Cyber Threat Analysis Workshop

Cyber attacks cannot be reliably predicted by extrapolating from past events.  Traditional techniques of statistical analysis are mostly useless. The cyber attacks that seem the biggest threat one year have hardly ever seemed the biggest threat three or four years later.  the most dangerous cyber attacks usually seem to come out of nowhere.  Yet the planning of cyber defenses needs to be focused on particular types of threats and done well in advance in order to be cost-effective.  This workshop will explain a system of threat analysis that has been extraordinarily successful in anticipating future attacks.  It supplies one of the essential components for a quantitative, risk-based approach to cyber defense.

Cyber Consequence Analysis Workshop

The damages that can be caused be cyber attacks often seem too complex, too intangible, or too diffuse to be reliably quantified.  Hardly any corporations have an accurate idea of what future cyber attacks could cost them or even what past cyber attacks have already cost them.  In the larger economy, the prevalence of cascading effects can make cyber consequences bewildering.  Yet an accurate estimate of cyber attacks costs needs to be the central component of a quantitative, risk-based approach to cyber defense.   This workshop will outline how cyber attack consequences can be reliably quantified.