Risk Analysis for Dummies

Presented at The Next HOPE (2010), July 16, 2010, 9 p.m. (60 minutes)

We all get that “gut feeling” about what is risky, but how do we communicate that to managers or other people in a meaningful way? And how can we determine what risks are worse than others in a justifiable manner? How do you even define “risk?” In this talk, you’ll learn about the most up to date methods of identifying risk, evaluating risk, and communicating risk to others, as well as some models used by the U.S. government and others to identify attack targets, evaluate building security, diagram attacks, and more. And no math problems harder than simple addition, guaranteed.

Presenters:

• Nick Leghorn
  Nick Leghorn (Foghorn to his friends) graduated from Pennsylvania State University with a degree in security and risk analysis, and is currently employed as a risk analyst for a contractor working for the Department of Homeland Security. Nick is also an EMT, a general class amateur radio operator, started the State College 2600 meeting, and runs a competition shooting team in his spare time. More information can be found via his website: http://NickLeghorn.com.

Links:

• https://infocon.org/cons/2600/The Next Hope (2010)/The Next HOPE (2010) - Risk Analysis for Dummies.srt (subtitles)
• https://infocon.org/cons/2600/The Next Hope (2010)/The Next HOPE (2010) - Risk Analysis for Dummies.mp4
• https://www.youtube.com/watch?v=M7rMnfg6m9Q

Similar Presentations:

• RVAsec 2019 / Risk Assessment - The Heart of Risk-based Security
• DEF CON 23 (2015) / A Hacker's Guide to Risk
• Texas Cyber Summit 2019 / CS-2024 The Risk Management Hydra and why you need multiple assessments