Acuity has been mentioned in a new report on Cyber-Risk Quantification Solution Delivery by Gartner. The research is entitled: ‘Emerging Technologies: Overcome the Hurdles of Cyber-Risk Quantification Solution Delivery’ and was published by Elizabeth Kim on Monday 18th April.
Acuity Risk Management is listed as one of the example vendors and technologies in the below section:
Cyber risk includes risk exposure from interconnected digital and cyber-physical environments. Cyber-risk quantification is a method of expressing those risk exposures to an organization in business-relevant terms. Such exposure can be expressed in currency, market share, customer/beneficiary engagement and disruption to products or services over a chosen period. Defensible exposure value ranges are determined using a combination of business logic, mathematical models, loss event history and current risk assessment.
Risk quantification is an assessment of potential loss resulting from an event that occurs with a stated probability in a defined time frame. This means that output in terms of a single “risk score” is not considered risk quantification, as defined by Gartner.”
Simon Marvell, Acuity CEO and Co-Founder, said: “Acuity is delighted to be mentioned in this research on Emerging Technologies: Overcome the -Hurdles of Cyber-Risk Quantification Solution Delivery. While cyber-risk quantification is nothing new, and we have seen an increase in the uptake of quantitative risk assessments the past few years, there are quite a few key challenges that organisations need to navigate when embarking on translating risk in business terms”.
Indeed, Boards and CEOs recognise the increasing importance of cyber security and risk management overall, according to a PwC survey of 3,249 business and technology executives – however, 26 percent will see budget cuts and 13 percent won’t see any change, so their security investments will have to be made prudently. To be certain they are making the right decisions, security and risk professionals are seeing a need to quantify cyber risks. This expectation to ‘do more with less’ is challenging, but quantifying risk can help.
However, not all quantitative risk assessment methodologies are created equal. And not all GRC platforms or technologies that say they can help businesses ‘quantify risk’ are fit-for-purpose.
A risk-based, practical approach to cyber risk quantification is what’s needed to create resilience while also getting return on investment (ROI) from security spend.
Screenshot from Acuity’s STREAM Integrated Risk Management platform
Keeping things practical and tailoring your approach to implementing quantitative risk assessments to your organisations’ particular level of risk tolerance and internal processes is important. To diver deeper into cyber-risk quantification, watch our recent on-demand webinar on the benefits of quantitative risk assessments.
Acuity’s STREAM Integrated Risk Manager has helped both small-to-medium businesses and global enterprises reduce risk within tolerance and communicate it in business terms to maximise ROI. If you’d like to discuss cyber-risk quantification or see STREAM in action, contact us now or request a demo.
Gartner Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.