The multifaceted nature of network security reminds one of the ancient fable, the parable of The Blind Men and the Elephant, where the blind men (or security risk researchers today) are touching the elephant (or network security) to understand what it really is or isn’t, because they have never encountered an elephant before. One man touches the elephant’s tusk, and the other its side, while another touches its tail and yet another its trunk. When they reunite to discuss their findings, they cannot agree what the elephant looks like; such as one thought the trunk was a snake, and the other imagined a tree branch, and so it goes. Much the same happens when it comes to cyber-risk assessment and management. Network security is such a complex, multifaceted topic that cyber-risk specialists are like the veritable blind men grasping at parts and unable to understand the elephant completely. This book’s intent is to provide a timely remedy to that symbolic “elephantine” metaphor’s puzzle by providing a holistic-theoretical and philosophical as well as practical, user-friendly and useful, and application-oriented within a well-grounded holistic approach to network security risk assessment, such that those blind men will no longer be so unfamiliar with the elephant! The universal message here is not seeking total “security” (a perfect knowledge of the elephant by seeing it, never to happen for the blind men), however focusing on managing the “insecurity” (understanding ...