Almost all Cyber and Technology Risk Quantification (CRQ) methodologies focus almost exclusively on endeavoring to calculate Loss Expectancy and are woefully lacking in scalability due to being almost exclusively scenario based and failure to support the up-side of risk.
At Mercury Risk and Compliance, we have developed a patent-pending
asset value-based risk quantification methodology, based on “Grounds’ Rules” “risk-as-a-currency” that is totally scalable, automatable and that manages risk using empirical numeric scoring across multiple risk domains, for business enablement, not just loss avoidance.
Mercury’s methods and solutions deliver the ability to make meaningful operational and business decisions and set priorities based on real risk benefits and value – in near-real-time.
Our founders have extensive experience pioneering and operationalizing Automated Controls Efficacy Testing (ACET) which is a core component of Mercury’s comprehensive Asset Value-Based Risk Quantification Engine (affectionately named, “Grounds’ Rules” by some of our partners and analysts).
“Grounds’ Rules” is much more than a suite of algorithms. It is a whole new, scalable, and powerful approach to enterprise-wide risk management.
Mercury’s Comprehensive Risk Quantification methodologies and solutions address Cyber Risk, IT Risk, 3rd-party (and supply-chain) Risk, Regulatory Risk, Human Risk and risks associated with physical-world harm.
Wherever the Mercury Risk Quantification and ACET are adopted, whether in a single domain or muti-domain, they have a proven record of delivering outstanding value to business and technology units.
“Grounds’ Rules” – Mercury Asset Risk Engine – and ACET have been featured in numerous industry-leading conferences and case studies..
This combination provides industry-leading automated Risk and Compliance Management and finally “cracks the nut” on real Cyber Risk Quantification and cross-domain risk management.
