1. Field of the Present Invention
The present invention relates generally to a system and method for measuring and quantifying risk within a monitored system. More specifically, the present invention relates to a system, method and apparatus for quantifying risk within a monitored information technology (“IT”) system and for providing feedback to improve security risk management measures within the monitored system.
2. Background of the Invention
The main threats to individuals and organizations using information technology are losses stemming from security breaches. These losses include loss of confidentiality, integrity and availability of information technology resources. The financial costs of these losses are difficult to over-estimate as systems, companies and even countries grow increasing dependent on their IT and computer systems (collectively referred to herein as “IT systems”).