Our team of cybersecurity subject matter experts spent thousands of hours to develop the ts mitigation™ database so that cyber risk professionals can spend their time implementing risk strategies – not researching them.
Empowers risk management professionals to quickly and easily develop cyber risk management plans by providing a broadly scoped, trove of business language mitigations that clearly articulate the risk landscape, and align action plans with cyber risk and compliance standards, and engage executive level support for cyber risk management.
The professional version of ts mitigation™ contains nearly one thousand individual controls mapped to 50 individually researched, business language mitigations that make controls the NIST’s Cybersecurity Framework and 800-53 publication more accessible to humans and machines.
And ts mitigation™ is now part of the NIST Online Informative Reference Database.
ts mitigation™ – open
ts mitigation™ – open features groups over 100 individual risk controls from the NIST Cybersecurity Framework under 50 individually researched, business language mitigation topics, featuring:
- Concise, business language descriptions
- Mapping to NIST Cybersecurity Framework
- All five functions (graded)
- 100+ core subcategories
- CIA Triad mappings (graded)
How do you use it? If, for example, a risk scenario indicates damage to Confidentiality is of paramount, those that have Primary impact on that damage type would be used first. Likewise, we can select against the NIST Cybersecurity Framework functions (Identify, Protect, Detect, Respond, Recover) to identify the mitigations that, for instance, are Primary to the Protect function. The mappings provide a clear mapping between risk mitigation and compliance objectives.
ts mitigation™ – open is available under the Creative Commons BY-NC-ND license, just like TED Talks.
ts mitigation™ – professional
The professional version of ts mitigation™ greatly expands the information available under each mitigation topic with features like:
- In-depth discussion of mitigations
- Compensating controls
- Mapping to nearly 1,000 NIST 800-53 controls
- Mitigation method mappings (graded)
- Loss type mappings (graded)
- Professional domain (graded)
- And more …
A commercial license includes access to ts mitigation™ through an easy-to-use online portal and can be licensed as software API. When paired with our other databases and analytic capabilities, you can embed highly automated, cyber risk analysis into your products and workflows.
Please use the form below to arrange a demonstration and to discuss licensing options.