RiskRecon has launched asset valuation algorithms that automatically determine the inherent risk value of any Internet-facing system.
In this way, a company can easily identify the issues of risk that matter.
Automatically determining asset value is key to managing cyber risk because it enables businesses to easily create action plans focused on addressing those risks, according to RiskRecon.
The US-based company says it can evaluate the security program of any organisation, be it SaaS, outsourcer or an in-house provider.
Its asset valuation algorithms automatically assign a value to cyber assets such as systems, domains, and networks. In addition, the algorithms tag each asset with value indicators, including the system's functionality and the data types it collects
The company's CEO and co-founder, Kelly White, says risk professionals are spending too much time on analysing mountains of issues to determine the risk relevance.
By using its 'Risk Prioritization Matrix', RiskRecon automatically contextualises each issue according to severity and asset value, which enables professionals to identify risk priorities and needed action.
Visually summarising the risk priority of three million issues found in commercial Internet-facing systems reveals that only 0.12% are critical severity issues in high-value assets.
"The vast majority of risk resides in less than 6% of total issues," White explained. "RiskRecon enables you to easily identify the issues of risk that matter and, just as importantly, identify the issues that don't."
Share