Derive Expands Platform to Unite Cyber Risk, Governance, and Operations

Latest release marks a major milestone in helping cybersecurity teams quantify risk through daily operations

RICHMOND, Va., Nov. 11, 2025 /PRNewswire/ — Derive, the leading cybersecurity risk and operations platform, today announced a major expansion with two new integrated modules: Governance and Operations. This milestone transforms Derive from a leading cyber risk quantification engine into a complete risk oversight system for managing cybersecurity decisions, controls, and workflows – all modeled in real time and measured in real dollars.

Built on Derive’s proprietary Peer Risk Benchmarks, the most comprehensive real-world cyber loss dataset available, the platform now connects financial-grade risk modeling with the tools and tasks that drive daily cybersecurity operations. The result is a single, unified, dashboard of cyber risk throughout a company – enabling teams to know exactly what to prioritize, allowing benchmarking against industry peers, and tracking progress continuously.

“We’ve seen firsthand how cyber teams are stuck managing risk through static reports and disconnected tools,” said Alex Nette, CEO of Derive. “This release closes that gap. We’ve connected quantified cyber risk directly to operations so teams can see, in real time, how every action, or inaction, changes their financial exposure.”

“This is a massive technical leap,” added Corey Neskey, CTO of Derive. “By bringing Governance and Operations into the same platform as Risk, Derive delivers a live model of an organization’s cybersecurity posture – one that updates automatically as activities happen, evidence changes, or controls degrade.”

The expanded Derive platform includes:

• Risk Module: Quantify and prioritize cyber risk in financial terms using Peer Risk Benchmarks.
• Governance Module: Centralize controls, accountability, assets, and audit evidence with centralized tracking.
• Operations Module: Execute built-in workflows, including user access reviews, third party and AI risk assessments, and incident response, prioritized by measurable loss reduction.

Derive replaces traditional static GRC platforms by uniting risk, governance, and operations into one living system – giving cybersecurity teams a real-time, financially grounded foundation for better decisions.

To learn more, visit www.deriverisk.com.

About Derive

Derive is the cybersecurity risk and operations platform that helps teams quantify risk, prioritize actions, and prove impact. Built on real-world data and modeled in real time, Derive replaces traditional GRC platforms with a single, measurable system that connects cybersecurity risk to business outcomes. Headquartered in Richmond, Virginia.

CONTACT
David Oglethorpe
VP, Communications
804-396-4720
mediarelations [at] deriverisk.com

View original content:https://www.prnewswire.com/news-releases/derive-expands-platform-to-unite-cyber-risk-governance-and-operations-302610939.html

SOURCE Derive