Qualys, a cloud-based IT, security and compliance solutions leader, unveiled its forward-looking vision of the Qualys Enterprise TruRisk Platform, a move that marks a seismic shift for the future of Qualys as a leader in managing and reducing cyber risk for CISOs as well as security practitioners. The Qualys Enterprise TruRisk Platform centers around helping customers holistically measure, effectively communicate, and proactively eliminate cyber risk, with a hyper focus on the impact of cyber risk on business risk.
With ever-expanding attack surfaces and a growing threat landscape, cyber risk has become an elevated topic of importance and prominence for virtually every organization, especially for the C-suite. Today, nearly 50% of CISOs report directly to the CEO, with over 90% regularly briefing their Board of Directors about their organization’s exposure to cyber risk.
“Despite a market push to release more cyber risk ‘measurement’ solutions, security leaders and stakeholders have no reliable means of aggregating, correlating, and translating cyber signals from a growing cybersecurity stack into meaningful cyber risk mitigation and remediation strategies,” said Sumedh Thakar, Qualys CEO. “The Qualys Enterprise TruRisk Platform addresses this issue head-on by delivering a centralized way for organizations to measure and eliminate their cyber risk and arms users with the actionable insights they need to communicate their actual cyber risk posture to internal security and business risk stakeholders. It also provides external executive stakeholders, from the board to cyber risk insurers, with the necessary data they need to make the right decisions.”
The ground-breaking platform is the maturation of a concept that Qualys began working on 18-months ago through a commitment to deliver powerful security solutions for attack surface management, vulnerability management, and remediation, in addition to providing a higher level of orchestration between these solutions that allow security leaders to better identify, prioritize, and action cyber risk remediation to maximize positive impact on their businesses.
The Qualys Enterprise TruRisk Platform is the only cybersecurity and risk management solution that enables users to:
- Measure Cyber Risk — Aggregates cyber risk across Qualys and non-Qualys external security and IT tools within an organization’s ecosystem. For the first time, users will be able to aggregate third-party solution risk factors. On top of data from the Qualys Threat Library and over 25 threat intelligence feeds, the Qualys Enterprise TruRisk Platform will ingest data from other IT and security vendor solutions, to allow organizations to get an accurate assessment of their risk with their current security stack.
- Communicate Cyber Risk — Translates disparate cyber risk data into common actionable insights and business impact metrics for key security and business risk stakeholders. Risk will be measured in terms of potential financial impact to the business, and the level of detail in reports will be customizable to the respective leadership audience.
- Eliminate Cyber Risk — Eliminates cyber risk across the extended enterprise with precise remediation and mitigation actions. The platform goes beyond patching to introduce dynamic methods for risk reduction where patching is neither possible nor preferred. These options include, but are not limited to, virtual patching, permission adjustments, temporary asset disablement, and port-blocking to allow for risk reduction without compromising operational efficiencies.