InnoSec: Winning at Cyber – Cyber Risk Management

85 percent of a company’s value is a digital asset. Cyber risk is now perceived as the second largest business risk, however cyber risk is complex, and most companies rely simply on qualitative metrics. Aon recently reported that cyber events now rank among the top three triggers for D&O derivative actions. Couple this with the new General Data Protection Regulation (GDPR) that has fines of €20m or 4 percent of annual revenue and cyber is now officially a business issue that must be managed by the board of directors. However, most companies still see it as an IT issue and adopt a reactive approach to cyber by layering on more cyber point solutions without understanding their effectiveness and which assets they actually protect or how well. Cyber risk must be quantified to have an effective strategy. Quantifying cyber risk can demonstrate how much insurance to buy, budget needed, and the prioritization of cyber remediation based on the highest impacts to the business. InnoSec, a cyber risk quantification pioneer, is set to address these impediments. The software is a holistic cyber security solution that utilizes a proprietary risk engine to quantify cyber risk in terms of reputational, operational, legal and financial impacts at the virtual asset level and provides a management platform that is a set of dashboards, reports, and workflows for each stakeholder that centralizes all the cyber security activities including risk, vulnerability, compliance, audit, budget, project/ task and vendor management resulting in a significant ROI. “We help clients understand cyber exposures and define an effective cyber security strategy that improves their cyber resiliency,” remarks Ariel Evans, CEO, InnoSec.

InnoSec's cybersecurity risk management solution, STORM first inventories a client’s virtual assets and runs machine learning algorithms to verify the quality of the data, quantifies their risk and provides near real time data when a cyber finding raises risk above acceptable levels. Once understood, immediate action can be orchestrated in STORM to lower risk back down to the acceptable level. It harnesses security data from any security tool. STORM’s cyber risk engine quantifies cyber exposures in terms of business interruption, data exfiltration and regulatory loss – all metrics that cyber insurance companies will pay for in the event of a breach.