RiskLens (formerly Cxoware), a cyber risk qualification and management software provider, today revealed that it’s raised $20.55 million in series B funding led by Paladin Capital, with participation from Dell Technologies Capital, Osage Venture Partners, F-Prime Capital, and MassMutual Ventures. The fresh capital, which follows on the heels of a $5 million series A raise in July, will be used to expand the company’s sales, marketing, engineering, and professional services departments, according to CEO Nick Sanna.
“RiskLens has forever changed the way large organizations assess, manage and report on cyber risk, by translating the impact of threats and vulnerabilities into the financial language of the business that everyone understands: dollars and cents,” Sanna said. “We are proud to have our existing investors expand their commitment to our success and are thrilled to be joined by F-Prime Capital and MassMutual Investors given their prowess in the financial services and insurance sectors.”
RiskLens — which was founded in 2011 by former Huntington Bank senior vice president and CISO Jack Jones and IT-Lifeline founding CEO Steve Tabacek — offers a suite of software-as-a-service (SaaS) apps aimed at helping executives to quantify and manage cyber risk. Its software models corporate environments, assessing relevant threats before devising risk scenarios, applying data regarding threat activity, and running simulations to identify areas for improvement and generating risk analytics reports that highlight concentrations of risk, loss exposure over time, and other key metrics.
“We’re giving boards of directors, CISOs and cyber risk teams what was once thought impossible — a decision-support platform and a system of record that allows them to make cost-effective decisions regarding the prioritization of security initiatives and the rightsizing of those investments,” Sanna said. “RiskLens is currently the only software platform that can help clients establish quantitative and financially oriented cyber risk management programs.”
RiskLens’ analytics module offers a per-division breakdown of risk appetite and risk components (like assets classes and forms of loss), and enables managers to set control thresholds that trigger notifications when they’re met. Its Cyber Risk Maturity app measures an organization’s ability to manage risk over time, as well as compliance against frameworks like NIST, CSF, FFIEC, and CAT, and its Cyber Risk Triage service offers a templatized workflow, drop-down selections, and predefined ranges for risk factors that help determine which new scenarios deserve an analysis, along with mathematical simulations that automatically build risk profiles.
RiskLens claims it’s the only enterprise-class solution built on the Factor Analysis of Information Risk (FAIR) standard, a taxonomy of factors that contribute to risk and how they affect each other.
“As early believers in RiskLens since our participation in the Series A funding, we’ve seen first-hand the rapid shift of market momentum towards cyber risk quantification and the capabilities of its experienced management team in driving growth,” said Mourad Yesayan, principal at Paladin Capital Group and RiskLens board member. “We believe that RiskLens is poised to become the de-facto standard in how enterprises around the globe assess, communicate and manage cyber risk. We’re delighted to be partnering with a syndicate of top investors to continue fueling the company’s success.”
RiskLens has offices in Reston, Virginia and Spokane, Washington.