Jones, J. A. (2006). An Introduction to Factor Analysis of Information Risk (FAIR). Norwich University Journal of Information Assurance (NUJIA), 2(1), 1–66. This resource is important because it provides you with an introduction to the FAIR methodology for quantifying cyber risk.
Amin, Z. (2019). A practical road map for assessing cyber risk. Journal of Risk Research, 22(1), 32–43. This resource is important because it exposes you to quantification methods of cyber risk and a roadmap to achieve that effort.
Graubart, R. & Bodeau, D. (2016). Risk management framework and cyber resiliency. MITRE Corporation. This resource is important because it is a good overview of the topic of cyber resiliency and how cyber risk management plays a role in that endeavor.