Solution

Expert analytic platform for cyber security risk & compliance management

W Platform

W Platform streamlines the entire life-cycle of risk & compliance management while addressing its key challenges: the shortage of cyber expertise needed to face the changing threat landscape, increasing complexity of technological infrastructures, growth of reviews workload, increased time and budget deficits, and built-in language gaps between cyber technicians and their business managers, gaps that make it difficult for executives to make informed decisions.

The platform addresses those issues by providing the following capabilities:

Analytics and expert know-how to support experts during risk assessments and remediation recommendations
Automation of operational activities and processes to increase efficiency and cost-effectiveness
Tools to evaluate the cyber status and reporting tools to support the various stack-holders involved in decision making

W Platform Overview Scheme

The scheme shows the cyber risk and compliance information flow :

Risks are received from external sources such as scanners, penetration tests, and the like.
The intelligence risk engine automatically creates questionnaires for reviews, assesses their risks based on their business impact, and streamlines them with risks that are being collected from the external sources.
This risk information is fed to the remediation workflow that manages risks mitigation across the organization and provides on-line status and progress notifications that are fed in turn into the analysis tools.
Analysis and dashboard tools provide management a holistic updated cyber posture and means for decision support.

Main Features

The platform provides overall cyber risk analytics and process automation.
It supports complex mesh of IT/OT/IoT infrastructures.
The solution covers the entire technological infrastructure of organizations, including their third parties supply chains.
With the involvement of just a few senior experts, it can support multiple junior experts consequently and expand cyber competence throughout the organization.
Analytics and automation for the overall cyber risk & compliance management life cycle include the following tasks:
- Setting security requirements
- Defining policies
- Conducting risk and compliance reviews
- Collecting findings from automated cyber tools
- Assessing risks
- Recommending mitigation activities
- Dash-boarding and reporting tools

Benefits

Cyber Risk insight: Provides the organization an overall status of review and remediation activities and actual risk.
Online reporting: Sends progress updates across the organization.
Actionable management: Allows to select and prioritize remediation activities.
Effectiveness: Supports many reviews simultaneously.
Efficiency: Enables a limited number of senior cyber experts to mentor many junior fellows.
Competence increase: Empowers junior experts to function as specialists in a wide range of cyber disciplines (IT/OT/IoT).
Remote work: In case of travel restrictions (as in the current COVID-19 crisis), it supports ongoing remote work for expert teams and vendors.
Seamless integration: IW Platform is installed in less than a day jointly with its out of the box cyber know-how. Additional expertise will be integrated during daily work.

What Makes W Platform Different?

Asset-based risk management: This is the core of the W platform. Virtually anything can be defined as an asset type: business process, organizational unit, product, application, region, system, vendor building, etc.

Every asset type has an instant, built-in dashboard with no programming or customization required.
There is no need for the time-consuming processes of mapping each finding to a specific control (it is possible though). You simply need to attach findings to the relevant asset. This enables a quick and easy implementation and a speedy integration of external cyber tools.
The asset approach enables flexible, asset-based policies. This means that you can not only easily support multiple regulations and standards, but also mix and match control-sets based on asset types and specific asset properties. As an example, W Platform can automatically enforce one policy for systems installed inside the organization, and another policy in case that the same system is implemented on a public cloud.

OT & IoT Support: The asset-based approach enables full support for OT and IoT infrastructures, with predefined blueprints of assets and cyber parameters for different sectors.

Cyber Risk Analytics: W Platform is not just a documentation tool since it provides risk analytics designed for cyber risk assessments. Namely:

o Its risk analytics reduces the time and costs of risk & compliance processes by generating automated, fact-based questionnaires, and automatically evaluating the collected fact-based answers.

o By analyzing dependencies between assets, it shows exactly how risks of underlying assets (servers, network components, subsystems) can affect overriding assets (systems, processes, services).

Business Focus: The software’s unique dependency mappings, the asset approach, and analytical tools are what enable us to bridge the gap between technical IT and security world with the business itself. This is achieved by means of:

o Enabling business impact analysis – it classifies assets based on objective business and security criteria

o Connecting technical risks to high-level business services

o Prioritizing remediation activities based on business criticality and, thus, prioritizing mitigation investments based on business needs

o Allowing asset and risk classification with business-related parameters (financial, safety productivity, brand, legal)

o Providing dashboards and reports adjusted and suitable for the different CXO stakeholders