Downloads for Examples and Exercises from the Book Below
Welcome to the website for How to Measure Anything in Cybersecurity Risk. This is where readers can come to download examples mentioned in the book. These downloads include spreadsheet examples of the calculations, “Power Tools” and additional calibration exercises.
*Note: Some users may experience download issues while using Google Chrome.
Or try using Firefox, Internet Explorer, Edge, or another browser.
Contact us if the issue persists.
Chapter 3: Simple One-for-One Substitution Example
This spreadsheet contains examples for the “one-for-one substitution” model described in Chapter 3. It has been updated with a new appearance and new features since the release of the book. There are three tabs. The first tab, ‘Risk Estimates’, shows how you can estimate likelihood and impact for risks. It also contains collapsed columns for adding controls to compute a residual risk. The second tab, ‘Loss Exceedance Curve’, displays the Inherent Loss and Loss Exceedance Tolerance curves, as well as total expected losses. There are collapsed columns that, when revealed, include the Residual Loss curve as well. Finally, there is a tab showing how multiple portfolios can be added up to to make an aggregate LEC.
Chapter 6: Decomposition of One-for-One Substitution Model
Chapter 7: Calibration Questions
Chapter 7: Expected Distribution of Calibration Answers
Chapter 8: Bayesian Threat Intel Example
Chapter 9: Beta Dist Example for Three Industries
Chapter 9: Log Odds Ratio Example
This spreadsheet shows an example of how to use Log Odds Ratios (LOR) to apply several conditions to a single probability. This spreadsheet will estimate the conditional probability of a cybersecurity event given the aggregate effect of several conditions. Further details are given in the areas to the left below.