Financially Quantify Cyber as a Business Risk
RQ bridges the gap between security leaders and the C-Suite, answering the question, "Where should I place my next cyber investment?" Quantify in dollars your security risk so you can prioritize your spend.
How It Works
A step-by-step wizard guides you through input of business and technical data. Risk mitigation guidance and projected ROI computations are built in to RQ's Risk Engine. Plus, they automatically update as new information is ingested. RQ generates recommendations specific to your environment, and business loss exposure in real dollars.
Relationships between business functions and technical assets are mapped from the top-down. Constantly managing these dynamic ties enables RQ to:
- Trace which business assets are reachable by possible and probable attacks,
- Evaluate efficacy of existing controls,
- Compute loss events in financial terms.
Cyber Risk Register
Risk computations drive three forms of analyses:
- Financial Impact Analysis: summarizes business loss exposure by loss types, including data loss, business disruption, and reputation loss.
- Recommendation Analysis: outlines control improvements to reduce loss exposures and supports calculated ROI to justify risk mitigation.
- Potential Attack Analysis: details current security posture and correlates loss events to attack types and vectors.
Specific to Your Business
A step-by-step wizard ingests two channels of data within an organization to facilitate an inside-out assessment of cybersecurity risks:
Technical Environment Data:
- Network Device Data
Business Application Data:
- Key Business Processes
- Supporting Applications
- Loss Exposures