Cyber Risk Ecosystem from Evolver
-
Upload
evolver-inc -
Category
Technology
-
view
256 -
download
0
Transcript of Cyber Risk Ecosystem from Evolver
![Page 1: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/1.jpg)
The Evolver Cyber Risk Ecosystem
![Page 2: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/2.jpg)
THE MOVE TORISK MANAGEMENT
![Page 3: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/3.jpg)
Quantify Business RiskFind Exposed DataReduce RiskTransfer RiskMonitor and Improve ControlsRequantify Risk
BASIC STEPSCYBER RISK ECOSYSTEM
![Page 4: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/4.jpg)
The Quantification of RiskEvolver utilizes the
Factor Analysis of Information Risk Model (FAIR)
We partner with RiskLens as a SaaS quantification tool
![Page 5: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/5.jpg)
The way most information security professionals measure risk today fails to quantify cyber-risk in terms the business can understand and use
EASIER SAID THAN DONE…
Governance, Risk & Compliance Tools
G R CVery Low
LowModerate
HighVery High
12345
= =
2
Qualitative Checklists & Excel1
©2016 by RiskLensPowered by
![Page 6: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/6.jpg)
THE BREAKTHROUGH A UNIQUELY SCALABLE RISK MODEL
Accredited as an Industry Standard by
Supported by a Fast Growing Community
FAIR Book Inductedin Cybersecurity
Canon
Complementary toRisk Frameworks
©2016 by RiskLensPowered by
![Page 7: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/7.jpg)
HOW IT WORKSTHE ONLY PURPOSE-BUILT VALUE-AT-RISK PLATFORM BUILT ON FAIR
©2016 by RiskLensPowered by
![Page 8: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/8.jpg)
• Together we identify key business risk elements • Then apply the FAIR model to determine quantitative risk figures
• Results are financially based and are directly related to the specific business operations.
EVOLVER WORKS WITH CRO, CISO AND BUSINESS LEADERS
![Page 9: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/9.jpg)
What data has been exposed?
Evolver utilizes several discovery methodsOne partner is Lemonfish for
open, deep and dark web discovery
![Page 10: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/10.jpg)
Evolver determines if the company may have already been breached and does not know it.
In many cases the attack has thwarted the existing systems and company is not aware.
![Page 11: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/11.jpg)
USING THE QUANTIFICATION EFFORT• Identify the highest value
assets of the company • Search for the data in the
open, deep and dark web• Report findings to the client • If detected, work with the client• resolve the breach area • begin incident response actions (if
required)
![Page 12: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/12.jpg)
What Can I Do to Reduce
Risk?
![Page 13: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/13.jpg)
OUR FINDINGS ARE OF MUCH GREATER VALUE TO THE CLIENT
We perform an assessment based on those areas that are most critical to the business
We conduct the assessment with the knowledge and understanding of where the critical business functions lie
$
![Page 14: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/14.jpg)
ACTION ITEMSTO REDUCE OVERALL CLIENT RISK
Cyber Assessments
Policy Reviews
Penetration Testing
Vulnerability Analysis
A full suite of cybersecurity
audit and
assessment services
![Page 16: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/16.jpg)
OPERATIONAL SERVICESTO SUPPORT THE IMPLEMENTATION OF RISK REDUCTION PROGRAMS
SOC Operations
Monitoring Tools
Technology Refresh
Threat Management
A full suite of
cybersecurity 24/7
operational services
![Page 17: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/17.jpg)
As part of an overall cyber program, we: • Show where risks lie• Provide quantifiable
numbers to show where risks can be reduced• Show where insurance can
best be applied
WE SUPPORT STRATEGIES FOR BUYING CYBER INSURANCE
![Page 19: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/19.jpg)
Integration of quantified risk findings
with continuous monitoring and control implementation.
Partner with GRC tools including CyberOne and RSA
![Page 20: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/20.jpg)
Cloud based Security-as-a-Service
• Enterprise Asset Protection• Vendor & Risk Management• Control Monitoring• Business Continuity and Disaster
Recovery Management
Automated Compliance ChecksRisk Reporting & Analytics
RISK BASED SECURITY SOLUTIONS 1Identify
2Analyze
3Implement
4Monitor
5Compliance Report
6Audit
©2016 CyberOne
![Page 21: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/21.jpg)
INTEGRATED SECURITY BENEFITS
Policy & Compliance Managemen
t
Information & Asset
Governance
Incident Response
Management
Vendor Managemen
t
Risk Managemen
t
Vulnerability
Management
Cyber Insurance
Management
Security-as-a-Service
Open Integrations
Dashboards & Reports
Best Practices
Process AutomationAutomated Continuous Monitoring
Relationship & Risk Management
Security Analytics
INTEGRATED FRAMEWORK BENEFITS
©2016 CyberOne
![Page 23: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/23.jpg)
•The final step is to repeat the cycle
as part of the ongoing operations of the company
•C-Suite and the Board have visibility into • overall improvements • impact of the changing threats on the company
NEVER RESTON THE IDEA THAT CYBER RISK HAS BEEN TOTALLY ELIMINATED
Quantify Risk
Find Exposed Data
Reduce RiskTransfer Risk
Monitor & Improve Controls
Requantify Risk
![Page 24: Cyber Risk Ecosystem from Evolver](https://reader035.fdocuments.us/reader035/viewer/2022062503/587718081a28ab4c1d8b5b1d/html5/thumbnails/24.jpg)
Evolver, Inc.1943 Isaac Newton Square East
Suite 260Reston, VA 20190
[email protected]/Cyber
SINCE 2000, EVOLVER HAS SERVED THE FEDERAL, COMMERCIAL, AND LEGAL INDUSTRIES.
Service offerings include cybersecurity, cloud solutions, application development, infrastructure design and management, mobility solutions, end user support, data analytics, end-to-end eDiscovery and other managed technology services.