Episode description
Notas do show
In this special episode, hosts Adrian Sanabria and Alexandre Sieira sit down with Tony Martin-Vegue, author of the upcoming book Heatmaps to Histograms: A Practical Guide to Cyber Risk Quantification. Tony shares his journey from IT and cryptography to becoming a leading voice in cyber risk quantification, including his six years building Netflix's risk quantification program from the ground up.Tony Martin-Vegue brings over two decades of experience in IT and information security. With an economics degree that his mentor recognized as ideal for risk management, Tony has built cyber risk quantification programs at several large companies. Most recently, he spent six years at Netflix where he led approximately 3,000 FAIR-based risk assessments. He now runs his own consulting and advisory firm while promoting quantitative approaches to cyber risk.Resources Mentioned in the Episode:
- The website for Tony’s book: https://www.heatmapstohistograms.com/
- Link to Solar Winds breach: https://en.wikipedia.org/wiki/2020_United_States_federal_government_data_breach
- Link to Colonial Pipeline breach: https://en.wikipedia.org/wiki/Colonial_Pipeline_ransomware_attack
- The Scoville Scale: https://en.wikipedia.org/wiki/Scoville_scale
- How to use Monte Carlo simulations in Excel: https://support.microsoft.com/en-us/office/introduction-to-monte-carlo-simulation-in-excel-64c0ba99-752a-4fa8-bbd3-4450d8db16f1
- The FAIR Institute: https://www.fairinstitute.org/
- The FAIR Framework: https://www.fairinstitute.org/blog/integrating-fair-models-a-unified-framework-for-cyber-risk-management
- How to Lie with Statistics: Information Security Edition https://www.youtube.com/watch?v=p3jJnl99Lmc
- Cyentia’s IRIS Retina Report https://www.cyentia.com/services/iris-risk-retina/
- Verizon’s 2025 Data Breach Investigations Report: https://www.verizon.com/business/resources/reports/dbir/
