(ISC)2, PivotPoint Risk Analytics to Promote Need for Cyber-Risk Analytics
Global cybersecurity certification and education membership body aims to help advance the automation of cyber insurance decisions through new partnership.
BALTIMORE – (ISC)Â² and PivotPoint Risk Analytics are partnering to empower CISOs and information security professionals to assess the financial impact of vulnerabilities and potential security incidents to their organizations. The aim is to help information security professionals make smarter business decisions and manage risk via a new category of solutions called cyber risk analytics, according to a press release.
Formed in 1989, (ISC)Â² is the largest not-for-profit membership body of certified cyber, information, software and infrastructure security professionals worldwide, with more 114,000 members in more than 160 countries.
When it comes to cyber risk, information security professionals and their boards often speak a “different language,” making it difficult to understand the business impact of decisions and demonstrate ROI, according to the release. By quantifying cyber risk using new cyber value-at-risk approaches, organizations can create a common lexicon for information security managers, risk managers, Boards of Directors, and other executives on risk mitigation and risk transfer through vehicles such as cyber insurance. This approach is endorsed by The World Economic Forum’s “Partnering for Cyber Resilience” initiative, which has framed cyber value-at-risk or CyVaR as the common risk quantification approach for its members, according to the release.
“CyVaR arms the CISO with automated cyber risk analytics to create and manage more effective security programs and to be more effective in communicating with other execs in building integrated programs,” says David Shearer, CEO, (ISC)Â². “We recognize PivotPoint Risk Analytics as the pioneer and leader who is transforming cyber value-at-risk from an interesting concept to a powerful operational capability.”
READ NEXT: PSA-TEC Panel: Mergers & Acquisitions Surge ‘Here to Stay’; Building Automation, IoT a Wild Card
As part of the partnership, (ISC)Â² has employed PivotPoint’s flagship solution, CyVar, to assess its own cyber-value-at-risk and guide the organization in its security strategy and in making decisions about cyber insurance.
CyVaR enables organizations to quantify risk to their business from cyber-attacks in dollars and cents. By showing customers where the greatest risks of financial loss exist, they can better prioritize investments in risk mitigation, such as implementing security controls or purchasing software, and better understand how to include cyber insurance to transfer risk as part of their cyber resilience strategy. CyVaR helps an organization to understand:
- How much money they could lose to cyber-attacks over the next year
- How investing in more security could reduce their risk
- How much and what types of cyber insurance they need to transfer financial risk
“By quantifying the risk to the most critical corporate information assets and associated software and infrastructure, cyber value-at-risk helps CISOs secure the value of their business and bolster their respect in the boardroom,” says Julian Waits, CEO, PivotPoint RA. “We are excited about this collaboration with (ISC)Â², a recognized organization that is committed to enhancing the security posture of global organizations.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.