Slovak Arrow – from asset protection to risk analysis and management, from qualitative charlatanism to quantitative assessment (7 min)
Cyber risk has a price in euros – and the CRQ methodology can calculate it. If risk cannot be calculated, can we tolerate it at all? New Slovak legislation shifts the emphasis from ‘critical asset protection’ to systematic risk analysis and management across the entire interconnected ICT/OT environment, including the supply chain. The current methodology for risk analysis and management explicitly allows for the quantitative expression of risk in monetary terms and lists CRQ/Open FAIR methods as a legitimate option for meeting the requirements of the law.
The Czech-Slovak QICS community responded to this European first with an article entitled ‘Slovak Arrow’. The presentation and subsequent discussion will briefly outline how to bring cyber risk work to a level of management and decision-making that is understood by both the CFO and the CEO, as well as what the profession of a CRQ specialist entails.
The Czech-Slovak QICS community responded to this European first with an article entitled ‘Slovak Arrow’. The presentation and subsequent discussion will briefly outline how to bring cyber risk work to a level of management and decision-making that is understood by both the CFO and the CEO, as well as what the profession of a CRQ specialist entails.
Sign in to ITAPA AI 2025
Michal Hanus
Quant In Cyber Security
A cyber risk tamer and visionary who turns guesswork into exact financial losses. With a background in quantum and computational chemistry, he brings the rigor and accuracy of mathematics to cybersecurity. After 20 years in international IT consulting, service management, and architecture, he is disrupting traditional qualitative models and high…
