Risk Management in Cybersecurity- Information Security Risk Management | Quantitative & Qualitative

Subscribe here: https://www.youtube.com/channel/UC7asNccszmEwzQn2P414NKA?sub_confirmation=1 CyberPlatter Discord Channel: https://discord.gg/pFPgZmes Website: https://cyberplatter.com Access Control Types: https://youtu.be/IXAAtKFKak8 Security Analyst and Engineer Interview Question and Answer Playlist: https://www.youtube.com/playlist?list=PL2QcdSWyXri3aJkyHa07PN5zMByOAPJVp This video includes: • Cybersecurity Risk Management | Information Security Risk Management ○ What is risk management? ○ Why is risk management important? ○ Risk elements and its types § Threat agent/actor § Threats § Vulnerabilities § Risk § Safeguards / security controls / controlmeasures § Assets § Asset Evaluation § Attach § Breach ○ Risk assessment/analysis and its types § Quantitative risk analysis □ Asset Valuation (AV) □ Exposure Factor (EF) □ Single Loss Expectancy (SLE) □ Annualized Rate of Occurrence (ARO) □ Annualized Loss Expectancy (ALE) □ Annual Cost of Safeguards (ACS)z □ Cost/benefit analysis of safeguards § Qualitative risk analysis □ Delphi technique § Hybrid risk analysis ○ Residual Risk ○ Total Risk ○ Risk response and its types: § Risk transfer/assign § Risk mitigation/reduction § Risk avoidance § Risk acceptance § Risk ignore/reject § Risk deterrence ○ NIST SP 800-37's Risk Management Framework (RMF) and its steps § Prepare § Categorize § Select § Implement § Assess § Authorize § Monitor