One of the main challenges faced by the Chief Information Security Officer (CISO) and the CIO is achieving a unified view of the big-picture, of the overall security risk status.
The WCK Enterprise Security Intelligence (ESI) software platform gathers and correlates multiple sources of security ‘big-data’ in order to improve an organization’s insight into its security posture.
The diagram below shows a logical flow of the WCK solution in action, from top to bottom.
Click on each text box for a more detailed explanation.
The purpose of Enterprise Security Intelligence (ESI) is to provide business risk-decision intelligence that can improve executive decision-making and enhance enterprise-wide security… and business results.
In order to gain better insights for improving your security posture, WCK ingests risk-related information from multiple online and offline sources of findings, on an ongoing basis. These sources can include:
An accurate risk posture based on legacy data can be presented within 1 – 2 weeks!
WCK is much more than just a documentation and database of security risks and findings. It provides automated and manual analysis tools that provide you with accurate security intelligence.
How does it do this?
The correlated and aggregated risk score is based on algorithms that incorporate not only the severity of the risk, but also its business criticality, as well as its dependencies to business processes, organizational units, IT assets and non-standard systems and devices. This inter-dependency analysis, displayed in visual dependency maps, as well as in the aggregated results in dashboards and reports – proactively uncovers vulnerabilities “between the cracks.”
WCK can automatically generate objective questionnaires that facilitate fact-based answers, rather than interpretations that differ based on the assessor. The policy-driven questionnaires are generated based on the risk engine’s analysis of the organization’s external regulatory and policy requirements, which are mapped to each IT asset and its unique characteristics. As a result, reviews are focused on the organization’s distinct needs, as opposed to using pre-defined ‘vanilla’ questionnaires.
By providing ‘smart’ questionnaires, WCK helps reduce the need for highly-priced, skilled manpower.
Mapping controls of new assets or policies to existing controls provides additional savings on the time and costs of redundant audits and streamlines compliance.
The WCK platform implements End-To End Security Assessment (EESA™) to help organizations focus on business-oriented IT and security risk management. The intelligent risk engine classifies and filters risks, taking into account the business criticality of the assets. Dashboards and reports reflect the aggregated risks and how they affect business processes.
The risk engine analyzes the interdependencies between business processes, organizational units and their supporting IT assets, in order to uncover hidden vulnerabilities and risks that can affect critical business processes.
Intelligent aggregation and objective analysis of security intelligence and technical findings from a variety of online and offline sources, enable managers to make informed decisions and prioritize their remediation efforts on critical risks that affect the business. The root causes of risks can be identified and analyzed in three mouse clicks.
WCK incident management correlates incidents that occur anywhere in your business with other security risk findings. If relevant, the correlated incidents are converted to remediation activities to be managed in the remediation workflow.
WCK drives efficiency by streamlining the entire remediation process. Mitigation activities and investments are automatically prioritized based on business criticality, ensuring an effective remediation process. A built-in workflow triggers automatic alerts and email notifications to appropriate personnel for task assignments and escalations. Managers can track the status of open issues and drill down to view the details of each open ticket.
Based on WCK enterprise security intelligence (ESI) capabilities, combined with the built-in risk analytics, organizations attain a holistic picture picture of their IT and security posture. User-friendly risk posture visualization, reports and customized dashboards for the different managerial positions enable officers and executives to clearly understand threats and their business implications at a glance. This holistic view of the cyber and IT security status promotes knowledgeable decisions regarding remediation activities and security investment priorities.
Decision support, Key Performance Indicators (KPI) and trending tools provide management insight regarding risks, statuses and potential bottlenecks.
The unique, business-driven assessment enables officers and managers to understand the business implications of risks and prioritize remediation activities and security investments accordingly. Executive-friendly dashboards and reports accurately reflect the organization’s risk exposure and the recommended remediation process in simple business language.
An all-inclusive, easy-to-understand picture of the compliance status and comprehensive tools help organizations maintain a continuous compliance state. The platform provides officers and managers with aggregated risk and compliance status per regulation or policy. Decision support tools and Key Performance Indicators (KPI) provide management insight regarding compliance posture and help identify potential bottlenecks.