Are you using tools for cyber risk quantification? What are they?

Security Strategy & RoadmapGovernance, Risk & Compliance
3.7k viewscircle icon1 Upvotecircle icon30 Comments
Sort by:
CISO10 months ago

EPSS
CISA KEV
EXF

Director of IT2 years ago

Have you considered Cyber Quant?

Executive Director, Enterprise Infrastructure & Cybersecurity in Finance (non-banking)3 years ago

CPI and CAAT

Director of IT in Software3 years ago

Yes. RiskLens

Global CIO in Consumer Goods3 years ago

Yes, we use OneTrust GRC.

Content you might like

‘AI’ Business Model – With many components flowing into the AI domain (cost, data, E&C, people, value, strategy, duplication of everything, etc.), I’ve started to think about splitting out ‘AI’ from the operating model and putting it into a separate legal entity. This way, I could manage a) risk and compliance, b) cost, c) resource allocation, d) governance, e) IP, f) revenue generation, etc.

Of course, this isn’t new in general, but I’m especially interested in how this approach could help with the ongoing challenge of ensuring compliance with data privacy and regulations related to LLMs and data access/usage over time.

My question: Is anyone else thinking about this, or has anyone already done it? I know there are examples in the literature, but I wanted to float this here for general comments and discussion.

What models are in place for risk partners based in Line 2? What are the jobs to be done? How do they operate? What does the structure/operating rythms look like?

Read More Comments

Has your company pursued any cybersecurity accreditations or certifications strictly for cyber insurance policies? (select all that apply)

Yes, we have pursued new accreditations or certifications strictly to help reduce our cyber insurance premiums25%

Yes, we have pursued new accreditations or certifications strictly to obtain cyber insurance54%

No, we have not pursued new accreditations or certifications strictly for reasons related to cyber insurance38%

We do not have cyber insurance10%

Not sure1%

View Results

How are you currently managing SIEM costs? Have you found effective ways to actually reduce storage costs for your SIEM?

Read More Comments

What is the top data governance issue?

Limited resources11%

Siloed data40%

Lack of leadership23%

Poor data quality & context18%

Lack of data control5%

Other (please explain in the comments)

View Results