Slide Self-adaptive cyber risk modeling platform using evidence-based data

DeRISK Insurance. SaaS Platform to solve cyber risk



Industrial Cyber Risk Quantification Download the DeRISK Platform Overview
Slide Self-adaptive cyber risk modeling platform using evidence-based data

DeRISK Insurance. SaaS Platform to solve cyber risk



Industrial Cyber Risk Quantification Download the Solution Brief for ICS/OT Asset Owners
Slide Self-adaptive cyber risk modeling platform using evidence-based data

DeRISK Insurance. SaaS Platform to solve cyber risk



Industrial Cyber Risk Quantification Download the Solution Brief for Cyberinsurance
Slide Self-adaptive cyber risk modeling platform using evidence-based data Want to know more?
Industrial Cyber Risk Quantification

There has been a 2,000% year-over-year increase in industrial control system cyberattacks, with over $6 Trillion dollars of estimated losses due to malware alone in 2021.

Yet industrial enterprise organizations are still largely uncovered from cyber risk. Only 1% of an estimated $1 Trillion dollars of cyber risk is covered by underwriters in North America.

We solve cyber risk

We are experts in quantifying cyber risk in financial terms to

Solve cyber risk for the industrial enterprise, insurer and (re)insurer

With our cloud-based platform, we quantify, monitor and the mitigate the financial impact of cyber vulnerabilities and risk for the industrial world with evidence-based data leading to superior risk selection and path to profit

How we do it

01-fragments-illustrations-how-we-do

Evidence-based data and analytics for superior risk assessment and quantification to understand risk and to prioritize risk mitigation actions

Services & Solutions

DeNexus is the leading provider of cyber risk modeling for ICS/OT organizations and global (re)insurers.

DeRISK, our SaaS platform, empowers the industrial enterprise and risk underwriters to quantify cyber risk exposure on a continuous, self-adaptive basis using the world’s first evidence-based data analytics software and services.

Discover our solutions

DeRISK©

Powered by trusted data, probabilistic inference and Machine Learning, DeRISK is a self-adaptive SaaS analytics platform that identifies exposures and dynamically models financial value at risk.

Fully compatible with the MITRE ATT&CK framework, FAIR, ISA IEC 62443-3-02 standards, NIST CSF and CIS CSC.

  • Continuous data collection and integration
  • Topology, vulnerability and attack path mapping
  • Likelihood of exploitation
  • Estimation of business financial impact
  • ROI-based cyber risk mitigation
  • Prioritization of response

Request a Demo

Review your security posture at a glance with the cloud-based DeRISK Platform

Asset
Location

Utility-scale wind & solar farms
Spain

the challenge

Understand their cyber security posture in more depth for a portfolio of industrial, renewable, wind and solar operating assets.

One of these critical infrastructures that is directly affected by the increase in cyber risk is the Renewable Energy sector. Our customer operates wind and solar PV generation facilities, and deployed DeRISK to better understand its exposure to cyber risks.

the solution

Provide a detailed risk assessment explaining their top cyber security risks

DeRISK’s cyber risk platform was able to provide the client a detailed risk assessment explaining their top cyber security risk, in this case based on two Loss Breakdown Types: Source/Initial Access Vector and Consequence Type.

the results

DeRISK was able to provide the client a detailed risk assessment explaining their overall cyber exposure and top risk components, finding that the client’s portfolio has a significantly lower risk exposure compared to other power-sector peers of similar generation capacity. We provided two suggested mitigations, with which the customer can further reduce the expected loss by 14%.

Currently the top source of probable loss is accident or carelessness, which is one of the few areas where controls are not at its strongest. In particular, a measure that would be very effective to reduce the impact of these accidents is to have routine backups on the OT side, to protect against accidental deletion or modification of key configuration files.

With these results from DeRISK, the client is aware of their cyber security posture and is able to prioritize their risk mitigation based on ROI, Risk Reduction, Upfront Cost, Yearly Cost, Payback Period, or NPV.

Expected Loss Breakdown

62.6%

Accident or carelessness

22.3%

Phishing

39%

Expected Loss compared to industry average