Platform and Market Analysis Report
INTEGRATED CYBER ANALY TICS &
OPERATIONAL RISK MANAGEMENT
“RiskTech”
Presented to:
Jeremy Vaughan
CEO & Co-Founder
TauruSeer
Presented by :
Jem Pagán
President
B luSky Consul t ing
December 3, 2019
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 2
T A B L E of C O N T E N T S
Platform and Market Analysis Report...................................................................1
The New Differentiated Cyber Security Offering...................................................3
Cyber Analytics + Operational Risk Management (ORM) = RiskTech ....................3
Market Drivers for Integrated Risk Management + Cyber Solutions .....................4
Data Breach Study of Metrics, Challenges & Costs ..............................................5
Why TauruSeer?...................................................................................................7
TauruSeer Market Differentiation........................................................................8
TauruSeer Platform Assessment..........................................................................9
GRC to Integrated Risk Management (IRM)........................................................10
Current Market Offerings vs. TauruSeer .............................................................11
Company Overview............................................................................................12
About BluSky.....................................................................................................13
Attributions.......................................................................................................14
Disclaimer.........................................................................................................15
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 3
The New Di f ferent iated Cyber Secur i ty Of fer ing :
Cyber Analytics + Operational Risk Management (ORM) = RiskTech
The old cliché, “what cannot be measured cannot be managed” has given way to, “what
cannot be monitored, cannot be managed”. In this digital economy the difference between
measuring and monitoring is time. “Measurement” implies periodic, monitoring is continuous.
The most effective solutions for global enterprises require solutions to operate in
continuously for optimal risk management. The TauruSeer story is not about the latest shiny
gadget or cool software app. Its value proposition addressed the common understanding
among cyber and risk professionals that the evolution of sophisticated cyber -attacks has
placed global enterprises and governments in high cost and high -risk operational modes, and
now risk awareness must be instantaneous and risk levels must be quantifiable to deliver
global business continuity.
What is interesting and investment worthy, is the early stage development of an emerging
market which is being defined as Integrated Risk Management (IRM) or “RiskTech” by
Gartner, Deloitte, Accenture, Chartis and other global consulting firms. For the purpose of
providing clarity, BluSky defines ‘RiskTech’ as the integration of cyber security and
operational risk management to offer analytics-driven models of operational and security
insights for consumption by multiple levels of management and operations in global
enterprises from a ‘single source of truth’. Gartner defines IRM solutions as “the combined
technology, processes and data that serves to fulfill the objective of enabling the
simplification, automation and integration of strategic, operational and IT risk management
across an organization.”
According to Gartner’s 2017 inaugural forecast of
the integrated risk management (IRM) software
solutions market. The IRM market — formerly
referred to as “governance, risk management and
compliance (GRC)” — is estimated to have grown
by 17.4% from 2014 to 2015 and by 17% from
2015 to 2016. The market is projected to grow at
a 13.4% compound annual growth rate (CAGR) to
reach $7.3 billion by 2020, from $3.9 billion in
2015. This market coupled with the current
$96.3bn 2018 enterprise security spend, up 8%
from 2017, represents the next generation of
cyber security and cyber analytics for global
enterprises. Incumbent cyber vendors without a
comprehensive RiskTech offering, will experience an urgent need to acquire or partner with
IRM providers to cover key gaps in their cyber product portfolio.
According to John A. Wheeler, Senior Director Analyst - Integrated Risk Management for
Gartner, the IRM market / RiskTech market is the largest of all the solutions provider markets
covered by Gartner in the security & risk management (SRM) software ecosystem. It also
ranks third highest in terms of estimated profitability margin.
As a result, Wheeler forecasts has designated IRM as one of the most dynamic software
markets within Gartner’s coverage and looks to be one to watch for the next several years.
It is our observation that organizations such as: Factor Analysis of Information Risk (FAIR),
Accenture Cyber Research, Chartis, Risk.net, Protiviti, Deloitte, KPMG, McKinsey, EY, etc.
