Praise for HOW TO MEASURE ANYTHING IN CYBERSECURITY RISK, SECOND EDITION
"Whether you are a quantified risk skeptic or fan, this book will teach you new ways to think about the problem. I consider it mandatory reading for our field."
-John "Four" Flynn, CISO, Amazon Stores
"This book arms the CISO of the future with the tools needed to make business relevant decisions. These tools will empower leaders to build organizational cybersecurity resilience against an ever-changing cyber risk landscape."
- Vishaal "V8" Hariprasad, CEO, Resilience and Former Active Duty Cyber Effects Operations Officer, U.S. Air Force
"I recommend anyone looking for a scientific approach for measuring cybersecurity risk to take advantage of Doug Hubbard and Richard Seiersen's expertise on this topic."
-Gerhard Eschelbeck, Former CISO, Google
"Cybersecurity practitioners are overloaded with new threats, new vulnerabilities, new tools, and with constant pressure to keep pace with the ever-changing needs of their organizations. To address this complexity and variability, we need the knowledge, mechanisms, and means to accurately prioritize initiatives, measure risk, and evaluate proposed solutions. This book enables the reader to confidently move forward in a cybersecurity landscape that grows in complexity daily."
-Jason Chan, Former VP, Information Security, Netflix
"For quantifying cybersecurity risks, Doug Hubbard and Richard Seiersen are the proven thought leaders. The methods they describe are powerful, practical and I have used them many times in difficult measurement problems to support decisions. Everyone in cybersecurity should apply these insights."
-Nick Shevelyov, Former CISO of Silicon Valley Bank