It’s no secret we live in a world of opinions but as Deming put it, “without data you are just another person with an opinion.” In our business of decision science, we teach that, if there is a chance of being wrong, and a cost of being wrong it can be measured. Said differently, and to paraphrase my boss’ first book, “you can measure anything” you just need the right tools – this by the way, is not an opinion, it’s a mathematical claim that can be proved.
One problem is that we often measure what is obvious or most visible. Then, we erroneously assume that whatever it is we measured has some significant impact on an outcome of some decision – the decision to implement a sales portal to increase business, as an example. We observe that often the variable measured, such as upfront development costs, may have little or no impact on the decision.
What we tend to find is that often the variable that would have made the most significant impact as to whether to accept or reject the investment is something we never thought of before or something we perceived as immeasurable. In our business we often find that organizations measure almost exactly the wrong things. This is known as the measurement inversion and its application is broad and includes many of the hot-topics of the day, such as cybersecurity.
I read a variety of technical journals including some in Information Technology. I see countless adds for products in the cybersecurity sector: from antivirus software to firewalls. If this is your field of expertise, and it is not mine, how do you know the value of these products? Think about it: how do you know the real dollar value of a particular control, such as antivirus or malware? Moreover, how would you know if that particular control can effectively mediate your single biggest cybersecurity risk? For that matter, what is your single biggest cybersecurity risk? Doug Hubbard, author of How to Measure Anything (Wiley, 2007, 3rd Ed., 2014) released a new book, How to Measure Anything in Cybersecurity Risk with co\author Richard Seiersen, to answer these questions and more.
Doug will be delivering two live seminars this April in Chicago. One in cybersecurity and the other in project management. The dates are as follows:
April 18th: How to Measure Anything in Cybersecurity Risk – This full-day seminar draws on techniques in his new book of the same title. This session will completely change how you look at assessing risk in cybersecurity. Learn how to replace current popular methods with quantitative solutions that have actually been measured to outperform traditional methods.
April 19th: Doug will deliver his newest seminar, How to Measure Anything in Project Management – This new installment in Doug Hubbard’s successful “How to Measure Anything” series, will reveal how quantitative methods, using prepared spreadsheet templates, can be applied to even the most difficult measurement problems in project management.
For more information and to register click here.
