The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which has held a historical role giving its critical infrastructure partners and federal civilian agencies the data and capabilities they need to defend themselves, is now “the nation’s risk adviser,” said former director Chris Krebs, in a keynote talk today at Check Point’s CPX 360 conference
As director, Krebs was tasked with ensuring CISA understood the risk landscape as much as possible, and provided the right information, resources, and tools to partners so they could make risk management decisions. In the world of federal civilian agencies, 101 are responsible for their own risk management decisions, just as in the private sector or infrastructure space.
At the virtual conference, Krebs explained how CISA approached the world through the lens of the risk formula: risk equals threat times vulnerability times consequence – “with a little bit of likelihood dashed on top,” he noted.
“The importance of this risk formula, as we saw it, was that it did not just…
