cyberprism solution overview

a viable alternative

CyberPrism is a B2B SaaS based solution that facilitates organisations performing a risk based cyber security assessment across their entire cyber security framework. Easy to use, intuitive and provided with a high level of  customer support our solution is a viable alternative to engaging external consultants. Extensive dashboards and reports support a clear understanding of your cyber risk status and the actions you need to address to mitigate the risks.

15 Min demo overview

cyberprsim overview

You can register online and instantly start benefiting from CyberPrism. Our CyberPrism “Starter Pack” is the easiest way to get started. 

Play Video

Unleash Your Team’s Productive Power

CyberPrism is a collaborative solution.

Stop operating in silos and start leveraging the synergies and efficiencies that CyberPrism provides.

WHO USES IT?

The primary user of CyberPrism is usually the person responsible for managing the cyber security, risk and privacy program of an organisation.
This tends to be the CISO, CSO or Head of IT Security depending on the structure of the organisation.
Below is a breakdown of how actual board members are leveraging CyberPrism to empower them in their roles.

GOVERNANCE AND OVERSIGHT

The board

How CyberPrism Helps: The Board Receives KPI’s, KRI’s , Metrics and Board Level Reports in Order to Empower Informed Decisions. 

leadership

CEO

How CyberPrism Helps: Receives KPI’s, KRI’s , Metrics and Board Level Reports to Ensure Cyber Strategy is Aligned.

PROTECT THE BUSINESS

CISO

How CyberPrism Helps:  Leveraged to Develop, Implement and Measure Appropriate Cybersecurity Program.

Manage risk

CRO

How CyberPrism Helps: Dashboards and Reports Measure KRI’s such as Inherent Risk and Residual Risk.

CYBER INVESTMENT

CFO

How CyberPrism Helps: The Chief Financial Officer Leverages Metrics to Identify Areas of Overspend and Align Budget with Risk.

INNOVATION

CIO

How CyberPrism Helps: The Chief Information Officer Leverages CyberPrism to Support Innovation and Ensure GRC Alignment. 

LEGAL

CDO

How CyberPrism Helps: The Chief Data Officer Leverages CyberPrism in Order to Maintain Compliance with International Privacy Laws.

MARKETING

CMO

How CyberPrism Helps: The Chief Marketing Officer Uses CyberPrism to Promote Assurance of Adequate Cybersecurity and Privacy Controls. 

EVIDENCE

CTO

How CyberPrism Helps: The Chief Technical Officer Leverages CyberPrism in Order to Provide Evidence controls are Aligned with the Enterprise Cyber Risk Program. 

Procurement

CPO

How CyberPrism Helps: The Chief Procurement Officer Leverages CyberPrism to Assess Vendors and Third Party Cyber Risk.

SAMPLE SCREEN OUTPUTS

what can it do?

We continue to innovate CyberPrism. Of course it is the ultimate tool you can leverage to perform a risk based cyber security assessment of your existing framework. However, it is much more than that,

Today, CyberPrism is being used in some of the most complex global environments to manage the ongoing cyber security program of enterprises

analyses risk

Automatically analyses the risk versus maturity relationship and provides MI dashboards and detailed results.

cyber strategy

Enables organisations to develop an appropriate cyber strategy aligned with their business strategy and ambitions.

cyber risk management

Numerous features facilitate enterprise risk management. Enabling organisations to track KRI's such as residual cyber risk.

reporting

Provides numerous detailed, executive level and compliance regulatory reports in MS Word format. content matching target audience.

inherent cyber risk

The CyberPrism algorithm calculates the inherent cyber risk by profiling the cyber aspects of the business model, incorporating intelligence feeds.

cyber governance

Provides an executive level interface in order to provide clear chronological status of cyber risk and key performance and risk indicator with heat maps.

global view

The global cyber risk radar facilitates "grouping" various entities based on factors such as location or relationship to a particular service line for analysis.

standards and frameworks

Cross maps the nexus of controls between the existing controls and those outlined in the top ten international frameworks and standards.

maturity and roadmap

Facilitates understanding current risk and maturity status. Provides a fast track risk based maturity road map with supporting details.

how is cyberprism used?

use cases

CyberPrism is a versatile tool and our clients continually find more ways to leverage the collaborative features, drive efficiency and leverage their return on investment. Here are just some of the ways our clients are benefiting from CyberPrism.

