top of page


The Monaco Risk
Blog
Posts about a new approach to cybersecurity risk management that bridges the gap between security teams who generate technical metrics and business leaders who manage risks in financial terms.


The Cybersecurity Metric for Business Leaders
Traditional control metrics do not resonate with business leaders because they are not tied to cyber-related business risks. Co...

Bill Frank
Feb 212 min read


Cyber Risk Quantification Models: FAIR™ vs GRAACE™
INTRODUCTION This article picks up where I left off in, Modeling Cybersecurity. In that article I defined modeling, the reason for...

Bill Frank
Feb 28, 20248 min read


Modeling Cybersecurity
Introduction Modeling is a strategic and proactive approach to understanding, managing, and mitigating risks in the ever-evolving...

Bill Frank
Feb 15, 20247 min read


Restructure Your Risk Register for Risk-based Compliance
This is Part 2 of my “Risk-based Compliance” series of articles - how to move security from Compliance-based Risk to Risk-based...

Bill Frank
Sep 6, 20235 min read


Why Move Cybersecurity From Compliance-based Risk to Risk-based Compliance?
Compliance-based Risk Management is often adequate for regulatory and customer trust frameworks but is of little use in managing...

Bill Frank
Jun 21, 20236 min read


Why bother with CRQ?
Cyber Risk Quantification (CRQ) is getting hyped again as the cure-all for cyber risk management. Is it? No, because it’s not needed for...

Bill Frank
Feb 28, 20232 min read


The Cyber Defense Graph™
Monaco Risk's core technology innovation - the Cyber Defense Graph The core innovation of our Monaco Risk's Cyber Control Simulator (CCS)...
Bill Frank
Jan 6, 20232 min read


Cybersecurity Risk Management Transformed
... from a compliance requirement to a decision-support process for prioritizing and justifying control* investments. Link the technical...
Bill Frank
Apr 28, 20226 min read


The Other Ransomware Dilemma
The most discussed dilemma organizations face about a ransomware attack is whether to pay the ransomware or not. The other dilemma is how...
Bill Frank
Aug 10, 20214 min read
bottom of page