Organizations can gauge their cybersecurity risk factors by using Safe Security’s new online calculators. Cybersecurity risk assessment company Safe Security on Tuesday rolled out two new online risk assessment tools for businesses to use, in order to help them understand their vulnerability to cyberattacks and the costs of insuring against them.Both tools—an interactive cost calculator for cyberattacks and a cyberinsurance assessment app—are available as free-to-use web pages, created by Safe Security and based on the company’s institutional knowledge and in-house research into cybersecurity risk factors.Risk tools measure financial impact of cyberthreatsThe cost calculator for cyberattacks takes into account general data—like revenue, number of employees, vertical, headquarters location and the types of records stores—to arrive at an “annual loss expectancy” figure, according to vice president of AI and cyber insurance at Safe Security, Pankaj Goyal. This measures the likelihood of an attack against the potential financial impact, breaking the potential harms down by the type of attack—currently ransomware, data breach, and business email compromise, but with more types on the way, according to Goyal. The cyberinsurance assessment tool is designed to provide a detailed view of an organization’s risk profile in regard to cyberthreats, particularly as it applies to insurance premiums. Safe Security uses APIs from the user’s internal technology environment, and grades the in-place security products and policies, to create its evaluation. The company then provides detailed guidance on the level of recommended coverage, relative risk level compared to similar organizations, and key action items for improving cybersecurity posture. These types of cyber risk assessment products aren’t new, but offering a free—or “freemium”—version is much less common, according to Gartner research principal analyst Elizabeth Kim.“Therefore, in my opinion, Safe Security’s free version of the tool could be helpful for organizations that are not quite at the point of investing in cyberrisk quantification but are open to exploring its benefits before fully investing in it,” she said. There’s a dearth of detailed knowledge about this type of issue, even among cyberinsurers, according to IDC Research Director Phil Harris. While the tools could obviously become a potential sales channel for Safe Security, the broader benefit of raising awareness and provoking companies to take a harder look at their overall security postures is one that could be felt more widely, he said.“It should at the very least keep the interest of the person using the calculator to ask ‘Why?’” he said. “Not enough people are asking that question these days, even cyberinsurers —as a cyberinsurer, I’d want to know what the client’s security posture is.” Related content news UnitedHealth hackers exploited Citrix vulnerabilities, CEO to testify In the written testimony before the House Energy and Commerce Committee, CEO Andrew Witty said after gaining access, the threat actor moved laterally within the systems using sophisticated methods and exfiltrated data. By Prasanth Aby Thomas Apr 30, 2024 3 mins Hacker Groups Cyberattacks Vulnerabilities news Most attacks affecting SMBs target five older vulnerabilities Attackers target flaws for a reason: Even years after they are discovered, they still work. By John Dunn Apr 30, 2024 4 mins Threat and Vulnerability Management Network Security Vulnerabilities opinion Close the barn door now! Avoid the risk of not monitoring retained access before it’s a problem There’s usually a strict protocol for granting access to systems or data to a new employee or contractor. But there are perils in not keeping tabs on that access as that person moves around or leaves. By Christopher Burgess Apr 30, 2024 6 mins CSO and CISO Access Control Human Resources feature Cyber breach misinformation creates a haze of uncertainty A string of recent false or misleading cyber breach reports, fueled by rampant online dissemination, is fostering an atmosphere of growing misinformation that makes it difficult to separate fact from fiction. By Cynthia Brumfield Apr 30, 2024 9 mins CSO and CISO Data Breach Security Practices PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe