LATEST NEWS: Riskaware is now offering commercial cyber attack analysis and business impact assessment services. These services are aligned with National Cyber Security Centre (NCSC) component-driven risk assessment guidance and utilise cutting-edge defence algorithms improve the cyber resilience of your business. Click the logo below to find out more. cyber by riskaware logo

Expertise and innovation and in cyber defence, leveraging core capabilities in modelling, simulation, data analytics and visualisation

Recent years have witnessed a dramatic increase in the level of threat from cyber-attacks against government, enterprise and the domestic environments. The threat comes from a variety of sources, ranging from lone hackers through to the new wave of internet-aware terrorist organisations, sophisticated cyber criminals and nation state actors. The effects of these cyber-attacks can range from minor impact to major existential threat. This dramatic increase in the level of threat has led to an increasing focus on cyber security and the resilience of systems and organisations to cyber-attacks. Riskaware plays an active role in this area, developing both software tools and new techniques to improve cyber resilience.

Riskaware is developing systems which allow both analysts and leaders to understand how an organisation, process or mission is dependent on cyber infrastructure and how vulnerabilities there can result in critical risks. Our systems provide rapid update of the security status of an enterprise cyber infrastructure, along with assessments of the potential impact of cyber threats and how protective measures will help resolve the situation. Our approach is based on an automated capture of network architecture schematics and automated vulnerability mapping. Vulnerability analysis and visual analytics are used to allow the user to understand the “big picture” of the organisational or mission impact, to prioritise the key threats in terms of their potential impact and to find resolutions for key issues.

Another important aspect of cyber security is the inadvertent leakage of information. This can often be an indication that a cyber-attack has occurred, although it can also have an innocent explanation, such as enthusiasts or employees posting information online. Even so, this information can provide a potential cyber-attacker with information they can use to design a social-engineering or full cyber-attack on the organisation. Riskaware have successfully developed open-source intelligence tools to identify and analyse information leakage so that the likely source and the level of leakage can be understood and the potential impact quantified.