Are you using tools for cyber risk quantification? What are they?

Risk ManagementSecurity Strategy & RoadmapGovernance, Risk & Compliance
1.4k views1 Upvote30 Comments
Head, Information Security and Compliance in Finance (non-banking), 1,001 - 5,000 employees
Yes. OneTrust GRC 
Director of Enterprise Technology Advisory in Software, 10,001+ employees
Yes. ThreatConnect RQ
Principal Information Security Officer in Education, 10,001+ employees
Yes.  Third Party Risk assessment services.
VP of IT in Media, 201 - 500 employees
We are using third-party cyber security vendor to help assess and quantify our cyber risks...
VP, Technology Manager in Education, 10,001+ employees
We have contracted with two different third party companies that monitor the threat landscape. Our cybersecurity team then takes action based on alerts from those companies. We have found this to be much more effective than trying to manage with internal tools.
CTO in Software, 11 - 50 employees
Yes. ThreatConnect RQ
Director of Tech and Cyber Strategy in Finance (non-banking), 1,001 - 5,000 employees
We currently use Panorays. We have looked some of its competitors and found them all pretty similar, generally scanning for publicly exposed vulnerabilities.

Internally we use ServiceNow GRC.
IT Strategist in Government, 1,001 - 5,000 employees
We are using internal processes and CRM tools for assessing the IT Security risks, as well as involve 3rd party expertise when required.
Resolver is used to assess overall security risks. 
CIO in Education, 201 - 500 employees
We use a third party security vendor to assist with this task.
Director, Information Technology in Transportation, 201 - 500 employees
We have budget to add a vulnerability assessment tool in Q1 2023.  We will also have a 3rd party perform penetration testing to identify any weak spots in our perimeter defenses.

Content you might like

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
41.7k views131 Upvotes319 Comments

Did the Russian invasion of Ukraine cause your organization to reevaluate its cybersecurity readiness?

Russian Invasion of UkraineNewsSecurity Strategy & Roadmap

Yes70%

No29%

Other (please comment)1%


181 PARTICIPANTS
1k views1 Upvote

What's your initial reaction to Cisco acquiring Splunk?

Applications & PlatformsSecurity Strategy & RoadmapIT Strategy & Roadmap
1.1k views1 Upvote1 Comment

Anyone going to be at the RSA conference?

Personal DevelopmentSecurity Strategy & RoadmapData Protection & Encryption

Yes52%

No48%


110 PARTICIPANTS
924 views

Where do HR and other non-security/IT departments fit into your insider risk management strategy/program? What role do they currently play?

Security & GRCRisk ManagementThreat & Vulnerability Management+1 more
Read More Comments
4.3k views1 Upvote7 Comments