RiskLens Blog

What Is FAIR Training?

Posted May 3, 2017 by Tim Wynkoop

FAIR training is a unique opportunity to obtain an in-depth look at how Factor Analysis of Information Risk (FAIR) really works. FAIR is the model that powers the RiskLens platform. It’s a beautifully logical way to understand risk by breaking it down into component parts. This enables organizations to quantify risk, that is, communicate risk in financial terms. We really enjoy spreading the word on the power of FAIR - you might even say we’re on a mission.

... Continue Reading

Vote for RiskLens: 2017 Cyber Risk Awards

Posted May 3, 2017 by Vanessa McCoy

We're humbled to share that we've been nominated in Advisen's 2017 Cyber Risk Awards as a contender for the title "Cyber Innovation of the Year" for our Cyber Risk Quantification (CRQ) application.

... Continue Reading

In a Top-10 Risks Analysis, Get These 2 Factors Right

Posted May 2, 2017 by Cody Whelan

I just wrapped an engagement analyzing a bank’s top 10 risks with RiskLens, and the results were surprising: One of the risks the bank’s infosecurity team most feared turned out to be not much of a concern while another risk that was flying under their radar in fact had the potential to do them serious harm.

... Continue Reading

What Does RiskLens Risk Reporting Tell Me?

Posted April 27, 2017 by Chelsea Brunson

RiskLens is great because it allows you to do cyber risk quantification in dollars-and-cents terms. 

To make things better, the work flow is easy: ... Continue Reading

How to Unscramble Your Risk Register with FAIR [Video]

Posted April 26, 2017 by Chad Weinman

The risk register: A manifesto for rallying your organization, pointing it in the right direction, and marching everybody toward effective risk management. Anyway, that’s the idea.

... Continue Reading

RiskLens Risk Quantification Platform To Integrate with RSA Archer's Risk Register

Posted April 25, 2017 by Bryan Smith

I'm pleased to announce that RiskLens, Inc., the leading provider of Cyber Risk Quantification (CRQ) solutions, is releasing an integration between our risk quantification platform and RSA Archer’s Risk Register. The integration enables risk information to be delivered in a language both technical and non-technical business executives can understand, the financial language of dollars and cents.

... Continue Reading

Bridge The Gap Between Cybersecurity And Business Needs: Isaiah McGowan Speaks At AtlSecCon

Posted April 20, 2017 by Vanessa McCoy

[Updated] How does risk-based cybersecurity align with business objectives? That’s the question Isaiah McGowan, RiskLens Sr. Risk Consultant, is prepared to answer at AtlSecCon, The Atlantic Security Conference (April 27-28), in Halifax, Nova Scotia, Canada.

... Continue Reading

CISOs and Boards of Directors Are Far Apart (But Can Close the Gap), New Survey Says

Posted April 18, 2017 by Jeff B. Copeland

Some painful, but necessary, reading for CISOs: A new survey breaks down just how far off CISOs are in their efforts to communicate to boards of directors.

The Cyentia Institute, a cybersecurity research firm (sponsored by risk management consultants Focal Point) interviewed more than 100 CISOs, corporate directors and other experts. The bottom line:

... Continue Reading

Top 6 Websites for Data Breach News and Other Cybersecurity Updates

Posted April 18, 2017 by Rebecca Merritt

I need to keep up with the latest in data breaches and other hacker attacks for my work advising corporate and government clients on how to understand their risk in financial terms. But it’s easy to get lost in all the blogs and feeds covering cybersecurity news. To filter the flow, I regularly check these six sites. I find that they’re always up to date and help me spot new and interesting trends in information security.

... Continue Reading

What CISOs Need to Know about the Proposed Cybersecurity Disclosure Act

Posted April 13, 2017 by Jeff B. Copeland

Now working its way through the U.S. Senate, the Cybersecurity Disclosure Act of 2017 is a simple bill that would have a far-reaching effect: To “make sure companies disclose to the public the basic steps they are taking to protect their businesses from cyber attacks,” as co-sponsor Sen. Susan Collins (R-ME) framed it.

... Continue Reading

Sign Up for Blog Updates