2 min read

DeNexus Releases DeRISK 5.4 with DNX-CSF and Enhanced Inside-Data-Driven Attack and Risk Modelling.

Featured Image

DeNexus  releases DeRISK 5.4 delivering a new OT Cybersecurity Framework (DNX-CSF) and Enhanced Inside-Data-Driven Attack Propagation and Risk Aggregation Modelling. 

DeNexus, a leader in evidence-based data analytics OT Cyber Risk Quantification and Management (OT-CRQM), has released version 5.4 of our DeRISK platform.  

CISO's, OT Facility Managers, Executive Boards and Underwriters need to find a more quantified approach to manage true cyber security risks across a fleet of Operational Technology (OT) sites. DeRISK provides an evidence-based, data-driven platform that gives OT industrial stakeholders visibility to a facility’s exposure to cyber events, calculates the probability and financial impact of potential cyber events, and delivers the mitigation options available to reduce cyber risk while measuring the ROI of each cyber risk mitigation investment! 

DeRISK 5.4 delivers new OT Cybersecurity Framework to accelerate risk assessments:  The DNX CSF is a new cybersecurity framework that solves the need for a lightweight, evidenced-based risk assessment. Although NIST CSF is widely adopted globally as a reference for defining functional cybersecurity, it does not include a simple set of questions that can quickly determine a level of conformance. Also, most frameworks do not consider automated versus manual assessments. For organizations that are just beginning their cybersecurity journey, they can begin with the simpler DNX CSF, and later expand to NIST CSF or other as they increase their maturity and experience.

Adopting a cybersecurity framework like NIST CSF is a key maturity milestone, but interpreting the subcontrol language can be an obstacle. A further challenge is to track the NIST CSF details for every facility and then transform the risk assessment into actionable goals.” said Dan Johnson, Senior Director of ICS Cyber Risk at DeNexus, he continues,"This release is helping asset owners, consultants, managed security providers & others accelerate the assessment of cybersecurity risk with our DeNexus Cybersecurity Framework (DNX-CSF).

DeRISK 5.4 enhances its use of critical OT network monitoring data in attack propagation and risk aggregation modelling: DeRISK’s use of OT network monitoring Inside-data helps leverage the telemetry locked within these solutions. For one of our customers, actual OT network communications between their Control Centers and over 60 electricity generation facilities provides a more accurate network topology, facility dependencies & hierarchy, helping reduce manual effort through automation. With more granular mapping of communications between different facilities and their Control Centers, this increases the quality, accuracy, and stability of Cyber Risk Quantification and risk aggregation models from cyber-attacks that can propagate within the portfolio.

Donovan Tindill, OT Cybersecurity Director at DeNexus, “Instead of assuming the communication attack paths, we are using OT network monitoring data as a more accurate, timely, and data-driven input to our attack propagation modelling.”, he continues, “Majority of industrial asset owners have invested in OT network monitoring tools. DeRISK integrates with leading partners to use this Inside-data telemetry within DeRISK models.”

The latest release builds upon innovations from DeRISK 5.3, which include Inside-data-driven Indicators of cybersecurity risk over time, Cyber Risk Mitigation Project Simulator to help find your most cost-effective cybersecurity investment, NERC CIP risk reports, and integration with more OT/ICS cybersecurity solutions.

DeRISK-5.4-ReleasePic

____________________________________________________________________________________________________

About DeNexus: DeNexus is the leading provider of cyber risk quantification solutions for ICS/OT organizations, consultants, managed security providers, global insurers, and (re)insurers. 

DeRISK provides an evidence-based, data-driven platform that gives OT industrial stakeholders visibility to a facility’s exposure to cyber events, calculates the probability and financial impact of potential cyber events, and delivers the mitigation options available to reduce cyber risk while measuring the ROI of each cyber risk mitigation investment!

For more news and information on DeNexus, please visit: DeNexus Resource Page for News, Press, and Blogs.

_________________________________________________________________________________________________________________________________________________________________________________________________________________________________

Click here to learn more about DeNexus and its comprehensive Cyber Risk Quantification and Management platform, DeRISK.

_________________________________________________________________________________________________________________________________________________________________________________________________________________________________

 

Get A No-Pitch Consultation, See The Dashboard, and Get Access to DeRISK!

                                                                                            

DeNexus Partners with Claroty to Mitigate Operational Technology (OT) Risk in the Critical Infrastructure Industry

Strategic partnership and native integration will allow users to

more simply and comprehensively quantify and manage OT risk

Read More

DeNexus Accelerates Momentum with Strategic Investments from Leading Energy and Insurance Companies

Investments to Fast-Track Company Mission to Establish the Global Standard for Industrial Cyber Risk Quantification

Read More

DeNexus Expands Cyber Risk Management Solution to Manufacturing and Energy T&D

DeRISK empowers companies to regain control over their cyber risk

Read More