Blog

Cyber Posture Management 101 – How to Measure Cybersecurity Performance on Production

Why do compromises continue to happen, even as cybersecurity investments and budgets go up? Simply put, organizations are not testing themselves against the very threats that they face on a routine and ongoing basis.

In this video, I explain how you can be prepared to face off against current cyber threats and share how one organization found and closed gaps in their cyber defenses. Watch below to learn more about the SightGain approach to continuous cybersecurity readiness and how you can improve your cybersecurity performance.

Return to First Principles: The SightGain Cybersecurity Readiness Approach

The first principles method requires “breaking down a problem into its fundamental building blocks.” Cyber readiness starts by going back to the root of cybersecurity issues: the threat.

At SightGain, we start with the threat, then we see how an organization’s cybersecurity personnel, processes, and technology perform in light of those threats. We collect hard data that tells us how your production systems are performing, and how we can make that performance even better. By using this approach, SightGain has helped companies save hundreds of thousands of dollars per year on cybersecurity investments. Those savings come with improvements in performance as well as greater confidence.

To learn more about how we might help to improve the productivity of your company’s cyber technology, request a demo or contact SightGain today at (719) 582-6278 or by emailing info@sightgain.com.

Learn More:

The Real Truth About Cybersecurity Readiness

From Cybersecurity to Cyber Readiness

Turning a “Blind Eye” to Cybersecurity

Video Transcript

Timestamps
0:00 Intro
0:13 Why Cyber Results Are Not Matching Investments
0:26 Welcome
0:53 SightGain Readiness Approach Introduction
1:26 20+ Years Experience in Cybersecurity
1:57 Cyberthreat Example
2:52 SightGain Readiness Approach
3:43 Focus On The Threat
4:09 Cybersecurity Readiness Platform

We see organizations of all sizes operating hugely expensive cybersecurity investments and budgets. The investments continue to go up, but the results are getting worse and compromises continue to happen.

0:13 Why Results Are Not Matching Investments

Why is this?

Simply put, organizations are not testing themselves against the very threats that they face in a routine and ongoing basis. And until you’re ready to stop those threats, you don’t know if you’re ready to stop them for real.

Hi, I’m Christian Sorensen, founder, and CEO of SightGain. And today I want to talk to you about first principles, what is the Sightgain readiness approach, what does that mean, how does it work, and why it’s important.

0:53 SightGain Cyber Readiness Approach Introduction

I want to share with you our why, what is the SightGain readiness approach, and explain to you how we can save our customers up to $100,00 every year while at the same time increasing their performance. And probably even more important for executives, increase their confidence in how their security is actually going to perform against the threats that they face.

When we go in to help these organizations, we’re often testing them for the first time. Usually, we find significant gaps between what they think they’re doing under cybersecurity and what they’re actually doing. It’s important to focus on these threats and test against your actual performance.

1:26 20+ Years Experience in Cybersecurity

So we’ve been working in cybersecurity for over 20 years, from big data analytics to offensive cyber-operations to cybersecurity and some of the most sophisticated organizations in the world. What we’ve seen time and time again is that people are just not ready to stop the things that they know they should stop. And it’s important to understand how everything is working together or not and make the adjustments that are necessary to increase your performance.

So I want to share with you one story that really kind of epitomizes what we see in many of our customers.

1:57 Cyberthreat Example

We went in to help an organization. They had a fully trained team, the latest cybersecurity gear, a fully compliant system that was getting alerts from all of their technology.

However, when we tested their system against the latest 125 threats that we see in the wild, they didn’t find a single one. So what does this mean? This means when they have to defend for real, they actually wouldn’t catch anything, even though they had made all the right investments. Even though it appeared they had been doing everything right.

Until they tested their readiness, they didn’t know that they had a wide-open gap and a wide-open system. What we found is by improving and testing, we could get them much better in their performance in a short amount of time. We couldn’t do that until we tested them.

So today, I really want to start to break down our cyber-readiness framework. What does that mean, what does it look like, how do we start to use it in terms of cybersecurity.

2:52 SightGain Readiness Approach

At the fundamental level for cybersecurity readiness framework, we start with the threat. The threat’s important to understand because it drives everything else. So we start with the threat, and then we see how our systems that include the technology, the process, as well as the personnel involved in cybersecurity, how they perform in light of those threats. How do they match up with the expectations that we’ve placed on them, as well as how are they doing to improve, and where are our gaps if we have to make investments to make things better in the future.

And then at the end of the day, we can make much better decisions because we have the hard data that really tells us what performance is doing, and how we can make that performance even better.

3:43 Focus On The Threat

So how do you unlock the cyber-readiness framework. First thing is to focus on the threat. We know the techniques the adversary is using. And it’s critical that we use some of the innovations that are in the market to actually test against those threats, and make adjustments on the very thing that you’re trying to stop.

So we base all of our analysis on what the responses to the threat actually is and how we’re doing and what our performance looks like, and how we can make that better.

4:09 Cybersecurity Readiness Platform

In review, cybersecurity readiness platforms starts with a threat, analyzes the performance of your technology, your processes, and the people that are all joining up to make a cybersecurity system. And then from that analysis, we can make much better decisions, make improvements on a continuous basis, and know that we’re ready to stop the threats that are out there.

Click the link below if you want to increase your cybersecurity performance on a routine basis, and subscribe to our YouTube channel to keep pace with all of the innovations that SightGain is bringing to the market.