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 4
have also identified this market as the next major growth opportunity in cyber security, which
is the integration of operational risk management to formulate a near -real time capability for
enterprises to monitor business risk, threat detection, behavior analysis, business continuity
and operational efficiency as a single integrated platform. Gartner research estimates the
broader risk management market is forecasted to reach $17.1 billion by 2021 from $11.0
billion in 2016 at a compound annual growth rate (CAGR) of 9.2%, from 2016 to 2021.
Growth into the overall risk management market is achievable through adoption of additional
components as illustrated in Figure 1 (above). In the August 2019 Gartner IRM Report,
Wheeler estimates by 2023 more than 60% of enterprises will have adopted an integrated
risk management program, which is an increase from fewer than 40% in 2019.
Market Dr ivers for Integrated Risk and Cyber Solut ions
The World Economic Forum (WEF) identifies technological risks, in the form of operational
disruption and cyber vulnerabilities, among the top ten risks in terms of likelihood while
critical information infrastructure breakdown is among its top ten risks in terms of impact.
These identified risks are not mutually exclusive. The primary driver for global enterprises in
terms of risk management, is to transition from a post -mortem remediation process to a
proactive risk mitigation and management state, to reduce or mitigate brand exposure,
clean-up costs and business disruption.
Enterprises of all sizes realize that cooperation within its key business and IT units is an
essential starting point to mitigate cyber vulnerabilities, resilience, or performance issues.
These coordinated efforts must be platform-driven, to provide a ‘single source of truth’ for
preemptive and coordinated responses (in-the-moment) to enterprise-wide risks.
The past decade of increased sophisticated cyber -attacks has shed light on the essential
need for operational and cyber security team to maintain a consistent state of communication
and coordination to optimize their pre-planned responses. Increased risk and exposure at the
board level is another driver for solutions that provide coordinated insights and alignment of
business operations with executive and senior -level management to decrease the mean-time-
to-recovery and sustain business continuity.
Discussion, interviews and research of 1,000+ executive management personnel by BluSky
over the past (4) years has supported the conclusion that institutions want to establish
controls to manage cyber risk from the top down. However, as noted in the research report
provided by Deloitte [Operational Risk Management: The New Differentiator], while executives
are familiar with the basics of firewalls, malware and phishing, they are struggling to integrate
the technical aspects of cyber security with the people, technology, and process risks that
operational risk management is designed to monitor and control. Thereby creating a ‘ gap’ in
the market and a need for integrated cyber and operational risk management solutions.
There seems to be no discrepancy with the conclusion that data and technology breaches
result in loss of revenue and the amount of loss is proportional to the level of exposure
caused by breaches. A cost-based assessment to operational and cyber risk was provided by
the Ponemon Institute, (the tech industry’s gold -standard benchmark research), to gain an
accurate perspective of the level of risk in terms of cost and operational deficiencies. The
2019 ‘14th Annual Cost of a Data Breach’ independent study, conducted by the Ponemon
Institute, reports the global average cost of a data breach increased to $3.92 million, which is
also caused abnormal customer turnover of 3.9 percent in 2019. The average cost for each
lost or stolen record containing sensitive and confidential information also increased to $150
per stolen record. See Figure 2 - July 2019 “Cost of a Data Breach Global Study: Independent
Research Report - Ponemon Institute.
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 5
Their July 2019 report found that the average total cost of a data breach; the average cost for
each lost or stolen record (per capita cost); and the average size of data breaches have all
increased beyond the 2018 report averages:
► The average total cost increased from $3.86 to $3.92 million, a 1.5 percent increase from 2018
► The average cost for each lost record increased from $148 to $150, a 1.3% increase from 2018
► The average size of the data breaches increased by 3.9 percent since 2018
The unique aspect of the Ponemon Institute cyber study has been its consistent focus over
the past five years, on the relationship between how quickly an organization can identify and
contain data breach incidents and the financial consequences associated with the breach:
► The mean time to identify (MTTI) was 206 days (increased from 197 days in 2018)
► The mean time to contain (MTTC) was 73 days (increase from 69 days in 2018)
► Companies that contained a breach in less than 30 days saved over $1.22 million vs. those that took
more than 30 days to resolve.
