Safeguarding the Value Chain: Risk Assessment without It Knowledge.

Safeguarding the Value Chain Risk Assessment without It Knowledge.

With its Lifeblood software, the Füssen-based startup Rimian has set itself the goal of clearly presenting the cyber risks in value creation to the management of companies. The solution provider is now looking for partners.

The sheer mass of cyber threats often overwhelms company CEOs. After all, they are rarely so deep into the technical matter as to be able to assess all the effects of the risks on the value chain. Since the Excel spreadsheets he had been using were becoming too impractical, management consultant Martin Braun, CEO at Rimian, developed the Lifeblood solution. “RIMIAN” stands for “Risk Mitigate & Analysing” and is designed to give managers without much IT expertise a clear overview of which areas are at risk, how to assess them and what can be done about them.

“Our approach is not ‘cyber risks threaten IT,’ but to safeguard the company’s value chain,” Braun explains. “With our solution, we link the business processes to the infrastructure and its risks.” In addition to the technical threats that arise across the various IT assets, the software also detects organizational problems that can be caused by poorly trained employees or non-compliance with security policies, for example.

Prioritizing risks

The software analyzes the risk on a daily basis using algorithms and artificial intelligence. The result of the assessment is displayed in Lifeblood’s cockpit. If the user wants to go further in depth, i.e. know exactly from which business process the risk emanates, he can also query this. Based on the analysis, the manager can prioritize the risks and have the responsible persons initiate the appropriate measures.

READ:  Put an End To The Use of Compromised Passwords!

This is particularly important in the event of damage, when it is a question of which systems must be restored first in order to maintain value creation. “Our focus is always on the business processes and not on the IT assets,” Braun emphasizes.

Furthermore, there is the possibility, for example, to connect SOC services from managed service providers (MSPs) directly to the cockpit and to prepare their findings about them for the management. Managers can thus see directly where which attack is aimed – even without explicitly understanding the technical background.

In search of partners

The startup, which is based in the idyllic town of Füssen in the Allgäu region of Germany, currently has five employees and is looking for sales partners for the solution, which in principle is suitable for companies in any industry. “With Lifeblood, the end customer immediately sees that there is a benefit for the investment,” Braun argues in favor of his solution.

This is because the service provider can use it not only to show the weak points, but also how the risk is minimized if a measure is taken. “We give partners a solution that they can use to create transparency among decision-makers.” To that end, Rimian offers its own training courses. Resellers can also run Lifeblood as a managed service under their label.

READ:  What is Security by Design?

They can generate additional business by selling the appropriate products or services, because the end customer can see exactly where to invest in security without generating unnecessary expenses. A possible sales argument is also to achieve better conditions with cyber insurance with the solution if the company can transparently present its risk level.

It is also important to Braun: “We had everything developed in Germany, we host in Germany, all the components we use are ‘Made in Germany’.”