Strategic Security Package
The Strategic Security Package (SSP) is the core feature package in Fractal’s RMO suite. SSP includes everything needed for enterprise leadership to make informed decisions with respect to both immediate and long-term enterprise security and operational risk management goals. Technical security architecture, business impacts, and the financial costs are considered to make informed security decisions and improvements possible. SSP also includes Event Simulation, a virtual, scalable, and continuously learning Red Team leveraged against the multiple variants of the cybersecurity architecture.
Long Term Strategic Security PlanningAPPLY TO STEERING GROUP
The Long-Term Planning Module utilizes the core ACDP features of Network Resilience scoring, attack paths, and Blast Radius against ingested telemetry and ACDP agent data to determine security hot-spots, undocumented vulnerabilities, and technical recommendations. The artifact of this module is a customized security plan that can drive strategic security decisions. Customers can map existing events and breaches to specific limitations in security architectures to inform future planning.
Specifically, you can expect:
- Target organization and network architecture suggestions
- Network Security State Reports
- Maturity Modeling using NIST-driven security model for existing and target states based on organizational preferences. ACDP includes a full digital self-serve NIST CSF assessment tool, along with capabilities for using expert judgment to improve the accuracy of the qualitative assessments.
- Visibility Value and Attack Chain Analysis provides scenario-based analysis and network resilience, price and impact mapping of potential security investments and tools, and critical attack path/chain analysis
Event SimulationAPPLY TO STEERING GROUP
The Event Simulation Module runs, validates, and iterates on the Financial Plan and Long Term plans continuously. When coupled with the other modules in the SSP, organizations get a quantifiable, real-time report of all enterprise hot-spots. Specifically, that means:
- Dynamic, continuous red teaming of your network environment using the network resilience and Blast Radius scoring and attack exploration engines
- Continuous virtual red team impact assessments for specified deterministic event sets of interest to risk modelers and operators
- Daily virtual red team reports for newly identified enterprise vulnerabilities
- Deterministic cyber event specification tools
Operational Risk Package
The Operational Risk Package includes the Business continuity planning module which allows CISOs and CIOs to better respond to Board and C-level planning and impact assessment requirements in a risk-driven fashion. This includes both business continuity planning and financial risk management.
Business Continuity PlanningAPPLY TO STEERING GROUP
Cyber security is ultimately supposed to support a real business or organizational outcome that delivers value. ACDP knows this and its BCP capabilities build from Fractal's broader expertise in man-made and natural peril modeling to help security teams leverage a wider range of events when making their own plans, collaborating with other parts of the organization, and seeking budgets. Our goal was a tool kit that could help information security teams be a trusted advisor to business unit owners increasingly subjected to risks of disruption - digital or otherwise.
Specific capabilities here include:
- Natural and man-made hazards including earthquakes, tropical cyclones, tornadoes, winter storms, terrorism and political violence
- Support for BPM-based representations of actual business processes and operational telemetry feeds for realistic business- and revenue-based impact assessments in the risk management and impact analysis
- Tools for BPMn-based business process specification (including revenue specification) and dependency links to underlying IT and OT assets
- Colo/Failover analysis planning for SOC and NOC operations based on a roll-up of all cyber and physical perils enabled during analysis – to support a holistic view against target availability, reliability, and recovery thresholds by business unit, geography, etc...
Financial Risk ManagementAPPLY TO STEERING GROUP
The Financial Risk Management features in ACDP focus on the clear determination of costs and benefits associated with various preventative and response actions in information security risk. ACDP was designed with an operational risk mindset from the beginning, since we believe cybersecurity is an economic issue that requires a rational view. We employ simulations to help ensure teams are able to evaluate risk (both low severity but high frequence and high severity but low frequency) in a reasonable way. It's common (and easy) to inappropriately discount high-severity risks that have low-likelihood, so scenarios are critical for communication purposes. We also generate expected probability curves which can help show the long-term financials associated with a portfolio of risks that will generate losses over a period of years. EP curves help users view multi-year costs associated with decisions, while TVaR values can help show single event exposures.
Specific financial and maturity modeling capabilities include:
- FAIR-type risk model outputs based on NIST CSF assessments and maturity models
- Some additional Advanced Modeling Approach capabilities (required for Basel and Solvency regulated entities) are available. Please contact your ACDP account representative. This can be directly used in the context of broader Enterprise Risk Management efforts.
- Tool Specific ROI Analysis and Comparison builds on the AIR-enabled capabilities of tool performance in the SOC Management package to evaluate tool performance. This additional RMO upgrade supports visual and interactive exploration of tool alternatives, features, and their links to detection and response capabilities supported by ACDP. We are striving to enable fair and candid head-to-head tool comparisons in economic terms.
- Insurance Analysis and Risk Transfer is an important part of risk management. ACDP leverages Fractal's extensive experience in building cyber risk models and understanding risk transfer contracts. The use of the Contract Definition Language allows risk managers to explore insurance and other risk transfer techniques, using the defined scenario sets to explore the costs and benefits of different approaches under a range of prospective scenarios to improve understanding and planning.