February 20, 2023
Does your organization currently speak in the NIST framework language? Say bye-bye to manual mapping and say HELLO to filling out inputs in the NIST CSF framework. This new release helps security teams better align with the organization’s internal communications around security controls. We know that staying consistent with the company’s terminology can better help you achieve your goals. The platform now supports maturity controls in the company sphere, provides mitigation recommendations with a dollar value and ROI calculations for prioritization all using the NIST CSF Framework.
When setting up a new company, users can select their preferred security framework for input and mitigation recommendations, with NIST CSF as the default choice due to its widespread use among enterprise clients. NIST is ideal for board reporting, using natural language easily understood by non-technical stakeholders.
All controls are mapped into 5 functions: Detect, Protect, Identify, Respond & Recover.
The maturity level of each control is indicated using the CMMI Framework, with ranks 1-5 indicating increasing maturity.
To model companies with NIST CSF v1.1, create a new company and configure the proper framework under the ‘Compliance’ tab. Existing companies can not be migrated from framework to framework.
March 13, 2023
CRQ enables GRC teams to understand better their cybersecurity posture and communicate cyber risk more effectively to stakeholders
March 2, 2023
Recent insights on breaches, vulnerabilities report and fraud losses for U.S citizens