Get the CSIO Playbook FREE during the SECURE360 Promotion May 12-17th Only (Click)

CyberRiskModels.com

CyberRiskModels.comCyberRiskModels.comCyberRiskModels.com

CyberRiskModels.com

CyberRiskModels.comCyberRiskModels.comCyberRiskModels.com
  • Home
  • CISO Playbook
  • Services
    • Coaching
    • Custom Models
  • Resources
  • TrainingVault
  • More
    • Home
    • CISO Playbook
    • Services
      • Coaching
      • Custom Models
    • Resources
    • TrainingVault
  • Sign In
  • My Account

  • Signed in as:

  • filler@godaddy.com

  • My Account

  • Sign out

Signed in as:

filler@godaddy.com

  • Home
  • CISO Playbook
  • Services
    • Coaching
    • Custom Models
  • Resources
  • TrainingVault

Account

  • My Account

  • Sign out

  • Sign In
  • My Account

About

 Who am I and why should you want to work with me?


I help my clients identify risk across the organization in their systems, applications, security programs, policies, and more. I give them actionable recommendations that enable them to reduce risk measurably. They can effectively communicate this in both operational and financial terms, which helps them quickly gain stakeholder support. In short, I make your job easier saving you time and money.


I'm a Cyber Risk Expert, Adjunct Professor, Author, Speaker, and Mentor with over 35 years of experience in network design and security. I have supported multiple US Agencies, including the Nuclear Regulatory Commission, performing compliance assessments, agency-wide risk analyses, and risk quantification.  


As an Adjunct Professor I teach Cybersecurity Risk Quantification at Boise State University’s Cyber Resilience and Operations Program (CORe).  I authored the textbook "Cybersecurity Risk Quantification" and developed the coursework. The BSU CORe program was recently named one of the top 10 cyber programs in the US by FORBES Magazine. 


I regularly speak at ISACA and ISC2 chapters across the United States, and at various related industry conferences.  


Articles

  • BEYOND PASS/FAIL: DEVELOPING A QUANTITATIVE FRAMEWORK FOR CYBERSECURITY AUDITS , EDPACS, The EDP Audit, Control, and Security Newsletter, Volume 69, 2024 - Issue 4
  • A QUANTITATIVE APPROACH TO ASSESSING AND MANAGING CYBERSECURITY RISKS , EDPACS, The EDP Audit, Control, and Security Newsletter, Volume 69, 2024 - Issue 4
  • BUILDING YOUR TOOLKIT FOR QUANTIFYING CYBER RISK , EDPACS, The EDP Audit, Control, and Security Newsletter, Volume 69, 2024 - Issue 4
  • One of my advanced mathematical models can forecast threat actor behavior and attacks from initial vulnerability discovery to widespread mass attacks. Marked Hawks Process with Indicators of Prevalence.


Conferences, Interviews and Chapter Presentation

  • New Jersey ISC2 Chapter September 2024- Cyber Risk Quantification Pitfalls and Fixes
  • Lean Culture 2023: Increase Your Likelihood of Success with Better Risk-Based Decisons. 
  • BSidesCharm 2022 -BSidesCharm 2022 - Forecasting Cyber Attacks 
  • Austin Cyber Show 2022 - Mathematical Models for Forecasting Cyber Attacks
  • Cybersecurity Weekly Interview 2022: Forecasting Risk What Every CIO and CISO Needs to Know
  • University  of Wisconsin Lumbar School of Business 2021 - Cyber Risk in the Supply Chain: Manufacturing, Suppliers, and Partners


Select Videos

  • How to measure organizational risk
  • Supercharge your risk management program


National Initiative for Cybersecurity Careers and Studies (NICCS) 

  •  FISMACS LLC Cybersecurity Risk Quantification Workshops 
  • Cybersecurity Risk Quantification from Boise State University, CyberOperations & Resilience (CORe) Program | NICCS 

Copyright © 2025 CyberRiskModels.com a FISMACS, LLC domain - All Rights Reserved.

Powered by

  • About
  • Resources
  • crq-open-education
  • Contact

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept