Rofori Private Social Networking

CYBERSECURITY

• Overwhelming
• Complex
• Expensive
• Risk Measurement Challenge

Rofori for CyberSecurity

HOW DEFCON CYBER WORKS


Rofori for Cybersecurity

DEFCON CYBER


DEFCON CYBER is a software solution (either Cloud Service or SharePoint app plugin) that enables a company to establish a cybersecurity program or enriches an organization's existing cybersecurity program with capability to provide continuous assessment of an organization's cybersecurity risk posture based on its strategy, represented by its prioritized NIST Cybersecurity Framework Target Profile.

To move out of what Amit Yoran, President of RSA, calls "the Dark Ages of Cybersecurity" the industry needs to change from a focus on perimeter defense which is not effective, to managing cybersecurity risk, prioritization, and visibility. It is recognized that every organization does not have sufficient resources to protect and respond to everything.

What truly matters is your organization's ability to execute its cybersecurity risk management strategy by responding to priority indicators of compromise, and being pro-active in finding indicators of compromise. DEFCON CYBER operationalizes this new approach, akin to Process Control for Cybersecurity, where Process Control is defined as "Activities involved in ensuring a process is predictable, stable, and consistently operating at the target level of performance with only normal variation."

Continuously measuring an organization's cybersecurity risk posture fulfills the critical need for measuring an organization's ability to execute its Cybersecurity Risk Management strategy. DEFCON CYBER provides a holistic approach to address these needs, culminating in a measure of organizational cybersecurity risk posture.

DEFCON CYBER begins by leveraging the NIST Cybersecurity Framework approach for risk management. The Framework result artifacts are the embodiment of the following 3 key strategic questions:

1. What are our Critical Data Assets?

2. What are our likely high impact THREATS?

3. What is our prioritized STRATEGY to protect our critical Assets from the Threats?

The primary resulting artifact of the Framework activity is the organization's Prioritized Target Profile, which represents the desired outcomes of priority activities the organization needs to effectively perform in order to protect its critical assets from its threats, i.e., the representation of an organization's Cybersecurity Risk Management Strategy.

To enable measurement of the execution of the organization's cybersecurity strategy outcomes, DEFCON CYBER enriches a Framework Profile by adding a priority, response threshold, and other proprietary information, at the Profile Subcategory level.

Upon deployment of DEFCON CYBER, either Cloud Service or SharePoint app plugin, through the continuous analysis of an organization's critical assets, threat environment, data architecture, and the ability of the organization to execute its prioritized Framework Profile activities (strategy execution including both process and outcome measures), DEFCON CYBER continuously computes the organization's current cybersecurity risk posture score.

DEFCON CYBER does this by intercepting all indicators and alerts from all of an organization's cybersecurity tool stack, including tool suites such as continuous monitoring, SIEM, forensics, etc., and prioritizes each instance of an indicator or alert from the organization's Prioritized Framework Profile – indicators from all "tools" are mapped to the Framework Subcategory for which it supports, thus inheriting a base priority value from organization's Prioritized Framework Profile, thus the indicator becomes directly linked to the organization's risk management strategy.

In addition, DEFCON CYBER assigns priority indicators to the appropriate response team, measures the time to respond to, and dispose, for priority indicators. If priority indicators are not responded to or disposed within the time thresholds established for the organization, then alerts are sent to higher levels of organization management. This provides accountability for strategy execution. The underlying collaboration framework fosters peer review, team collaboration, knowledge capture, skills development, and shared situational awareness as a result of its patented approach, providing the organization with an answer to the fourth (4th) key strategic question:

4. What is our Organization's Ability to EXECUTE our strategy?
DEFCON CYBER enables the anonymous aggregation of cybersecurity operations data correlating an organization's critical assets, threat environment, risk management strategy, processes, team structure, team personnel composition, security tool stack, indicator responsiveness, and outcome effectiveness. DEFCON CYBER analysis of this anonymized aggregated data enables objective data supporting best practices, security tool stack, process and team configuration, for organizations of different categories (Industry / Segment / Size / Maturity / Location / etc.)

DEFCON CYBER is the only existing viable approach for accumulating anonymous operational data correlating an organization's critical assets, threat environment, risk management strategy, processes, team structure, team personnel composition, security tool stack, indicator responsiveness, and outcome effectiveness.



Defcon Cyber

TALK TO US

Rofori Corporation
7960 Donegan Dr, Suite 225
Manassas, VA 20109
(571) 379-7322

FOLLOW US

follow us on facebookfollow us on twitter