A core aspect of Kovrr’s cyber risk modeling data pipeline combines unique data sources to better inform the model.
Modeling impacts from cyber events requires an extensive understanding of the cyber threat landscape. A core aspect of Kovrr’s data pipeline combines unique data sources to better inform the data points taken into account when building out the frequency and severity of cyber events.
Kovrr’s data collection streams dozens of sources into Kovrr’s threat intelligence and cyber events databases. The data sources can be grouped into several categories:
Data on cyber events, such as the type of event, attack vector, event duration, event impact, and costs that have been incurred as a result of the event. This provides Kovrr with a wide view of cyber event trends and their financial impact.
Data on actor activity and resources compromised by actors. Examples of data include compromised PII, compromised credentials, and actor activity trends. This allows Kovrr to assess which companies face an increased risk of attacks due to larger exposure and targeting by actors.
This type of data includes data on vulnerable and exploited products, types of vulnerabilities and exploits, and vulnerability and exploit trends (for example - which vulnerabilities are now being actively exploited). With this data, Kovrr can understand which vulnerabilities have a higher probability of causing harm to companies and which software and services are riskier.
data on provider outages. This data allows Kovrr to gain an understanding of which providers are more prone to experience outages and what the average outage duration is.
Access to some of these data sources is derived via partnerships reserved for Kovrr’s use exclusively for modeling purposes. Additional partnerships are with other emerging Israeli cybersecurity vendors which continuously bring new exciting data and create a unique ecosystem.
A sample list of sources can be seen in the table below: