With spending on information security products and services forecast by Gartner to increase 8.7% to $124 billion in 2019, management is rightly requesting financial appraisals of cybersecurity investment proposals. Security solutions are implemented to reduce risk but, until now estimating potential reduction in risk has been very difficult.
The emergence of quantitative techniques and tools for assessing and aggregating cyber risk have changed this and it is now possible to get much better data to inform our investment decision making.