NOTE: For the first time, Ponemon Institute examined ‘cost amplifiers’ of organizational and
security challenges having significant potential as ‘cost mitigators’ in security automation:
► complexity of IT systems and software
► compliance failures
► cloud migrations
► third-party risks and breaches
► extensive IoT, mobile, and OT environments
► lack of processes and coordination of security, development, and IT operations functions (DevSecOps)
For the second time, the institute analyzed and measured the cost of a data breach involving
more than one million compromised records, or what they refer to as a mega breach:
► The average cost of a breach for organizations that fully deploy security automation is $2.65 million
► Without automation, estimated cost is $5.16 million, a $2.51 million net cost difference
► The extensive use of IoT and mobile devices increased cost by $2 per compromised record
► A mega breach of 1 million records yields an average total cost of $42 million
► A mega breach of 50 million records yields an average total cost of $388 million
Figure 2 - July 2019 “Cost of a Data Breach Global Study: Independent Research
Report - Ponemon Institute
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 6
Their conclusion: (4) process-related activities drive a range of expenditures associated with
an organization’s data breach: detection, escalation, notification, business loss, and related
activities conducted following a data breach.
The (4) cost centers are:
In the course of their interviews, the Ponemon Institute asked questions to determine what the
organization spent on activities for the discovery of and the immediate response to the data breach,
such as forensics and investigations, and those conducted in the aftermath of discovery, such as
the notification of victims and legal fees. Other issues covered that may have an influence on the
cost are the root causes of the data breach and the time to detect and contain the incident.
1. Detection and escalation: Activities that enable a company to detect and report the breach to
appropriate personnel within a specified time period. Examples: – Forensic and investigative
activities – Assessment and audit services – Crisis team management – Communications to
executive management and board of directors.
2. Post data breach response: Processes established to help individuals or customers affected by
the breach to communicate with the company, as well as costs associated with redress
activities and reparation with data subjects and regulators. Examples: – Help desk activities/
inbound communications – Credit report monitoring and identity protection services – Issuing
new accounts or credit cards – Legal expenditures – Product discounts – Regulatory
interventions (fines).
3. Notification costs: Activities that enable the company to notify individuals whose data was
compromised in the breach (data subjects) as regulatory activities and communications.
Examples: – Emails, letters, outbound telephone calls, or general notice that personal
information was lost or stolen – Communication with regulators; determination of all regulatory
requirements, engagement of outside experts.
4. Lost business costs: Activities associated with cost of lost business including customer churn,
business disruption, and system downtime. Examples: – Cost of business disruption and
revenue losses from system downtime – Cost of lost customers and acquiring new customers –
Reputation losses and diminished goodwill.
According to the institute, in this year’s study, organizations experienced increases in both
the time to identify and the time to contain a breach. Unfortunately, current reactive systems
fail to bridge the gap that exists between cybersecurity and risk management. Evidence of
this fact is illustrated by the fact that risk management has little to no knowledge of risk as it
is happening. Similarly, risk management teams have little visibility into the actual
operational cyber risk incurred by the organization (or the rate of change of this risk over
time). It seems that risk managers can only provide oversight to the tools to avoid or respond
to risk, but they have little or no proactive insights to the risks that arise in near real -time–
[where this risk originates from, how quickly it was mitigated, what operations were at risk,
how operational risks translated to business risk, or worse yet what risk remain unchecked,
unmanaged, or un-mitigated and still active within the enterprise].
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 7
These facts give rise to the new breed of risk technologies that bridge the gap between
cybersecurity and risk management. These new technologies provide better awareness,
insight for immediate decision-making, and control into operational risk present in the
enterprise and the potential business risk that exists if these risks remain unchecked.
In addition, IRM solutions can shed light to risk trends within the enterprise, illustrating the
velocity and severity of detected risks, the affected applications, processes and devices,
enabling proactive actions to remediate vulnerable or affected systems or practices.
