Misbehaving: Expected Utility Versus the Behavioral Reality of Cyber Standards

If there were to be a core premise of organizational cybersecurity it would be the reduction of risk, specifically cyber risk. The unifying theory for such a premise might state that organizations choose risk reduction strategies through optimization. That is, choosing the optimal risk reduction strategy given organizational constraints, such as budget, staffing, regulatory requirements, etc.

Starting something is not an event

Once again I find myself at the beginning of a beginning. OK, this is not the actual beginning, but then again so few things truly are. This is just a new chapter, or more appropriately, the first chapter in a new book - l

Powered by WordPress.com.

Up ↑