Page 193 - Cyber Defense eMagazine April 2023
P. 193

All of these frameworks require lots of data and time to deliver useful results, which can be a daunting
            prospect for IT leaders whose teams are already stretched thin. The time involved can also undermine
            the  impact  of  the  framework  findings,  because  real-time  data  is  the  preferred  resource  for  decision
            making.




            Applying new CRQ solutions

            New CRQ vendors offer a way to gain risk insights faster by automating data collection and analysis.
            Forrester  describes  several  optimal  use  cases  for  CRQ  tools,  including  to  quantify  existing  risk,  to
            describe ROI of current security investments, to prioritize risk remediation, and to build the case for new
            investment.  The  analyst  firm  also  describes  the  CRQ  space  as  emergent  and  dynamic,  with  most
            products “in the prototyping phase.”

            Because  the  space  is  relatively  new  and  changing  quickly,  Forrester  recommends  choosing  CRQ
            solutions that support specific use cases, rather than trying to find a one-size-fits-all provider to handle
            holistic risk quantification. Any proof-of-concept should focus on a single use case in order to prove value
            related to one decision that needs to be made. From there, it may be possible to expand use cases with
            the same vendor, run another proof-of-concept with a different vendor, or choose another vendor for a
            different use case.

            Data from each quantitative analysis can be used to establish benchmarks for progress in terms of risk
            reduction and ROI, so IT can track and report progress. As CRQ solutions become more mature and
            comprehensive, security leaders will have more options to evaluate and describe risks, make plans to
            reduce those risks, and make the case for investment that protects their organization.





            About the Author

            Bruno Farinelli is an expert in biometrics and browsing behavior, and serves as
            Senior  Director  of  Operations  and  Analytics  at  ClearSale. Bruno holds  a
            Bachelor's degree in Statistics from top Brazilian University UNICAMP and an
            MBA  in  Business  Intelligence  from  one  of  the  most  well-known  Technology
            Institutes  in  Latin  America  FIAP.  Follow  on  LinkedIn,  Facebook,  Instagram,
            Twitter @ClearSaleUS, or visit https://www.clear.sale.
















                                                                                                             193
   188   189   190   191   192   193   194   195   196   197   198