Read insights, thought leadership, and platform updates.

Cyber risk doesn’t wait until the next quarter. Neither should you. ThreatConnect RQ 9.0 let’s you keep up.  With the launch of Risk Quantifier 9.0, security and risk leaders finally have a way to see what’s at risk, what it costs, and what to fix, continuously. Powered by Continuous Controls Monitoring (CCM), RQ 9.0 keeps […]

The Digital Operational Resilience Act (DORA) is pushing companies across Europe to demonstrate something many have struggled with for years: measurable resilience. It’s no longer enough to check the compliance box or hand over a set of controls during an audit. Regulators want evidence that organizations can withstand, respond to, and recover from ICT disruptions. […]

As cybersecurity evolves – so do the tools designed to combat recurring problems that exist within. EDR replaced antivirus. MFA displaced passwords. XDR is basically SIEM dressed to impress. RBAC matured into PBAC/ABAC, and so on. Still, despite the tremendous progress with available security tools, today’s CISOs face increasing pressures to deliver clear and defensible […]

In today’s dynamic cyber landscape, organizations face an evolving array of threats and vulnerabilities that challenge their resilience. Whether it’s defending against ransomware attacks, identifying critical vulnerabilities (e.g. CVE-2023-23397), or responding to adversaries’ rapidly changing tactics, being able to measure and understand risk is integral to staying ahead of potential threats. And when it comes […]

Whether in business or in life, we are faced with making decisions every day, but how do you know you’re making the right one? Enter risk quantification—a powerful tool that transforms decision-making by providing actionable insights based on measurable data rather than instincts or guesswork. By translating risks into tangible numbers, organizations can prioritize actions, […]

Organizations today rely heavily on third-party vendors to support their operations (e.g., call centers, shipping centers, data storage providers, etc.). While these partnerships offer numerous benefits, they can also introduce significant cyber risks. Managing a complex network of vendors can be difficult, as traditional risk assessments often don’t provide a clear or measurable view of […]

With the release of ThreatConnect RQ 7.9, organizations have access to new, powerful tools designed to improve cyber risk management. This release focuses on addressing common challenges in risk communication, enhancing technical risk analysis, and providing an improved user experience across RQ. The Challenge of Qualitative Risk Measures One longstanding challenge is effectively communicating qualitative […]

Story time.  I recently had the opportunity to work with a large organization in the healthcare insurance industry.  They wanted to adopt cyber risk quantification (CRQ) and really liked the FAIR model.  The customer came to ThreatConnect and stated “we don’t need all the bells and whistles; we just want to be able to use […]

In a recent webinar, Addressing the SEC Requirements for Materiality Disclosure, industry experts shed light on the intricate balance between cybersecurity management and the new regulatory requirements enforced by the Securities and Exchange Commission (SEC).  They discussed the critical aspects of risk management, emphasizing the importance of quantifying cybersecurity risk and the role of executive […]

I’m excited to announce the latest version of ThreatConnect Risk Quantifier (RQ) and a new addition to the RQ solution family, RQ Impacts! Introducing RQ Impacts RQ Impacts is a simplified version of RQ Enterprise that helps answer common cyber risk questions businesses face quickly and easily. You don’t need to be a cyber risk […]

Many organizations face the challenge of operating across multiple platforms, making managing cyber risk as part of their cybersecurity strategy daunting. Traditional cyber risk management programs often utilize Governance, Risk, and Compliance (GRC) heatmaps that use shades of red, yellow, and green, with qualitative terms, ratings, and scores as risk measurements. However, these methods make […]

Cyber attacks have surged to the forefront of significant enterprise risk factors in the modern business landscape. As businesses continue to embrace digital transformations, the resultant increase of their attack surface leads to increased exposure and successful cyber attacks, creating substantial risk. Why? Cyber risks fundamentally differ from traditional risks businesses face and, thus, are […]