Your Top Five Cyber Risks in Five Clicks with the Free Cyber Risk Analysis

FREE RISK ANALYSIS
Request Demo

The team at CyberSaint is thrilled to announce the latest additions and updates made to the CyberStrong solution. These latest updates will focus on reporting and remediation. To start off, we’ve made it easier to customize reporting with our latest changes to remediation reports. Additionally, we’ve implemented revisions to the RoSI calculations for enhanced risk analysis and introduced custom risk values and presets.

We are also excited to announce the CCA Kickstarter plan. The blog below provides more details about the latest updates to CyberStrong.

CyberStrong Dashboard & Reporting

Custom Remediation Reports

Before this update, risk remediation reporting had some limitations for customers and partners. Previous reports were static and not very customizable. Customers and partners needed the ability to export any and every field from the platform to support their own custom reporting needs.

Now, we have implemented a custom reporting capability that allows customers and partners to define the fields they want to export as .csv files. Custom report templates can be created, saved, and downloaded as customers and partners need.

Custom Remediation report templates are now also supported.

Remediation Project Status Filter on Executive Dashboard

Previously, the Executive Dashboard only displayed “In Progress” Remediation Projects.  However, clients wanted a way to show other statuses on the Executive Dashboard. These other projects could be used to secure budget approval for new requests, to identify projects committed but not started, or to track completion.

We have added a status filter to the Remediation Projects section of the Executive Dashboard configuration. The status is “In Progress” by default, but other statuses can be added or removed.

Note: Only the top 5 Remediation Projects sorted by highest Annualized Loss Expectancy (ALE) are displayed.

CyberStrong Cyber Risk Management

Updated Return on Security Investment (RoSI) Calculations

Previously, RoSI calculations used an average based on the NIST CSF categories. Setting a remediation target by control required an update to the RoSI calculation.

Now, users can use current and target ALE to identify the amount of risk reduction. Both (current and target) ALEs use the automated residual risk calculation. RoSI is now calculated using the updated risk reduction using the following formula:

(Risk Reduction - Project Cost)/(Project Cost)

Note: If the RoSi is negative, 0% will be displayed.

Industry Risk Descriptions

Users wanted a description to aid their selection process when selecting industry risks. Now, all 18 available industry risk scenarios have a description for customers.

Asset Groups to Associate Controls and Risks

It was challenging for clients to associate controls and risks to assets. They would create a risk register and an assessment, but the data lacked a logical grouping. Now, CyberStrong users can quickly and easily associate controls and risks to asset groups.

Clients can now add their own Asset Groups by type and associate them with an assessment and a risk register.

In this initial phase, the following Asset Types are supported:

  • Application
  • Engagement
  • Equipment
  • Facility
  • Function
  • Information
  • People
  • Process
  • Product
  • Service
  • System
  • Supplier
  • Technology
  • Vendor

Subsequent phases will release options for additional Asset Types and Attributes. The next phase will also allow clients to launch assessments and create risk registers directly from an Asset Group.

Custom Risk Values and Presets

When creating custom heat maps, there was no way for clients to set the Qualitative Value or the Custom Risk Presets. Both the Qualitative Values and Custom Risk Presets were hard-coded with no way to edit them.

When creating a custom heat map, clients can now edit both the Qualitative Value and the Custom Risk Presets for both Impact and Likelihood.

  • The Qualitative Value calculates the Average Overall Risk Score on the Risk Register. These values are aligned to your Impact and Likelihood labels.
  • The Custom Risk Presets calculate Inherent Risk within each risk scenario. The preset Min, Max, and Most Likely values and labels align with your Impact and Likelihood labels.

Note: The Qualitative Value is an integer between 1 and 10.

CyberStrong Continuous Compliance

Continuous Control Automation (CCA) Kickstarter

We are excited to unveil our Continuous Control Automation (CCA) Kickstarter, which will aid customers' adoption of CCA. Previously, enabling CCA for our clients was challenging. The cost and level of complexity limited the adoption of CCA.

Now, the CSM team can add CCA Kickstarter to existing CyberStrong Compliance Hub, CyberStrong Risk Hub, and CyberStrong Executive Hub clients. Service includes:

  • Activating a CyberStrong connector to policy configurations for one of the following cloud environments:
    • AWS
    • Azure
  • Mapping a subset of NIST 800-53 Rev. 5 controls to corresponding policy configurations of a chosen cloud environment.

Note: Base implementation fee is $5,000.  Custom connectors and frameworks are excluded and require a separate SOW.

You may also like

Putting the “R” back in GRC - ...
on October 22, 2024

Cyber GRC (Governance, Risk, and Compliance) tools are software solutions that help organizations manage and streamline their cybersecurity, risk management, and compliance ...

October Product Update
on October 17, 2024

The team at CyberSaint is thrilled to announce the latest additions and updates to the CyberStrong solution. To start off, we’ve made it easier to create an assessment and risk ...

Transforming Cyber Risk ...
on October 12, 2024

In today’s complex cyber landscape, managing risks effectively isn’t just about identifying threats—it’s about understanding their impact and knowing how to prioritize ...

Step-by-Step Guide: How to Create ...
on September 23, 2024

Cyber risk management has become more critical in today's challenging digital landscape. Organizations face increased pressure to identify, assess, and mitigate risks that could ...

From Fragmentation to Integration: ...
on September 17, 2024

Organizations are often inundated with many security threats and vulnerabilities in today's fast-paced cybersecurity landscape. As a result, many have turned to point ...

How to Create a Comprehensive ...
on September 9, 2024

Cyber threats are becoming more frequent, sophisticated, and damaging in today's rapidly evolving digital landscape. Traditional approaches to cyber risk management, which often ...