  • Cyber Security Program Assessments
  • Cyber Resilience Assessments
  • ISO27001 Projects
  • GDPR Assessments
  • Financial Regulatory (FFIEC) Assessments
  • NIST Cybersecurity Framework Assessments
  • Vendor Risk Management
  • M&A / Investment Due Diligence
  • Board Cyber Strategy Reviews
  • Risk Based Cyber RoI Reviews

online demo

PROFILE INTELLIGENCE specificalLy for

  • Financial Services
  • Utilities - CNI
  • Government
  • Healthcare
  • Legal
  • Retail / E-Commerce
  • Tech / Telecoms
  • Aviation
  • Agribusiness
  • Corporate Enterprises

faqs

Stage two “Maturity Assessment” is designed to measure the level of maturity of your organisations corresponding cyber controls. The maturity assessment is based on the responses and information captured throughout this stage of the assessment. The operator is presented with “Diagnostic Statements”. Each of these statements is a “Declarative Statement” of the existence or maturity of a specific control and the operator responds with “True” or “False” in relation to the control.

Each “Diagnostic Statement” has a predetermined associated maturity level. There are five defined maturity levels, as shown below. The levels range from baseline to innovative.

Control Areas Included During Cyber Assessment

The inherent risk metric is assessed by identifying the number of traditional risks associated with elements of an organisation that may exist within its operational parameters. This is achieved by presenting the operator with a number of multiple-choice questions. The answers provided by the operator carry a weighting score.  These values are combined with the relevant metrics from the business and cyber threat intelligence feeds covering sector and regional based inherent risk values so that the algorithm can accurately produce an inherent cyber risk metric on the range of 0 to 999.

The risk associated elements are presented as metrics in the assessment. The metrics are allocated weighting according to the criticality or relevance to the organisation’s business model. The process allows for the discounting of metrics from the assessment that are not relevant or applicable to the organisation’s business model. Inherent cyber risk is the level of risk posed to the organisation by the following:

 

CyberPrism cross maps its complete array of diagnostic statements to the nexus of controls outlined in the top International standards and frameworks.

CyberPrism leverages business and cyber threat intelligence feeds based on the primary operating country of the entity and their specific sector.


Once the inherent cyber risk and maturity of controls has been determined CyberPrism generates the “Cyber Score”. This metric indicates the maturity level of controls identified vis a vis the inherent cyber risk level of the entity. The Score range is from 0 to 999.

Example:
 If an entity has an inherent cyber risk score of 350, it would indicate their inherent risk level is “Minimal” and they should have all controls in place at a “Baseline”, “Evolving” and “Intermediate” level. If they did their “Cyber Score” would be 999. Any delta in this score indicates residual cyber risk as is identified as such.

Note: A client may have controls in place at a maturity level higher than their inherent cyber risk levels suggests are required. These controls make no impact on the cyber score as they are above the determined inherent cyber risk level.


The above table depicts the relationship between an organisations inherent risk profile and its domain maturity levels. In general, as inherent risk rises, the organisations maturity level should increase. An organisations inherent risk profile and maturity levels will change over time as threats, vulnerabilities and operational environments change.

Note: It is important to note that cyber maturity is cumulative and starts with baseline controls. It is imperative to identify and close any gaps identified at the various maturity levels that support your optimum target level of maturity.

Example:
If the scope of the assessment yielded an inherent cyber risk score of 350, that would indicate that an entity was categorised as “Minimal” inherent cyber risk. For an entity with an overall inherent risk profile assessed as “Minimal” it is recommended that they operate their cyber security maturity between “Baseline” to “Intermediate” in all five domains.

CUSTOMISED FOR THE FOLLOWING SECTORS

  • Financial
  • Utilities – CNI
  • Government
  • Healthcare
  • Legal
  • Retail/E-Commerce
  • Tech/Telecoms
  • Aviation
  • Agribusiness
  • Corporate Enterprises

Yes, security was paramount in the design of the CyberPrism architecture and the confidentiality, integrity and availability of your data is one of our key objectives within our mission. We utilise and have invested in some of the most advanced security controls available. The solution is delivered via the cloud and utilises many controls including 2FA (Two Factor Authentication) and all of your data is encrypted. Our own Cyber Risk Rating is constantly rated over 900 with a designation of “Excellent’. The CRI Cyber Risk International security team monitor the system 24/7.

We provide a “Starter Pack” offer for new clients. This is the best way to get started and gives you 90 days full access to the system, with unlimited reports and updates.

You can find further information on the CyberPrism Starter Pack here.

 

Yes you can. We do not provide demo licences, we are are more than happy to set up live demonstration for you at your convenience.