Standardizes Best Practices for Enterprise-wide Adoption of the Factor Analysis of Information Risk (FAIR) Model through the Combination of a Software-as-a-Service Technology Platform, Professional Services and Outcome-based Solutions
RESTON, Va. and SPOKANE Wash., February 20, 2020 — RiskLens, the leading provider of cyber risk quantification (CRQ) and cyber risk management solutions, today unveiled the RiskLens FAIR Enterprise Model™ (RF-EM™) in order to provide an industry standard for the development of quantitative risk management programs based on the internationally adopted Factor Analysis of Information Risk (FAIR) model. RiskLens built this proprietary model from years of experience as the pioneer in cyber risk quantification software; RiskLens was built by the author of FAIR, it is the sole technical advisor to The FAIR Institute; and has gained the deepest industry experience through Professional Services engagements building programs for Global 2,000 and government organizations.
RF-EM™ provides a foundational blueprint for converting the theoretical value of the FAIR model into an enterprise-ready, cyber security decision support capability. Harnessing the power of the RiskLens Software as a Service (SaaS) platform and its Professional Services capabilities for building quantitative risk management programs, RF-EM™ enables the delivery of outcome-based solutions aligned to organizational cyber risk maturity.
“FAIR revolutionized risk management with its standard risk taxonomy and analytics model, but FAIR alone is not enough to build an enterprise program,” said Nick Sanna, Chief Executive Officer at RiskLens. “Harnessing the value of FAIR within an enterprise requires both a powerful software platform that enables scalable data management, applied risk modeling, and streamlined workflows, as well as Professional Services support, in building quantitative risk management programs. What we are doing with RF-EM™ is providing the industry with a clear picture on how to evolve.”
The release of RF-EM™ comes at a time where the cybersecurity industry is rapidly adopting the FAIR standard. The FAIR Institute now counts more than 7,500 security and risk professionals as members, doubling in 2019. The Global 2,000 and Fortune 1,000 have embraced FAIR with 9 out of the Fortune 10, 75% of the Fortune 50, 30% of the Fortune 1,000 and 25% of the Global 2,000 represented in the member base. RSA Conference 2020, arguably the largest cybersecurity conference in the world, has recognized FAIR as one of the industry’s key trends and multiple sessions around FAIR are part of the official agenda.
Further demonstrating the value found in the RiskLens approach, Kelly Uhrich, Senior Vice President and Deputy Chief Information Security Officer at KeyBank had this to say, "RiskLens has been much more than just a software platform for us, they've been a partner in our journey to better cyber risk management. The marriage of their technology, which is the best way to enterprise-enable the FAIR model, with a world-class Professional Services team, has been invaluable. This approach has helped us make the organizational shift to cyber risk quantification a streamlined process, with success-based milestones along the way that have demonstrated continued value to the business."
RiskLens empowers large enterprises and government organizations to manage cyber risk from the business perspective by quantifying that risk in monetary terms. RiskLens is the leading provider of quantitative cyber risk management solutions, which combine software and professional services, designed to enable the creation of cyber risk quantification programs. Its platform is recognized as a mission-critical business application for cybersecurity and risk teams across the Global 2,000. Clients depend on RiskLens solutions to better understand and communicate their cyber risk exposure in financial terms, prioritize their risk mitigations, measure the ROI of their security investments, and meet regulatory demands calling for the quantification of cyber risk. RiskLens is the only cyber risk quantification software purpose-built on FAIR, the standard quantification model for information security and operational risk. For more information visit the RiskLens website at www.risklens.com.