Crossword Cybersecurity plc (“Crossword”) has today released a new version of its online threat-based risk analysis tool, Rizikon, which gives organisations a clear picture of their overall cyber risk profile. Developed in partnership with the IASME Consortium Ltd (“IASME”) this version adds a simpler way for enterprises, small businesses, or organisations with limited internal IT resources to become certified for the UK Government Cyber Essentials scheme.
74 per cent of small companies have had a security breach since 2014, with the average cost reaching between £75,000 and £311,000 according to the PwC 2015 Information Security Breaches survey. With both the number of businesses and financial impact of incidents continuing to rise, it is becoming increasingly important for small businesses to take protection seriously.
Cyber Essentials provides a clear statement of the basic controls all organisations should implement to protect against cyber threats and through its assurance framework it offers a mechanism for them to demonstrate to customers, investors, insurers and others that they have taken these essential precautions.
In Rizikon, a customer completes a questionnaire which can be automatically assessed against the Cyber Essentials assurance framework, whilst Rizikon also calculates the probability of a successful attack. This is achieved using a Dynamic Attack Path Analysis (DAPA) algorithm, which combines information about the company, its IT systems and architecture, security policies and financial information, with up-to-date data from the security industry, to assess the threats faced and vulnerabilities present, and the impact that making changes would have on that risk profile. The DAPA algorithm is based on research carried out by the Centre for Cyber Security Sciences, City University London.
Emma Philpott, CEO of IASME said: “Many organisations are put off becoming certified by the daunting prospect of gathering answers to such a variety of questions, many of which need input from different people or contractors. Rizikon has some really innovative features which enable the information to be drawn together quickly and easily from across the company and its suppliers. This removes one of the biggest barriers to Cyber Essentials certification, helping companies raise the bar on cyber security, something IASME is passionate about.”
Tom Clark, Product Manager at Crossword added: “We’re delighted to be working with IASME to bring Cyber Essentials certification to customers. We developed Rizikon to help organisations understand the risks associated with holding information in the modern connected world. It helps them assess their situation and make targeted changes to their infrastructure, policies and behaviour to lower that risk.”