Enabling companies to improve cybersecurity and reduce costs,

by bringing predictability to the randomness of data breach,

using data analytics and A.I.

Call or book a free peer comparison.

https://meetings.hubspot.com/thomasl4

Products

Aggregate 3rd Party Assessments

Regulators and management need 3rd party assessment that are accurate and not based upon opinions or assumptions. VivoSecuiry enables  our customers to satisfy regulators by assessing true 3rd party risk, which is the probability that one of their vendors will have a data breach, obsoleting the use of questionnaires, maturity scores and SOC2 reports.

 

The risk from 3rd parties is from breaches caused by  the sheer number of vendors. VivoSecurity quantifies this risk twice per year, with an aggregate forecast. We help senior management set risk appetite goals with a testable forecast of data breach frequency.  We help cybersecurity teams identify the few vendors that represent most of the risk,  we then quantify the value of mitigation. Finally, we satisfy regulators with an accurate and documented process for vendor assessment using an empirical and transparent regression model for probability of data breach. 

Data Breach Impact Report

The cost of a data breach is predictable. By understanding the causes and  cost of data breaches,  VivoSecurity allows our customers to make informed decisions around cybersecurity investments. We use an empirical regression model, which means that it is based upon factors that predict cost.   The model is easy to understand, and provides insights into how to manage and reduce costs.  The report provides the median and 80% confidence interval for a data breach caused by a malicious outsider, a malicious insider, a lost & stolen device, and/or  an accident. The model forecasts the sum of all costs including investigation costs, notification costs and reputation damage and the probability for lawsuit, providing a complete and detailed breakdown of costs.

Peer Comparison

Senior management would like more than green/yellow/red. They would like to know the probability for data breach and the cost of reducing this probability. They would like to know how they compare with peers and they would like to be able to weigh cybersecurity risks against other business priorities. They would like to know how the cost of risk transfer compares with the cost of reducing cyber-risk.

 

VivoSecurity brings  predictability to the randomness of cybersecurity incidents by enabling  our customers understand the probability of having  a data breach. Our report will help senior management set risk appetite goals for their internal cybersecurity, in terms of data breach frequency and data breach size, and, more importantly, weigh the cost of cybersecurity against the cost of risk transfer. Our report will also show senior management how they compare with their industry and size in terms of cybersecurity spend and management culture.

 
 

About

VivoSecurity develops rigorous statistical and AI models, that meet the Federal Reserves and office of the controller guidance for model risk management (SR11-7), to forecast the cost and probability of data breach. The vivo team has PhD level scientists and statisticians who have developed novel, yet rigorous methods to leverage from the numerous state and federal reporting requirements regarding data breach. 

Thomas Lee

unnamed.png

CEO

BS, Electrical Engineering, Univ. of Washington

BS, Physics, Univ. of Washington

PhD, Biophysics, Univ. of Chicago

Paul Borchardt

unnamed.png

Board of Directors, IP Advisor

PhD, Biomedical Science, Univ. of Texas

JD, Univ. of San Francisco

Spencer Graves

unnamed.png

Head of Modeling

MA, Mathematics, Univ. of Missouri

PhD, Mathematical Statistics, Univ. of Wisconsin

Shawn Wilde

unnamed.png

Board of Directors

Former CIO,

GDPR HIPAA CCPA Advisor

Nagaraja Kumar Deevi

Advisor

unnamed.png

Aaron Arutunian

unnamed.png

Cybersecurity Advisor

CISSP, CISA & 32 additional certifications

 

Industries

Financial • Banking

The Federal Reserve and Office of the Comptroller of the Currency (OCC) has special requirements for banks regarding models and assessing model risk (see SR11-7).

VivoSecurity  assists  our customers to meet this standard with empirical regression models that are fully compliant. Our models bring non-technical insights to senior management and new technical insights to the subject matter expert. With each use, our Aggregate 3rd Party Assessments make a testable forecast to validate our results.. We support model validation, provide model-documents, and support model maintenance to aid assessment of model risk. Our models help banks, financial institutions and transaction processors to quantify and manage the risk from 3rd and 4th parties, demonstrate an advanced approach for risk management to regulators and bring certainly to the randomness of data breach. 

Biotech • Pharma • Medical

Good policies and procedures are the foundation of quality assurance (QA). We support our customer’s QA teams with a HIPAA compliant, CLIA compliant and NIST 800.30 compliant Aggregate 3rd Party Assessment process.

 

Our Aggregate 3rd Party Assessments apply to both IT/technology and business critical clinical vendors. We help our customers save money—while also reducing cyber-risk, by identifying the few vendors that account for most of the risk. Our customers save money by focusing mitigation efforts, which can be justified by quantifying the value with a model and process that is credible to regulators.

 

Our customer’s QA teams gain non-technical, yet actionable insights into the risk posed by each vendor, and by the risk from the sheer number of vendors. We support our QA customers with a template SOP and training for vendor assessments and new vendor onboarding. We support our customers when they face CAP and OCR auditors with our credible, accurate and testable empirical regression model that quantifies cybersecurity risk.

Industries with PII

Companies continue to  outsource services and infrastructure, with  3rd party risk being  the cybersecurity blind spot. We find that about 50% of larger data breaches are caused by 3rd parties. This 3rd party risk is due to the sheer number of vendors, which cannot be assessed with maturity or compliance models, or SOC 2 reports. We help all of our customers quantify and manage this cybersecurity risk with empirical statistical models that forecast data breach for all their vendors, not only the vendors missed by maturity or compliance models. 

 
 

Contact

VivoSecurity Inc.

Los Altos, California

 

Telephone 650-919-3050

LinkedIn

unnamed.png

Email us

inquiries@VivoSecurity.com

Book a meeting

For first free analysis

https://meetings.hubspot.com/thomasl4