One company addressing this emerging technology is Florida based TauruSeer. With deep
roots in software development and cybersecurity, TauruSeer’s latest release of its SaaS
platform bridges the gap between cybersecurity and operational risk management by utilizing
both behavior- and anomaly-based detection methodologies along with proprietary risk
maturity guidance and risk scoring methodologies. Fueled by patent -pending technology,
artificial intelligence (AI) and machine learning technologies. TauruSeer’s software is a poster
child for functionality that bridges the gap between cyber security and risk management.
Why TauruSeer™? TauruSeer is engineered and deployed to help businesses dynamically monitor, identify, and
assess the impact of cyber risk on their security, IT, and development operations as it is
occurring to safeguard their digital assets and act immediately to ensure business continuity.
TauruSeer provides patent-pending and advanced technology that monitors, identifies, and
assesses risk as it is happening, empowering security teams and executives to see high -risk
activity, drill down on these activities and act immediately, protecting their organization from
lost revenue, brand reputation damage, legal action and business interruptions.
TauruSeer is the assurance that executives and their boards must have to protect the
organization’s digital assets, their brand reputation, avoid legal issues, ensure compliance
and maintain the continuity of their operations. Additionally, executives are being held
personally responsible and need to protect their careers and reputations. They need a
solution that will empower their security, development, and IT operations teams to speed the
process of identifying and mitigating cyber risk in a continuous threat -driven digital economy.
The TauruSeer team understands that simply detecting an anomaly is not enough. In today’s
threat environment, cyber risk solutions must deliver deeper information to operations and
security professionals, so they can differentiate which alerts, among thousands, potentially
have the most serious impact on their organization, and in what order, to resolve them and
understand within seconds what the risk is, where it started, its extent and more. The
following list summarizes the current challenges experienced by enterprise security,
development, and IT operations teams due to the proliferation of point and disjointed cyber
solutions that provide a ‘piece’ of the answer but operate in isolation thereby causing
‘information overflow’ and uncoordinated responses to vulnerabilities, risks, and breaches.
Current Chal lenges in SOC and Operat ional Management
SOC are currently severely impacted by their inability to:
1. Detection of suspicious activity – early in the development and delivery life cycle.
2. Prioritization of risks – reports from operators that risks, controls, and incidents are
selected at random for research.
3. Volume of alerts – the word “overwhelmed” is common from SOC operations teams.
Presence of false positive alerts further compounds this fact.
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 8
4. Research & Validation – often takes hours, days, weeks or more. The validation of
the DNC breach in 2016 took nearly 6 months to complete.
5. Understanding – often missed. The goal is to transform information into
understanding – ‘AhHa’ effects on applications, devices, and processes.
6. Response – taking the appropriate action at the appropriate time.
BluSky has deployed a production release of TauruSeer in our data centers to analyze and
assess their RiskTech offering. Our assessment of TauruSeer technology demonstrated their
capability to:
• Surface the highest-value risk alerts as they are happening by leveraging patent -
pending analytics to reduce “noise” from among thousands of alerts – visually
pointing to risk events that have the most potential impact on business operations.
• Rapidly prioritize those alerts by assigning an impact score that prioritizes the order
of resolution
• Identify key details such as the extent and root cause of each high -risk alert so
security, development, and operations professionals can rapidly eliminate the
problem before it impacts operations
TauruSeer™ Market Differentiation – An Answer to the Ponemon Institute Cyber Study:
The Ponemon Institute report concludes that effective management of detection and
escalation costs and communications to executive management and board of directors
requires an investment that establishes an internal framework for satisfying governance
requirements, evaluating risk across
the enterprise and tracking
compliance with governance
requirements to improve an
organization’s ability to detect and
escalate a data breach. As reported
in the study, insurance protection
and business continuity
management (BCM) reduced the cost
of a data breach following the
discovery of the incident. In contrast,
the rush to notify victims without
understanding the scope of the
breach, compliance failures, and the
engagement of consultants to assist
in the remediation of a data breach
all increase post data breach costs.
