Leveraging these new features, customers can identify, plan, and present the costs and benefits of various solutions to leadership in several ways. All risk and solution plans dynamically tie back to the organization’s security control posture, whether aligned with frameworks such as the NIST CSF, essential industry standards, or custom frameworks designed internally. Credible measurement, including return on security investment, mitigation ratios, and CAPEX / OPEX tracking, is efficiently utilized. Risk quantification methodologies including FAIR, ISO27005, and others are also available within the platform.
“CyberSaint’s vision is a key reason why partnering with the team is so exciting for us,” stated Kerri Keller, Consulting Risk Leader and Senior Manager at EY. “For our joint customers, the CyberStrong platform’s automation, alignment with industry standards, and ease of deployment have been paramount to their success. Our enterprise CISO partners want to create narratives around their strategic plans for compliance and risk management initiatives, proposed solutions, return on security investment, and most importantly business enablement. These features lay the foundation for them to achieve ambitious goals in a way no cybersecurity solution has been able to before, positioning CyberSaint as a disruptor within cyber risk and compliance.”
The CyberStrong platform’s new features allow customers to:
- Associate existing controls to risks and propose measured solutions to track simultaneous results across risk and compliance initiatives.
- Access historical views of risk mitigation over time, illustrating the most significant, critical, or anticipated risks impacting the organization presently or in the future.
- Compare and contrast solutions based on relevant metrics such as mitigation ratio, return on security investment (ROSI), and the number of controls impacted.
- Break down solution costs, plans, and impacts by CAPEX and OPEX.
- Weigh solution costs and impact on the organization’s cybersecurity posture with an array of risk quantification methodologies such as FAIR, ISO27005, and others.
“For organizations to manage cybersecurity as a true business function, there needs to be a trustworthy narrative about how program goals align with those of the business. Ultimately these two sets of goals should be unified, presented in a way that is easily understood and backed by all stakeholders,” said Padraic O’Reilly, Chief Product Officer and Co-Founder of CyberSaint. “We have worked with some of the most forward-thinking security and risk leaders on these new features to help them achieve this alignment within their own organizations. Now they have the technology to support the shift towards making cybersecurity resiliency an enabler of their business strategy.”
Keller noted, “CyberSaint’s approach to building a forward-thinking solution moves past the status quo that the legacy governance, risk, and compliance market established long ago. Our largest customers see value in a flexible and automated solution that gives them the capability to baseline cybersecurity posture in accordance with any framework, while seamlessly allowing them to manage risk in a dynamic way that enables business goals – something only an integrated risk management-focused solution could do and only CyberSaint has brought to market.”
These updates, driven by increased market demand and designed in collaboration with CyberSaint’s customers, build upon CyberStrong’s existing functionality to facilitate agility, measurement, and automation for cybersecurity and information security programs. The company has a history of delivering simplicity and flexibility while simultaneously offering an uncompromisingly robust feature set for customers, who range from high-growth technology companies to many of the Fortune 500.