Optimize your cyber insurance policy with Kovrr by understanding your cyber risk exposure.

Learn More

Case Study

Turning Raw Cybersecurity Data into Quantitative Financial Insights

January 12, 2023

Cyber Risk Quantification Case Study

Overview of the Company

A large size logistics company with over £‎11 billion‎ in yearly revenue.  The company mainly operates in the UK with thousands of regional and local operational units.  The main cybersecurity team is located in London with additional information security professionals dispersed geographically to support operations. The company is currently basing its security controls maturity on the NIST framework.

Problem

To understand their cyber risk exposure, the company currently uses ad-hoc simulations with intensive manual tasks and costly processes. This only provides them with a point in time snapshot of the company’s cyber risks and business impacts from a financial quantification perspective.  They were looking to assess a long-term alternative approach of how to best support their initiatives to decrease their cyber risk exposure and in turn reduce their financial exposure in the future. Most importantly, they wanted to make sure that all their data from GRC, attack surface, and other cybersecurity platforms was being used to better inform Kovrr’s platform about their cybersecurity posture.

The company was interested in eliminating the costly manual processes without compromising on accuracy. They were looking for a solution that would allow them to run necessary simulations on demand and therefore a more efficient, scalable process. They were also looking for a solution that would augment the capabilities of their existing security team’s quantification initiatives.

Solution

The company began the process by running a full cyber risk quantification on the entire group. This was done using Kovrr’s Cyber-Sphere and internal data integrations with Microsoft, ServiceNow, and Panaseer. Each quantification run after the initial, considered a different integration to see how the specific data imported impacted their financial exposure. This allowed the company to combine various views of risk from different aspects of their cybersecurity posture into one coherent output.

Outcome

This CISO created a cohesive view of risk by applying a financial value on the data collected from various cybersecurity platforms. This initiative was warmly received by both the CIO and CFO because it allowed them to better understand the risk from an operational perspective. The platform provided CISO with the ability to visualize the effectiveness of the group’s current cybersecurity program, assess the potential risk reduction for future cybersecurity investments, and form a solid risk transfer strategy. The use of this tool was essential in helping aligning stakeholders to a mutual view of risk across the organization.  

No items found.
Ask for a demo
By providing my contact information and ticking the box below, I agree to Kovrr's Privacy Policy and consent to communications from kovrr at the contact information provided.
Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.

More Case Studies

See all case studies