RiskLens Blog

Case Study: RiskLens Clarifies Complicated Decision on Multifactor Authentication

Posted November 21, 2018 by Tim Wynkoop

I recently ran an analysis for a major bank that I think shows the power of both the FAIR Model for thinking through cybersecurity investment decisions and the power of the RiskLens CRQ platform for quickly running the numbers to support those decisions, often with surprising results.   ... Continue Reading

Data Breach Case Study: How RiskLens Modeled Risk Mitigation and ROI

Posted August 16, 2018 by Rachel Slabotsky

I recently worked with a large financial services organization to analyze a data breach scenario and determine the potential risk reduction (in terms of dollars and cents) that would result from implementing tokenization on key fields within a database cluster containing PII information. ... Continue Reading

Case Study: Risk Management Team Uncovers True Cost of Global IP Theft

Posted June 13, 2018 by Jeff B. Copeland

The access process for the service portal of a global technology manufacturing company had a serious flaw. Once in the portal, anyone could get in and download the materials they needed to compete with the technology company’s authorized partners to service its products. ... Continue Reading

Analyzing the Financial Risk of Ransomware with FAIR

Posted May 3, 2018 by Tim Wynkoop

In 2017, the shipping giant Maersk had to halt its global operations to reinstall its entire IT infrastructure-- 4,000 servers and 45,000 PCs-–after the NotPetya ransomware locked up its machines; the cost in lost business and remediation could hit $300 million. ... Continue Reading

Case Study: How Much Risk Exposure in Office 365 Migration?

Posted January 11, 2018 by Tim Wynkoop

The infosecurity team at a large financial institution had finally hit the dead end on red-yellow-green, subjective measurement. Its residual and inherent risk “scoring system” could produce colorful heat maps. ... Continue Reading

Case Study: Using RiskLens to Meet GDPR and NYDFS Cyber Regulations

Posted October 25, 2017 by Rachel Slabotsky

Regulations such as the EU's General Data Protection Regulation (GDPR) and the NYDFS Cybersecurity Requirements represent efforts to ensure that organizations are taking the right steps to protect sensitive data. While the depth and breadth of these requirements may differ, their primary message is the same - protect your sensitive customer data, or pay a significant price. ... Continue Reading

Sign Up for Blog Updates

Popular Posts