RiskLens Blog

Case Study: What’s the Value of a Data Retention Policy?

Posted February 13, 2019 by Rebecca Merritt

The bank’s infosecurity team was split on the need for a data retention policy. Half of the team didn’t feel they needed to eliminate customer files because customers would likely open another account down the line ... Continue Reading

Case Study: Evaluating ROI of Data Loss Prevention Controls

Posted January 18, 2019 by Taylor Maze

Sometimes, the hardest part of risk management is identifying the areas of weakness within your environment. I would argue, however, that more often than not, the more difficult undertaking is deciding how to address said weaknesses. ... Continue Reading

Three “Surprises” from a FAIR Cyber Risk Analysis

Posted January 17, 2019 by Brock Krawczun

We recently conducted an engagement with a bank analyzing the risk associated with wire fraud. The outcome surprised some of the team who went through the process. One of the biggest overall findings was that the loss exposure was significantly less than expected ... Continue Reading

Case Study: RiskLens Clarifies Complicated Decision on Multifactor Authentication

Posted November 21, 2018 by Tim Wynkoop

I recently ran an analysis for a major bank that I think shows the power of both the FAIR Model for thinking through cybersecurity investment decisions and the power of the RiskLens CRQ platform for quickly running the numbers to support those decisions, often with surprising results.   ... Continue Reading

Data Breach Case Study: How RiskLens Modeled Risk Mitigation and ROI

Posted August 16, 2018 by Rachel Slabotsky

I recently worked with a large financial services organization to analyze a data breach scenario and determine the potential risk reduction (in terms of dollars and cents) that would result from implementing tokenization on key fields within a database cluster containing PII information. ... Continue Reading

Case Study: Risk Management Team Uncovers True Cost of Global IP Theft

Posted June 13, 2018 by Jeff B. Copeland

The access process for the service portal of a global technology manufacturing company had a serious flaw. Once in the portal, anyone could get in and download the materials they needed to compete with the technology company’s authorized partners to service its products. ... Continue Reading

Analyzing the Financial Risk of Ransomware with FAIR

Posted May 3, 2018 by Tim Wynkoop

In 2017, the shipping giant Maersk had to halt its global operations to reinstall its entire IT infrastructure-- 4,000 servers and 45,000 PCs-–after the NotPetya ransomware locked up its machines; the cost in lost business and remediation could hit $300 million. ... Continue Reading

Case Study: How Much Risk Exposure in Office 365 Migration?

Posted January 11, 2018 by Tim Wynkoop

The infosecurity team at a large financial institution had finally hit the dead end on red-yellow-green, subjective measurement. Its residual and inherent risk “scoring system” could produce colorful heat maps. ... Continue Reading

Case Study: Using RiskLens to Meet GDPR and NYDFS Cyber Regulations

Posted October 25, 2017 by Rachel Slabotsky

Regulations such as the EU's General Data Protection Regulation (GDPR) and the NYDFS Cybersecurity Requirements represent efforts to ensure that organizations are taking the right steps to protect sensitive data. While the depth and breadth of these requirements may differ, their primary message is the same - protect your sensitive customer data, or pay a significant price. ... Continue Reading

Sign Up for Blog Updates

Popular Posts