Submit Search
Upload
Introduction to Scenario Based Risk Analysis
•
1 like
•
1,569 views
"
"Apolonio \"Apps\"" Garcia
Follow
Part 1 of 3 - Covers the foundational concepts related to scenario based risk analysis
Read less
Read more
Technology
Report
Share
Report
Share
1 of 27
Recommended
Information security: importance of having defined policy & process
Information security: importance of having defined policy & process
Information Technology Society Nepal
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NetLockSmith
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
Risk Management Framework
Risk Management Framework
Anand Subramaniam
Risk management
Risk management
MECandPMV
8. operations security
8. operations security
7wounders
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment
Doreen Loeber
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
Recommended
Information security: importance of having defined policy & process
Information security: importance of having defined policy & process
Information Technology Society Nepal
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NetLockSmith
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
Risk Management Framework
Risk Management Framework
Anand Subramaniam
Risk management
Risk management
MECandPMV
8. operations security
8. operations security
7wounders
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment
Doreen Loeber
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
Dam Frank
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
SlideTeam
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
BOC Group
Key Risk Indicators - Concepts and Examples (Deloitte, 2014).pdf
Key Risk Indicators - Concepts and Examples (Deloitte, 2014).pdf
Pars Six Sigma Excellence
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
Denise Tawwab
Introduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
Cybersecurity for Critical National Infrastructure
Cybersecurity for Critical National Infrastructure
Dr David Probert
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
Risk Management 101
Risk Management 101
Wil Rickards
Vulnerability Management
Vulnerability Management
asherad
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
Keyaan Williams
Cyber Security For Organization Proposal Powerpoint Presentation Slides
Cyber Security For Organization Proposal Powerpoint Presentation Slides
SlideTeam
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
Erick Kish, U.S. Commercial Service
Governance, risk and compliance framework
Governance, risk and compliance framework
Ceyeap
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
SlideTeam
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security
Ernest Staats
Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 3
"Apolonio \"Apps\"" Garcia
Introduction to scenario based risk analysis part 2
Introduction to scenario based risk analysis part 2
"Apolonio \"Apps\"" Garcia
More Related Content
What's hot
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
Dam Frank
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
SlideTeam
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
BOC Group
Key Risk Indicators - Concepts and Examples (Deloitte, 2014).pdf
Key Risk Indicators - Concepts and Examples (Deloitte, 2014).pdf
Pars Six Sigma Excellence
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
Denise Tawwab
Introduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
Cybersecurity for Critical National Infrastructure
Cybersecurity for Critical National Infrastructure
Dr David Probert
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
Risk Management 101
Risk Management 101
Wil Rickards
Vulnerability Management
Vulnerability Management
asherad
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
Keyaan Williams
Cyber Security For Organization Proposal Powerpoint Presentation Slides
Cyber Security For Organization Proposal Powerpoint Presentation Slides
SlideTeam
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
Erick Kish, U.S. Commercial Service
Governance, risk and compliance framework
Governance, risk and compliance framework
Ceyeap
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
SlideTeam
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security
Ernest Staats
What's hot
(20)
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
Key Risk Indicators - Concepts and Examples (Deloitte, 2014).pdf
Key Risk Indicators - Concepts and Examples (Deloitte, 2014).pdf
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
Introduction to Cybersecurity
Introduction to Cybersecurity
Cybersecurity for Critical National Infrastructure
Cybersecurity for Critical National Infrastructure
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Risk Management 101
Risk Management 101
Vulnerability Management
Vulnerability Management
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
Cyber Security For Organization Proposal Powerpoint Presentation Slides
Cyber Security For Organization Proposal Powerpoint Presentation Slides
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
Governance, risk and compliance framework
Governance, risk and compliance framework
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security
Similar to Introduction to Scenario Based Risk Analysis
Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 3
"Apolonio \"Apps\"" Garcia
Introduction to scenario based risk analysis part 2
Introduction to scenario based risk analysis part 2
"Apolonio \"Apps\"" Garcia
Risks of being an enterprenuer
Risks of being an enterprenuer
SPIIPE
Beyond the Equity Risk Premia
Beyond the Equity Risk Premia
Windham Labs
How to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety Excellence
PECB
Risk descriptions from 'Coconut island' risk workshop
Risk descriptions from 'Coconut island' risk workshop
Association for Project Management
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
Doug Copley
High Performance Security Report - High Technology
High Performance Security Report - High Technology
Accenture Security
Smu seminar 2014_03_26 v3
Smu seminar 2014_03_26 v3
Patrick Florer
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Puneet Kukreja
PMexpo17 - How to manage risks you didnt know you were taking - David Hillson
PMexpo17 - How to manage risks you didnt know you were taking - David Hillson
PMexpo
Economic Value Chains - costing the impact of risk by "Colin Sandall - Senior...
Economic Value Chains - costing the impact of risk by "Colin Sandall - Senior...
