How To Evaluate RiskLens: A Common-Sense Approach

Often, potential customers come to RiskLens disenchanted by their experience with other security and technology vendors. They’re disillusioned with salespeople using fear, uncertainty, and doubt (FUD) to over-promise and over-price their solution. Post-purchase, they may be left with empty pockets and a solution that doesn’t really fit their needs.

At RiskLens, we understand these very real concerns and recognize the importance of evaluating a technology purchase from the onset. We offer a gradual, step-by-step process for customers to test our solution so they don’t end up as just another disappointed buyer. In this post, I’ll guide you through the progressive steps we take to help interested parties assess RiskLens and our cyber risk management offerings.

Sample Reports to Determine Relevance 

Our first touch point with interested parties is an informative session where we review product outputs, sample reports, high level workflows, and walk through applicable use cases. Through this process, potential customers understand and can visualize how information risk can be reflected in quantified, financial terms. We’ve found:

  • The application’s reporting capabilities resonate with an executive audience who are looking for better ways to present cyber risk and communicate it in financial terms to their board and the business as a whole
  • Potential users of the tool can appreciate the templetized workflow, purpose-built on FAIR, and how it provides consistency and efficiency in completing quantified risk assessments

As an interesting side note, when there is a fit in moving the organization’s information security program to a risk-based approach like RiskLens, we’ve found that a successful implementation is highly correlated to the level of executive support much more so than the organization’s level of maturity. This is why it is helpful to have all the decision makers involved early on in the evaluation process. More on this topic in a blog here: On the Maturity of an Information Risk Management Practice and RiskLens.

In-Depth Product Demo 

After seeing the reporting capabilities of the RiskLens solutions, many of our prospects want to gain a deeper understanding of how we arrived at the results. It’s at this time that we offer a more in-depth product demo. Prospects gain the next best thing to a hands on experience by viewing a live product demo that walks them through scoping an analysis, the structure and inputs to workshop questions; which ultimately leads to a detailed report expressing the asset’s annualized loss exposure in dollars and cents.

Basically, a product demo aims to answer the question of, “How?”

  • How do you conduct a risk analysis with RiskLens?
  • How do you input and collect data for answering the workshop questions?
  • How much do my analysts need to know about FAIR in order to be successful with this solution?
  • How easy is it to complete a risk analysis and arrive at the reporting?

At this stage, prospects typically tell us, “This is too good to be true. I need to see your solution in my own environment before I can make a decision.” It just so happens that we’ve developed a way to meet this request.

Pilot Implementation of Application

RiskLens offers an opportunity for prospects to test our product’s risk analysis capabilities through a pilot. A pilot is a billable, consulting engagement where a member of the RiskLens Customer Success team comes on-site to conduct 1-2 risk analyses with your analysts, using the RiskLens platform, on a meaningful and mutually scoped risk scenario over 3-4 days. In other words, a pilot is a mini-implementation of the RiskLens software in your own environment. For examples of some of the risk analyses that we have completed recently, please see our Case Studies page.

Scoping a risk scenario for the pilot on an initiative or risk area that matters to your organization is critical to getting the most value out of this exercise. During a pilot, a prospect can:

  • Evaluate the level of effort required to use RiskLens in their own environment
  • Learn how to conduct an end-to-end quantified risk assessment with the RiskLens application
  • Reap the benefits of the quantified analysis output; the equivalent of hiring a high-level and costly consulting firm to conduct a risk assessment

Following a pilot engagement, 90% of our prospects have become subscription customers to the RiskLens platform. We believe this success is largely due to the common-sense approach we take to the evaluation process. By making it easy for interested organizations to engage with us in successive steps that meet their level of interest and need, we have tried to eliminate the disappointment often associated with making a technology investment.