Does is make sense, in a mathematical and practical senes, to look for 'probability of exploit'?
How does 'game theory' apply here?
How do intelligent adversaries figure into these mathematical models?
Is probabilistic risk analysis compatible with a game theory approach?
Discussing how adaptive adversaries figure into our mathematical models of predictability...
How do we use any of this to figure out path priorities in the enterprise space?
An interesting analogy to the credit scoring systems we all use today
An interesting discussion of 'unknowns' and 'black swans'
Fantastic *practical* advice for getting this data-science-backed analysis to work for YOUR organization
Lisa Leet - Lisa is a wife of 17 years, a mother of 5 years to boy/girl twins, and an employee of 7 years on the Information Security team at a Minneapolis-based financial services firm. She is also an intern at Stamford Risk Analytics (Stamford, CT), pursuing studies at Stanford University, prepping for her CISSP Exam on July 15th, taking MOOCs, and reading at least twelve books concurrently including a 1600-pager on Python. In her free time she volunteers on the Board of Directors for SIRA (Society of Information Risk Analysts) and participates in awesome podcasts like DtR.
Russell Thomas ( @MrMeritology ) - Russell is a Security Data Scientist in financial services, and a PhD student in Computational Social Sciences. His focus is on the intersection of information security and business and economic decision making. He’s “MrMeritology” on Twitter, and blogs at “Exploring Possibility Space” (http://exploringpossibilityspace.blogspot.com/).
Bob Blakley - Bob has been in the security industry for more than 35 years. He's led the OMG CORBAsecurity, SAML, and OATH standardization efforts, and currently chairs the NSTIC Identity Ecosystem Steering Group. He's in the drama department at a large multinational financial institution.