Cybersecurity Risk Management: Quantitative & Qualitative 📊

Subscribe here: https://www.youtube.com/channel/UC7asNccszmEwzQn2P414NKA?sub_confirmation=1

CyberPlatter Discord Channel: https://discord.gg/pFPgZmes

Website: https://cyberplatter.com

Access Control Types: https://youtu.be/IXAAtKFKak8

Security Analyst and Engineer Interview Question and Answer Playlist: https://www.youtube.com/playlist?list=PL2QcdSWyXri3aJkyHa07PN5zMByOAPJVp

This video includes:
• Cybersecurity Risk Management | Information Security Risk Management
○ What is risk management?
○ Why is risk management important?
○ Risk elements and its types
§ Threat agent/actor
§ Threats
§ Vulnerabilities
§ Risk
§ Safeguards / security controls / controlmeasures
§ Assets
§ Asset Evaluation
§ Attach
§ Breach
○ Risk assessment/analysis and its types
§ Quantitative risk analysis
□ Asset Valuation (AV)
□ Exposure Factor (EF)
□ Single Loss Expectancy (SLE)
□ Annualized Rate of Occurrence (ARO)
□ Annualized Loss Expectancy (ALE)
□ Annual Cost of Safeguards (ACS)z
□ Cost/benefit analysis of safeguards
§ Qualitative risk analysis
□ Delphi technique
§ Hybrid risk analysis
○ Residual Risk
○ Total Risk
○ Risk response and its types:
§ Risk transfer/assign
§ Risk mitigation/reduction
§ Risk avoidance
§ Risk acceptance
§ Risk ignore/reject
§ Risk deterrence
○ NIST SP 800-37's Risk Management Framework (RMF) and its steps
§ Prepare
§ Categorize
§ Select
§ Implement
§ Assess
§ Authorize
§ Monitor