Security risk analysis techniques are either too complex to be understood by the business or too simple to provide repeatable and meaningful results. Without a proper understanding of the risk associated with security events, businesses are likely to misunderstand the risk that security professionals are working to control.
This talk will announce a new, peer reviewed, technique called Binary Risk Analysis. The technique is easy to use, enables quick structured conversations about risk and works with existing risk management frameworks. The technique will be released to the community under a creative commons license.