TUV Rheinland OpenSky Announces Launch of Cyber Risk Quantification as a Service in Partnership with RiskLens

March 5, 2019  

TUV Rheinland OpenSky and RiskLens partner to deliver comprehensive Integrated Risk Management Services for organizations struggling with cybersecurity risk exposure across all sectors.

Cologne, Germany, Littleton, MA and Spokane, WA, U.S. – January 24, 2019: TUV Rheinland OpenSky, a wholly owned subsidiary of TÜV Rheinland, and RiskLens, the leading provider of cyber risk quantification (CRQ) software and cyber risk management solutions, announced today that they are partnering to bring Cyber Risk Quantification as a Service to organizations across all sectors. The new TUV Rheinland OpenSky offering is powered by the RiskLens Software as a Service platform. RiskLens is the only enterprise platform purpose built on the Factor Analysis of Information Risk (FAIR) model. FAIR, backed by the FAIR Institute, is the de facto cyber risk quantification methodology trusted by more than 30% of the Fortune 1000 and 75% of the Fortune 50.

Cyber Risk Quantification as a Service allows TUV Rheinland OpenSky to provide enterprise-level FAIR analysis on the risks that clients face during their digital transformation journey. New technology, new business to business ecosystems, growing privacy concerns and varying threats create numerous potential loss scenarios. TUV Rheinland OpenSky can help clients identify and analyze those risks using information from assessments, scans and testing using frameworks such as ISO 31000 and NIST 800-30. They can also identify key controls that reduce most of the risk across common loss scenarios.

From there, new questions arise: What is an appropriate amount to spend to treat this risk? What should our cyber insurance cover? How much of my budget should be apportioned to an initiative?

Heat maps with red, yellow and green results do not answer those questions. This service offering does. TUV Rheinland OpenSky’s FAIR-certified consultants will provide annualized loss expectancy to answer those questions and others using information from your experts and other market information. They can even tie in information from their clients’ GRC data and integrate quantification of risks into GRC-based risk registers. CSOs in programs that have tied in FAIR acknowledge that management decision support in security simply did not exist like it does now.

According to Anish Srivastava, CEO and President of TUV Rheinland OpenSky, “The RiskLens platform is a crucial component of security management decision support. Our clients are not only challenged with reporting up to the board, but also making the security case to the investment committee, rationalizing their security portfolios, and rightsizing remediation plans. The FAIR methodology, with true data integration, is timed well in a climate where compliant organizations continue to be compromised by a broad category of losses. We offer our clients services and solutions that empower them in determining the allocation of precious resources.”

According to Nicola (Nick) Sanna, CEO of RiskLens, “TUV Rheinland OpenSky is a strategic advisory, consulting and integration services partner assisting large enterprises in building GRC and risk management programs based around the FAIR standard and now through the use of the RiskLens software platform. RiskLens global reach and proliferation into operational technology (OT) and Internet of Things (IoT) manufacturers through TUV Rheinland OpenSky’s trusted brand and risk assessments as a service will be powered by RiskLens’ risk analysis capabilities.”

Christine Lagarde, Managing Director of the International Monetary Fund (IMF), not only recently identified cyber risk as a top risk but also a “significant threat” to the financial system. That’s why cyber risk quantification has emerged as a risk management necessity. Gartner recently spotlighted cyber risk quantification and endorsed the FAIR-style approach in its “ Integrated Risk Management” Magic Quadrant.

Integrated Risk Management is the natural evolution of Governance, Risk and Compliance (GRC) programs and technology. RiskLens offers the industry’s most powerful and actionable decision-support platform for cybersecurity and risk management teams that is able to assess the financial impact of cybersecurity events. The RiskLens platform arms risk management programs with a robust model for measuring risk in actual dollar, damage, and ratio implications. With this quantitative analysis, organizations can deliver reports to key stakeholders in a business language, prioritize security remediation activities, evaluate ROI of cybersecurity initiatives and optimize security budgets.    

About TUV Rheinland OpenSky

TUV Rheinland OpenSky offers one of the most advanced and integrated portfolios of security solutions and services for connected devices, platforms and Internet of Things (IoT) with the mission to enable a secure and safe digital future. We provide advisory, consulting, systems integration, testing, certification and managed security services for connected platforms in three core disciplines: Advanced Cyber Defense; Mastering Risk and Compliance and Secure Cloud Enablement. Our experts help clients protect information assets, minimize risk and accelerate the adoption of enabling technologies by taking a holistic risk-based approach that addresses Cybersecurity, Privacy, Cloud Infrastructure and Functional Safety requirements to build trusted, connected platforms.

With headquarters in Littleton, MA, TUV Rheinland OpenSky is a subsidiary of TUV Rheinland Group, which operates some of the world’s broadest smart device and IoT testing labs, defining industry standards for functional safety and security, and a leading provider of inspection and assurance services that combine safety, quality and security certifications. For more information on TUV Rheinland please visit http://www.tuvopensky.com

About TÜV Rheinland

TÜV Rheinland is a global leader in independent inspection services, founded 145 years ago. The group maintains a worldwide presence of more than 20,000 people; annual turnover is nearly EUR 2 billion. The independent experts stand for quality and safety for people, technology and the environment in nearly all aspects of life. TÜV Rheinland inspects technical equipment, products and services, oversees projects, and helps to shape processes and information security for companies. Its experts train people in a wide range of careers and industries. To this end, TÜV Rheinland employs a global network of approved labs, testing and education centers. Since 2006, TÜV Rheinland has been a member of the United Nations Global Compact to promote sustainability and combat corruption. For more information on TÜV Rheinland please visit http://www.tuv.com

About RiskLens Corporation

RiskLens is the leading provider of cyber risk quantification software and management solutions. Its platform is recognized as a mission-critical business application for cybersecurity and risk teams across the Fortune 1,000. RiskLens empowers large enterprises and government organizations to manage cyber risk from the business perspective by quantifying that risk in monetary terms. Clients depend on RiskLens solutions to better understand and decipher their cyber risk exposure in financial terms, prioritize their risk mitigations, measure the ROI of their security investments, and optimize their cyber insurance coverage. RiskLens is the only cyber risk quantification software purpose-built on FAIR, the standard quantitative model for information security and operational risk.

For more information visit the RiskLens website at https://www.risklens.com