Case Study I
Comprehensive status of digital risk enterprise-wide
Financially-quantified risk profile showing origins and causes. Leadership gained awareness of total digital risk impact, probabilities, and associated annual carrying costs. A financially-driven determination of cybersecurity insurance decisions became possible, allowing the company to optimize the most effective use of cyber insurance coverage. Company was able to reduce cyber risk carrying costs by 8.2% and recover $25mm in costs in the first year.
Download the full case study here.
Case Study II
United States Strategic Command (Stratcom)
Model for evaluation of commercial cybersecurity solutions and capabilities
Working in a team structure with Mitre Corp, KBR, and under the direction of Dr. Mark Roth, Chief Engineer of the US Air Force, Arx Nimbus deployed Thrivaca in providing an evaluative study to “discover and report on commercial and government (especially non-Department of Defense) cybersecurity processes, designs, and capabilities that AFLCMC/HBCG can leverage to improve the confidentiality, integrity, and availability of future software programs.”
Thrivaca provides a quantitative set of analytic results to differentiate a set of solutions under consideration by Stratcom. Results of the Phase I study will be used to evaluate solutions for further analysis, testing, and/or acquisition by Stratcom.
Case Study III
Comprehensive quantitative evaluation of cybersecurity risk exposure
Working in concert with Quest's channel partner systems integrator Silent Sector, Arx Nimbus licensed Thrivaca for evaluation of the full sweep of cybersecurity risks across Quest's Southwestern US division. 89 Unique threat/vulnerability pairings were used to build a full risk profile for evaluation by Quest management, auditors, IT and cybersecurity teams
Thrivaca brings a ranking of cybersecurity risks to Quest, and provides the financial impact of associated vulnerabilities and threats based on accepted standards and regulatory frameworks. Quest is now able to articulate key choices and options in cybersecurity direction and strategy as well as determine self-insurance price impacts for key exposure areas.