Expenditures to resolve lawsuits
also increase post data breach
costs. Certain industries have higher
data breach costs. As can be seen
below in Figure 4, heavily regulated industries such as healthcare and financial organizations
have a per capita data breach cost substantially higher than the overall mean. Public sector,
research, media and transportation organizations have a per capita cost well under the
overall mean value.
Figure 3 Note: Per capita cost is defined as the total cost of
data breach divided by the size of the data breach (i.e., the
number of lost or stolen records).
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 9
Market Growth Driver for
TauruSeer™: According to the
Ponemon Institute Study and
other market studies, the faster
cyber vulnerabilities can be
identified and contained, the
lower the costs. Both the time to
identify and the time to contain
were highest for malicious and
criminal attacks. Companies that
identified risks in less than 100
days saved more than $1.22
million as compared to those
that took more than 100 days.
Similarly, companies that
remediate risks and contain
breaches in less than 30 days
saved more as compared to
those that took more than 30
days to resolve. However, the
reality is that the mean time to
identify (MTTI) is 206 days and
the mean time to contain (MTTC) is 73 days which further justifies a proactive, faster system
to insight on the part of enterprises.
TauruSeer™ Platform Assessment by BluSky Cyber and Operational teams:
Our MSP team installed an independent instance of TauruSeer to formulate a summary of its
product functionality and production readiness. The following key features represent a
summary of our team’s findings and the market relevance for key functionality of TauruSeer:
S tream-T ime Processing
Our experienced team understands that legacy or ‘point solution’ cybersecurity systems have
to backhaul, or store, data before they can perform the functions necessary to detect threat
behaviors (i.e., SIEM platforms). Our assessment revealed that TauruSeer acts on data before
that data comes to rest, resulting in quicker risk remediation that balances the business
performance and regulatory compliance specifications to support Identification,
Accountability, Remediation, and Evidence requirements across the primary integrated use
cases – performance, resilience, assurance and compliance. In our opinion, this functionality
addresses the coordination of cybersecurity, digital risk, and operational risk management to
proactively address risks before Detection and Escalation requirements are necessary.
Enterpr ise -Sca le Cont inuous Moni tor ing
In our experience, legacy cybersecurity are reactive systems and rely on threat signatures to
identify attacks. TauruSeer is proactive, identifying vulnerabilities, weaknesses, and
suspicious activities that are comprised from automated analysis and correlation occurring in
software, systems, and personnel management technologies, meaning it can identify risks
and validate remediation before, during, and after digital assets are released into production
environments. This functionality addresses the coordination of cyber and operational risk
management in Secure DevOps cultures in Pre-Release and Deployment processes to
increase collaboration and efficiencies across teams, add more value to the primary
integrated use cases, and reduce Data Breach Response costs.
Figure 4 - July 2019 “Cost of a Data Breach Study: The 2019 per
capita cost by industry sector” - Ponemon Institute
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 10
Behav ioral Pr ior i t i zat ion
Our 30+ years of cyber security experience observes that SOC and DevOps professionals are
overloaded with the alert volume received from cybersecurity, GRC systems, performance
monitoring, cloud security, container security, and application security tools. TauruSeer in our
assessment, significantly eliminated data overload by reducing complexity, assigning
business intelligence and risk scoring that automatically prioritizes security operations and
assurance, resulting in a prioritized list of vulnerabilities and threat activities that allow
security, development, and operations to unite towards the same objectives and more
effectively manage risks to their applications and data. This functionality addresses the
coordination of cyber and operational risk management to reduce notification costs.
Asset Inventory & Risk Management Framework
In our experience, having a complete, accurate, and connected inventory of digital assets
from ‘code-to-cloud’ is the foundational elements to develop an adaptive security
architecture. Furthermore, implementing an automated Risk Management Framework
facilitates the evolution from check-box compliance to risk-based decision making while
supporting the demands of rapid digital innovation. A ‘platform’ enables a fluid approach to
address new risks from cyberincident disruption, new regulatory obligations and the
imperative to build customer trust. This functionality addresses the coordination of cyber and
operational risk programs to adopt a long-term, agile approach to adapting new controls and
technologies to reduce notification costs and audit costs (Detection & Escalation).
