Services PIP America protects the value in your organization by managing operational risk in the cyber era
About Us Our unique partnership of top-tier consultants and U.S. military leaders aims to secure and grow American critical infrastructure, private enterprise and government Find out more about our team
Leadership Team Our people are world-class. Drawn from the highest levels of the U.S military and top-tier industry firms, they have deep industry and implementation experience Meet our Leadership Team
HighlightedPIPers Our people are world-class. Drawn from the highest levels of the U.S military and top-tier industry firms, they have deep industry and implementation experience Meet our Team
Contact Us Thank you for your interest. Get in touch with your questions or feedback Contact us to find out how we can help you
by Joseph Socolof Contributing Editor ‘Do you want to build a dashboard?’: Building a risk-based cybersecurity dashboard to improve executive decision-making Most organizations have an executive dashboard for cybersecurity. Unfortunately, most are designed and built by the IT organization, and most focus on compliance and maturity rather than on what truly matters – risk mitigation. Even worse, most provide little ability to drive effective executive decision-making. Let’s start with a very simple premise: cybersecurity is a business enabler. If risk is well understood within an organization, it will have been quantified in dollars. Cybersecurity, then, is an enabler of value – it allows an organization to clearly quantify the tradeoffs between the financial investments made and the value those investments provide to the business. Good executive-level reporting is not technical. It should be risk-based, business-driven, and highlight five things: Top risks – What matters? How much risk do we have and where do we need to focus our efforts?Resilience – What is our ability to recover? When there is an event, how prepared are we?Mitigations – What are we doing about it? Do we have a credible plan/roadmap to address gaps?ROI – Are we investing well? Do we have an understanding of the economic tradeoffs we are making?Performance – How well are we executing? Are we doing what we said we would do? Are we getting the results we expect? An effective executive-level dashboard will drive more timely and more informed decisions. It will create transparency and an easily digestible view of an organization’s risk exposure, it’s critical assets, vulnerabilities, threats, mitigations, and performance. Decisions can then be made regarding which steps should be taken to protect assets based on the risk those assets represent to the business. If done well, organizations will have a customized plan to protect its most critical assets and most significant risk and will have transparency to the economic benefits of the decisions it is making. Establishing a dashboard is often the right first step on the journey. In as little as six weeks, an organization can have a platform for more effective dialogue and, in turn, for data-driven decision-making. Often, the simple process of creating a risk-based dashboard will highlight gaps in governance, systems, and data. In the longer term, it will lead to an improved cyber posture. Leave a Reply Cancel reply Your email address will not be published. Required fields are marked *Comment Name * Email * Website
