The Risk Data Warehouse in RiskLens allows various members of the organization to centrally manage all of their relevant risk data.
Through RiskLens, business stakeholders get unprecedented visibility into the financial loss exposure introduced from cyber events and the risk issues associated with their various technology assets. This allows them to make well-informed decisions on the right security and risk strategy to adopt.
Risk Analysts get the assurance of defining accurate FAIR analyses thanks to step-by-step guidance and can leverage out-of-the-box industry threat and loss data to accelerate their risk analyses.
In RiskLens you can define, import and store all your critical assets, and manage their intrinsic value so that they can be used automatically in related risk scenarios. This allows stakeholders to view the risks and issues associated with their assets and understand their risk posture.
RiskLens provides comprehensive risk scenario management by helping you define risk scenarios according to the FAIR standard, by storing and managing them, and by tracking how the associated loss exposure of these scenarios evolves over time.
RiskLens accelerates your cyber risk assessment process by providing out-of-the-box industry threat and loss magnitude data collected from a variety of sources and normalized for use in quantitative FAIR risk analysis.
Most business stakeholders – and organizations as a whole – do not know how much risk is associated with their technology assets. Whether it is data, or a business service, or a key application, business strategies have historically been unable to account for the probable financial loss of a cyber event affecting these assets.
RiskLens gives stakeholders visibility into their assets and the probable loss exposure they face from a cyber event – allowing them to make risk-informed decisions accordingly.
Through the Risk Data Warehouse in RiskLens, risk analysts can manage inputs related to the intrinsic value of assets as well as the state of their controls. These inputs are used automatically in risk assessments associated with these assets, which eliminates repetitive data entry and the need for data reconciliation.
Accurately scoping risk scenarios is one of the risk management industry’s biggest issues. Most “risks” cataloged are often just control deficiencies, threats, assets, or other factors of risk.
RiskLens was designed from the ground up to support proper scoping and management of accurate cyber risk scenarios according to the standard FAIR risk model.
In the Risk Data Warehouse found in RiskLens, analysts are guided step-by-step in the discovery, definition, and creation of risk scenarios. The platform helps in the selection of various risk factors (including assets, threat actors, threat effects, threat types, vectors, methods and forms of loss) and scenarios descriptions are automatically generated.
Many organizations lament the lack of available data as an impediment to conducting quantitative cyber risk analyses. They believe that building extensive data gathering and data science programs are a pre-requisite for building a quantitative risk management program. RiskLens addresses the need for industry and reference data by providing data libraries that can be used in risk analyses.
RiskLens’ data science team partners with leading data companies to provide our customers with regularly updated industry data that can be leveraged for risk analyses out-of-the-box. These embedded libraries include industry threat and impact data that describe the costs associated with the loss of PII, PCI, PHI records.
"FAIR is a quantifiable, repeatable methodology that has a proven model behind it that is actually relevant to our business...we can actually articulate risk and threat likelihood and consequences, it gets us in a good position as a trusted adviser to the board."
"When virtually every aspect of the business is quantitative...having the CISO give red/yellow/green heat maps is debilitating to decision-making."
"If CISOs push back on quantifying potential loss, I find that unacceptable as a board director. CISOs need to advance."
"I think that FAIR is just a phenomenal program for being able to develop a consistent and rigorous methodology to reason about and measure and mitigate your cyber risk."
RiskLens helps dozens of organizations around the globe drive better cyber risk management by translating cyber risk into the financial language of business. We can help you completely change your decision making process for cyber security investments.