One of the many challenges facing C-level executives today is the correlation between investment in cybersecurity controls and the associated increased efficacy of the security posture.

From a compliance and governance perspective, the risk-based scorecard is an approach to calculate and record a risk level, in line with an organisation’s risk-based approach, policies and procedures. A critical element thereof is the ability to quantify the risk associated with a cyber breach. In many cases, there is an assumption that a material monetary investment in numerous security controls has an automatic corresponding reduction in the risks associated with cyber breaches. However, this is not always the case.

Looking at this conundrum through two lenses can yield the following insights:

An investment in security controls, with a “set and forget” approach can very quickly yield the underlying investment obsolete; and
An investment in security controls without having these controls act in unison can materially reduce the overall efficacy of the security posture.

With the introduction of a security orchestration, automation and remediation (SOAR) platform, these risks can be mitigated.

A SOAR platform is designed to integrate into multiple security controls, from a multitude of vendors. However, these platforms are expensive, and the skills required to develop on them are scarce. What is frequently needed are only a few automations to specifically overcome these two challenges. Port443’s platform is built on top of the Siemplify SOAR to power these automations “as a service”.

Consuming these automations “as a service” makes it readily affordable and overcomes this conundrum.

A continuous automated hardening of security controls against best practices can overcome the “set and forget” mindset, ensuring that the investment into these controls yield the requisite risk-reduced outcome for a nominal amount relative to the costs associated with the underlying control. An example includes the policies configured on a firewall. Automating frequent validations of the best practice configurations of the firewall policies against industry best practices as well as the vendor’s best practice can help alleviate the “set and forget” risk.
While each control, in isolation, can yield mitigation in response to a specific inbound indicator of compromise (IOC), the real benefit of having these controls trigger each other to achieve immediate containment significantly increases the overall security posture. An example to achieve immediate containment would be to have an e-mail security control, a network security control and a privileged access management (PAM) security control trigger each other to achieve immediate containment of an IOC.

SOAR platforms are built to integrate into various controls to achieve these kinds of risk mitigations through automation. Consuming these automations as a service is the essence of the Port443 proposition.

The power of the platform can be consumed as a service without having to worry about the intensive capital investment, the skills required to build thereon and ensuring that only those automations that are relevant to your organisation are what is ultimately paid for.

SOAR as a service — Siemplifying cybersecurity automation. Contact us at [email protected] for additional information.

About Port443
Port443 is a cybersecurity company operating across the Middle East and Africa offering services to all market segments. We believe that security should be readily accessible, affordable and always ahead of the ever-evolving threat landscape. Our core platform is a SOAR (security orchestration, automation and remediation) platform on top of which we offer automations “as a service” across multiple security controls and across multiple security technologies. The automations augment security engineering teams, introducing efficiency and speed in reacting to IOCs and a focus on continual hardening of the existing security controls.

Port443 has extensive experience in identifying candidates for automation and building these automations, so they can be consumed “as a service”.

Contact us at [email protected], visit www.port443.co.za or find us on LinkedIn.