September 5, 2023
Mastercard is listed as a “Strong Performer” in The Forrester Wave™: Cyber Risk Quantification, Q3 2023; The Eight Providers That Matter Most And How They Stack Up report.
Every transaction and every interaction across the globe today has an element of technology. Protection of these transactions and interactions is essential to manage trust. Organizations manage trust by managing the risks of technology—or in today’s nomenclature, cyber risk. In recognition of the importance of identifying and managing cyber risk, Forrester recently published the first iteration of the Forrester Wave for Cyber Risk Quantification (CRQ) platforms.
Cyber risk quantification determines the financial impact of an organization’s cyber risks and gaps and provides guidance for solutions. The Forrester report identifies and examines the eight most significant CRQ providers, assessing them based on a comprehensive set of 26 evaluation criteria, divided into three high-level categories: current offering, strategy, and market presence. As part of Forrester’s extensive review process, in addition to conducting their own research, the firm also conducted customer reference calls, analyzed vendor surveys, examined expert interviews and participated in product demos. The report is intended to show how each provider measures up and, in turn, helps technology and business leaders short-list the platforms for their CRQ assessment needs.
Mastercard was selected as one of eight top vendors in the Cyber Risk Quantification (CRQ) market. Each of the selected players has $5 million or more in CRQ revenue, a discrete CRQ technology offering, a broad range of uses cases for quantitative cyber risk and interest from Forrester clients. Forrester highlights in the report that the challenges organizations face with CRQ include “lack of data, analytical skill sets and internal buy-in.” In the report, Mastercard Cyber Quant is recognized for its control-assessment-based approach to CRQ for organizations of all sizes and its approach to managing assessments and role-based access, making it easy for customers to scale their risk management programs.
Beyond cyber risk quantification, Cyber Quant helps organizations with:
Qualitative and quantitative maturity assessments against frameworks and standards such as NIST, PCI, ISO 27001, Cloud Security Alliance CAIQ, and CRI.
Managing various manual and automated inputs (technology integrations in addition to questionnaire-based inputs), and in return, provides a set of actionable insights.
Assessment of the organization for maturity and adherence to emerging domains. With consideration for operational risks and for ESG risks (environmental, social and governance risks), future iterations of the platform will include additional assessment capabilities and greater flexibility.
As organizations become more complex with multiple locations, departments, acquisitions, partnerships, and reliance on third-parties, Cyber Quant’s ability to assess each part separately, and then aggregate the results into a singular view enables both the technical and business leaders who use the CRQ results to make business decisions.
"The Mastercard Cyber Quant platform has helped organizations identify, quantify and reduce risks through our security products, technical and business consulting and our partnership network," said Urooj Burney, Senior Principal, Mastercard Data & Services. "With these capabilities and our collaborative approach, we’ve helped our customers address the gaps identified in CRQ assessments with both consulting and technical solutions."
To learn more about Cyber Quant, click here.