The RiskLens cyber risk analytics platform focusses and automates the data collection side of analysis with data helpers, pre-packaged sets of data drawn from industry data sources or RiskLens' experience with clients, carefully curated and enhanced by the RiskLens data science team for completeness, credibility and relevance to specific industries (healthcare, finance, etc.).
Customers can choose to forgo the data helpers completely and collect data to use for direct estimation, though they typically choose to focus on data selection over data collection and use the provided data helpers as a starting place. As they learn more about their environment, the data helpers can be further refined and tuned by the customer, providing additional precision.
Learn more in this RiskLens webinar: “Assessing Cyber Risk? Start with Industry Data.” Register now to watch on demand.
Here's a look at the six loss types in FAIR risk analysis, and some of the most useful data.
Definition: Losses that result from an organization's inability to deliver its products or services.
What does this mean: When completing an analysis, it's easy to think “if this application goes down, X amount of employees would not be able to do their jobs”. True, however it can have much larger impact than just that. If that application is tied to customer ordering, that also means during the outage customers could not make purchases, creating an organizational productivity loss because staff would be unable to fulfill customer orders. This is sometimes represented in loss of revenue for the time of the outage.
Notice that the main example here is an availability related scenario, however, there can be other scenarios (Confidentiality or Integrity) where a Productivity Loss would come into play.
Data helpers provide:
Support for estimating productivity (in ranges) loss based on these variables:
FAIR Training from the RiskLens Academy - Learn More
Definition: Losses that are associated with managing the event itself. This form of loss will be the most common across your analyses.
What does this mean: If you have ever had a cyber or technology loss event occur within your organization, you have probably held what seems to be endless meetings about the incident. The efficacy of those meetings aside, the time it takes to perform them is a cost you should account for in your analyses, besides the hands-on response work.
Keep in mind you can still have additional response costs even after the incident has been resolved.
Data helpers provide:
Primary Response
Secondary Response
Data may be supplemented with information from your Incident Response, Business Continuity Planning and Legal teams.
Definition: The costs associated with the replacement of a capital asset or a person.
What does this mean: If a server or an office gets damaged or you have to terminate an employee, all of these things have the potential for creating replacement costs. Keep in mind you may have more costs associated with hiring and onboarding a new employee than you may realize.
Data helpers provide:
Data may be supplemented with information from Procurement and HR teams.
RiskLens Pro: A Managed Service for Faster, Easier FAIR Cyber Risk Quantification. Learn more.
Definition: Penalties levied against an organization through civil, criminal or contractual actions, usually the result of a Confidentiality related scenario.
What does this mean: To take an ugly example, a company that suffers a data breach of personal information through poor security practices, and then doesn't publicly disclose it (and in a timely way), could be fined by the Securities and Exchange Commission (SEC), the Federal Trade Commission (FTC), or any one of the states–and then get sued by customers and have to pay on court judgements.
Data helpers provide:
Definition: Losses associated with a diminished competitive advantage.
What does this mean: Your competitor is able to get better at what they are doing because of the loss event at your organization, often for intellectual property loss scenarios. This tends to be one of the harder forms of loss to calculate. An organization might also consider this as reputation damage.
Data helpers provide:
>> General ranges of lost revenue due to competitive advantage loss. Examples: The projected annual revenue attributed to the product or service impacted by the intellectual property theft or the percentage of attributed revenue expected to decrease due to the intellectual property theft
Data may be supplemented with information from your Marketing or Product groups.
Definition: Losses associated with an external actor's perception that the value proposition of your organization has been diminished.
What does this mean: Basically, your organization sells less of its main product due to the loss event occurring. This can be a tricky to calculate because it deals with things outside of your organization's control. Also, it's going to be a calculation highly specific to your organization, and likely to require some serious conversation before reaching a consensus.
Don’t let this form of loss hold up your analysis. Sometimes it's perfectly acceptable to not include this in early analyses until the organization has come to an agreement on how to calculate Reputation damage.
Data helpers provide:
Related:
Just-in-Time Data for Fast, On-Demand Cyber Risk Assessments