BOSTON, MA, December 5, 2023 - DeNexus, a leader in cyber risk quantification and management for operational technology (OT) and industrial control systems (ICS), today announced the launch of DeRISK freemium, a complimentary entry point to its DeRISK AI-powered Cyber Risk Assessment platform.
DeRISK transforms the landscape of cybersecurity risk management and budgeting for critical infrastructure and industrial enterprises and establishes a well-defined and knowledgeable groundwork for financial planning in regards to cyber risk management. DeRISK freemium is a simplified version that gives industrial facility and risk owners a complimentary entry point to comprehend their cyber risk posture and evaluate the impact of mitigation strategies at no cost.
The DeRISK freemium version, powered by AI, ML and Probabilistic Inference, empowers users to assess their top cyber risk drivers and potential losses that may arise from a cyber event. Additionally, the tool facilitates an in-depth understanding of the organization's cyber risk exposure on the balance sheet, offering a comprehensive view of the extent of risk carried, Annual Expected Loss and Value at Risk, and calculate the impact in risk reduction of a cyber risk mitigation strategy defined by the user.
The freemium offering brings immediate free access to tangible benefits eliminating the guesswork associated with measuring the positive impact of cyber risk mitigation projects, and facilitating risk-based cyber investments. The platform addresses another critical pain point by providing a common language for understanding of underlying cyber risk among various stakeholders, including the cybersecurity team, compliance team, risk management team, executive C-suite, and insurance team. This has become more important than ever in the current regulatory and risk fast-evolving landscape.
“Siloed communication about cybersecurity and the lack of a data-driven, shared understanding of cyber risks between CISOs and CFOs can have catastrophic impacts on organizations with investment-intensive physical infrastructure”, said Jose Seara, Founder and CEO of DeNexus. “DeRISK mitigates communication barriers between cybersecurity and financial leaders within the physical critical infrastructure industry by illustrating how cyber risk impacts both of their bottom line.”
DeRISK is now available in both freemium and premium versions, with freemium catering to energy-focused companies assessing their cyber risk. The premium version enhances risk assessment and management by adding to outside-in data the use of inside-out data - network topology, devices, vulnerabilities and inference on the presence of cybersecurity controls - to capture threats and calculate the attractiveness index.
With numerous additional features such as the automatic design of optimized risk mitigation strategies, portfolio risk management for multiple facilities and different portfolios, unlimited use, expanded industry verticals coverage, advanced reporting capabilities, including risk-based vulnerability management, and much more, the DeRISK premium version empowers CISOs and CFOs to proactively build and justify comprehensive security investment plans.
In contrast, DeRISK freemium relies only on outside data and user inputs for cybersecurity controls, supports a single facility, and has limitations in industry coverage and reporting capabilities.
The energy sector remains one of the most vulnerable of the critical infrastructure industries related to cyber risk. Despite the financial impacts that cybersecurity attacks and breaches have on organizations, 60% of CFOs are not regularly communicating with cyber teams.
“The DeRISK platform provides actionable data and reporting that helps us identify and communicate cybersecurity risks to the organization,” says Scott Hooper, Director of Cybersecurity at Clearway. “It is a core component of our risk assessment, quantification, and remediation efforts.”
Industrial facility and risk owners at energy companies can visit here to immediately activate DeRISK freemium at no charge and gain visibility into their facilities’ cyber risk posture in five simple steps.