DIGITAL BUSINESS
Turn cyber risks into business value, with Excellium, Citalid and AugmentedCISO
Excellium Services develops partnerships with Citalid and AugmentedCISO
March 3, 2022
Excellium Services develops partnerships with Citalid and AugmentedCISO to help organizations manage and control their cyber risks, in line with their threat landscape & ecosystem.
As the threat landscape changes, organizations must constantly adapt to address the most feared cyber risks in light of contextual and ecosystem changes, including supply chain issues, and IT transformation projects (cloud outsourcing, DevSecOps).
This exercise, which has historically been difficult, becomes even more complex when CISOs must also be able to demonstrate the added value of the projects previously carried out on their Board and justify the investments required to continue building their security foundation and aligning with the security controls framework.
When it comes to managing security initiatives and monitoring the roadmap, the need to demonstrate compliance with legal and regulatory obligations (NIS2, DORA) adds a few more pebbles to an already complex process.
To respond to these issues, Excellium has developed an approach that addresses three major challenges:
- Managing cyber risk and business consequences through financial risk quantification.
- The centralisation of security management within a unified security control repository with reporting on security performance.
- The agility needed to manage risk in business projects, especially those involving the supply chain.
Managing information security risks is not new, but innovation in the approach to assessing cyber risks tends to integrate a new deal: the quantification of cyber risk. The main objective lies in the ability to give a monetary view of the risk, by estimating the financial loss for a given risk scenario, by exploiting objective and factual data.
To do this, Excellium relies on a unique methodology and access to an information base (Cyber Threat Intelligence Database) updated daily allowing it to have, for a given organization, the most up-to-date threat landscape. possible (threats, hacker groups, fashionable operating methods, sector news, etc.). A centralized cyber risk management platform (Citalid) is thus used for this exercise.
Johann Alessandroni, Team Leader of Information Security Governance at Excellium Services, explains: “This approach allows any organization to be able to identify its most feared risk scenarios, with an estimate of their probability as close as possible to reality, as well as average financial losses, thus making it possible to prioritize the projects reducing these estimated losses and optimizing the return on security investment.”
This new approach allows any organization to be able to manage its risks, including those related to the supply chain, but also to initiate remediation actions by integrating them into the security roadmap of the organization (integrated in AugmentedCISO) and finally to monitor and evaluate the organization’s security posture over time.
It is now possible to address major issues for organizations, the added value is increased tenfold by the interweaving and the link between the solutions and functionalities of our partners, thus making it possible to:
- Determine the defensive security profile in Citalid to manage cyber risks via, in particular, the management of the level of maturity of security controls determined in AugmentedCISO.
- Manage the security roadmap, linked with the risk treatment plan, and assess the impact on the cyber risks.
- Evaluate the service providers on the basis of the security controls applicable with regard to the nature of the service and directly collect the results in the AugmentedCISO platform, ultimately influencing the cyber risk scenarios linked to the supply chain in the Citalid platform.
ABOUT AUGMENTEDCISO
This solution has been created by CISOs for CISOs and offers a new way of being a CISO, to better managing your company’s cybersecurity and reduce its cyber risks. AugmentedCISO is the next gen of GRC solutions dedicated to cybersecurity. All cybersecurity management processes are centralized, measured, and interconnected.
The business challenges of the CISO are facilitated thanks to the 3 major benefits of the solution: it provides more global and accurate visibility, improves the efficiency of the ISS pipeline by allowing you to focus on value-added tasks, and finally builds and maintains consistency between cyber strategy and applied operations.
Contact: marketing@augmentedciso.com | www.augmentedciso.com
ABOUT CITALID
Citalid is the first European platform for quantifying and managing cyber risks. The solution aims at producing discriminating financial metrics about cyber risks. These metrics allow to bring together various players, from Risk Management teams to SSI teams, around the table and to communicate with top management or banking and insurance players in a financial language that can be understood by all. Citalid bases the calculation of cyber risk exposure on dynamic threat analysis. Their Cyber Threat Intelligence database dynamically lists the most active attack modus operandi (or AMOs) on the cyber scene. Their proprietary algorithms perform redteam simulations that virtually compare the MITRE attack view of the AMOs targeting organizations’ defense profile. They are the result of 4 years of R&D in partnership with the Ecole Polytechnique, Wavestone and Allianz.
Contact: contact@citalid.com | +33 1 70 98 77 36 | www.citalid.com
ABOUT EXCELLIUM
Excellium Services, which celebrates its 10th anniversary this year, is a cybersecurity services company established in Luxembourg and in Belgium, with activities and partnerships in Europe and Africa. They currently employ about 150 experts, willing to assist organizations to deal with evolving cybersecurity threats and challenges. Excellium’s main activities consist of: Cybersecurity Solutions, Security Operations Center Services 24×7, Incident Response and Security Infrastructure operations, and training. Today, Excellium is by far the first SOC provider on the Luxembourg market with more than 30 active references. Beyond SOC services, Excellium has already gained the trust of more than 200 customers across its business portfolio.
Marketing contact: marketing@excellium-services.lu | +352 26 20 39 64 | excellium-services.com