This episode is sponsored by the CIO Scoreboard
Marshall Kuypers is a PhD candidate in Management Science and Engineering at Stanford University, concentrating in Risk Analysis. His research studies quantitative models to assess cyber security risk in organizations. I heard Marshall talk at a major IT Security conference and after listening to him, I knew that I had to get him on the show to share his expertise.
Marshall continues a theme that I have been harping on recently which is for you to deepen your sophistication of communicating at the highest level in your organization about Cyber Risk and investments that you want your company to mitigate against.
For some of you this discussion will be re-enforcement of concepts and ideas that you already know but need to be reminded of. For others, Marshall will bring a fresh approach to you to test with your CFO, CEO or Board. The more effective you can be with communicating to your horizontal peers and upstream reports the better you can fulfill your mission within your company.
Major take aways from this episode are:
1. A practical and actionable discussion regarding Risk Analysis for Cyber Security
2. How Develop situational awareness for making better IT Security Investment Decisions
3. How to look at your internal security event data in a different way (no not your log data) to support IT Security investment.
4. How to validate or eliminate intuition from assessing probability of IT Security events happening.
5. How to eliminate recency bias from IT Security decisions (Fear and uncertainty cranked by media).
6. We also discuss power laws and complex systems theory which is fun as well.
I have linked up all the show notes on redzonetech.net/podcast where you can get access to Marshall’s presentation and research.
Marshall Kuypers is a PhD candidate in Management Science and Engineering at Stanford University, concentrating in Risk Analysis. His research studies quantitative models to assess cyber security risk in organizations. Marshall has a diverse background spanning many fields, including modeling cyber security, developing trading algorithms with a high frequency trading company, researching superconducting materials at UIUC, and modeling economic and healthcare systems with the Complex Adaptive Systems of Systems (CASoS) engineering group at Sandia National Labs. Marshall is also the Co-President of the Stanford Complexity Group and a predoctoral science fellow at the Center for International Security and Cooperation (CISAC) at Stanford.
How to get in touch with Marshall Kuypers:
- Stanford University CISAC Profile
- RSA presentation Practical Quantitative Risk Analysis for Cyber Systems
- Power Laws
- Veris Community – Privacy Rights Clearing House Title
- Quoted on Eweek : http://www.eweek.com/security/security-researchers-challenge-claims-data-breaches-increasing.html
- Thinking, Fast and Slow by Daniel Kahneman
This episode is sponsored by the CIO Scoreboard, a powerful tool that helps you communicate the status of your IT Security program visually in just a few minutes.
* Outro music provided by Ben’s Sound
Leave a Review
If you enjoyed this episode, then please consider leaving an iTunes review here
Click here for instructions on how to leave an iTunes review if you’re doing this for the first time.
About Bill Murphy
Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT business leader. Follow Bill on LinkedIn and Twitter.