Best Practice Report

Start Your Cyber Risk Quantification With The Right Framework

Choose Your CRQ Framework Wisely Informed By The Definition Of A Cyber Value-At-Risk Model

January 24th, 2023
Cody Scott, Senior Analyst
Cody Scott Senior Analyst
With contributors:
Amy DeMartine , Isabelle Raposo , Peggy Dostie

Summary

CISOs have relied on industry standards for qualitative assessments, maturity scales, and heatmaps to frame cyber risk but struggle to communicate and measure cyber risk financially to the business. CISOs are turning to cyber risk quantification (CRQ) to solve this problem only to find that too many standards broadly claim to “assess risk.” Using a comprehensive definition of a quantitative risk model, CISOs will understand how to navigate competing standards and frameworks and prepare their CRQ implementation effort for success.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.