How Does It Work

 

One of the main challenges faced by the  Chief Information Security Officer (CISO) and the CIO  is achieving a unified view of the big-picture, of the overall security risk status.

The WCK Enterprise Security Intelligence (ESI) software platform gathers and correlates multiple sources of security ‘big-data’  in order to improve an organization’s insight into its security posture.

 

So how does it work?

The diagram below shows a  logical flow of the WCK solution in action, from top to bottom.

Click on each text box for a more detailed explanation.

The WCK enterprise security intelligence platform gathers risk related data from multiple sources

 

WCK Gathers  Security Intelligence Data

By Integrating Multiple Sources of Findings

The purpose of Enterprise Security Intelligence (ESI) is to provide business risk-decision intelligence that can  improve executive decision-making and  enhance enterprise-wide security… and business results.

In order to gain better insights for improving your security posture, WCK  ingests risk-related information from multiple online and offline sources of findings, on an ongoing basis.  These  sources can include:

  • Human reviews and audits
  • Automated network, vulnerability and application scanners
  • Penetration test findings and  code review scanners
  • Events from Security Information and Event Management tools (SIEM)
  • Data from CMDBs, BPM’s and other complementary systems

An accurate risk posture based on legacy data can be presented within 1 – 2 weeks!

 

Extensive Risk Analytics

Intelligent Risk Analytics

WCK is much more than just a documentation and database of security risks and findings.  It provides automated and manual analysis tools that provide you with accurate security intelligence.

  • The risk engine analyzes the huge amounts of data, correlates each finding to the relevant asset and then maps how the findings can influence IT, physical and logical assets across the organization.
  • WCK calculates the risk score for every asset you choose to define
  • … as well as the organization’s overall risk posture from whatever perspective is relevant for you.
  • WCK risk analytics helps expose hidden risks and overlooked security loopholes

How does it do this?

The correlated and aggregated risk score is based on algorithms that incorporate not only the severity of the risk, but also its business criticality, as well as its dependencies to business processes, organizational units, IT assets and non-standard systems and devices.  This  inter-dependency analysis,  displayed  in visual dependency maps, as well as in  the aggregated results in dashboards and reports – proactively uncovers vulnerabilities “between the cracks.”

 

Automated, Policy-Driven Questionnaires

WCK can automatically generate objective questionnaires that facilitate fact-based answers, rather than  interpretations that differ based on the assessor.  The policy-driven questionnaires are generated based on the risk engine’s analysis of the organization’s external regulatory and policy requirements, which are mapped to each IT asset and its unique characteristics.  As a result, reviews are focused on the organization’s distinct needs, as opposed to using pre-defined ‘vanilla’ questionnaires.

By providing ‘smart’ questionnaires, WCK helps reduce the need for highly-priced, skilled manpower.

Mapping controls of new assets or policies to existing controls provides additional savings on the time and costs of redundant audits and streamlines compliance.

 

Business Impact Analysis

The WCK platform implements End-To End Security Assessment (EESA™) to help organizations focus on business-oriented IT and security risk management. The intelligent risk engine classifies and filters risks, taking into account the business criticality of the assets.  Dashboards and reports reflect the aggregated risks and how they affect business processes.

Risk and Threat Analysis

The risk engine analyzes the interdependencies between business processes, organizational units and their supporting IT assets, in order to uncover hidden vulnerabilities and risks that can affect critical business processes.

Intelligent aggregation and objective analysis of security intelligence and technical findings from a variety of online and offline sources, enable managers to make informed decisions and prioritize their remediation efforts on critical risks that affect the business. The root causes of risks can be identified and analyzed in three mouse clicks.

Incident Analysis

WCK incident management correlates incidents that occur anywhere in your business with other security risk findings. If relevant, the correlated incidents are converted to remediation activities to be managed in the remediation workflow.

Prioritized Remediation Workflow

WCK drives efficiency by streamlining the entire remediation process. Mitigation activities and investments are automatically prioritized based on business criticality, ensuring an effective remediation process. A built-in workflow triggers automatic alerts and email notifications to appropriate personnel for task assignments and escalations. Managers can track the status of open issues and drill down to view the details of each open ticket.

 

The Deliverables

IT and Security Risk Posture

Based on WCK enterprise security intelligence (ESI) capabilities, combined with the built-in risk analytics, organizations attain a holistic picture picture of their IT and security posture. User-friendly risk posture visualization, reports and customized dashboards for the different managerial positions enable officers and executives to clearly understand threats and their business implications at a glance. This holistic view of the cyber and IT security status promotes knowledgeable decisions regarding remediation activities and security investment priorities.

Decision support, Key Performance Indicators (KPI) and trending tools provide management insight regarding risks, statuses and potential bottlenecks.

Business Impact

The unique, business-driven assessment enables officers and managers to understand the business implications of risks and prioritize remediation activities and security investments accordingly. Executive-friendly dashboards and reports accurately reflect the organization’s risk exposure and the recommended remediation process in simple business language.

State of Compliance

An all-inclusive, easy-to-understand picture of the compliance status and comprehensive tools help organizations maintain a continuous compliance state. The platform provides officers and managers with aggregated risk and compliance status per regulation or policy. Decision support tools and Key Performance Indicators (KPI) provide management insight regarding compliance posture and help identify potential bottlenecks.