The X-Analytics Team is excited to announce the release of our dynamic Cyber Governence module for the X-Analytics application. For our customers, this module has been made available with your X-Analyitcs enterprise subscription. We believe this module brings tremendous value to X-Analtyics and addresses an ongoing topic of 2024. Please see the below summary of the Cyber Governance module and contact your Customer Success team for information or a walk-through of the module.
New Features & Functionality
The X-Analytics Governance Module was designed to help you understand your overarching cyber responsibilities and practices. These responsibilities and practices wrap around all other mitigation and transfer strategies to ensure stability, fiscal soundness, and due diligence.
The Governance Module determines your govern function implementation, your governance rigor, and your risk management effectiveness.
The govern function is an understanding of the organization's risk management strategy, risk expectations, and related policies. It includes outcomes to inform what your business may need to achieve and prioritize, such as organizational context, risk management strategy, role and responsibilities, cyber policy, oversight, and cybersecurity supply chain risk management.
Governance rigor is the degree at which your business has an organization-wide approach to cyber risk. This includes monitoring cyber risk with other operational risks, ensuring the cyber budget is based on current and predicted risks, implementing a executive-sponsored cyber risk vision, promoting that cyber risk management is part of the culture, and quickly accounting for changes to the business.
Risk management effectiveness is the degree at which your business has reduced cyber risk based on your unique risk profile and the current threat condition. This includes your effectiveness against web application attacks, point of sale intrusion, payment skimming, insider and privileged misuse, human error, physical theft and loss, firmware (including ransomware), cyber-espionage, denial of service attacks, and unknown activity.
Since targets are one component of cyber risk governance, the Governance Module includes the ability to set targets for cyber exposure, control effectiveness, and the dynamic cyber governance score.
You can use the cyber exposure target to aim your risk mitigation and transfer actions.
You can use the control effectiveness target to prioritize and improve the implementation of key cybersecurity frameworks.
You can use the dynamic cyber governance target to improve your risk management strategy, your organization-wide approach to cyber risk, and to contemplate your evolving cyber risk landscape.
What's included within the Governance Module
The Governance Module includes an addition to the profile builder to capture inputs related to the govern function, governance rigor, and governance targets.
The govern function section captures information related to:
organization context,
risk management strategy,
roles, responsibilities, and authorities,
policy,
oversight,
and cybersecurity supply chain risk management.
The governance rigor section captures your:
approach to cyber risk is organization-wide
executives monitor cyber risks with other operational risks
cyber budget is based on current and predicted risks
organization has an executive sponsored cyber visions
cyber risk management is part of the organization's culture
organization quickly accounts for changes to the business
The governance targets section captures your cyber exposure, control effectiveness, and cyber governance targets.
The Governance Module includes an advanced report, within the X-Analytics report center. The "Cyber Risk Governance Report" includes an executive summary, cyber risk governance details, and closing remarks.
The executive summary illustrates cyber governance as three key metrics and includes quarterly trending.
The "cyber risk governance details" section provides further information as related to the three key metrics, proposes questions to ponder, and provides analysis to help you make informed decisions.
The "closing remarks" section summarizes the entire report with direct and applicable guidance.
If you have questions, please submit a support request or contact your X-Analytics Customer Success Lead.
Comments