TUV Rheinland OpenSky, a wholly owned subsidiary of TÜV Rheinland, and RiskLens, the leading provider of cyber risk quantification (CRQ) software and cyber risk management solutions, announced today that they are partnering to bring Cyber Risk Quantification as a Service to organizations across all sectors. The new TUV Rheinland OpenSky offering is powered by the RiskLens Software as a Service platform. RiskLens is the only enterprise platform purpose built on the Factor Analysis of Information Risk (FAIR) model. FAIR, backed by the FAIR Institute, is the de facto cyber risk quantification methodology trusted by more than 30% of the Fortune 1000 and 75% of the Fortune 50.

Cyber Risk Quantification as a Service allows TUV Rheinland OpenSky to provide enterprise-level FAIR analysis on the risks that clients face during their digital transformation journey. New technology, new business to business ecosystems, growing privacy concerns and varying threats create numerous potential loss scenarios. TUV Rheinland OpenSky can help clients identify and analyze those risks using information from assessments, scans and testing using frameworks such as ISO 31000 and NIST 800-30. They can also identify key controls that reduce most of the risk across common loss scenarios.

From there, new questions arise: What is an appropriate amount to spend to treat this risk? What should our cyber insurance cover? How much of my budget should be apportioned to an initiative?

Heat maps with red, yellow and green results do not answer those questions. This service offering does. TUV Rheinland OpenSky’s FAIR-certified consultants will provide annualized loss expectancy to answer those questions and others using information from your experts and other market information. They can even tie in information from their clients’ GRC data and integrate quantification of risks into GRC-based risk registers. CSOs in programs that have tied in FAIR acknowledge that management decision support in security simply did not exist like it does now.

According to Anish Srivastava, CEO and President of TUV Rheinland OpenSky, “The RiskLens platform is a crucial component of security management decision support. Our clients are not only challenged with reporting up to the board, but also making the security case to the investment committee, rationalizing their security portfolios, and rightsizing remediation plans. The FAIR methodology, with true data integration, is timed well in a climate where compliant organizations continue to be compromised by a broad category of losses. We offer our clients services and solutions that empower them in determining the allocation of precious resources.”

According to Nicola (Nick) Sanna, CEO of RiskLens, “TUV Rheinland OpenSky is a strategic advisory, consulting and integration services partner assisting large enterprises in building GRC and risk management programs based around the FAIR standard and now through the use of the RiskLens software platform. RiskLens global reach and proliferation into operational technology (OT) and Internet of Things (IoT) manufacturers through TUV Rheinland OpenSky’s trusted brand and risk assessments as a service will be powered by RiskLens’ risk analysis capabilities.”

Christine Lagarde, Managing Director of the International Monetary Fund (IMF), not only recently identified cyber risk as a top risk but also a “significant threat” to the financial system. That’s why cyber risk quantification has emerged as a risk management necessity. Gartner recently spotlighted cyber risk quantification and endorsed the FAIR-style approach in its “Integrated Risk Management” Magic Quadrant.

Integrated Risk Management is the natural evolution of Governance, Risk and Compliance (GRC) programs and technology. RiskLens offers the industry’s most powerful and actionable decision-support platform for cybersecurity and risk management teams that is able to assess the financial impact of cybersecurity events. The RiskLens platform arms risk management programs with a robust model for measuring risk in actual dollar, damage, and ratio implications. With this quantitative analysis, organizations can deliver reports to key stakeholders in a business language, prioritize security remediation activities, evaluate ROI of cybersecurity initiatives and optimize security budgets.

Über TÜV Rheinland

TÜV Rheinland ist ein weltweit führender unabhängiger Prüfdienstleister mit 145 Jahren Tradition. Im Konzern arbeiten über 20.000 Menschen rund um den Globus. Sie erwirtschaften einen Jahresumsatz von knapp 2 Milliarden Euro. Die unabhängigen Fachleute stehen für Qualität und Sicherheit von Mensch, Technik und Umwelt in fast allen Wirtschafts- und Lebensbereichen. TÜV Rheinland prüft technische Anlagen, Produkte und Dienstleistungen, begleitet Projekte, Prozesse und Informationssicherheit für Unternehmen. Die Experten trainieren Menschen in zahlreichen Berufen und Branchen. Dazu verfügt TÜV Rheinland über ein globales Netz anerkannter Labore, Prüfstellen und Ausbildungszentren. Seit 2006 ist TÜV Rheinland Mitglied im Global Compact der Vereinten Nationen für mehr Nachhaltigkeit und gegen Korruption. Website: www.tuv.com

Firmenkontakt und Herausgeber der Meldung:

TÜV Rheinland
Am Grauen Stein
51105 Köln
Telefon: +49 (221) 806-2148
Telefax: +49 (221) 806-1567
http://www.tuv.com

Ansprechpartner:
Norman Hübner
Pressesprecher Informationssicherheit
Telefon: +49 (221) 806-3060
Fax: +49 (221) 806-3093
E-Mail: Norman.Huebner@de.tuv.com
Für die oben stehende Pressemitteilung ist allein der jeweils angegebene Herausgeber (siehe Firmenkontakt oben) verantwortlich. Dieser ist in der Regel auch Urheber des Pressetextes, sowie der angehängten Bild-, Ton-, Video-, Medien- und Informationsmaterialien. Die United News Network GmbH übernimmt keine Haftung für die Korrektheit oder Vollständigkeit der dargestellten Meldung. Auch bei Übertragungsfehlern oder anderen Störungen haftet sie nur im Fall von Vorsatz oder grober Fahrlässigkeit. Die Nutzung von hier archivierten Informationen zur Eigeninformation und redaktionellen Weiterverarbeitung ist in der Regel kostenfrei. Bitte klären Sie vor einer Weiterverwendung urheberrechtliche Fragen mit dem angegebenen Herausgeber. Eine systematische Speicherung dieser Daten sowie die Verwendung auch von Teilen dieses Datenbankwerks sind nur mit schriftlicher Genehmigung durch die United News Network GmbH gestattet.