Relevant, Actionable Findings Improve Security Risk Management

The enterprise is committed to achieving an excellent level of security to protect its data in a highly heterogeneous corporate environment. Its many subsidiaries have their own technical teams and security infrastructures that they each maintain separately. Keeping them all aligned and coordinated in terms of identifying and addressing their security vulnerabilities is a key priority.

Meeting that security challenge is the role of the chief information security officer (CISO). “Our corporate strategy is to grow the business by acquiring companies. And our philosophy is to allow subsidiaries to keep their independence and responsibility for their own security. As the CISO, my role is trusted advisor to each of them,” he says.

The organization had previously tried to use a security ratings service for a view of risk across their subsidiaries. “But,” the CISO says, “the findings were not accurate, relevant, or actionable. The subsidiary teams became more and more frustrated with the time they were investing on irrelevant findings.”

They sought a solution that would give them an accurate and actionable view of their digital footprint so that they could address their risks and realistically report their security status to the Board of Directors.

Why CyCognito?

The CISO’s appreciation of the capabilities of the CyCognito platform began with the initial proof-of-concept meeting. “I was really astonished with the attack surface context I could see,” he says. “The CyCognito platform found something in one of our joint ventures that we were not aware of; a partner was operating an intranet server that was — unintentionally — externally accessible on the internet. This is the kind of back-door risk we are looking to eliminate.”

“The CyCognito platform helps us tremendously in our goal to meet ever-increasing security challenges,” he says. “It always provides relevant and actionable information about our attack surface and potential risks. The platform also helps us efficiently understand the risk posture of each of our subsidiaries.”

Results

“Our results with the CyCognito platform are really great,” the CISO says. “We now have direct visibility to our assets across our subsidiary environments and our security risk. Finding and fixing issues is our goal and the platform helps us do that.”

Use of the CyCognito platform, with findings that are always relevant, has also helped him build a strong level of trust and cooperation with the organization’s subsidiaries. Because of the value the platform brings to both the headquarters’ and subsidiary security teams, the corporate office covers the cost, providing subsidiaries access without an internal chargeback.

“No one really wants to be informed about a security issue, but it is necessary and appreciated. The CyCognito platform helps the subsidiaries secure their environment and helps them with their business,” he says. “An important ‘soft factor’ benefit of the platform is that it helps improve the communications of the dispersed security team and strengthens the cooperation of the group.”

“I appreciate the ongoing growth of the CyCognito platform features and capabilities,” the CISO says.

In future they will continue to implement and expand on capabilities in the CyCognito platform, including their use of the API for integration with other security tools and the platform’s rule-based alerts.

“Additionally, the ability to override issue severity is very exciting. We have security experts within the subsidiaries with deep knowledge about their organization’s legal responsibilities. This feature allows them to apply their very specific knowledge to modulate issue severity accordingly.”

“Overall,” the CISO says, “the key benefit is that the CyCognito platform helps us avoid major incidents, which is very much appreciated.”