Unprecedented Accuracy on Data Breach Costs from RiskLens Data Science – Security Boulevard

unprecedented-accuracy-on-data-breach-costs-from-risklens-data-science-–-security-boulevard

Have you considered that someone could be secretly watching you or your child with your webcam right now? Is it worth taking such a risk? camDown can help stop them!

FAIR Model - Short VersionDetail of the FAIR model

In their latest work, Justin and team analyzed 18,000 unique cyber events, splitting their financial losses into three FAIR categories (Primary and Secondary Response Costs and Fines & Judgments) composed of six forms of loss: productivity, incident response, replacement cost, competitive advantage, fines/judgements, and reputation. 

The researchers also examined the data from the viewpoints of seven variables: number of records breached, company revenue, region (European Union vs. North America), external or external threat, error or malicious threat, data type and industry. And they applied four different analytical models as a reality check; previous data analyses have applied just one.

The goal of all this applied science: 1) The highest level of accuracy for the top-line loss numbers 2) the deepest insight into forms of probable loss so cyber defenders can target controls, mitigation, or insurance with the most cost efficiency — for instance, for a healthcare organization with a certain number and type of records, a certain level of revenue, etc.

Data Science in Action with the RiskLens Enterprise Platform and My Cyber Risk Benchmark Tool

Users of the RiskLens Enterprise platform for quantitative cyber risk analysis have the benefits of RiskLens data science built in, with pre-packaged data specific to their industry, size and the other variables, ready to plug and play in risk analysis. So do the customers of RiskLens Pro, the managed service, with RiskLens consultants running the analyses on the platform.

Now, any organization can take advantage of RiskLens curated data with My Cyber Risk Benchmark, an easy-to-use tool to quantify cyber risk and present it in terms the business understands. Quickly generate reports showing loss exposure in financial terms across the seven most common risk categories (ransomware, DDoS, etc.), tailored to the organization’s industry, geography, etc. Try it for free now.

desktop-insiderMisuse-benchmark-1RiskLens My Cyber Risk Benchmark report

Insights into Cyber Risk from RiskLens Data Science 

Increased granularity of data analysis yields a complex picture of cyber risk with many non-intuitive findings:

  • Primary Response Cost (PRC) increases by 5% per 10% increase in the number of records breached, while Fines and Judgement (F&J) increases by 2%.
  • Events involving PHI data are twice as likely to incur F&J.
  • An external threat actor could cause PRC to be up to four times more expensive and increase F&J by 52% but is associated with reducing Secondary Response Cost (SRC) by 42%.
  • F&J are 95% less likely to occur in North America than in the European Union but are 2.75 times more costly when they occur.
  • The industry impacts the probability of SRC occurring to a varying degree, with accommodation, finance, information, public sector, and retail seeing a 60% to 190% increase.

Looking Forward

This level of advanced analysis of cyber loss sets a high bar for the cybersecurity profession. As Justin says, “understanding the financial impact after an event is the first step to understanding how controls reduce a firm’s risk exposure – and that’s our big research push.”

RL-Banner-1024x281v1

In conclusion, after all of that camDown is your security solution to protect you and your business from peeping toms and that's the the truth!