CyberStrong platform updates allow customers to dynamically manage their risk posture

By | 7:13 PM Leave a Comment

CyberSaint announced new updates to its flagship CyberStrong platform allowing customers to identify, measure, and dynamically manage IT and cybersecurity risks along the risk management lifecycle.

These updates reinforce CyberSaint’s mission to enable organizations to manage cybersecurity as a business function by enabling agility, measurement, and automation across risk, compliance, audit, vendor, and governance functions for information security organizations. The company has a history of meeting the growing demand within the integrated risk management market for increased simplicity and flexibility while simultaneously delivering an uncompromisingly robust feature set for customers, who range from high-growth technology companies to Fortune 500 industry leaders.

“My tools always lacked robust risk ranking systems to report on the impact of cybersecurity investments. I needed a solution that was advanced in its capabilities but that would also simplify program management,” said Mark Evans, Director of Security for Salt Lake County, Utah, the largest county in Utah, describing his experience as a CyberSaint customer.

“As an organization that faces a wide range of risk across multiple departments, the CyberStrong platform has helped us track and manage new and unprecedented risks as they emerge in a standardized way that was previously impossible, helping us achieve a truly integrated approach to cybersecurity program management.”

With CyberSaint’s updates to the CyberStrong platform, customers are able to:

  • Identify, track, and mitigate risks proactively within an intuitive risk register to secure their most critical assets and mitigate the highest severity risks
  • Create, measure, and manage security groupings, in the form of existing controls, along with their unique risk profiles
  • Associate, measure, and manage current risk mitigation plans, and control compliance posture, with their unique set of frameworks, standards, and unique control sets
  • Create tribal knowledge of risk management across departments by leveraging clear measurement that all stakeholders understand and alignment with frameworks such as the NIST Risk Management Framework
  • Track Key Risk Indicators (KRIs) and illustrate how each risk impacts their organization in dollars and cents, using risk measurement methods including FAIR, NIST 800-30, and many other unique or even custom methodologies
  • Manage executive expectations for risk reduction, visualizing improved risk posture over time in accordance with defined risk management goals and objectives
  • Illustrate changes in cybersecurity risk over time; whether transferred, accepted or managed, in addition to the Return on Security Investment across risk management initiatives
  • Unify efforts across risk, compliance, audit, and governance on a single system of record, optimizing the performance of multiple functions for greater efficiency and enhanced resilience

“Once you move beyond compliance into risk management, there is an opportunity to reinforce a continuous approach. Our customers can identify and classify risk, easily link risk mitigations to compliance requirements to demonstrate credible returns, and communicate their strategy with the C-level and the Board,” said Padraic O’Reilly, Chief Product Officer, CyberSaint.

“We saw that credible risk ranking required several things: The first was a full suite of risk management capabilities. The second was increased automation through integrations that statically and dynamically map data to controls with AI. Our approach has always been to balance ease of use, speed of implementation, and flexibility with robust automation, AI, and machine learning capabilities – a direction that has our customers and partners excited for where we are headed.”


from Help Net Security https://ift.tt/332dROu

0 comments:

Post a Comment