In tui t i ve Risk Invest igat ion
In our experience, it is not efficient to ‘only’ identify cyber vulnerabilities or threat behaviors —
SOC operators need the ability to quickly and intuitively explore security, compliance, and
performance risks and suspicious activities in order to rapidly gain a comprehensive
understanding of the identified risks, the extent of their potential impact, and their root
cause. In our assessment, TauruSeer makes it happen in minutes - rather than in days and
weeks. This functionality addresses the coordination of cyber and operational risk
management to reduce Lost Business costs.
Next -Gen Governance, Risk and Compliance (GRC) or ‘ IRM’
In our experience, traditional GRC has largely resulted in siloed, often overlapping tool
investments. The silos are increasingly ineffective at addressing dynamic and complex risk
environments in which digital or software businesses grow. A Product–Centric Integrated Risk
Management (IRM) approach is both top-down and bottom-up, balancing larger strategic goals
and continues throughout the software lifecycle, including Secure DevOps monitoring. For
executives, harnessed risk intelligence
across the enterprise, more effective
communication, and risk-based
business outcomes. For Secure DevOps
teams, instream risk management
principles and insights for strategic
decision making, and ’Just -in-Time
Training’ skills development to become
security, risk, and compliance subjext
matter experts. This functionality
addresses the coordination of cyber
and operational risk management to
reduce, proactively, the (4) cost
centers on Page 6.
Figure 5 - November 2018 “Why Leading Software Vendors Are
Dumping GRC for IRM” - Gartner
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 11
Summar y
The functionality and performance of TauruSeer during our deployment and assessment,
answers the high-level of vulnerability and costs associated with current cyber risk solutions
in the market today with a platform that has demonstrated the capability to add significant
cost savings and avoidance through its RiskTech offering. Figure 7 illustrates the current cost
savings and avoidance of point cyber solutions. The key takeaway is NOT that TauruSeer
displaces this list of point solutions, more so, it has the capability and potential to integrate
with these solutions and provide a consolidated dashboards for operations and Secure
DevOps professionals to simplify and organize their cyber risk framework into a ‘platform’
through TauruSeer. We conclude that as TauruSeer continues to evolve TauruSeer, the
RiskTech market will be readily recognized as the future of cyber security. The TauruSeer
summary table of feature comparisons lists the differentiation between TauruSeer’s IRM/
RiskTech solution compared to current cyber solutions.
Compet i tors ’ Focus TauruSeer Focus
Massive volume of alerts vs High-Risk Visibility
Data & Analytics, no context for
business or inventory
vs Business Intelligence &
Actionable Insights
More devices, tools, resources vs Prioritized remediation activity
Attempt to block breaches vs Rapidly mitigate risk or impact
Overwhelmed teams, misaligned
priorities/incentives
vs Risk-focused/trained teams
Remediation post breach vs Preventative/proactive response
Weeks or months to discover vs Awareness as it is occurring
Figure 6 - Current Market Offerings versus TauruSeer
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 12
Figure 7 - July 2019 “Cost of a Data Breach Study: Impact of 26 factors studied on the per capita cost of data
breach, showing cost mitigators or cost amplifiers the per record cost of $150.” - Ponemon Institute
Company Over v iew TauruSeer is a company based in the United States and headquartered in greater
Jacksonville, Florida, that is focused on helping businesses rapidly identify, prioritize,
understand and mitigate the impact of cyber risk on their organization business continuity,
operations, applications, and data.
TauruSeer Team
• Management collectively has more than 50 years of software development, technology,
and cybersecurity management experience, including a SANS Institute published author.
• Multiple prior success including software startup to operational business success, CISO at
Web.com (NYSE: WEB) & CTO executive roles, and private exit realizations to Black Knight
Financial Services (NYSE: BKFS).
• Advisory Board Members.
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 13
ABOUT BLUSKY
BluSky was founded with the mission to offer business strategy and technology
innovation services to organizations that require a pathway towards digital and
business transformation, investment analysis and market research.
