Everything About Your Cyber Risk Assessment Is Wrong
What if the way we’ve been measuring cybersecurity risk is fundamentally flawed? Too often, organizations rely on color-coded charts and gut instinct to make critical risk decisions leading to a false sense of confidence and missed opportunities for real insight.
In this episode, we’re joined by Douglas Hubbard, creator of the Applied Information Economics (AIE) method and founder of Hubbard Decision Research. Doug is also the author of How to Measure Anything in Cybersecurity Risk, and he breaks down why risk matrices fall short, how most people misunderstand measurement, and what organizations can start doing right now to make smarter, data-driven decisions (no math degree or massive data set required!).
Resources > Podcast
Listen to HITRUST’s award-winning podcast, Trust vs.
Hear from experts as we explore the burning questions and challenges that cybersecurity professionals, company leaders, legislators, and suppliers all face. Join hosts Jeremy Huval, Chief Innovation Officer at HITRUST®, Robert Booker, Chief Strategy Officer at HITRUST, and Ryan Patrick, Vice President of Adoption at HITRUST, and a roster of exciting guests as we challenge trust and dive into the world of confidence in cybersecurity.



Podcast Episodes
Aug 14, 2025
AI, TPRM, and the Chaos in Between AI, TPRM, and the Chaos in Between
Risk Management,
AI,
Third-Party Risk Management
Jul 31, 2025
HIPAA Healthcare: Then, Now, and Future HIPAA Healthcare: Then, Now, and Future
HIPAA,
Healthcare,
Compliance
Oct 31, 2024
Fostering the Next Generation of Cybersecurity Leaders Fostering the Next Generation of Cybersecurity Leaders
Leadership,
Cybersecurity
Oct 17, 2024
The Trust Partnership with the Board - Closing the Loop through Accountability and Engagement The Trust Partnership with the Board - Closing the Loop through Accountability and Engagement
Leadership,
Cybersecurity,
Trust
Oct 3, 2024
AI - Our Shared Responsibility AI - Our Shared Responsibility
Shared Responsibility and Inheritance,
AI,
Security
Sep 19, 2024
AI’s Biggest Threat is People AI’s Biggest Threat is People
AI,
Threat Management,
Security
Sep 19, 2024
The AI Conundrum: Security Standards in a World of Innovation The AI Conundrum: Security Standards in a World of Innovation
Risk Management,
AI,
Security
Aug 22, 2024
Cybersecurity Is Strategy — Not Just Settings And Systems Cybersecurity Is Strategy — Not Just Settings And Systems
Cybersecurity,
Security
Aug 8, 2024
The Ransomware Battle on the Cyber Frontier The Ransomware Battle on the Cyber Frontier
Risk Management,
Threat Management,
Ransomware
Jul 11, 2024
Jul 25, 2024
We Promise This Episode on Insurance is Interesting We Promise This Episode on Insurance is Interesting
Risk Management,
Data Security,
Cyber Insurance
May 23, 2024
Rebuilding Trust After The Latest Breach Rebuilding Trust After The Latest Breach
Data Breach,
Healthcare,
Trust
Sep 27, 2023
Sep 13, 2023
Trust vs. Enterprise Risk Trust vs. Enterprise Risk
Risk Management,
Data Security,
Data Privacy
Sep 6, 2023
Trust vs. Third Parties Trust vs. Third Parties
Risk Management,
Cybersecurity,
Third-Party Risk Management
Aug 24, 2023
Aug 2, 2023
Jul 19, 2023
Trust vs. Cloud Trust vs. Cloud
Shared Responsibility and Inheritance,
Cybersecurity,
Healthcare
Jul 5, 2023
Trust vs. Perception Trust vs. Perception
Leadership,
Data Security,
Threat Management,
Cybersecurity
Jun 21, 2023
Trust vs. Compliance Trust vs. Compliance
Data Security,
Cybersecurity,
Healthcare,
Compliance
No results found
X