Darkscope’s Cyber Risk Assessment

Our Cyber Risk Assessment uses a unique six-stage process that we call SIARRA™ to build a comprehensive cyber risk report. SIARRA is:


  1. Survey – the current state of the organisation,  

  2. Investigate – the real organisation profile on the internet and in the deep web and darknet,

  3. Analyse – the investigation results,

  4. Report – the results to the organisation,  

  5. Recommend – any changes, improvements or other actions

  6. Alert  – of any risks that need remediation. 


SIARRA is performed across 12 domains; from ERM to infrastructure, to personnel, to social media; that cover internal cyber risk factors and, more importantly, external cyber risk factors to the organisation.

70% of cyber risks are external to the organisation, according to Verizon’s 2018 Data Breach Investigations Report^. By interrogating the organisation's profile outside of its infrastructure and physical presence, we can find and deliver a more accurate cyber risk profile.


A Darkscope Cyber Risk Assessment is a deep engagement with the organisation. Starting with the board and senior management, we look at current risk strategies and incident response plans. We then engage key people across security, information and technology management, personnel and training to learn about the organisation. Once the internal baseline is established our investigation looks outwards to where the source of most cyber risk – the internet, the deepnet and the darkweb.


Darkscope delivers this using our trained Artificial Intelligence (AI) that engages the deepweb, and other tools, to cover the full spectrum of cyber risk. Our results are not reliant on the standard maturity model processes that dominate the cyber risk market today, but only deliver on 30% of the risk landscape.  
The CRA report provides the information that allows an organisation to understand its cyber risk. With this information, it can optimise its cybersecurity solutions.