From the course: Enterprise Security Architecture: Aligning Cybersecurity with Business Goals
Join today to access over 24,700 courses taught by industry experts.
Modeling cybersecurity risk
From the course: Enterprise Security Architecture: Aligning Cybersecurity with Business Goals
Modeling cybersecurity risk
- [Instructor] The COBRA application models our security program as a set of operational security processes, with activity management at the tactical level and the overall program activities being shown as strategic processes. This approach is in line with the open group information security maturity management model, or ISM3. And lends itself well to measuring the process maturity and control effectiveness of our program. Business value chains are an approach often used to identify the sorters of value in a business by modeling value generating and supporting services. The role of our security program is to protect those services. A service can provide value in the form of either direct financial contribution to the business or an indirect value as a percentage reduction in performance of the service should the service fail. This is not intended to be a granular and highly accurate model of the business, but merely sufficient to enable a first order assessment of cyber risk. The…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.