Yes, we calculate a set of 6 risk indicators:
- Opportunity Risk, tracks the pulse of cybersecurity severity relative to assets.
- Technical Debt, pulse of cybersecurity actions relative to assets.
- Defense Effectiveness, monitors the volume of recurring defense activity patterns by sensor type.
- New Threats, cybersecurity detections that are ‘new’.
- Surface Area, pulse of assets reported in cybersecurity events.
- Length of Score History, measures existence and contributions over time for critical sensors.
GreySpark provides fact-based reporting of risk indicators. These system-event-driven indicators can be changed by adjusting the underlying systems or processes that create these events.
The events are the facts.
These frameworks are designed to control cyber risk. GreySpark shows whether they work.With every implementation of a control, change in process or update of configurations, GreySpark immediately shows the change in residual risk.