Case Study: Arvest Bank Quantifies Cyber Risk and Engages Executives with BitSight VisibleRisk

Arvest Bank Uses VisibleRisk to Quantify Cyber Risk and Engage Executives

Arvest Bank, which operates community banks across Arkansas, Oklahoma, Missouri and Kansas, was using control frameworks and multiple security assessment tools to manage cyber risk. Its leadership wanted a clearer view of how security gaps could affect the business, along with a better way to translate cyber risk into financial terms for executives and board members. To do that, Arvest Bank worked with BitSight, using the VisibleRisk cyber risk quantification platform.

BitSight helped Arvest Bank add cyber risk quantification to its control-based approach by collecting and analyzing internal, threat, business, and loss data to measure the frequency and impact of cyber events. The bank was able to assign financial exposure figures to risk scenarios, prioritize the most effective controls, and communicate cyber risk more clearly to executives. As a result, Arvest Bank better managed material cyber losses relative to its enterprise risk appetite and secured more resources for its program while improving cybersecurity decision-making.

Arvest Bank

Sajan Gautam

Chief Information Security Officer