Cyber security company Safe Security has launched a new predictive security tool called the CRQ Calculator that will enable CISOs, risk teams, C-Suites, and board members to design and implement a return on investment (ROI)-driven enterprise cyber risk management plan, it said.
The company said in an official release that it has developed a predictive research model that will enable organisations to “truly manage cyber risk” by addressing two questions- firstly, “What is the probability of an attack happening?” and secondly, “If an attack happens, what is the potential financial loss for my company?”
Safe Security’s research shows that in the next 12 months the probability of a healthcare company falling victim to a successful cyber attack is 25%, and 20% for a financial services company.
The research points out that there is a 10% probability that a healthcare or a financial services company will face an attack resulting in a data breach, and around 8% probability of these organisations facing a ransomware attack.
It further said that Industries like manufacturing and retail face less than 15% probability of a successful cyber attack.
Also, in a ransomware attack, the cost of the ransom itself makes up only 10% of the total financial impact the attack would have against an organisation. Other costs such as incident response and business interruption will have a much bigger financial impact on an organisation.
The financial impact of a successful breach on retail and manufacturing sectors, while only a 15% probability, could be more significant than other industries due to potentially high business interruption costs.
Leveraging this research, Safe Security said that it has developed the CRQ Calculator, a free benchmarking tool that provides outputs about the cyber health and potential financial risks of a specific industry.
These outputs can be tuned specifically to a company based on its internal signals.
The calculator can be used by CISOs to understand industry benchmarks and their baseline cyber risk to run customised cyber risk assessments using the Safe Platform, to quantify their own risk, create a Cyber Risk Management plan and track ROI.
Cyber insurance companies and brokers can use the calculator to assess their portfolio-level cyber risk, and adjust their pricing and coverage accordingly.
Also, portfolio management companies or private equity companies can estimate the financial risk due to the cybersecurity posture of their portfolio companies.
“As humans, we love predicting the future. Everything from which team will win tomorrow’s game, to the probability of rain next week. The Safe Security team feels just as passionate about helping organisations understand their cybersecurity risk through probability models,” said Saket Modi, co-founder and CEO of Safe Security.
Modi mentioned that like financial risk, cyber risk needs to be managed in real-time based on data coming from internal and external environments.
Earlier this year, Infosys and Safe Security have entered in collaboration to get an enterprise-wide view of overall cyber risks and predict breaches. Safe Security’s SaaS platform SAFE works as the tool to anticipate the potential financial impact of each cyberattack before it occurs.