Connect with us

Cyber Security

CISA launches new effort to develop actionable metrics to quantify cyber risk

Published

on

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new cybersecurity effort:  The Systemic Cyber Risk Reduction Venture on developing actionable metrics to quantify cyber risk. This information will be used to reduce shared risk to the nation’s security. 

The effort, in partnership with theNational Risk Management Center (NRMC), CISA will be focusing on using enterprise risk management best practices in 2021. According to Bob Kolasky, CISA Assistant Director for the National Risk Management Center, CISA is anticipating three overarching lines of effort: 

  1. Build the Underlying Architecture for Cyber Risk Analysis to Critical Infrastructure

The critical infrastructure community is underpinned by a dependent web of hardware, software, services, and other connected componentry.

  1. Cyber Risk Metric Development

Supporting efforts to better understand the impact of cyber risk across the critical infrastructure community will require developing usable metrics to quantify cyber risk in terms of functional loss. There’s no need to get bogged down with Greek equations with decimal place-level specificity. Metrics that provide even directional or comparative indicators are enormously helpful.

  1. Promoting Tools to Address Concentrated Sources of Cyber Risk

Central to the venture to reduce systemic cyber risk is finding concentrated sources of risk that, if mitigated, provide heightened risk management bang for the buck if addressed.

“Defending Today and Securing Tomorrow demands that we better understand and address systemic cyber risk. The steady drumbeat of the importance of cyber essentials must be complemented with a more advanced understanding of how cyber risk manifests itself in an interconnected world – this means both understanding the interconnection and developing high leverage solutions. CISA, via the National Risk Management Center’s collaborative approach, looks forward to working with the critical infrastructure and cyber research community to make progress on this important Venture,” Kolasky says.

Source: https://www.securitymagazine.com/articles/94353-cisa-launches-new-effort-to-develop-actionable-metrics-to-quantify-cyber-risk

Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2023 Cyber Reports Cyber Security News All Rights Reserved Website by Top Search SEO