RSA® Helps Organizations Quantify Financial Risk Exposure to Cyber Attacks

RSA Archer Cyber Risk Quantification® arms CISOs with the data they need to make informed decisions about their security initiatives

BEDFORD, MA -- March 26, 2018 -- RSA, a global cybersecurity leader delivering Business-Driven Security™ solutions to help manage digital risk, unveils the RSA Archer Cyber Risk Quantification® use case that helps business users quantify their organizations' financial risk exposure to cybersecurity events. It gives CISOs the ability to prioritize risk mitigation efforts using a quantification-based assessment of the business and financial impact that a breach or vulnerability would expose. The quantification of cyber risk will empower CISOs to better communicate the impact in financial terms at the Board and senior management levels of an organization.

Between the constant expansions of today's technology infrastructures and the ever-growing number of cyber threats, organizations struggle to identify, understand and translate cyber risk into business risk. Many organizations' current cyber risk management processes are manual, leading to disconnected efforts, ineffective controls, or piles of data with little actionable value. According to Gartner[1], "Digital risk leaders need an enterprise-wide view of risk to bridge the communication gap with CEOs and to articulate the potential risk impact on the business outcomes that their organizations value most."

"Under the threat of high-profile cyber attacks and data breaches, executives and corporate Boards are starting to ask more informed questions about their organizations' risk exposure," said David Walter, Vice President, RSA Archer. "RSA Archer Cyber Risk Quantification gives security teams the tool they need to quantify and communicate their cyber needs in a language that business leaders can easily understand. This helps clarify priorities for security investments, and also helps with planning for risk transfer methods such as cybersecurity insurance."

"The global information security market is forecast to grow at a CAGR of 8.1% to reach $121.6 billion in 2021 ."[2] However, cybercrime damages, such as loss of data, theft of IP and fraud, will cost companies $6 trillion annually by 2021[3]. Prioritizing and rationalizing investments to improve an organization's security posture, or deciding to transfer risk, is becoming a significant challenge for CISOs today.

Armed with a holistic understanding of their organizations' cyber risk, IT risk and security teams can calculate and demonstrate the value of cybersecurity initiatives for senior management. With RSA Archer Cyber Risk Quantification, users can more easily assess the efficacy of their existing cyber risk programs and prioritize top risk reduction opportunities, including identifying the areas of loss for which to consider cyber insurance.

Through a partnership with RiskLens, a leading provider of cyber risk quantification solutions, key features and capabilities in RSA Archer Cyber Risk Quantification include:

  • Built-in risk calibration and analysis engine for cyber risk calculation
  • Templatized workflow for easy scenario modeling
  • On-demand risk analytics for answers to questions on the fly
  • Mathematical simulations to build your risk profile with limited data
  • Existing loss tables based on industry data
  • Easy-to-use SaaS application
  • User-friendly interface

"Common risk management practices are often a barrier to achieving strategic business outcomes. By proactively assessing risk appetite and the value of the desired business outcome, CIOs and CISOs can transform digital risk management into a competitive advantage," according to Gartner[4].


The RSA Archer Cyber Risk Quantification use case is available now.



RSA, a Dell Technologies business, offers business-driven security solutions that uniquely link business context with security incidents to help organizations manage risk and protect what matters most. RSA solutions are designed to effectively detect and respond to advanced attacks; manage user identities and access; and, reduce business risk, fraud, and cybercrime. RSA protects millions of users around the world and helps more than 90% of the Fortune 500 companies thrive in an uncertain, high-risk world. For more information, go to

©2018 Dell Inc. or its subsidiaries. All rights reserved. RSA and the RSA logo, are registered trademarks or trademarks of Dell Inc. or its subsidiaries in the United States and other countries. All other trademarks are the property of their respective owners. RSA believes the information in this document is accurate. The information is subject to change without notice.

# # #

Media Contact:
Diana Wong


[1] Gartner, How to Get Your CEO to Embrace Digital Risk Management, John Wheeler, August 2016, refreshed December 19, 2017

[2] Gartner, Forecast Analysis: Information Security Worldwide, 4Q17 Update; Elizabeth Kim, Christian Canales, Ruggero Contu, Sid Deshpande, Lawrence Pingree; 22 February 2018

[3] Cybersecurity Ventures, Official 2017 Annual Cybercrime Report

[4] Gartner, How to Get Your CEO to Embrace Digital Risk Management, John Wheeler, August 2016, refreshed December 19, 2017