Designed for Cyber Risk Quantification

RiskLens is an enterprise ready, Software as a Service (SaaS) platform that enables Security and Risk teams to quantify and manage cyber risk from the business perspective.

Purpose-built on the Factor Analysis of Information Risk (FAIR) model, the only standard quantitative model for cybersecurity and technology risk, the RiskLens Platform integrates advanced quantitative risk analytics, best-practice risk assessment and reporting workflows; industry specific loss data, and data from your security ecosystem, into a unified suite of applications built specifically for business-oriented CISOs and CIROs.

Software as a Service for Quantitative Cyber Risk Management Programs

RiskLens is trusted by dozens of the world’s largest companies across nearly every vertical industry. The RiskLens SaaS platform is the easiest and most effective way to build a quantitative risk management program. RiskLens makes it easy to address the complexities of quantifying, managing and reporting on cyber risk by providing a simple to use, intuitive platform.

How Does RiskLens Work?
  1. Model your environment (assets, relevant threat communities, controls)
  2. Develop risk scenarios (apply data regarding threat activity, control conditions, forms of loss)
  3. Quickly triage scenarios based on their significance and prioritize those that require further analysis
  4. Run simulations (calculate loss exposure with Monte Carlo simulations and run sensitivity analysis to identify areas for improvement)
  5. Generate risk analytics reports (annual loss exposure, loss exceedance, top risks, forms of loss, cost-benefit, etc.)
  6. Manage your risk portfolio (track loss exposure over time and proactively manage your organization’s risk)

Standards Based

RiskLens is the only enterprise-class solution purpose built on the FAIR model. You gain peace of mind knowing that your analyses leverage an established taxonomy and an analytics model that have been adopted as an international standard and have passed extensive due diligence reviews by industry leading organizations.

FAIR is an international standard of the Open Group, a global standards consortium supported by over 600 large companies, governments and academic institutions. By applying a consistent and well defined standard analytics model, organizations are able to consistently define, measure and manage cyber risk.

Today, FAIR is the most widely adopted risk quantification model in the world, including at 8 out of the Fortune 10, 75% of the Fortune 50, 50% of the Fortune 100 and 30% of the Fortune 1000.

Advanced Computational Engine

The RiskLens computational engine uses Monte Carlo simulations to calculate the loss exposure of modeled risk scenarios. This technique allows for the variance in the input data entered with betaPERT distributions to be considered, so that the full breadth of the probable losses is explored.

Multi-Scenario Aggregation

Because of the unique way in which RiskLens uses Monte Carlo simulations in combination with the FAIR model, the platform allows for the aggregation of multiple risk scenarios as well as the calculation of individual scenario results.

  • Explore the full scope of an enterprise analysis from the executive view point, to the individual analysis at the analyst level
  • Aggregate loss exposure is available for the entire enterprise or by department, asset, threat community and more
  • Quickly be informed of where loss exposure is concentrated across your organization
Stress Testing with Sensitivity Analysis

Additionally, the computation engine supports Stress Testing, a sensitivity analysis which allows an organization to identify potential areas of improvement across the entire risk analysis.

  • Sensitivity analysis recomputes the entire analysis, modifying one input at a time – for all inputs – by 1%, 5%, 10%, 20%
  • By isolating each input, the computational engine is able to measure the aggregate average impact on loss exposure of the modified input
  • This allows risk analysts to identify potential areas for improvement within enterprise analyses that may contain thousands of inputs

Risk Modeling

RiskLens has tackled the complexity of effectively analyzing cyber risk across the enterprise and dramatically simplified the process of modeling risk scenarios.

Simple, Clear Scenario Modeling
  • Easy, point-and-click process for identifying which assets, threats and forms of loss to include in your analyses
  • Scenario iterations streamline the process for modeling and tracking how conditions change over time
  • Simple process for performing multiple “what-if” versions of an analysis to explore where points of control-leverage or fragility exist
Flexible and Adaptable

No two organizations have the exact same risk landscape, so RiskLens has been designed to enable you to describe the unique risk landscape you face

  • Choose the level of granularity you need given the problems you’re trying to solve, the type and quality of data you have and the resources you have to perform the analysis
  • Add, subtract or refine the assets you’re protecting, the threats you face and the controls you have at your disposal
  • RiskLens allows you to reflect your organization’s business structure by defining and focusing on specific business units and/or business processes

Decision Support

Make better strategic decisions by finally having a true understanding of cyber risk in financial terms. Compare and contrast various decisions based on overall risk reduction, look at security investments through a cost/benefit lens, and finally have a mechanism for analyzing complex risk scenarios.

Risk Portfolio

RiskLens becomes the system of record for all things cyber risk. Maintain visibility into top risks, establish and measure against corporate risk appetite, set KRIs and KPIs and manage against them through RiskLens Risk Portfolio.

Issue Management

Finally have a way to prioritize a seemingly endless number of remediation efforts. Focus your teams on the issues that matter most - those that represent the biggest potential for financial harm to the organization. Completely change the way you manage day to day security operations by truly aligning it to business risk.

Understanding the RiskLens Platform

Cyber Risk Quantification (CRQ) is now viewed as a core pillar of any effective Integrated Risk Management program. This short explainer video walks you through the RiskLens Platform and gives you a glimpse into your future as a top tier cyber risk management organization.

Understanding the RiskLens Platform

Cyber Risk Quantification (CRQ) is now viewed as a core pillar of any effective Integrated Risk Management program. This short explainer video walks you through the RiskLens Platform and gives you a glimpse into your future as a top tier cyber risk management organization.

Learn More about RiskLens

April 18, 2018
4 Powerful Ways to Use the RiskLens Cyber Risk Quantification Platform
Continue Reading
September 22, 2017
2 Tips for Smarter, Faster Risk Analysis
Continue Reading
June 27, 2018
3 FAQs about RiskLens and FAIR Cyber Risk Quantification
Continue Reading

"If CISOs push back on quantifying potential loss, I find that unacceptable as a board director. CISOs need to advance."

James Lam, Director, E*Trade

"When virtually every aspect of the business is quantitative...having the CISO give red/yellow/green heat maps is debilitating to decision-making."

Jack Jones, Creator of FAIR and Co-Founder at RiskLens

Request a Meeting Today

See how the RiskLens Platform enables better cyber risk management. Request a Demo Today!

Request a Demo