“Cyber risk quantification for all” is the promise of the new My Cyber Risk Benchmark tool introduced at the first quarterly event in the 2022 FAIR Conference series by RiskLens, the FAIR Institute’s technical adviser. As RiskLens product manager Taylor Maze and data science manager Ben Gowan presented, the tool is designed for organizations that want to get started with cyber risk quantification but don’t yet have the staff or the data to launch a program of their own.
Watch the video of the RiskLens presentation:
Unveiling My Cyber Risk Benchmark: Risk Quantification for All at the Q1 event in the FAIRCON event series for 2022. FAIR Institute membership required to view. Join the FAIR Institute now..
My Cyber Risk Benchmark offers on a self-service basis:
- A readout on cyber risk in terms of probable loss magnitude and cyber event occurrence for seven common types of risk (ransomware, DDoS, etc.), specific to a wide range of industries.
- A look at the same lineup of risks customized to an organization based on its data, for benchmarking against industry norms.
- A detailed breakdown of the key determinants of those risks and a rating of the organization’s security posture to help guide investment decisions.
- Easy-to-grasp reporting suitable to present to business leaders.
Ben and Taylor also lifted the hood on the engine driving My Cyber Risk, starting with data sources such as Veris Community Database (VCDB), Advisen and SecurityScorecard; “every figure is based on real scans, real events and real losses,” as Ben said. The RiskLens data science team curates the data based on its own insights—for instance, how number of database records or dollar value of revenue affect risk – that make the estimating “coherent, scalable and repeatable” across thousands of scenarios.
You can try a free version of this reporting with a cyber risk report for your industry.