Getting Started With ThreatConnect Risk Quantifier

Overview

The ThreatConnect Risk Quantifier (RQ) platform applies risk and financial models based on your business, your technical environment, and industry data so you can make strategic- and tactical-level decisions to mitigate financial risk to your organization.

This article provides instructions on setting up your RQ user account and logging into the RQ platform, as well as an overview of all options available on the top navigation bar of the RQ platform at the Legal Entity and Enterprise levels.

Before You Start

Minimum Roles and Prerequisites

RQ Levels of Access

There are two levels of access available in the RQ platform: Legal Entity and Enterprise.

Legal Entity

A Legal Entity is an organization or business unit of a company for which risk data are being quantified in the RQ platform. With Legal Entity–level access, you can perform some or all the following actions, depending on your user role:

• View and run risk analyses for a Legal Entity
• View third-party risk analyses and scan a third party with SecurityScorecard^®
• Configure a Legal Entity
• Create reports
• View and run ‘What If’ analyses for a Legal Entity
• Export RQ data for further analysis
• View and tune the variables, which are derived from RQ’s loss models, that drive RQ’s risk analyses

Enterprise

An Enterprise is a collection of Legal Entities in an RQ instance. With Enterprise-level access, you can view a high-level overview of risk across all Legal Entities in your RQ instance and export RQ data for further analysis. You can also access each Legal Entity in your RQ instance and perform all actions available with Legal Entity–level access.

Supported Web Browsers

Currently, the RQ platform is supported on Google Chrome™ only. In addition, you must disable ad blockers in Chrome to access the RQ platform. If you do not disable ad blockers in Chrome and try to log into your RQ instance, the browser may remain “stuck” on the login screen and prevent you from successfully logging in.

Creating Your Password

After your RQ user account is created, an email containing a link to create your password will be sent to the email address associated with your account. This email’s subject line is Set password, and the sending address is [email protected]. Click the link in the email to open a screen where you can create and confirm your password (Figure 1).

• New Password: Enter the password for your RQ user account. To view the criteria that your password must meet, hover over the question markto the right of the New Password label. You can also view these criteria in the Set password email you received.
• Confirm Password: Retype the password you entered in the New Password field.
• Submit: Click this button to set the password for your user account.

After clicking the Submit button, a Password Changed window will be displayed confirming that you successfully changed your password. Click the OK button. You will then be redirected to your RQ instance’s login screen automatically.

Logging into RQ

When you navigate to the URL for your RQ instance, the RQ login screen will be displayed (Figure 2).

• E-mail: Enter the email address associated with your RQ user account.
• Password: Enter the password for your RQ user account.
• Remember me: Select this checkbox to be signed into your RQ instance automatically the next time you visit your instance’s URL after closing out of your browser.
  Note

  If you logged out of your RQ instance during your previous browser session, you will be required to log back in, regardless of whether you selected the Remember me checkbox during your previous browser session.
• Forgot password?: Click this link to reset your RQ user account password. After clicking the link, you will be prompted to enter the email address associated with your RQ user account. After entering this email address, an email with a link to reset your password will be sent to your email address. Follow the instructions in the “Creating Your Password” section to reset your password.
• Log In: After filling out the E-mail and Password fields, click this button to log into your RQ instance.

RQ Enterprise Administrators can configure the RQ platform to leverage your organization’s enterprise identity provider for user authentication via Single Sign-On (SSO). When SSO is configured for your RQ instance, a Log In with SSO button will be displayed below the Log In button on the RQ login screen (Figure 2). See the “Single Sign-On via OAuth” section of Security Features in ThreatConnect Risk Quantifier for more information.

The “Home” Screen

After logging into your RQ instance, the What do you want to do today? window (Figure 3) will be displayed. This window provides shortcuts for various actions you may want to perform in RQ, such as running a risk analysis, creating a custom scenario, or configuring an application, among other tasks. Note that the shortcuts displayed on this window vary based on whether you have Enterprise-level access.

