Account
Orders
Advanced search
A Practical Guide to Cyber Risk Quantification
Louise Reader
Read on Louise Reader App.
Cyber risk quantification (CRQ) is the practice of measuring cybersecurity risk using numbers —not colors or guesswork. Instead of labeling risks “high,” “medium,” or “low,” CRQ uses probabilities, ranges, and impact estimates to help organizations make better, data-informed decisions about risk.
In a world where ransomware gangs operate like small businesses, every core function of an organization is digital, and Boards and regulators are demanding meaningful, defensible risk metrics, CRQ has never been more relevant than now. And thanks to AI, it’s about to scale fast.
At the same time, CRQ is often misunderstood as expensive, technical, or just “voodoo math.” People assume you need a stats degree, six-figure software, or a room full of analysts. This book is here to prove otherwise.
From Heatmaps to Histograms is a hands-on, plain-English guide written by a seasoned practitioner who’s built CRQ programs at top global companies. It’s packed with step-by-step instructions, practical tips, templates, shortcuts, AI prompts, and plenty of myth-busting to take you from CRQ skeptic to CRQ champion—even if you’ve never cracked open a statistics book.
All techniques in this book can be performed in Excel or Google Sheets—no coding required. But for readers who want to go further, you’ll find dozens of GenAI prompts that help you generate risk scenarios, clean messy data, or even “vibe-code” your way through a Monte Carlo simulation in Python or R. You'll also get guidance on when to not use AI, how to spot hallucinations, and how to integrate it responsibly into your risk practice.
CRQ is no longer optional. This is your roadmap for making it work—cheaply, ethically, and effectively.
What You Will Learn:
Who This Book Is For
Beginner/intermediate in the cyber/technology risk management field
Les livres numériques peuvent être téléchargés depuis l'ebookstore Numilog ou directement depuis une tablette ou smartphone.
PDF : format reprenant la maquette originale du livre ; lecture recommandée sur ordinateur et tablette EPUB : format de texte repositionnable ; lecture sur tous supports (ordinateur, tablette, smartphone, liseuse)
DRM Adobe LCP
LCP DRM Adobe
This ebook is DRM protected.
LCP system provides a simplified access to ebooks: an activation key associated with your customer account allows you to open them immediately.
ebooks downloaded with LCP system can be read on:
Adobe DRM associates a file with a personal account (Adobe ID). Once your reading device is activated with your Adobe ID, your ebook can be opened with any compatible reading application.
ebooks downloaded with Adobe DRM can be read on:
mobile-and-tablet To check the compatibility with your devices,see help page
Tony Martin-Vegue is a cybersecurity and technology risk expert with over 25 years of experience helping Fortune 500 companies build and scale quantitative risk programs. He writes and speaks prolifically on the topic of risk and decision science, and is known for his new ways of thinking about old problems.
A hands-on practitioner as much as a leader, Tony has performed an estimated 1,000 quantitative risk assessments across domains including cyber, fraud, operations, and enterprise risk. He’s a frequent speaker at FAIRcon, SIRAcon, RSA, various Security BSides, and ISACA events. He also chairs the San Francisco Chapter of the FAIR Institute, a global organization dedicated to advancing risk quantification practices, and was honored with the FAIR Ambassador Award in 2020. He has been published in numerous publications such as the ISACA journal, Risk.net, and regularly blogs at tonym-v.com on the topics of risk, quantification, and security economics.
Tony lives with his family on an island in the San Francisco Bay (not Alcatraz)—though he has swum from Alcatraz to San Francisco ten times.
Sign up to get our latest ebook recommendations and special offers