RiskLens Blog

Risk Analysis or Risk Assessment? Know the Difference

Posted December 5, 2018 by Rebecca Merritt

One thing we learn from Factor Analysis of Information Risk (that’s the FAIR model that powers the RiskLens cyber risk analytics platform) is to take a disciplined approach to our thinking and language about risk. ... Continue Reading

Do I Need to Be a Math Nerd to Perform FAIR Analysis? Part 2

Posted November 9, 2018 by David Musselwhite

Welcome back to our discussion of the math knowledge required to perform FAIR analyses with the RiskLens platform (spoiler alert: not much). ... Continue Reading

Habit for Highly Effective CISOs: Begin with the End in Mind

Posted October 31, 2018 by Leanne Scott

At RiskLens, we study and try to exemplify the principles in The 7 Habits of Highly Effective People by Stephen R. Covey, especially Habit 2: Begin with the End in Mind.  ... Continue Reading

Taking the Guesswork Out of Exception Mitigation for IT Audit

Posted October 8, 2018 by Taylor Maze

There are few things in life that are less fun than exception mitigation due to audit findings. In fact, I have compiled a list: root canals, a weekend trip with your mother in law (here’s hoping she doesn’t read my blogs), and 4:30 p.m. Friday meetings. ... Continue Reading

Do I Need to Be a Math Nerd to Perform FAIR Analysis? Part 1

Posted October 3, 2018 by David Musselwhite

Quantitative cyber risk analytics using FAIR is an inherently mathematical endeavor. Estimates for the factors of risk (like loss event frequency and loss magnitude) are expressed using probability distributions ... Continue Reading

How to Assess Human Error in Cyber Risk: Chad Weinman in ‘ThreatPost’

Posted September 25, 2018 by Jeff B. Copeland

What’s the risk from spear-phishing, accidental emailing of customer data or other results of the vulnerabilities caused by humans on your systems? Cybersecurity professionals are often stumped on how to answer ... Continue Reading

What Does RiskLens Risk Reporting Tell Me?

Posted September 4, 2018 by Chelsea Brunson

FAIR risk analyses are great - they allow you to understand cyber risk in dollars and cents. RiskLens is the SaaS platform out there that allows you to conduct true quantitative cyber risk analysis.  ... Continue Reading

Data Breach Case Study: How RiskLens Modeled Risk Mitigation and ROI

Posted August 16, 2018 by Rachel Slabotsky

I recently worked with a large financial services organization to analyze a data breach scenario and determine the potential risk reduction (in terms of dollars and cents) that would result from implementing tokenization on key fields within a database cluster containing PII information. ... Continue Reading

Webinar on Demand: 4 Reasons InfoRisk Analysts Should Know FAIR

Posted August 7, 2018 by Jeff B. Copeland

If you’re looking for a no-prerequisites introduction to the FAIR model for cyber risk analysis and the RiskLens application for cyber risk quantification that runs on FAIR, take under an hour to listen to Cary Wise, our risk consultant and veteran of introducing FAIR to a long list of businesses like yours. ... Continue Reading

Making Your IT Audit Job More Than Compliance

Posted July 16, 2018 by Taylor Maze

In my experience, being an external auditor is kind of like being a parent. Due to being completely centered around compliance, there are a lot of rules that you must enforce ... Continue Reading

Sign Up for Blog Updates

Popular Posts