If you close the What do you want to do today? window, one of the following screens will be displayed, based on the user role assigned to your account:

• For users without Enterprise-level access, the Dashboard screen of a Legal Entity will be displayed.
• For users with Enterprise-level access, the Portfolio Analysis screen of an Enterprise will be displayed

Dashboard Screen

The Dashboard screen of a Legal Entity (Figure 4) is the first screen displayed for users with a user role of RQ Pro Administrator, RQ Pro Editor, or RQ Pro Read Only after logging into their RQ instance.

If all required configurations have not been completed for a Legal Entity, the Risk Analysis screen will display a message directing you to the Configuration screen to complete the configuration process (Figure 5). In addition, the Run Risk Analysis button will be grayed out.

If all required configurations have been completed for a Legal Entity, but no risk analysis has been computed for it, a message will be displayed on the Dashboard screen directing you to click the Run Risk Analysis button to run your first analysis (Figure 6).

Portfolio Analysis Screen

The Portfolio Analysis screen of an Enterprise (Figure 7) is the first screen displayed for users with a user role of RQ Enterprise Administrator or RQ Enterprise Read Only after logging into their RQ instance.

If all required configurations have not been completed for a Legal Entity, or if no risk analyses have been computed for a Legal Entity, the Portfolio Analysis screen will display a message directing you to run a risk analysis for the Legal Entity (Figure 8).

Click the link to the Legal Entity above the “Please run an analysis to see results.” message to navigate to its Dashboard screen (Figure 4). If all required configurations have not been completed for the Legal Entity, its Configuration screen (Figure 5) will be displayed.

The Top Navigation Bar

The following sections describe each option on the top navigation bar of the RQ platform when viewing a Legal Entity or Enterprise. Access to each option and its corresponding screen varies based on your user role.

Legal Entity

When viewing a Legal Entity, the following options will be displayed on the top navigation bar:

• Risk Analysis
• Third Party
• Configuration
• Reports
• What If
• Data Export
• Legal Entity Selector
• Settings
• Log Out

Risk Analysis

Hover over Risk Analysis on the top navigation bar to display a menu with the following options:

• Dashboard: The Dashboard screen (Figure 4) displays the most relevant risk information for a Legal Entity based on its latest risk analysis. Specifically, you can view high-level outputs of this analysis, including max values for loss, frequency, and attacker success; top threats across all Applications; and recommended risk mitigation steps. You can also run a risk analysis for a Legal Entity on this screen.
• Impact Vectors: The Impact Vectors screen displays Impact Vectors for the top 10 Applications based on the latest risk analysis for a Legal Entity.
• Financial Analysis: The Financial Analysis screen displays a detailed view of the financial risk analysis for a Legal Entity. Specifically, you can view loss breakdown by type (RQ Single Loss Expectancy [RQ-SLE] and RQ Annualized Loss Expectancy [RQ-ALE]) and Application, RQ-SLE distribution over time, and RQ-ALE trend analysis.
• Applications: The Applications screen displays the financial and technical risks for all Applications in a Legal Entity.
• Market Impact: The Market Impact screen displays market impact, which represents the loss of customers and their revenue due to diminished reputation caused by digital incidents, over time and broken down by year.
• Recommendations: The Recommendations screen displays short- and long-term recommendations to reduce risk based on the latest risk analysis computed for a Legal Entity.

Third Party

Hover over Third Party on the top navigation bar to display a menu with the following options:

• Dashboard: The Third Parties Dashboard screen displays the most relevant risk information for a Legal Entity based on its latest third-party risk analysis.
• Security Scorecard: The External Data - Security Scorecard screen allows you to enter a domain name and look up its SecurityScorecard rating.

Configuration

The Configuration screen allows you to complete required and optional configurations for a Legal Entity.

Reports

The Reports screen allows you to build reports that include a RQ-SLE Distribution over Time chart for a specific attack on a specific target (i.e., Application) and details about Applications, including exploitables that exist on an Application. After building a report, you can download it as a PowerPoint^® file.

