It gives CISOs the ability to prioritize risk mitigation efforts using a quantification-based assessment of the business and financial impact that a breach or vulnerability would expose. The quantification of cyber risk will empower CISOs to better communicate the impact in financial terms at the board and senior management levels of an organization
RSA, a global cybersecurity company delivering Business-Driven Security solutions to help manage digital risk, unveils the RSA Archer Cyber Risk Quantification use case that helps business users quantify their organizations’ financial risk exposure to cybersecurity events. It gives CISOs the ability to prioritize risk mitigation efforts using a quantification-based assessment of the business and financial impact that a breach or vulnerability would expose. The quantification of cyber risk will empower CISOs to better communicate the impact in financial terms at the Board and senior management levels of an organization.
Between the constant expansions of today’s technology infrastructures and the ever-growing number of cyber threats, organizations struggle to identify, understand and translate cyber risk into business risk. Many organizations’ current cyber risk management processes are manual, leading to disconnected efforts, ineffective controls, or piles of data with little actionable value. According to Gartner, “Digital risk leaders need an enterprise-wide view of risk to bridge the communication gap with CEOs and to articulate the potential risk impact on the business outcomes that their organizations value most.”
“Under the threat of high-profile cyber attacks and data breaches, executives and corporate Boards are starting to ask more informed questions about their organizations’ risk exposure,” said David Walter, Vice President, RSA Archer. “RSA Archer Cyber Risk Quantification gives security teams the tool they need to quantify and communicate their cyber needs in a language that business leaders can easily understand. This helps clarify priorities for security investments, and also helps with planning for risk transfer methods such as cybersecurity insurance.”
“The global information security market is forecast to grow at a CAGR of 8.1% to reach $121.6 billion in 2021,” However, according to Cybersecurity Ventures’ Official 2017 Annual Cybercrime Report, cybercrime damages, such as loss of data, theft of IP and fraud, will cost companies US$ 6 trillion annually by 2021. Prioritizing and rationalizing investments to improve an organization’s security posture, or deciding to transfer risk, is becoming a significant challenge for CISOs today.