Project Controls Expo
Big Data Analytics for Insurance Business
Big Data Analytics for Insurance Business
PanBI
Formula For Case Intake Success
Formula For Case Intake Success
MyMeds&Me
How to Manage Strategic & Reputation Risk in Turbulent Times
How to Manage Strategic & Reputation Risk in Turbulent Times
PECB
Europe Insurance Innovation Award 2017 - Healix
Europe Insurance Innovation Award 2017 - Healix
The Digital Insurer
5 Project Risk Identification Tools I Use & How You Can Use Them Too
5 Project Risk Identification Tools I Use & How You Can Use Them Too
SHAZEBALIKHAN1
Dec2016 - Calculating and Managing Environmental Counterparty Risk
Dec2016 - Calculating and Managing Environmental Counterparty Risk
John Rosengard
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
NowSecure
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
riscoss-eu
Similar to Introduction to Scenario Based Risk Analysis
(20)
Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 2
Introduction to scenario based risk analysis part 2
Risks of being an enterprenuer
Risks of being an enterprenuer
Beyond the Equity Risk Premia
Beyond the Equity Risk Premia
How to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety Excellence
Risk descriptions from 'Coconut island' risk workshop
Risk descriptions from 'Coconut island' risk workshop
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
High Performance Security Report - High Technology
High Performance Security Report - High Technology
Smu seminar 2014_03_26 v3
Smu seminar 2014_03_26 v3
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
PMexpo17 - How to manage risks you didnt know you were taking - David Hillson
PMexpo17 - How to manage risks you didnt know you were taking - David Hillson
Economic Value Chains - costing the impact of risk by "Colin Sandall - Senior...
Economic Value Chains - costing the impact of risk by "Colin Sandall - Senior...
Big Data Analytics for Insurance Business
Big Data Analytics for Insurance Business
Formula For Case Intake Success
Formula For Case Intake Success
How to Manage Strategic & Reputation Risk in Turbulent Times
How to Manage Strategic & Reputation Risk in Turbulent Times
Europe Insurance Innovation Award 2017 - Healix
Europe Insurance Innovation Award 2017 - Healix
5 Project Risk Identification Tools I Use & How You Can Use Them Too
5 Project Risk Identification Tools I Use & How You Can Use Them Too
Dec2016 - Calculating and Managing Environmental Counterparty Risk
Dec2016 - Calculating and Managing Environmental Counterparty Risk
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Recently uploaded
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
Pixlogix Infotech
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
Kumar Satyam
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
Paolo Missier
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
MarkSteadman7
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Zilliz
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
WSO2
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
WSO2
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Remote DBA Services
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
caitlingebhard1
Recently uploaded
(20)
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
Architecting Cloud Native Applications
Architecting Cloud Native Applications
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Introduction to Scenario Based Risk Analysis
1.
© 2017 HealthGuard All
rights reserved Introduction to Scenario Based Risk Analysis Part 1: Foundational Concepts
2.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Housekeeping ● Using Zoom / Meeting Interaction ● Webinar Recording
3.
© 2017 HealthGuard All
rights reserved Housekeeping – Zoom Meeting viewer interaction
4.
© 2017 HealthGuard All
rights reserved Housekeeping – Zoom Meeting viewer interaction
5.
© 2017 HealthGuard All
rights reserved Housekeeping – Zoom Meeting viewer interaction
6.
© 2017 HealthGuard All
rights reserved Our Speakers John Zuziak, Director of Information Security, Catholic Health Initiatives Apolonio “Apps” Garcia, Founder/President, HealthGuard
7.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved What is scenario based risk analysis? Basic scenario elements Benefits of scenario based analysis
8.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Audience Poll
9.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved What is scenario based risk analysis?
10.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Risk scenario analysis is a technique to make IT risk more concrete and tangible and to allow for proper risk analysis and assessment. It is a core approach to bring realism, insight, organisational engagement, improved analysis and structure to the complex matter of IT risk.” - ISACA
11.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Scenario analysis is a process of analyzing possible future events by considering alternative possible outcomes (sometimes called "alternative worlds"). Thus, scenario analysis, which is one of the main forms of projection, does not try to show one exact picture of the future. Instead, it presents several alternative future developments. - Wikipedia
12.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Basic Elements of a Risk Scenario
13.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Threat
14.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Threats
15.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Threat Asset
16.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Assets
17.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Threat Asset Loss Event / Effect
18.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Loss Event / Effect Confidentiality Integrity Availability Financial Loss (Open FAIR) ● Productivity ● Response ● Replacement ● Fines & Judgement ● Competitive Advantage ● Reputation Patient Safety (AHRQ Harm Scale) ● No Harm ● Mild Harm ● Moderate Harm ● Severe Harm ● Death Privacy ● Information Exposure ● Data Theft
19.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Threat Asset Acts On
20.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved ControlsThreat Asset
21.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Loss Event ControlsThreat Asset
22.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Threat Controls Primary Loss Event Threat Event Frequency Primary Loss Event Frequency & Magnitude Vulnerability Secondary Loss Event Frequency & Magnitude Secondary Loss Event
23.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Benefits of Scenario Based Risk Analysis
24.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Why do Scenario Based Risk Analysis? “Scenarios are a powerful tool in a risk manager’s armory—they help professionals ask the right questions and prepare for the unexpected. Scenario analysis has become a ‘new’ and best practice in enterprise risk management (ERM). - ISACA
25.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Why do Scenario Based Risk Analysis? “Risk scenario analysis is a structured process that leads to better understanding of the ways multiple factors may combine to create both vulnerabilities and opportunities. It is often applied to expand perceptions prior to formulating specific business plans by focusing on factors that often get dismissed or shortchanged.” “Risk scenario analysis helps overcome organizational resistance in discussions of low-probability events or events that have not occurred in the recent past. Such risks often receive low rankings in standard risk assessments, but they can be revealed to be very challenging when introduced within risk scenarios.” - PwC
26.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Scenario based risk analysis is an analysis methodology to prioritize and quantify risk and to take action. Scenario Risk Analysis summary in 3 words 1. Context 2. Context 3. Context
27.
© 2017 HealthGuard All
rights reserved © 2017 HealthGuard All rights reserved Introduction to Scenario Based Risk Analysis - Part 2: How to Build a Scenario Wednesday, May 24th @ 1pm Register on Eventbrite