Sharpen your skills in IT risk management
Dive into our knowledge centre
Here, you will find insights and expertise on risk management, quantification, and cybersecurity. Our experts regularly publish articles on current topics to help you understand and manage risk within your organisation.
Whether you need a strategic overview or technical details, our goal is to provide relevant and practical knowledge.
The typical leap into the darkness ends with a broken nose
A crisis plan is useless without practice. Real resilience comes from training, adapting, and learning from mistakes. As Mike Tyson said, “Everyone has a plan until they get punched in the mouth.” Train for the punch—so you can keep moving forward.
How to mitigate ransomware risk through data and risk quantification
Erik Sørup Andersen has collaborated with Henry Stewart Publications on a peer-reviewed article.
The article provides an in-depth analysis of ransomware risk and the importance of using quantitative methods to assess and mitigate this risk.
Move Beyond Guesswork: Elevate Your Cyber Risk Management with Data-Driven Quantification
CRQ replaces guesswork with data-driven insights, prioritising risks by financial impact. Early adopters gain the edge. Waiting for perfect data means falling behind, while those who act can strengthen resilience and drive better outcomes.
Are you covered? quantifying cyber risk for insurance and strategic decision making
Quantifying cyber risk helps organisations secure better coverage, reduce premiums, and align policies with actual exposure. A data-driven approach ensures smarter insurance decisions, stronger protection, and more cost-effective risk management.
WEBINAR: QUANTITATIVE IT-RISK ASSESSMENTS – TOOLS AND TECHNIQUES
Thursday, December 7, 2023 was an important day for ACI.We held our December seminar on IT Risk quantification.We were proud that more than 180 people had signed up for the seminar from more than 100 organizations across Europe.We shared...
Part Two: ‘We Should Never Have Said That’ and How to Avoid It Being Used Against You Before It’s Too Late
Earlier this year, the first part of this article was published. It’s a good place to start to learn why you want to understand your company’s attack surface. Websites and online databases tend to over-share – you should aim to limit this. But some...
Ask fewer and better questions – Right now!
In a previous article, When a robot gives better estimates than a human, Bo Thygesen from ACI describes how we use the LENS model to avoid human bias and have a “robot” estimate probability and loss for...
Webinar: An introduction to quantitative methods for cyber risk management
Almost daily, we hear about how cyber threats and IT risks increase globally across industries. Sadly, the methods and tools used for IT risk management today do not deliver the consistent decision support that organizations need. On March 23rd...
ISO 27005 – What is it and how Is it Wrong About Quantitative Risk
The International Standards Organization recently published an updated version of their guidance for information security risk management, but they have missed the mark entirely on quantitative methods. What is ISO 27005? The ISO/IEC-27005 is one...
Sign up for our newsletter
Receive the latest articles and analyses directly in your inbox.