Muutke küpsiste eelistusi

From Heatmaps to Histograms: A Practical Guide to Cyber Risk Quantification [Pehme köide]

  • Formaat: Paperback / softback, 436 pages, kõrgus x laius: 254x178 mm, 168 Illustrations, black and white
  • Ilmumisaeg: 19-Mar-2026
  • Kirjastus: APress
  • ISBN-13: 9798868822995
Teised raamatud teemal:
  • Pehme köide
  • Hind: 37,75 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Tavahind: 44,41 €
  • Säästad 15%
  • Raamatu kohalejõudmiseks kirjastusest kulub orienteeruvalt 3-4 nädalat
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Tellimisaeg 2-4 nädalat
  • Lisa soovinimekirja
From Heatmaps to Histograms: A Practical Guide to Cyber Risk QuantificationSuurem pilt
  • Formaat: Paperback / softback, 436 pages, kõrgus x laius: 254x178 mm, 168 Illustrations, black and white
  • Ilmumisaeg: 19-Mar-2026
  • Kirjastus: APress
  • ISBN-13: 9798868822995
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9798868822995.html
Cyber risk quantification (CRQ) is the practice of measuring cybersecurity risk using numbers not colors or guesswork. Instead of labeling risks high, medium, or low, CRQ uses probabilities, ranges, and impact estimates to help organizations make better, data-informed decisions about risk.



In a world where ransomware gangs operate like small businesses, every core function of an organization is digital, and Boards and regulators are demanding meaningful, defensible risk metrics, CRQ has never been more relevant than now. And thanks to AI, its about to scale fast.



At the same time, CRQ is often misunderstood as expensive, technical, or just voodoo math. People assume you need a stats degree, six-figure software, or a room full of analysts. This book is here to prove otherwise.



 



From Heatmaps to Histograms is a hands-on, plain-English guide written by a seasoned practitioner whos built CRQ programs at top global companies. Its packed with step-by-step instructions, practical tips, templates, shortcuts, AI prompts, and plenty of myth-busting to take you from CRQ skeptic to CRQ championeven if youve never cracked open a statistics book.



 



All techniques in this book can be performed in Excel or Google Sheetsno coding required. But for readers who want to go further, youll find dozens of GenAI prompts that help you generate risk scenarios, clean messy data, or even vibe-code your way through a Monte Carlo simulation in Python or R. You'll also get guidance on when to not use AI, how to spot hallucinations, and how to integrate it responsibly into your risk practice.



 



CRQ is no longer optional. This is your roadmap for making it workcheaply, ethically, and effectively.



 



What You Will Learn:







A beginner-friendly introduction to the statistical foundations of CRQ, including Monte Carlo simulations, credible intervals, Bayesian reasoning, and simple methods for summarizing uncertaintywithout requiring a math or coding background Gather, vet, and work with dataeven when its scarce, messy, or missing Perform full end-to-end quantitative risk assessments using only Excel or Google Sheets Harness the power of generative AI to supercharge risk analysis workflows Apply CRQ and GenAI responsibly and ethically, with clear guidance on common pitfalls, misuse scenarios, and ensure transparency, fairness, and trustworthiness in your analysis and reporting



 



Who This Book Is For



Beginner/intermediate in the cyber/technology risk management field



 
Part 1: Foundations.
Chapter 1: Welcome to the Rebellion.
Chapter 2:
Probabilitys Plot Twist: After 300 Years, We Colored It Red.
Chapter 3:
GenAI Needs Adult Supervision.- Part 2: Getting Your Risk Muscles Working.-
Chapter 4: Foundations.
Chapter 5: Your First Quantitative Risk Assessment.-
Chapter 6: Interpreting and Communicating Quantitative Risk Results.
Chapter
7: From Risk Statements to Assessment Scope.
Chapter 8: Understanding Loss:
The Six Forms.- Part 3: Solving the Data Problem.
Chapter 9: Getting Unstuck
with Data.
Chapter 10: How to Vet and Believe Your Data.
Chapter 11:
Finding and Using External Data.- SMEs Are Your Quiet Competitive Advantage.-
Chapter 12: Your Best Evidence: Finding and Using Internal Data.
Chapter13:
Your Secret Weapon: Subject Matter Experts.
Chapter 14: How to Blend Data.-
Part 5: Making it Stick.
Chapter 15: Extending this to CRQ.
Chapter 16:
Extending to FAIR.
Chapter 17: How to Run a Complete CRQ Assessment (A Full
Walkthrough).- Part 5: Making it Stick.
Chapter 18: CRQ in the Org.
Chapter
19: Making Better Decisions with CRQ.
Chapter 20: The Future of CRQ (And
Yours Too).
Tony Martin-Vegue is a cybersecurity and technology risk expert with over 25 years of experience helping Fortune 500 companies build and scale quantitative risk programs. He writes and speaks prolifically on the topic of risk and decision science, and is known for his new ways of thinking about old problems.



A hands-on practitioner as much as a leader, Tony has performed an estimated 1,000 quantitative risk assessments across domains including cyber, fraud, operations, and enterprise risk. Hes a frequent speaker at FAIRcon, SIRAcon, RSA, various Security BSides, and ISACA events. He also chairs the San Francisco Chapter of the FAIR Institute, a global organization dedicated to advancing risk quantification practices, and was honored with the FAIR Ambassador Award in 2020. He has been published in numerous publications such as the ISACA journal, Risk.net, and regularly blogs at tonym-v.com on the topics of risk, quantification, and security economics.



Tony lives with his family on an island in the San Francisco Bay (not Alcatraz)though he has swum from Alcatraz to San Francisco ten times.