The practice of cyber risk management is cyclical. You start by assessing your cyber risk environment. That step includes identifying risks and classifying them in buckets. Then, you take the identified risks and measure the potential impact. This means quantifying them financially using risk assessment methodologies, like the FAIR model. Lastly, you come to risk treatment, which includes risk mitigation and remediation. 

*** This is a Security Bloggers Network syndicated blog from CyberSaint Blog authored by Maahnoor Siddiqui. Read the original post at: https://www.cybersaint.io/blog/cyber-risk-modeling