Please Mind The Gap(s) In Your Security Posture

15 Apr 2020

Much as it would be nice if hackers could give us a bit of a break, new threats show no sign of slowing down, and they’re not going to. So, let us guess something here: your IT team is currently battling more threats than ever before, and you’re trying to tackle them with restricted budget and already stretched resources (people, skills, time). Despite a security stack that’s overflowing with tools, you still don’t feel like you’ve ever plugged all the gaps, or know exactly which tool will help to fill them.

Sound familiar? We thought so. You’re not alone, a huge number of IT Teams and CISOs are in the same boat.


The Fog Of More


A couple of years ago, Tony Sager, renowned cyber security guru and Senior Vice President & Chief Evangelist at the Center for Internet Security (a mouthful, we know) coined a very apt phrase for CISOs’ predicament: “the fog of more.” The fog of more refers to the fact that security professionals have more tools at their fingertips than ever before, and yet breaches still occur, both within and at the edge of their networks.

CISOs aren’t the only ones lost in the fog; their board-level colleagues are arguably fatigued with the all-too-regular requests for more money to spend on more tech to fight what seems like a losing battle. At the 2020 RSA Conference, the Wing summit brought together CISOs to get their no-holds-barred take on their current pain points. One attendee described the board’s experience as follows: “Board members are generally not comfortable with security and often walk away from security presentations unsure of how to feel.”* CISOs need to be better equipped to give their board a clear understanding both of the risks faced, and how newly proposed tech investments will counteract them.

Instead of going back to the board and doing their best Oliver impression (“Please sir, can I have some more?”), CISOs should use Cyber Observer to confidently explain and substantiate their requests for additional security expenditure.

* Wing 2020 p1


Now You Can Truly ‘Mind The Gap’


Cyber Observer gives CISOs the big picture in a single pane of glass dashboard. The dashboard can be personalised by each individual user either by using one of their many out of the box views, or by custom building their own.

This on-demand, near real-time view of their currently deployed tools, highlights where they are being under-utilised, and where there are security gaps that they’re not filling. Cyber Observer’s coverage gap analysis is a handy little feature that represents a great advancement in risk mitigation management. So, how does it work?


Gap-Analysis Explained


Cyber Observer gives your security posture a total coverage score across all facets of security posture, including Malware Defences, Data Security and Incident Management. Cyber Observer scours the darkest corners of your security kingdom to ascertain your organisation’s Continuous Domain Status. Although there can never be 100% certainty in cyber security, it shines a light on potential danger zones, acting as a virtual lighthouse.

The hugely saturated security market means that CISOs are “bombarded by so many security vendors that [their] head spins,”** so Cyber Observer does the hard part for you and helps determine the missing cyber capabilities that will comprehensively plug the gaps. Once gaps are exposed, Cyber Observer runs ‘what-if’ scenarios on your security stack to determine which categories/ capabilities are best placed to help fill these holes. This is made possible as Cyber Observer control, maintain and monitor an up-to-date version library of 1000s of Critical Security Controls (CSCs) that runs in near real-time.

Each potential tool’s effectiveness is judged on how it would run as part of your existing cyber ecosystem, so that you can prevent any wasted cash through function duplication. This means that CISOs can firmly ascertain a security tool’s exact business value prior to purchase.

** LinkedIn Article


Release Budget To Be Spent Elsewhere


By enabling CISOs to substantiate where further resources are required, Cyber Observer helps them to cut back on security spend, without compromising on protection. Budget can be freed up and reallocated to drive innovation elsewhere in their IT estate.

Cyber Observer helps to keep costs down further by itself being billed not by the number of users an organisation has, but instead by how many tools there are within your security stack. As such, it doesn’t penalise your business for growing and positively encourages organisations to maintain a healthy stack that is as lean and effective as possible.

Next month we’ll finish up our three-part blog series on Cyber Observer by looking at how the tool helps to maintain good health across your entire security posture.

To arrange a free Cyber Observer demo contact us today on or call 020 7078 0789. Alternatively, drop us a line if you fancy a chat about cloud and email security, communications platforms, cutting-edge IT solutions or whether hitting the beach or the slopes is the best way to relax…

Go Back