Given the extreme importance of every organization’s technology infrastructure, and the ongoing battle with security threats, cyber risk is an area of risk management that garners much attention. Quantifying cyber risk has been a challenge that many organizations have tackled. Dealing with the many inputs, nuances, shifts and scale of technology risk makes the calculation of cyber risk extremely demanding.
The Open Group’s Open FAIR™ model has been one of the leading approaches to apply quantitative methods to the calculation of cyber risk. Recently, the Open Group published “The Mathematics of the Open FAIR™ Methodology”. In this interview, Steve Schlarman sits down with David Vose, Archer Vice President of Risk Management and the lead author of this new standard, to discuss how this update to the mathematical underpinning of the Open Fair model unfolded and what it means to those organizations looking to implement quantification methods for cyber risk.