Core Pillars: technology and modules

Quantifies data exfiltration from potential data breaches, business loss from Ransomware, DDoS and regulatory implications. Ascertains record, the confidence in your cyber event recovery plan and identifies excess regulatory exposures and how to reduce them.  

Provides a rationalized view of all cyber security, privacy, and industry regulations. Data includes scope, business obligations, enforcement, security requirements, contact with authorities, privacy requirements, data access rights, etc. 

Provides a third-party cyber risk management program 

Provides a privacy program that includes GDPR, CCPA, Canadian Federal and Provincial Privacy statutes, etc. Allows the company to understand financial exposures, vendor exposures and be complaint with data subject access rights and Privacy Program.

Provides a means for both internal and external auditing. Allows auditors to verify the effectiveness of the cyber security controls 

Provides budget functionality for cap-ex and op-ex across people, process, and tools to budget for your cyber security program. Can budget for shared environments. Useful to demonstrate planning across multiple regions, business units, and subsidiaries.

Provides a project and task management function to assign and manage remediation efforts, projects, and assessments 

Provides a host of frameworks to choose from (including custom) to perform your control testing.  Allows the enterprise to identify trends and gaps in cyber security controls offering suggestions to remediate risk and reduce to acceptable levels. 

Integrated data from our proprietary scan and from security tools to demonstrate gaps in controls and findings with financial prioritization of remediation work.

Provides for the management of cyber security policies and procedures to be compliant with regulations. Allows the company to tie controls to policies and uses a workflow to ensure that reviews and updates are done annually.