Talk about positive feedback – the RiskLens team heard buzz about cyber risk quantification and FAIR™ everywhere at this week’s RSA Conference 2020. RSA itself had set the tone before the conference, naming risk frameworks –including the FAIR standard for risk quantification that’s a key element of the RiskLens FAIR Enterprise Model RF-EM™ – as one of the top themes of the year in its trend report.
Among the events RSA scheduled centering on FAIR:
Off-campus, the FAIR Institute’s annual breakfast meeting featured speakers from Fannie Mae and Ascena Retail, discussing their quantified risk management program implementations (see the Institute’s blog post on the breakfast for details). The RiskLens Academy ran a well-attended two-day FAIR Fundamentals course.
Meanwhile, the RiskLens crew was all fully scheduled with client and prospect meetings, talking up the newly introduced RF-EM.
The meetings offered a good cross section of the current thinking on the state of risk management, and here are the takeaways from RiskLens CEO Nick Sanna:
“I’ve been in meetings with industry leaders in security, IRM, risk ratings, third party risk management vendors and application security vendors.
“They are getting requests that the value of their solutions be articulated in business terms.
“All of these categories are coming to the conclusion that cyber risk management in the future will be quantitative and the model that will be used in the future is FAIR and the best platform to do quantitative cyber risk management at scale is RiskLens.
“This is leading us to consider integrating with many of these players over the course of the next year, and ensure that quantitative risk assessments become embedded in wider cybersecurity strategies.”
RiskLens already is integrated into leading GRC and IRM platforms – that’s Orion Suydam, Vice President of Product in the photo demonstrating the RiskLens-ServiceNow integration at RSAC 2020 – but stay tuned.
RiskLens is leading a revolution in the way cyber risk is assessed, measured and managed by bringing to market a Software as a Service solution that makes cyber risk quantification a reality.We help organizations translate cyber risk from the technical into the economic language of business.Schedule a Demo