What is it?
CyberPrism is a CAT (Cyber Assessment Tool). There are currently three versions available.
CyberPrism-CU (Credit Union) this is a combination of access to the software supported by a team of cyber risk experts.
CyberPrism-FS (Financial Sector) is access to the software tool specifically designed for the financial service industry. It works for any financial service company, of any type anywhere in the world.
CyberPrism-VRM (Vendor Risk Management) is access to the software tool designed to work with any type of organisation. It facilitates any third party, client or business partner performing a cyber risk evaluation and sharing the cyber risk rating results with any third party.
Typically, this is used by the supply chain (including business partners and corporate clients) of a financial service company in order to accurately articulate and assure confidence in cyber security.
“I would highly recommend CyberPrism. It is easy to use, you don’t need a degree in IT, you just need to know your business. CyberPrism gives you the peace of mind that you have the controls in place to meet your business’s cyber inherent risk. The inherent risk is calculated for your organisation not a sector in general and thereby lets you know what your cyber maturity should be. You can easily identify any gaps in and what you need to do to improve your controls. As well as calculating your inherent and maturity risk CyberPrism produces reports for the Board and Regulators. If you improve or add a new control you can simply change your answer to the specific question and thus improve your score and generate a new report.” Denise Comerford – Member Service Manager - Comhar Linn INTO Credit Union Ltd
“CyberPrism is a powerful tool that is easy to use, and has allowed us to measure our inherent risk in relation to Cyber Security. The CyberPrism staged process assists your business in planning and implementing a Cyber Strategy in-line with industry standards such as ISO27001, COBIT, PCI DSS, ISSA to name a few.
As a highly regulated business, CyberPrism has guided us on our journey in Cyber Security ensuring we abide and implement an advance strategy in line with required standards and requirements. The powerful dashboards and reports easily display and explain your’ inherent risk and assist in implementing improvements across your business while explaining in simple terms to all levels of Management & Staff Cyber Risk requirements.
I would highly recommend CyberPrism to all that need to start or are reviewing their Cyber Strategy.”
Gerard Clear, Head of IT - Cabot Financial Ireland
What Does It Do?
The software has an easy to use interface and guides the operator via an intuitive process to perform the various tasks and processes. The software operates from a secure cloud infrastructure and there is no installation required.
Stage 1 - Cyber Inherent Risk
Every business is unique, including every financial service entity. Therefore a "one size fits all" approach is simply not appropriate when it comes to evaluating the cyber security risk and maturity of an organisation. The first stage of CyberPrism calculates a metric referred to as Cyber Inherent Risk. That is a scientific indicator of the level of risk associated with your organisations use of cyber related activity. This is achieved by the operator answering a series of questions utilised to calculate the inherent risk of your organisations cyber DNA.
- Organisational Characteristics
- Delivery Channels
- Online/Mobile Technology Products and Services
- External Threats
- Technologies and Connection Types
There is a direct relationship between the cyber inherent risk of an organisation and the appropriate maturity level of mitigating controls in place. Everybody does not need the most mature level of controls in every area across every facet of their business. Understand what maturity level is required and appropriate is key to adequately investing and managing cyber risk. The second stage of CyberPrism brings the operator via a detailed holistic cyber maturity assessment designed specifically for the financial service industry. The user selects answers from questions presented and has the option to add notes or upload supporting evidence documents for inclusion if they wish.
The maturity assessment is holistic and covers the following areas:
- Cyber Risk Management and Oversight
- Threat Intelligence and Collaboration
- Cyber Security Controls
- External Dependency Management
- Cyber Incident Management and Resilience
Cyber Risk Rating
Upon completion of Stage 2, CyberPrism calculates your 'Cyber Risk Rating" and makes the metrics instantly available to you. Using advanced algorithms the system calculates and contrasts your current maturity of controls and compares it to your cyber inherent risk. The resultant score is an accurate indicator of your cyber risk status as it is completely tailored and based on the cyber DNA of your particular organisation. You are being assessed against what you specifically require as opposed to be assessed against a blanket generic standard of controls. Your cyber risk rating score is a value out of 999, the higher your score the safer your organisation is to deal with in relation to cyber risk.
Stage 2 - Cyber Maturity Assessment
Executive management require accurate MI (Management Information) in order to make key strategic and operational decisions. More data is more perspective on a situation. CyberPrism produces over 20 executive dashboard reports that can be printed. The dashboards are also interactive and can be manipulated and filtered online.
Cyber Maturity Report
Every assessment process is only as good as the report it produces. With the click of a button, CyberPrism calculates thousands of data points of information and generates a comprehensive Cyber Maturity Report for your organisation in MS Word format. This high quality reports contains over 100 pages of information specifically tailored for your organisation. The report can be saved offline and regenerated within minutes if any changes are made to your assessment.
The report includes sections such as:
- Executive Summary
- Cyber Inherent Risk Status
- Cyber Maturity Status
- Roadmap to Maturity
- Cross Mapping to International Standards and Frameworks
- Evidence Collected
It is often necessary to demonstrate to a third party your cyber security status. However, sharing security audit reports is a security risk in itself as they often contain sensitive information that could pose a risk to your organisation if they fall into the wrong hands. CyberPrism handles this challenge in an innovate way. CyberPrism allows you to send a unique link to the headline "Cyber Risk Rating" results to any third party. This facilitates the third party being able to view your Cyber Risk Rating score without observing any details behind it. The "Cyber Risk Rating" features also allows you to optionally embed a widget of code on your website to display a Cyber risk Rating Trust Seal. When a visitor clicks on this seal, CyberPrism displays your cyber risk rating score to the visitor based on your most recently completed assessment.
Contact the experts at Cyber Risk International for a no obligation consultation and find out how your organisation can starting enjoying the benefits of CyberPrism.