Sumários

The financial side of cybersecurity

9 Novembro 2017, 18:30 Ana Respicio

Direct versus indirect costs. Explicit vs implicit costs. (Gordon, Chapters 2-4.)  ROI (Return on Investment) and ROSI (Return on Security Investment) models (Enisa doc). The cybersecurity cost grid. How much to invest?  The right amount to spend on cybersecurity: the relevance of the present value.  Project analysis. (Gordon, Chapter 4. ) TP - Case study.

The financial side of cybersecurity

9 Novembro 2017, 16:30 Ana Respicio

Direct versus indirect costs. Explicit vs implicit costs. (Gordon, Chapters 2-4.)  ROI (Return on Investment) and ROSI (Return on Security Investment) models (Enisa doc). The cybersecurity cost grid. How much to invest?  The right amount to spend on cybersecurity: the relevance of the present value.  Project analysis. (Gordon, Chapter 4. ) TP - Case study.

Financial models

2 Novembro 2017, 18:30 Ana Respicio

Financial models. Present value. The Net Present Value and the Internal Rate of Return models. (Gordon, Chapters 1, 2.) Operation costs vs. capital investments. Present value. The Net Present Value and the Internal Rate of Return models. Return on investment. Examples.  


TP: exercises.

Financial models

2 Novembro 2017, 16:30 Ana Respicio

Financial models. Present value. The Net Present Value and the Internal Rate of Return models. (Gordon, Chapters 1, 2.) Operation costs vs. capital investments. Present value. The Net Present Value and the Internal Rate of Return models. Return on investment. Examples.  


TP: exercises.

Standards and Guidelines

26 Outubro 2017, 18:30 Ana Respicio

Introduction to ISO/IEC 27005 and 31000; Enisa documents. More frameworks and guidelines:  OctaveItil, Cobit, ISO/IEC 27005:2011, and  NIST SP800-30.  


Business case for IS: ALE revisited. Complementary to ALE metrics. 

TP: presentations of the students on frameworks and guidelines. Assignment: auto-study ISO/IEC 27005:2011, NP ISO 31000:2013.