Most Popular RiskLens Blog Topics of 2019, from NIST CSF to Gartner Advice to Federal Government Cybersecurity

December 26, 2019  Jeff B. Copeland

We took a look back at what most engaged the readers of the RiskLens blog in 2019, and found these five topics in the lead, based on the collective page views of posts covering those subjects. By far, the headlines that most grabbed readers were about the reference of the FAIR™ model by the NIST CSF, while the fastest-rising trend of interest was the introduction of cyber risk quantification in federal government cybersecurity.

Here’s the countdown of the Top Five by popularity to close out the year:


#5  The New RiskLens Platform and Quantitative Risk Management Program Building Services

In September, RiskLens rolled out a fully redesigned version of its platform, “evolving its capabilities from industry leading cyber risk analytics to become a full cyber risk management solution,” with a “robust suite of offerings for implementation of quantitative risk management based on FAIR”, a “major leap forward based on nearly a decade of pioneering vision and execution in enterprise environments.” In December, RiskLens launched “a holistic services approach” to help customers build out their Quantitative Risk Management Program (QRMP), combining “the power of the RiskLens Platform with our long Professional Services experience in cyber risk management.”

Blog posts:

RiskLens Enables Quantitative Cyber Risk Programs with the Industry’s Most Comprehensive Cyber Risk Management Platform

New from RiskLens: Let Us Help You Build a Sustainable Quantitative Risk Management Program

Webinar on Demand: Intro to Building a Quantitative Risk Management Program

 #4  Cyber Risk Quantification Movement Hits the Federal Government

This was the fastest-rising trend in blog readers’ interest in 2019, as officials scrambled to meet directives to create risk-based cybersecurity programs.

Blog posts:

Cyber Risk Quantification Movement Hits Federal Government, DOE in the Lead

GAO Grades Federal Agencies ‘Fail’ on Cyber Risk, Accelerating Movement to CRQ

Jack Freund on the Failure of Federal Cyber Risk Management

Jack Freund: New DHS Directive Shows Need for Cyber Risk Quantification at Federal Agencies


 #3  Encouragement for Cyber Risk Quantification from Gartner

Technology buyers pay close attention to Gartner’s messaging and the buzz at Gartner conferences, and RiskLens blog readers paid extra attention to this year’s development: growing encouragement for CRQ.

Blog posts:

The Gartner Summit Confirmed It: Cyber Risk Quantification’s Time Is Now

Hype Cycle Reports by Gartner Cite RiskLens for ‘Financial Data Risk Assessment’

Gartner 2019 Debate: Quantitative vs. Qualitative Cyber Risk Analysis

Plus, read this post from the FAIR Institute’s blog on the keynote speech to the 2019 FAIR Conference by John Wheeler (photo, right), Gartner’s influential global research leader for risk management technology solutions and services:

Gartner’s John Wheeler: Many Organizations Using IRM and FAIR to Achieve ‘Techquilibrium’


#2   RiskLens Series B Funding and Major Partnerships Announced 

In a flurry of announcements during the spring, RiskLens marked many corporate milestones, including the closing of a $20 million Series B funding, the integration of the RiskLens platform with risk management software leaders Rsam (Galvanize) and ServiceNow (joining RSA Archer, previously announced), and consulting services leaders Protiviti and PwC Australia.


#1   FAIR Model Added to Best Practices in National Institute of Standards & Technology’s Cybersecurity Framework (NIST CSF)

The most popular blog post topic of the year covered the reference to the FAIR model in the Risk Assessment and Risk Management Strategy categories of the most popular cybersecurity framework, the NIST CSF – as we wrote, “an important recognition that good cybersecurity starts with a quantifiable risk assessment, not just a checklist of recommended controls.” The RiskLens platform applies the FAIR model to cyber risk analysis to quantify risk in financial terms.

Blog posts:

NIST Maps FAIR to the NIST CSF, Major Recognition of the Power of Cyber Risk Quantification

Podcast: Jack Freund Explains NIST CSF and FAIR Integration

[Webinar] Combining NIST CSF and FAIR to Drive Better Cyber Risk Decisions