“… tying in other risk measurements with cyber-risk makes good sense, if only to have everyone using similar models, methods, and/or lexicon for risk management… Perhaps best known among these are the NIST risk management resources, cited by many as a basic compliance checklist. There’s also the Center for Internet Security’s Risk Assessment Methodology (RAM), created by Halock Security Labs.”
via DARK READING