Safe Security announced the Return on Security Investment (ROSI) Calculator, a new module of the SAFE platform.
Using the ROSI Calculator, CISOs, CFOs, CEOs and Boards can, for the first time, measure a return on investment for their cybersecurity programs. Using API-driven technology, Safe Security’s ROSI Calculator automatically collects data from the organization’s cybersecurity tools to provide real-time prioritization of the most cost effective cybersecurity investments.
Safe Security’s team of data scientists, cyber threat intelligence and financial risk analysts have spent the last three years developing this calculator. The company’s research shows that the top three actions to reduce financial risk due to a cyber attack are: encrypting data at rest, having a comprehensive and tested business continuity plan, and a strong backup solution. According to Safe Security’s findings, taking these three actions can reduce an organization’s financial risk by 30-40%.
“Corporate spending on cybersecurity is expected to grow nearly 12% per year for the next five years1 while the cost of cybercrime will cost organizations up to $10 trillion by 20252. Organizations are finally understanding that spending more money on cybersecurity controls does not mean they are less likely to suffer from a cyber attack,” said Michael Coden, Associate Director of Cybersecurity at MIT Sloan, an advisor to boards and one of the Top 50 Cybersecurity leaders of 2022.
“The industry requires a new way to maximize the impact of cyber investments, and Safe Security’s ROSI Calculator is an innovative tool to address this need. Taking a Loss Distribution Approach, a method used for hundreds of years by financial institutions to calculate risk, Safe Security is enabling organizations to establish an accurate cyber budget with reportable ROI.”
Safe Security’s ROSI Calculator provides the most accurate and timely risk calculations by using AI-enabled Bayesian Networks, aggregating cybersecurity data from IT systems in real-time, and looking at internal cyber resiliency measures. Using the Safe Security ROSI Calculator, organizations gain the ability to compare and prioritize different cyber initiatives based on specific financial risk reduction factors, and prepare for business risk discussions with the board, the CFO or the CEO. The calculator also creates a way to compare defense, mitigation, response and recovery controls against cyber insurance policies, covering the entire lifecycle of cybersecurity offerings.
Phil Harris, Research Director, Governance, Risk, and Compliance Services at IDC, added, “There is a significant market need to simplify cyber risk quantification and the associated business discussions. In the hands of a CISO, or a MSSP for example, an intuitive and simple to use platform like the one offered by Safe Security that supports and empowers cybersecurity leaders to up-level their business acumen, is a very promising solution.”
Existing methods for reporting ROI of cybersecurity programs and quantifying cyber risk currently available are difficult to use, time consuming, and imprecise due to point-in-time insights. By connecting the Safe Security ROSI Calculator directly into the cybersecurity tools within an organization’s systems, the collection of necessary data is significantly simplified – reducing time, resources, and human judgment, and improving accuracy through continuous, real-time risk assessments.
“Safe Security’s mission is to help CISOs, C-suite, and Boards use their cyber budgets to increase business value,” said Saket Modi, co-founder and CEO of Safe Security. “Our customers have been able to focus their cyber investment dollars on the most critical priorities by leveraging Safe Security’s platform and ROSI Calculator to quantify and maximize the reduction of their cyber risk. This capability has provided a level of clarity in board reporting around cybersecurity risk and budgets not previously possible.”
Safe Security has gained momentum this past quarter with the recent announcements of the company’s free CRQ Calculator and industry-first free assessments that provide financial risk calculations for cyber attacks and cyber insurance discussions.