Explore a comprehensive 52-minute conference talk from LASCON that introduces an enhanced risk calculation formula for security risk evaluation. Learn about the evolution of risk assessment frameworks, from ISO 27005 and OWASP risk calculation to the CVSS scoring system. Discover how the speaker's team has developed a new risk rating recipe that incorporates additional factors to improve upon current risk scoring methods. Understand the advantages of this comprehensive approach, which aggregates risk assessment criteria with vulnerability scoring factors without overlapping elements. Gain insights into the development process, including security expertise, simulations, and real-world scenario experiments. Engage with this valuable presentation to enhance your understanding of security risk evaluation and contribute feedback to benefit the broader security community.
Overview
Syllabus
Invited - Karen Lu - A new recipe for security risk evaluation
Taught by
LASCON
Related Courses
-
Implementing and Performing Risk Management with ISO/IEC 27005
-
Information and Cyber Security GRC: Risk Management
-
Introduction to Cybersecurity & Risk Management
-
ISO/IEC 27001:2022 Lead Implementer
-
ISO 27001:2013 - Information Security Management Systems
-
Risk Identification, Monitoring, and Analysis
