In this series of posts from our CEO and co-founder, Ted Gutierrez, he talks about our platform’s Entities Page. Why it exists, what our customers use it for, and how it helps them make risk management improvements faster. Enjoy.
So You’ve Completed an Assessment….What Now?
When I was a risk manager working for oil and gas operators, my consistent challenge was finding ways to help operational leaders make decisions easier. So, when my co-founder and I decided to start building SecurityGate.io, we prioritized the idea of creating visual depictions of the information collected throughout risk management activities. One of these is now known as our Entity Page. It started as an idea on a whiteboard after a customer call. Our customer posed a challenge: “After I conduct multiple assessments across a given ecosystem, how do I know where to focus my efforts?”
Every feature and capability in the SecurityGate.io platform originated from specific problems risk managers deal with in real-world operational environments. In this post we’re diving into our entity page, which has become our platform’s primary area of collaboration for risk managers, leadership and operational teams, and their consulting partners.
What is an Entity?
First, let’s define what we mean by entities. Entities are the things that make up an operational environment. They’re the things that are assessed for risk, no matter how macro of a view you take or how specific you get into components. Examples of entities are entire businesses, a production facility, an asset (like an IT or OT network, for example), a third-party supplier or vendor, a software program. The commonality is that each entity will have at least one risk manager responsible for assessing potential business risks and overseeing remediation efforts to mitigate the risks.
A Single Pane of Glass
The entity page is used to answer many different questions. It helps leaders understand what a given risk score really means to the business. It becomes a scoreboard for teams to track their progress on a global scale. It’s a tool to help board members understand which facilities may be at the greatest risk of a business-impacting cyber incident. Our customers continue to provide us with new examples of how the page is most valuable for them.
Keep scrolling to check out a quick, 2 minute video demo of the entities page.
The information on the page (listed below) is organized to help present insights in a way that’s easy to understand and quick for finding the answers to risk management questions.
- Risk Scores – Or risk ratings, are auto-generated by the SecurityGate.io platform based on inputs from a risk stakeholder.
- Criticality – A weighted variable assigned to an entity that signifies the impact to business operations should that entity be compromised.
- Business Context – These are variables that influence the criticality of an entity and factor into the risk score. These variables represent the unique way the business uses the entity at any given time.
- Control Posture – A display of cyber controls that are specific to an entity. They can be viewed from a high strategic level down to granular detail.
- Entity Drill Down – An in-depth overview of key activities, scores, and improvements presented for the entity showing progress over time.
- Geo Heat Map – A geographic visual of entity risk scores across an organization’s ecosystem.
- Top Threats – A roll-up of the top cyber threats across a given ecosystem of entities based on their most recent assessment results.
Back when the entity page was just a whiteboard drawing, the way we envisioned it being used mirrors some of the best early feedback we were given. An OT manager at a chemical company said, “I don’t need another dashboard feeding me data. I need a single pane of glass to offer insights.” Using that idea, we designed the entities page to be strategic in nature, offering an opportunity for collaboration on all the “so what” and “what’s next” types of discussions.
See The Insights You’re Missing Out On
Check out the short, 2 minute video demo of our entities page below. We’d love the opportunity to go into more detail with you, so please contact us using the button below the video and we’ll set up a personalized tour through the platform.
Thanks for reading. Hope you enjoy the video.
If you enjoyed this post, check out this set of tools we created to help our customers gain cross-company alignment for new risk management initiatives.