Skip to content
  • About
  • Resilience
  • Analytics
  • Architecture
  • Testing
  • Management
  • Risk
  • Other
A black swan

Black Swan Security

A blog about cybersecurity.

Category: Analytics

August 20, 2020April 1, 2022 Phil

Homebrew Monte Carlo Simulations for Security Risk Analysis Part 2

Analytics, Risk, Security

Previously I wrote about how I had implemented the simple quantitative analysis from Doug Hubbard’s book ‘How to measure anything in cybersecurity’ into javascript. When I wrote that code for Monte Carlo simulation I was working with percentage probabilities derived from expected rates of occurrence which I spoke about here.…

Read More
May 16, 2019April 1, 2022 Phil

Homebrew Monte Carlo Simulations for Security Risk Analysis

Analytics, Management, Other, Risk, Security

I cannot say enough good things about Doug Hubbard’s work. I’ve been obsessed with How to Measure Anything and The Failure of Risk Management so when he published How to Measure Anything in Cybersecurity Risk with Richard Seierson I could not have been happier. The whole book is worth reading…

Read More
April 13, 2017April 1, 2022 Phil

The Future of Security Automation.

Analytics, Architecture, Management

It is entirely possible I am about to have a flying car moment. Recently I have been asked by a variety of product vendors and security consultancies for my opinions on the future direction of security and where they should be focusing their innovation efforts. I’m honestly not sure why…

Read More
May 15, 2015April 1, 2022 Phil

Pitfalls of Cyber Data

Analytics, Management

I jointly presented with Ernest Li at 44con Cyber Security on April 28th 2015 discussing how we use public cyber data and some of the problems we have run into. My presentation is on slideshare below: Pitfalls of Cyber Data

Read More
January 4, 2015April 1, 2022 Phil

Security Analytics Beyond Cyber

Analytics, Management

I presented at 44con 2014 on moving security analytics on from network defense and rapid response towards supporting data-driven and evidence-driven security management, my presentation is on slideshare below: Security Analytics Beyond Cyber from Phil Huggins

Read More

Posts navigation

Older posts

Recent Posts

  • What I’ve learnt writing cyber strategies with grand scopes
  • What do we protect in Cybersecurity?
  • Managing Identity Consciously
  • Why I don’t like PIGs in Security Risk
  • Security Folkways and Deliberate Security Culture
  • Homebrew Monte Carlo Simulations for Security Risk Analysis Part 2
  • Open Security Summit 2020
  • What are we missing in risk?
  • Commercial & Government Cyber Conversation
  • Through the barricades..
  • Modern Security Risk Presentation
  • What are Information Assets?
  • Dressing up security with Bow-Ties
  • Asset Management Measurement for Cyber
  • Triage in Supply-Chain Cyber Risk Management
  • Security on the Bottom Line
  • What is Likelihood?
  • What is Information Security Risk?
  • Serious Business?
  • Invest in the CIO, before the CISO

Tag Cloud

44con 27001 analytics architecture assurance big data board boardlevel ciso conference cyber cyber resilience cyber security cynefin data science engagement governance information security infosec leadership management measurement OODA pen testing principles protectivemonitoring regulation resilience resistance risk security security analytics security architecture zones trust securitymanagement security management security management cyber securitymonitoring security risk securitystrategy securitytest security testing strategy supply chain testing third-party

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

If you would like to ask a question or comment on anything I have written here please contact me via Twitter at @oracuk, if you can please link back to the post in question in your tweet.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 United States License.