View this article online: https://www.insurancejournal.com/news/national/2015/10/26/386157.htm
PivotPoint Risk Analytics has launched a new company and its flagship product CyVaR, which quantifies cyber value-at-risk and gives chief information security officers (CISOs) and business leaders a common language in making cyber investment decisions and reducing cyber risk.
Spun out of CyberPoint International, the new company will be led by security industry veteran Julian Waits. It will work on addressing the critical data gap required to accurately gauge potential losses due to cyber attacks, a necessary step toward reducing risk and insuring against losses from a breach.
CyberPoint started the creation of CyVaR nearly two years ago by combining its analytical science capabilities with cyber threat analysis to place a monetary value on the cost of a cyber breach. PivotPoint was formed to commercialize CyVaR and other analytical technologies focused on cyber value-at-risk. CyVaR applies cyber threat models to statistical techniques for determining cyber value-at-risk.
“We believe the biggest threat to organizations today is the fuzzy picture of cyber risk that leads to misguided security investments. Throwing more money at security doesn’t make you more secure,” said Julian Waits, president and CEO, PivotPoint. “CISOs can’t protect everything – but they can protect the assets most important to the company and secure the value of the business. PivotPoint was founded to change the way we think about cyber and commercialize the first technology to make security a boardroom level discussion.”
The company helps organizations take a “cyber investment portfolio management” approach to identify return on investment. Insurers can use the product to determine financial exposure for more accurate cyber risk assessments, insurance policy coverage and premium decisions, according to the company.
CyVaR is an enterprise-scale product offered as SaaS starting at $50,000 annually depending on the size of the organization.
PivotPoint is a cyber risk analytics that measure cyber value-at-risk.