Correctly calculating the probability of risk is becoming critical to organizations. And it’s not just because it is essential and fundamental to good Risk Management practice, but also because new laws such as GDPR are mandating it. Security measures must be appropriate to the risk, and the risk is suffering a data breach. So, calculating the probability of a data breach happening, regardless of scope, is vital to determining appropriate security measures. ISACA, previously known as the Information Systems Audit and Control Association but now known solely by its acronym, talks about the probability of risk as: RISK = PROBABLITY…
[Continue Reading]