DeNexus releases DeRISK 5.4 delivering a new OT Cybersecurity Framework (DNX-CSF) and Enhanced Inside-Data-Driven Attack Propagation and Risk Aggregation Modelling.
DeNexus, a leader in evidence-based data analytics OT Cyber Risk Quantification and Management (OT-CRQM), has released version 5.4 of our DeRISK platform.
CISO's, OT Facility Managers, Executive Boards and Underwriters need to find a more quantified approach to manage true cyber security risks across a fleet of Operational Technology (OT) sites. DeRISK provides an evidence-based, data-driven platform that gives OT industrial stakeholders visibility to a facility’s exposure to cyber events, calculates the probability and financial impact of potential cyber events, and delivers the mitigation options available to reduce cyber risk while measuring the ROI of each cyber risk mitigation investment!
DeRISK 5.4 delivers new OT Cybersecurity Framework to accelerate risk assessments: The DNX CSF is a new cybersecurity framework that solves the need for a lightweight, evidenced-based risk assessment. Although NIST CSF is widely adopted globally as a reference for defining functional cybersecurity, it does not include a simple set of questions that can quickly determine a level of conformance. Also, most frameworks do not consider automated versus manual assessments. For organizations that are just beginning their cybersecurity journey, they can begin with the simpler DNX CSF, and later expand to NIST CSF or other as they increase their maturity and experience.
“Adopting a cybersecurity framework like NIST CSF is a key maturity milestone, but interpreting the subcontrol language can be an obstacle. A further challenge is to track the NIST CSF details for every facility and then transform the risk assessment into actionable goals.” said Dan Johnson, Senior Director of ICS Cyber Risk at DeNexus, he continues,"This release is helping asset owners, consultants, managed security providers & others accelerate the assessment of cybersecurity risk with our DeNexus Cybersecurity Framework (DNX-CSF).
DeRISK 5.4 enhances its use of critical OT network monitoring data in attack propagation and risk aggregation modelling: DeRISK’s use of OT network monitoring Inside-data helps leverage the telemetry locked within these solutions. For one of our customers, actual OT network communications between their Control Centers and over 60 electricity generation facilities provides a more accurate network topology, facility dependencies & hierarchy, helping reduce manual effort through automation. With more granular mapping of communications between different facilities and their Control Centers, this increases the quality, accuracy, and stability of Cyber Risk Quantification and risk aggregation models from cyber-attacks that can propagate within the portfolio.
Donovan Tindill, OT Cybersecurity Director at DeNexus, “Instead of assuming the communication attack paths, we are using OT network monitoring data as a more accurate, timely, and data-driven input to our attack propagation modelling.”, he continues, “Majority of industrial asset owners have invested in OT network monitoring tools. DeRISK integrates with leading partners to use this Inside-data telemetry within DeRISK models.”
The latest release builds upon innovations from DeRISK 5.3, which include Inside-data-driven Indicators of cybersecurity risk over time, Cyber Risk Mitigation Project Simulator to help find your most cost-effective cybersecurity investment, NERC CIP risk reports, and integration with more OT/ICS cybersecurity solutions.
____________________________________________________________________________________________________
About DeNexus: DeNexus is the leading provider of cyber risk quantification solutions for ICS/OT organizations, consultants, managed security providers, global insurers, and (re)insurers.
DeRISK provides an evidence-based, data-driven platform that gives OT industrial stakeholders visibility to a facility’s exposure to cyber events, calculates the probability and financial impact of potential cyber events, and delivers the mitigation options available to reduce cyber risk while measuring the ROI of each cyber risk mitigation investment!
For more news and information on DeNexus, please visit: DeNexus Resource Page for News, Press, and Blogs.
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
Get A No-Pitch Consultation, See The Dashboard, and Get Access to DeRISK!
Romy Ravines : Sep 26, 2023 11:07:41 PM
'How DeNexus Leverages the Power of Artificial Intelligence (AI) and Machine Learning (ML) in Cyber Risk Quantification and Management platform, ...
Donovan Tindill and Caleb Mathis : Sep 25, 2023 4:58:53 PM
'Data Center Ecosystems: Securing IoT and OT Systems in an Expanding Attack Surface' is written byDeNexus Inc.'sDirector of OT Cybersecurity, ...
Alessandro Nepoti : Sep 20, 2023 8:07:10 AM
'DeNexus Trusted Ecosystem: Data Security Foundation for Cyber Risk Quantification and Management' is a new blog written byDeNexus' Chief Technology...