Case Study: Large Financial Services Organization reduces data breach risk with RiskLens

How RiskLens Modeled Risk Mitigation and ROI

RiskLens worked with a large financial services organization that needed to understand the financial risk of a potential database breach involving PII. The customer wanted to quantify how much risk could be reduced by implementing tokenization on key fields in a database cluster storing sensitive customer data.

Using the RiskLens cyber risk quantification platform and the FAIR model, RiskLens first built a baseline breach scenario and then adjusted the secondary loss magnitudes to reflect tokenization of SSN and Tax ID fields. This showed that several loss types would drop to little or nothing, while others would be reduced, resulting in an estimated $134M reduction in loss exposure and giving the organization a clear ROI basis for the control investment.