Accessibility Statement Skip Navigation
  • Why PRWeb
  • How It Works
  • Who Uses It
  • Pricing
  • Login
  • GDPR
  • Create a Free Account
Return to PRWeb homepage
  • News
  • Resources
  • Contact
When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases

      • All News Releases
      • Multimedia Gallery

      • All Multimedia
      • All Photos
      • All Videos
  • Business & Money
      • Auto & Transportation

      • Aerospace, Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads and Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking and Road Transportation
      • View All Auto & Transportation

      • Business Technology

      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors
      • View All Business Technology

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Financial Services & Investing

      • Accounting News & Issues
      • Acquisitions, Mergers and Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalization
      • Sales Reports
      • Shareholder Activism
      • Shareholder Meetings
      • Stock Offering
      • Stock Split
      • Venture Capital
      • View All Financial Services & Investing

      • General Business

      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Environmental, Social and Governance (ESG)
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls and Research
      • Trade Show News
      • View All General Business

  • Science & Tech
      • Consumer Technology

      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications
      • View All Consumer Technology

      • Energy & Natural Resources

      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil and Gas Discoveries
      • Utilities
      • Water Utilities
      • View All Energy & Natural Resources

      • Environ­ment

      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters
      • View All Environ­ment

      • Heavy Industry & Manufacturing

      • Aerospace & Defense
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation and Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking and Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco
      • View All Heavy Industry & Manufacturing

      • Telecomm­unications

      • Carriers and Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications
      • View All Telecomm­unications

  • Lifestyle & Health
      • Consumer Products & Retail

      • Animals & Pets
      • Beers, Wines and Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics and Personal Care
      • Fashion
      • Food & Beverages
      • Furniture and Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewelry
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys
      • View All Consumer Products & Retail

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Health

      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine
      • View All Health

      • Sports

      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories
      • View All Sports

      • Travel

      • Amusement Parks and Tourist Attractions
      • Gambling & Casinos
      • Hotels and Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry
      • View All Travel

  • Policy & Public Interest
      • Policy & Public Interest

      • Advocacy Group Opinion
      • Animal Welfare
      • Congressional & Presidential Campaigns
      • Corporate Social Responsibility
      • Domestic Policy
      • Economic News, Trends, Analysis
      • Education
      • Environmental
      • European Government
      • FDA Approval
      • Federal and State Legislation
      • Federal Executive Branch & Agency
      • Foreign Policy & International Affairs
      • Homeland Security
      • Labor & Union
      • Legal Issues
      • Natural Disasters
      • Not For Profit
      • Patent Law
      • Public Safety
      • Trade Policy
      • U.S. State Policy
      • View All Policy & Public Interest

  • People & Culture
      • People & Culture

      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women
      • View All People & Culture

  • Hamburger menu
  • Cision PRWeb provides efficient communication tools to continuously engage with target audiences across multiple online channels
  • Create a Free Account
    • ALL CONTACT INFO
    • Contact Us


      11AM ET Sunday – 8PM ET Friday

  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • News in Focus
    • Browse All News
    • Multimedia Gallery
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
  • Policy & Public Interest
  • People & Culture
    • People & Culture
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR

Kovrr Reveals New Standardized Approach to Ensure Objectivity to Quantify Cybersecurity Control Impact & Financial Forecasts in New Report


News provided by

Kovrr

Dec 11, 2024, 09:05 ET

Share this article

Share toX

Share this article

Share toX

Kovrr NIST CSF Security Controls
Kovrr NIST CSF Security Controls

Innovative Methodology Aligns Controls from Various Cybersecurity Frameworks, Offering Organizations Clear Insights Into Cybersecurity Risk Reduction and Investment Impact

TEL AVIV, Dec. 11, 2024 /PRNewswire-PRWeb/ -- Kovrr, the leading global provider of on-demand cyber risk quantification (CRQ) solutions, unveiled a novel approach to modeling the impact of cybersecurity controls on an organization's cyber risk exposure. A new report published today offers insights into the new methodology that standardizes the means by which cybersecurity controls from diverse frameworks are evaluated, providing organizations with actionable, accurate insights into risk reduction initiatives and enabling more informed decision-making for security investments.

Organizations increasingly rely on widely-known cybersecurity frameworks such as ISO 27001, CIS, and NIST CSF to shape and measure their security strategies. However, inconsistencies in definitions and attack technique mapping have posed obstacles to the strategization process, leaving Chief Information Security Officers (CISOs) to subjectively determine which risk reduction measures effectively reduce exposure, creating space for vulnerabilities to creep through.

