CYBER BREACHIMPACT

QUANTIFICATION

CYBER SECURITY IS A PROCESS

Understand your risk, know your attack surface,

uncover weak spots

React to breaches,mitigate the damage,

analyze and learn

Minimize attack surface, prevent incidents

Recognize incidents and threats, isolate and

contain them

$4 MILLION

According to a study by IBM in 2016: http://www-03.ibm.com/security/data-breach/

AVERAGE COST OF DATA BREACH?

WHAT IS CBIQ?

CBIQ is a service that quantifies the cost of a cyber breach impact to an organisation.

This is achieved by factoring a number of operational loss forms associated with breaches and running a simulation to solve the most likely outcomes.

It’s for those who want something else than averages.

4

OBJECTIVESANALYZE OPERATIONAL ACTIVITIES

PRODUCE A DEFENDABLE RISK CALCULATION ON EXPECTEDIMPACT OF A BREACH

GIVE RECOMMENDATIONS BASED ON EXPERT OBSERVATIONS

HOW DOES IT WORKCUSTOMER’S UNIT

COSTSF-SECURE’S WORKSHOP

APPROACH

SIMULATED RESULTS

• Advanced quantification model• 3-point estimations• Insight on how an incident

leads to various forms of losses: • Productivity• Response• Replacement• Reputation• Revenue• Sanctions

Illustrated distribution of losses

Bounds, average, median

• Lost revenue from interruption• Lost business opportunities• IT work (internal/external)• Cyber incident response• Legal work• PR and marketing work• Customer support• Privacy expert (Privacy Officer)

SCOPEInformation asset or system

SIMULATOR

THE RESULT

BENEFITS

HOW MUCH IS AT STAKE?

ENABLE INFORMED CYBER RISK DECISIONS

HOW MUCH SHOULD WE SPEND IN CYBER INSURANCES

OR INVEST?

JUSTIFY CYBER SECURITY SPENDING

HOW DO GREEN, YELLOW AND RED RISKS ADD TO

EUROS?

IMPROVE QUALITY OF

RISK REPORTING

LOSSESWHAT TO EXPECT FROM A BREACH?

Identify what has happened and who

should be involved in responding.

Investigate what has happened and if it is still happening, run crisis management,

initiate recovery.

Restore the IT services and data,

prevent new hacks, communicate,

resume business.

Document the incident, adjust

plans and controls, prepare for sanctions.

AFTERMATHRECOVERYCONTAINMENTIDENTIFICATIONDETECTION

ACTIVITY AFTER BREACH

DAMAGES

REPUTATION

DOES REQUIRE

RESPONSE

EXPOSES TO

SANCTIONS

MIGHT CALL FOR A

REPLACEMENT

DEGRADES

PRODUCTIVITY

HURTS

REVENUE

A BREACH

DELIVERYTHE WAY TO RESULTS

DELIVERY STEPS

ADDITIONALINFORMATION

KICK-OFF WORKSHOP PRESENTING THE RESULTS

Presenting CBIQ method

Presenting the target

Deciding who will be invited to the workshop

C-level executives (CRO, CIO), Asset owners/managers, CISO

Information needed to ensure accuracy of the simulations

Customer provides as agreed

Interviews with relevant stakeholders

Business, Legal, Comms, Customer service, IT, Infosec

INTERESTED?

Get in touch!

f-secure.com