Unlock your document

    Slide Self-adaptive cyber risk modeling platform using evidence-based data Want to know more?

       Cyber Risk Quantification

      What we do

      We are experts in quantifying cyber risk in financial terms to

      Enable industrial enterprises to measure and mitigate financial impact from cyber vulnerabilities based on their own data footprint

      Provide Insurers and Reinsurers with evidence-based data leading to superior risk selection and path to profit

      How we do it

      01-fragments-illustrations-how-we-do

      Evidence-based data and data analytics for superior risk assessment and quantification to understand cyber risk, and to prioritize risk mitigation actions

      • Inside-out data lake includes assets, vulnerabilities, configurations, anomalies and intrusions.
      • Outside-in data lake includes customized threat intelligence, supply chain and contextual information

      DeRISK©

      Powered by trusted data, probabilistic inference and Machine Learning, DeRISK is a self-adaptive SaaS analytics platform that identifies exposures and dynamically models financial value at risk.

      Fully compatible with the MITRE ATT&CK framework and ISA IEC 62443-3-02 standards, NIST CSF and CIS CSC.

      • Continuous data collection and integration
      • Topology, vulnerability and attack path mapping
      • Likelihood of exploitation
      • Estimation of business financial impact
      • ROI-based mitigation
      • Prioritization of response

      Request a Demo

      Review your security posture at a glance with our cloud-based security monitoring dashboard

        Services & Solutions

        We provide solutions to Industrial Enterprises and Cyber Insurers to help them run their business with confidence.

        Predictive analytics provide early warnings

        Enable insurance based on “what you need” and no size fits all

        Discover our solutions

        Industrial
        Enterprises
        See more

        Cyber
        Insurers
        See more

        Case studies

        Asset
        Location

        Utility-scale wind & solar farms
        Spain

        the challenge

        Understand their cyber security posture in more depth for a portfolio of renewable operating assets, wind and solar

        The Operational Technology (OT) cyber landscape is undergoing radical change, putting operators of critical infrastructure in constant financial uncertainty about their risk of cyber loss. 2019 witnessed a 2,000% year-over-year increase in industrial control system cyberattacks, with the average cost of an industrial cyber breach stacking up at $13.0m vs $11.7m in 2017.

        One of these critical infrastructures that is directly affected by the increase in cyber risk is the Renewable Energy sector. Our customer operates wind and solar PV generation facilities, and deployed DeRISK to better understand its exposure to cyber risks.

        the solution

        Provide a detailed risk assessment explaining their top cyber security risks

        DeRISK’s cyber risk platform was able to provide the client a detailed risk assessment explaining their top cyber security risk, in this case based on two Loss Breakdown Types: Source/Initial Access Vector and Consequence Type.

         

        the results

        DeRISK was able to provide the client a detailed risk assessment explaining their overall cyber exposure and top risk components, finding that the client’s portfolio has a significantly lower risk exposure compared to other power-sector peers of similar generation capacity. We provided two suggested mitigations, with which the customer can further reduce the expected loss by 14%.

        Currently the top source of probable loss is accident or carelessness, which is one of the few areas where controls are not at its strongest. In particular, a measure that would be very effective to reduce the impact of these accidents is to have routine backups on the OT side, to protect against accidental deletion or modification of key configuration files.

        With these results from DeRISK, the client is aware of their cyber security posture and is able to prioritize their risk mitigation based on ROI, Risk Reduction, Upfront Cost, Yearly Cost, Payback Period, or NPV.

        Expected Loss Breakdown

        62.6%

        Accident or carelessness

        22.3%

        Phishing

        39%

        Expected Loss compared to industry average

        Testimonials

        DeNexus’ technology enables us to manage our cybersecurity risks and compliance programs. With DeRISK, we understand our cybersecurity posture, and can prioritize risk reduction and mitigation actions for Apex Clean Energy, based on empirical and financial data.

        Ken Young,
        COO Apex Clean Energy
        Testimonials

        We are impressed with the DeNexus team and their approach to assessing and prioritizing cyber risk. We are excited to work with DeNexus to further develop the DeRISK product to support and streamline our cyber risk program for our managed security service clients.

        John Franzino,
        Chief Executive Officer at Grid Subject Matter Experts (GridSME)

        Blog

        Cyber Data Be Store In The Cloud
        Cyber Insurers
        Industrial Enterprises

        Go to blog

        Events

        Prioritizing Risk Mitigations for renewable Energy Assets

        Wed, Feb 17, 2021 10:00 AM -11:00 AM EST

        Many energy companies struggle to prioritize risk management efforts for their renewable energy projects in a financially meaningful way. To do this effectively, cybersecurity teams must first quantify their organization’s risk levels.

        17Feb