What If

The What If screen allows you to build and test ‘What If’ scenarios in a sandbox environment using the following analysis types:

• Changing control levels for an Application
• Changing rate of incidence for an Application
• Factor Analysis of Information Risk (FAIR™) scenario
• Semi-automated FAIR scenario
• Aggregated FAIR scenario
• Custom loss scenario using artificial intelligence (AI) and machine learning (ML) models

Data Export

The Data Export screen allows you to export RQ data for a Legal Entity into a comma-separated values (CSV) file format that is downloaded to your computer. The following data categories are available in a Legal Entity:

• Long Term Recommendations
• Short Term Recommendations
• Applications Data
• Top Threats
• Control Framework Details
• Third Party Analyses
• ‘What If’ Analysis

Legal Entity Selector

If more than one Legal Entity is assigned to your user account, a Legal Entity selector will be displayed on the top navigation bar, to the left of Settings (Figure 4). Selecting a Legal Entity using this selector will display its Dashboard screen (Figure 4).

Settings

At the Legal Entity level, you can perform the following actions on the Settings screen:

• Create, edit, and delete users
• View and configure variables used in financial and probability calculations
• View all user activities
• View and configure currency conversions, the default framework for new Control Profiles, and the default recommendation view
• Determine whether to display the What do you want to do today? window (Figure 3) each time you log into RQ
• View explanations on how RQ performs its calculations and models data
• View and edit settings for each Application in a Legal Entity
• View license details for your RQ instance

Log Out

Click Log Out to log out of your RQ instance.

Enterprise

When viewing an Enterprise, the following options will be displayed on the top navigation bar:

• Portfolio Analysis
• Legal Entities
• Data Export
• Portfolio/Legal Entity Selector
• Settings
• Log Out

Portfolio Analysis

The Portfolio Analysis screen (Figure 7) allows you to view relevant risk information for attacks based on the latest risk analysis for each Legal Entity in your Enterprise. The information displayed on this screen includes max losses for each Legal Entity, top threats across all Applications in your Enterprise, inherent and residual risk details for all Applications in your Enterprise, and the top five Enterprise controls reduction.

Legal Entities

The Legal Entities screen allows you to view, create, edit, archive, and access Legal Entities in your Enterprise and view users assigned to each Legal Entity.

Data Export

The Data Export screen allows you to export RQ data for all Legal Entities into a comma-separated values (CSV) file format that is downloaded to your computer. The following data categories are available in an Enterprise:

• Long Term Recommendations
• Applications Data
• Top Threats

Portfolio/Legal Entity Selector

The Portfolio/Legal Entity selector located to the left of the Settings option (Figure 7) allows you to switch between viewing risk analysis information for your Portfolio (i.e., all Legal Entities in your Enterprise) and a single Legal Entity. When you select a Legal Entity, its Dashboard screen will be displayed (Figure 4).

Settings

At the Enterprise level, you can perform the following actions on the Settings screen:

• Create, edit, and delete users
• View and configure the Portfolio company name, the currency to display in aggregations, and currency conversions
• Determine whether to display the What do you want to do today? window (Figure 3) each time you log into RQ
• View all user activities
• Configure SSO for your RQ instance
• View and configure the following variables that are used in financial and probability calculations for Legal Entities: Business Entities, Application Type, and Application Characteristics

Log Out

Click Log Out to log out of your RQ instance.

Configuring Your RQ Instance

For instructions on configuring a Legal Entity in your RQ instance as an RQ Enterprise Administrator or RQ Pro Administrator, see Configuration. For instructions on configuring your RQ instance and Enterprise as an RQ Enterprise Administrator, see ThreatConnect Risk Quantifier Administration and Configuration Guide.

ThreatConnect^® is a registered trademark of ThreatConnect, Inc.
FAIR™ is a trademark of The FAIR Institute.
Chrome™ is a trademark of Google, Inc.
PowerPoint^® is a registered trademark of Microsoft Corporation.
SecurityScorecard^® is a registered trademark of SecurityScorecard, Inc.

20133-01 v.01.A