The benefits of cyber risk quantification in the modern cybersecurity landscape

2022-04-12 03:30

Kovrr and SANS Institute released their joint survey that reveals enterprise motivation and impact of cyber risk quantification in the modern cybersecurity landscape.

Primary CRQ use cases include cyber budget allocation, board reporting and governance, cyber insurance and risk transfer options, M&A cyber due diligence and for capital reserve and management strategy.

"We are excited to see companies accept cyber quantification as a necessity, but Boards must be careful in selecting the right approach for continuously, and cost effectively, evaluating risk management strategies."

Other key insights on the impact of cyber risk quantification 76% of respondents perform a routine risk assessment only once a year, which is not adequate given the changing nature of today's cyber risks.

"Financial quantification is still a relatively new area for security and risk management professionals but has quickly become invaluable to precisely align cyber risk budgets against the level of actual organizational risk," said Barbara Filkins author and research director of SANS Institute.

"Using a model-based approach for financial quantification can support a proactive security program and help identify where the major element of risk might be coming from, determine the ways to reduce the risk, and demonstrate why previous risk management controls were unsatisfactory."

News URL

https://www.helpnetsecurity.com/2022/04/12/cyber-risk-quantification-impact/

#cyberrisk #cybersecurity