When it comes to the question “What’s our business risk from cyber?” Board members in finance are in the dark.
They know their firms are being targeted by threat actors, that they’re spending a lot on security teams and technologies, and that regulatory reporting pressures are mounting. But they do not know if their firms are in control of cyber risk. Why?
Either they have no cyber reporting at all, or the reports they get are point in time snapshots of technical data or a compliance status. Put simply, the Board can’t understand the relationship between how risk is trending, their security capability to manage it, and what that means for their decisions.
Security leaders are similarly frustrated. They face a battle with what amounts to a technology Frankenstack of tools, which integrate poorly and all need different expertise. They must report to a multitude of stakeholders, and this takes up a huge amount of resource; analysts can spend up to 40% of their time working in spreadsheets using whatever information is to hand – and it’s often out of date data with zero business context.
Panaseer was founded to address these problems. The Panaseer Security Data Lake is a big data analytics software platform that leverages data science and Hadoop engineering. It gives Boards, CISOs, and their teams the continuous, joined up visibility they need to do three things: measure business risk from ‘cyber’, know how security investments are performing to protect against material impact, and automate the identification, measurement, communication and mitigation of risk.
Panaseer is active in the UK and US markets, working with clients including global financial and critical infrastructure firms to measure success, minimize attacker ROI and maximize security ROI.
By Nik Whitfield, CEO, Panaseer