To accomplish this mission, BluSky has created a hybrid team of industry leaders,
business strategist and technology innovators with proven success in next
generation business models based on ‘value-measured’ and ‘deliverables-based’
business and technology services.
BluSky understands the full ecosystem of investment, business strategy,
technology adoption and go-to-market execution and presents these deliverables
as a strategic and tactical architectural road maps through analysis, design and
implementation services.
BluSky accomplishes this by providing research, trusted advisor services,
investment strategies, and technology design and implementation offerings for
organizations to measure and maximize their return on invest.
BluSky partners with JNK Securities, a FINRA broker/dealer/research firm based
in New York City as an extension of its research platform which provides
technology research and industry analysis for institutional investors. BluSky
provides analysis in Technology, Media and Telecommunications markets that
includes the identification if market inflection points, market disruption
indicators for publicly-traded and privately-held organizations. BluSky provides
industry research analysis for (200+) institutional investment funds, retail and
family offices.
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 14
ATTUBUTIONS
https://blogs.gartner.com/john-wheeler/
https://www.linkedin.com/posts/nicolaschaillan_dod-devsecops-ref-design-activity-
6578352737090625537-XHM5
https://www.fairinstitute.org/
https://www.chartis-research.com/
https://www.risk.net/risk-management/6470126/top-10-op-risks-2019
https://www.weforum.org/reports/the-global-risks-report-2019
https://securityintelligence.com/posts/whats-new-in-the-2019-cost-of-a-data-breach-report/
https://www.ibm.com/security/databreach?
ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
https://www.accenture.com/t20170803t055319z__w__/us-en/_acnmedia/pdf-7/accenture-cyber-risk-
convergence-of-operational-risk-and-cyber-security.pdf
https://www.ibm.com/security/data-breach
https://www.finextra.com/blogposting/12500/convergence-of-operational-risk-and-cyberrisk-management-in-fs
https://www.chartis.com/leadership/firm-leadership/dan-coate
https://erm.ncsu.edu/library/categories/c/main-nav
https://www.protiviti.com/sites/default/files/united_states/insights/nc-state-protiviti-survey-top-risks-2019-
executive-summary.pdf
https://www.bccresearch.com/market-research/information-technology/risk-management-market-report.html
https://www2.deloitte.com/content/dam/Deloitte/us/Documents/risk/us-aers-operational-risk-management-the-
new-differentiator.pdf
https://advisory.kpmg.us/content/dam/advisory/en/pdfs/technology-cyber-risk-managment.pdf
https://www.ifc.org/wps/wcm/connect/e53f24fd-d1ed-44aa-ae26-a2f806a8ade5/
Risk_Management_Department_Charter_of_FIs_model.pdf?MOD=AJPERES&CVID=my.eHSb
https://www.bankinfosecurity.com/whitepapers/conquering-complexity-in-endpoint-management-w-4383
https://www.secureworks.com/solutions/advanced-threat-protection
Copyright 2019 TauruSeer Platform and Market Analysis Report PG. 15
DISCLAIMER
This report has been compiled by BluSky. BluSky is an independent provider of
research. The views expressed within this report are BluSky’s in its entirety. The
contents of this report and its attached documents have been prepared without
taking account of your objectives, financial situation or needs. Because of that
you should, before taking any action to acquire or deal in, or follow a
recommendation (if any) in respect of any of the financial products or
information mentioned in or downloaded from or through this website, consult
your own investment advisor to consider whether it is appropriate having regard
to your own objectives, financial situation and needs.
Whilst BluSky believes the information contained in this report is based on
information which is considered to be reliable, its accuracy and completeness are
not guaranteed, and no warranty of accuracy or reliability is given or implied and
no responsibility for any loss or damage arising in any way for any representation,
act or omission is accepted by BluSky or by any officer, agent or employee of
BluSky or its related entities. BluSky at all times reserves the right to at any time
vary, without notice, the range of services offered by BluSky and its subsidiaries,
and the terms under which such services are offered. The information within this
report is our own opinion only and is not to be used in deciding for purchasing
services, acquiring, or investment.
Top Related