT-risikostyring
Move Beyond Guesswork: Elevate Your Cyber Risk Management with Data-Driven Quantification
If your organisation is still relying on traditional tools like colour-coded heat maps, it might be time to consider if those methods are providing the level of insight and precision your business needs
Are you covered? The case for quantifying cyber risk for insurance and strategic decision making
Are you covered? The case for quantifying cyber risk for insurance and strategic decision making.
How quantifying your cyber exposure can reduce your insurance cost and improve coverage.
WEBINAR: QUANTITATIVE IT-RISK ASSESSMENTS – TOOLS AND TECHNIQUES
Thursday, December 7, 2023 was an important day for ACI.We held our December seminar on IT Risk quantification.We were proud that more than 180 people had signed up for the seminar from more than 100 organizations across Europe.We shared experiences from 5 years of...
Part Two: ‘We Should Never Have Said That’ and How to Avoid It Being Used Against You Before It’s Too Late
Earlier this year, the first part of this article was published. It’s a good place to start to learn why you want to understand your company’s attack surface. Websites and online databases tend to over-share – you...
Ask fewer and better questions – Right now!
In a previous article, When a robot gives better estimates than a human, Bo Thygesen from ACI describes how we use the LENS model to avoid human bias and have a “robot” estimate probability and loss for hundreds of systems better and faster than a human can do. How...
Webinar: An introduction to quantitative methods for cyber risk management
Almost daily, we hear about how cyber threats and IT risks increase globally across industries. Sadly, the methods and tools used for IT risk management today do not deliver the consistent decision support that organizations need. On March 23rd 2023, we conducted a...
ISO 27005 Is Wrong About Quantitative Risk
The International Standards Organization recently published an updated version of their guidance for information security risk management, but they have missed the mark entirely on quantitative methods. The ISO/IEC-27005 is one of the key standards published under the...
Identify your information assets in 5 steps
An important step in any IT risk management process is to clearly define the information assets in scope. But what is an information asset really? How can you best describe your important information assets? And why is it so important to spend time on establishing a...
NIS2 er vedtaget, hvad betyder det?
NIS2 trådte den 16. januar 2023 i kraft. NIS2 (Network and Information Systems Directive) er et EU-direktiv, der har til formål at øge IT-sikkerheden i EU. Dette skal herefter implementeres i de 27 landes love, hvor disse skal træde i kraft senest den 17. oktober...