Threat Advisory: Ongoing HermeticWiper Situation. Read More ➞
Risk Scenarios

New in GreyMatter: Measure Your Readiness Against Cyber Risk

Today we’re excited to announce that, as part of our continuing effort to make security possible for our customers, we are introducing a new set of capabilities in our GreyMatter platform. These capabilities are meant to improve an analyst’s experience during investigations, map coverage to risk scenarios of concern, and measure and communicate actionable metrics to the business at large.

We have introduced a new capability allowing you to map coverage to Risk Scenarios, enabling you to measure your organization’s security posture against various types of cyber risk. We’ve also improved our Reference Lists capability and updated our detection rules mapping to MITRE v10.

These improvements will help provide a clear view of how an organization is postured against a certain threat and allow security teams to make informed decisions about which security products and solutions are necessary to protect the business.

Get the Risk Scenarios solution brief ➞

The State of Risk Assessment

In recent weeks, we’ve seen attack after attack facing businesses and the world at large. And whenever news of a cyber-attack hits the web, executives often turn to their security teams and ask questions like “How well are we prepared for a ransomware attack?” or “How are we positioned against phishing?”

Unfortunately, these questions have historically been very difficult to answer. It’s even harder to translate the measurements into something an executive or board member can easily understand.

That’s where GreyMatter comes in. Our new capability, Risk Scenarios, makes it easy to answer questions like these. Instead of spending hours on manual research, you can use our new reports to see how your organization stacks up against specific types of cyber risks. In just a few clicks, you can determine your security posture against common attack types and see your results broken down to a tactical level.

Measuring Against Risk

Risk Scenarios constantly measures your status against four major categories of risk:

  • Exploitation, in which malicious actors attempt to access your organization’s systems by exploiting a specific path. Common types of exploitation vectors are phishing, remote access, and supply chain weaknesses.
  • Disruption, when an attack threatens the functionality or performance of a critical business service or application. Ransomware is a common disruption method.
  • Infiltration is when attackers access your system and then move laterally into higher-value targets elsewhere in the network. This is most often carried out using stolen credentials.
  • Exfiltration is another term for data theft. Exfiltration can affect many types of data, including payment card information, personally identifiable information, and intellectual property.

It also breaks down into specific threat types, making it easy to see your standing against those that are of most concern to your business.

Learn how ReliaQuest does detection, investigation, and response ➞

Benefits to the Business

Better Visibility

As we’ve said before, visibility is fundamental to security preparedness and a robust security strategy. Knowing the state of your security posture against cyber risks is key to protecting your business. Risk Scenarios helps you understand where there are gaps so that you can make sure vulnerabilities are dealt with before it’s too late.

Improved Communication

Risk Scenarios presents your security posture against various threat types in a visually clear, readable graph that’s easily shareable with non-security stakeholders. Security teams can track their efforts to defend against threats of particular concern to the organization. They can then take this information and present it in a clear format to business leaders, resulting in much better alignment between the teams.

Optimized Investments

Not only does Risk Scenarios give you your status against relevant threats, but it also makes recommendations to help you improve your standing. By implementing these recommendations, security teams can quickly and easily address coverage gaps.

Up-leveled Security Posture

With greater visibility, clearer communication, and helpful recommendations, you’ll have a greater understanding of your environment and the threats you’re facing. As a result, you can take proactive action to improve your security posture.

Learn more about GreyMatter ➞

Improved Reference Lists and Mapping to MITRE ATT&CK v10

We’ve also updated two existing features.

In line with keeping with improving efficiencies for security operators, GreyMatter delivers enhancements to reduce tool hopping by automating the collection of various contextual information aiding in faster investigations and further streamlining the security operations workflow.

Finally, we’ve updated our detection rules mapping for SIEM technologies from v7 to v10 of the MITRE ATT&CK framework. With this upgrade, GreyMatter users are better able to visualize and measure detection coverage aligned to the latest techniques.

We hope you’ll check out these features. Customers can reach out to their customer success managers if they have any questions.

 

Until next time,

Ashok

More Articles

Accelerate Detection and Response and Build a Threat Hunting Program with new GreyMatter Capabilities

Today we’re introducing a new set of capabilities in our GreyMatter Open XDR-as-a-Service platform that allow security operations teams to improve detection, threat hunting and ease of management for the platform. These new features address some of the biggest challenges for security programs, most notability that in spite of investments in multiple tools, security operations […]

Top 3 Cybersecurity Metrics to Track in 2022

Organizations’ InfoSec spending is expected to increase through the second half of 2021 and into 2022. In May of this year, Gartner wrote that worldwide spending on information security and risk management capabilities would specifically increase 12.4% and reach $150.4 billion by the end of the year. This translated into an IT security budget of […]

How to Achieve Best-in-Class Security Operations

Why you need outcome-driven Security Operations for today’s dynamic business and threat environment Digital transformation, hybrid or remote work, bring you own devices, shadow IT – business transformation is anything but static and cybersecurity teams are facing the brunt of it as guardians of the enterprise. How do security teams, already hampered with budget and […]