By Tallen Harmsen, head of Cyber Security at IndigoCube

IndigoCube empowers executives to visualise, analyse, and act on cyber threats

Boards and C-level executives want to know what’s going on with their organisation’s cyber security. But they need the information in language they can understand backed up by data that quickly and – more importantly easily – reveals what’s important.

Boards and C-level executives are understandably keen to get a handle on their enterprise’s cyber security posture in an age of growing regulation and oversight. The problem is that it can be difficult for CISOs and other cyber security experts to quickly share real-time data in ways that are easy to digest and quick to translate into business activity.

We leverage IBM’s Data Risk Manager to help CISOs, who now have a seat at the executive table, to deliver the visibility responsible leaders need.

“Forrester research shows us that 51% of people identify the CEO or the board of directors as being accountable for the data, not the IT department. That’s a huge shift,” says Tallen Harmsen, head of cyber security at IndigoCube, which is an IBM Business Partner.

The top four stumbling blocks from being able to clearly show business leaders what the enterprise’s security posture is are:

  1. identifying the most useful data security and risk metrics;
  2. translating data security and risk into business risk;
  3. communicating real-time insight on critical data; and
  4. identifying and classifying the company’s most critical data.

“Forrester’s report accurately reveals that purpose-built dashboards, which visually represent the risk and the most-affected, sensitive assets, will improve executives’ abilities to more proactively manage the data risk,” says Harmsen.

He says that executives need the high-level views that give the strategic risk posture as well as the drill-through granularity required for responsible oversight. IBM Data Risk Manager identifies specific, high-value and sensitive information at risk.

“Borderless networks mean the threat vectors are both internal and external,” says Harmsen. “The solution we provide offers early visibility into potential data and process risks based on deep intelligence that employs the most advanced approaches. The visual representation provides meaningful context that makes it easy to consume.”

POPI and GDPR require companies adopt risk-based approaches to protecting personal information. The Data Risk Manager platform integrates all the relevant threats and vulnerabilities and provides executives the means to control their environments.

“They can immediately see which lines of business have the highest risk levels, ID their crown jewels and see that they’re protected, see where their critical data sits, what, if any, compliance issues they have and what remedial actions are recommended, they can see how sensitive information flows across the business, and they can see what applications and processes access and use the data.” says Harmsen. “That’s not just invaluable insight, it’s absolutely critical in the current legislative and threat environment.”