A game-changer for CISOs and InfoSec teams
Effective communication of complex cybersecurity concepts, risks and controls within organizations is more critical than ever. The amount and variety of data creates a challenge in quickly assessing overall performance and identifying key vulnerabilities.
To address this, we have introduced Controls Scorecards - the streamlined solution for assessing and communicating your cybersecurity risk in a single view.
This powerful feature distils complex data from several metrics into a single, comprehensive score, providing immediate clarity on your organization's overall controls performance.
Controls Scorecard is shorthand for the Cybersecurity Controls Scorecard.
Selected dashboards are averaged to create a single overall performance score. You can then examine metrics on each dashboard to dig deeper into the underlying data.
A Controls Scorecard page, showing overall performance score as the average of a set of dashboard scores. The dashboard score tiles can be selected to display detailed metrics.
Key benefits of Controls Scorecards
Cybersecurity Controls Scorecards represent a paradigm shift in cybersecurity reporting and management. Intricate security data is transformed into a precise, actionable number that facilitates rapid decision-making, effective risk management, and communication with non-technical stakeholders.
Scorecards facilitates:
- Trust and support from the board: Scorecards provides simplified reports that can be easily understood by non-technical stakeholders.
The self-explanatory, accessible, and exportable reports help CISOs and InfoSec teams to build a better understanding among business stakeholders of the impact of the security function. - Streamlined communication: Controls Scorecards deliver an executive-level summary of cybersecurity controls performance, making it ideal for CISOs and InfoSec teams. They offer a straightforward, concise method to communicate status quickly and confidently.
- Compliance and protection: Consolidating policies, coverage analyses, and top threats in one place helps meet compliance and optimizes protection against cyber threats.
- Prioritization of threats: Controls Scorecards provide critical metrics and scores, enabling quick identification and prioritization of significant threats for more effective cybersecurity management.
- Compare performance across business areas: You can view breakdowns of your controls performance across and between business units, divisions and regions to see how different business areas are performing.
You can build as many scorecards as your organization needs, allowing you to quickly shift focus between different strategic goals. For example, you might build a scorecard for each region in which your organization operates, AMER, EMEA and APAC. - Bespoke reporting: You can tailor your approach by choosing which dashboards contribute to the overall score for relevant and precise cybersecurity reporting.
Scorecards let you stay ahead of threats, which simplifies security assessments and bolsters your strategic response capabilities.
How is the Overall Performance calculated?
The overall performance score is the average of the summary scores from the various dashboards that are added to the Controls Scorecard. Each dashboard score indicates how well the metrics in the dashboard are performing.
The overall score is calculated through the following stages:
1. Red/Amber/Green (RAG) Metric Thresholds: Within a dashboard, you can assess any metric against specified thresholds to assign a status of red, amber, or green. Green and amber constitute a pass.
Metrics showing color status according to the threshold ranges.
Metrics without thresholds are shown in blue. These are not included in the calculation.
2. Dashboard score: The dashboard can be configured to include a summary score based on the ratio of passing metrics to the total number of metrics evaluated.
This is the percentage of metrics in the dashboard that are within company risk thresholds and indicates performance against the optimal outcome.
Let's say a dashboard has 10 metrics, 8 of these have thresholds and 6 have passed showing a green or amber status. The score for that dashboard is 6/8 * 100 = 75%
Dashboard score and trend chart
3. Add dashboards and average their scores: Each dashboard has an Add to Scorecard button to include it in as many scorecards as required. Scores are then mean averaged for all included dashboards, providing you with an overall score for your organization.
Let's say three dashboards have been included in a Controls Scorecard, with scores of 75%, 40%, and 44%. The overall score is the mean average of these three at 53%.
The current overall performance score is shown at the top of Scorecard.
A Dashboard must have a summary score added if it is to be included in a Controls Scorecard.
Comments
0 comments
Article is closed for comments.