"By mapping cybersecurity frameworks to a singular control catalog and linking them to real-world adversarial techniques," said Yakir Golan, CEO. "Kovrr is working to provide organizations with a clear understanding of how their cyber investments translate into operational financial resilience."

Post this

Kovrr's new modeling approach bridges these gaps, providing a unified methodology that allows cybersecurity leaders to feel more confident in their risk-based prioritizations for the upcoming year.

A Unified Framework for Control Impact Analysis

The Quantifying Cybersecurity Control Impacts report outlines Kovrr's standardized process for aligning security controls across various frameworks and assessing how they mitigate specific adversarial techniques and behaviors. Leveraging the NIST 800-53 cybersecurity control catalog as a common base, Kovrr then maps controls to the types of attack techniques they are designed to prevent according to the MITRE ATT&CK framework, creating a consistent measurement system.

"Enterprises have long expressed the challenges they face capturing control impact when quantifying their cyber risk," said Yakir Golan, Kovrr CEO. "Our latest modeling update provides clarity and actionable insights, enabling them to more confidently prioritize their security upgrades while aligning efforts with measure risk reduction outcomes."

Tying Cybersecurity Controls to Real-World Impact

The report highlights Kovrr's innovative three-stage methodology for standardizing the quantification of cybersecurity control impacts, specifically accounting for the tangible effects of real-world scenarios.

Stage 1: Controls from various cybersecurity frameworks such as ISO, CIS, and NIST CSF are mapped to a common security control catalog, the NIST 800-53, which was originally designed for government use but is increasingly being leveraged by enterprises as the common base. Instead of relying on internal assumptions or unstandardized expert insights, Kovrr instead harnesses guidance from NIST IR 8477.

Stage 2: Controls are linked to attack techniques as categorized by the MITRE ATT&CK framework, which groups these techniques into different adversarial tactics. Kovrr then groups these techniques further into three phases of attack - Initial Access, Network Propagation, and Action on Objective - focusing on them as they are considered the 'active' phases.

Stage 3: Control effectiveness is adjusted to account for non-covered techniques, undocumented techniques, such as zero-day vulnerabilities and unknown gaps - which have resulted in events like the 2023 MOVEit breach - tool design and usage limitations, and potential misconfigurations. These calibrations ensure an accurate reflection of the practical impact controls have on mitigating cyber risk in the real world.

To make Kovrr's standardized control mapping applicable and actionable, the security control impact quantification also takes into account whether specific controls are implemented within the company infrastructure, the likelihood and frequency of adversarial techniques to adjust for the volume and type of attacks, and the company's unique exposure to potential damages.

Implications for Cybersecurity Decision-Makers

In 2025, as they face budgetary constraints and increasing pressure from senior stakeholders, cybersecurity leaders need an objective, data-driven means of capturing the impact of their security control upgrades. Kovrr's new cyber risk modeling approach directly addresses this challenge by introducing a standardized methodology that aligns technical controls with measure risk reduction outcomes, enabling cyber risk management to make more informed, strategic decisions.

Moreover, this innovative approach helps to bridge the long-standing gap between technical cybersecurity measures and executive-level priorities by shifting the focus away from subjective impact assumptions to objective, actionable intelligence. "By mapping cybersecurity frameworks to a singular control catalog and linking them to real-world adversarial techniques," added Golan, "Kovrr is actively working to provide organizations with a clearer understanding of how their cybersecurity investments translate into operational financial resilience."

For full access to the Quantifying Cybersecurity Control Impacts report, please visit www.kovrr.com/reports/quantifying-cybersecurity-control-impacts.

About Kovrr:

Kovrr's cyber risk quantification platform empowers enterprise decision-makers to manage cyber exposure more effectively by providing an in-depth risk analysis that drives actionable, financially justified decisions. For more information, please visit www.kovrr.com or follow us on Twitter or LinkedIn.

Media Contact

Naomi Ronen, Kovrr, 972 507095870, [email protected], www.kovrr.com

Twitter, LinkedIn

SOURCE Kovrr

Modal title

Contact PRWeb

  • 11AM ET Sunday – 8PM ET Friday
  • Contact Us

About PRWeb

  • About PRWeb
  • Partners
  • Partnership Programs
  • Editorial Guidelines
  • Resources

Why PRWeb

  • Why PRWeb
  • How It Works
  • Who Uses It
  • Pricing

Accounts

  • Create a Free Account
  • Log in
  • Contact Us

Do not sell or share my personal information:

  • Submit via [email protected] 
  • Call Privacy toll-free: 877-297-8921

Contact Cision

Products

About

My Services
  • All News Releases
  • Online Member Center
  • ProfNet
Cision Distribution Helpline
888-776-0942
  • Legal
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2025 Cision US Inc.