Multi-Layer Reporting Blog
19 July 2021

Getvisibility

Using Multi-Layer Reporting for Company Wide Data Security Alignment


Cyber security and data compliance have become a very important companywide responsibility. The impact of a cyber security breach or a data leak on an organisation has grown at a rapid rate, the likelihood of a breach has also increased. New business processes, remote working and new collaboration tools have all led to an exponentially growing volume of data and an increased attack surface. Therefore, what was once the duty of the IT department, now weighs heavily on all levels within the organisation, right up to board level. However, organisations’ leadership teams and directors don’t have the time or expertise to fully assess the ever-changing environment, assess the effectiveness of their companies cyber security or predict the direction of change. This makes budgeting, resource allocation and strategic decision making very difficult.
Getvisibility has developed a data risk score framework, which enables those from each level within an organisation to understand, in terms relevant to their business function, the current data protection posture within their environment.

Risk Assessment Multi-Layer Reporting

 

The Getvisibility risk score enables key decision makers to quickly make informed budgeting, operational, tactical, and strategic decisions. It also allows key decision makers to measure the effectiveness of their teams and budgetary decisions, providing a framework for continuous learning and improvement.

The risk score is a powerful tool for risk and security practitioners. CISOs, DPOs, and security experts now have a bench-marked mechanism for demonstrating good practice, as well as the consequences of under investment.

 

What is the Data Risk Score?

The Data Risk Score is derived from scanning an organisations unstructured data environment and endpoints using Getvisibility Focus and Synergy Pro. This information is then collated through the Getvisibility reporting suite and the Data Risk Score is generated. This comprehensive report is based on 5 key pillars; content risk, dynamic risk, endpoint risk, access risk and audit risk.

 

Risk Assessment Multi-Layer Reporting

Content Risk Score – Measures the amount of critical information contained in the company’s files and its vulnerability to exposure.
Dynamic Risk Score – Measures the rate of change in the creation of sensitive and regulated data over time
Endpoint Risk Score – Measures the distribution of sensitive and regulated data between devices and shares on a network
Access Risk Score – Measures the vulnerability of sensitive and regulated data to unauthorised access
Audit Risk Score – Measures the attack surface of a company’s system. Based on the results of consultation with Getvisibility

 

Continuous Assessment and Remediation

Recurring Data Risk Assessment Reporting allows organisations to measure the compliance and effectiveness of implemented changes and remediation while monitoring their maintenance; driving further initiatives and policies.

 

Risk Assessment Multi-Layer Reporting

 

Using the Getvisibility Data Risk Score on a recurring basis enables customers to derive increased value from data protection projects and to optimise data security strategies. This process includes all levels within the organisation, strengthening alignment and transparency.

  1. Getvisibility Focus and Synergy Pro scan unstructured data environment and endpoints
  2. Getvisibility Data Risk Score and reports are generated
  3. Board members are provided with a high level over view of the organisations current posture, with enough understanding to assess the needs of the business with c level management
  4. C level management can then use strategic reports to plan out tasks and assign them to the relevant resources
  5. Staff and contractors who can use their granular tactical reports to carry out remediation
  6. A new scan then takes place to assess the effectiveness of the remediation, triggering the beginning of a new process cycle.

 

Sample Reports

 

Board Level

 

Risk Assessment Multi-Layer Reporting

 

Strategic Level

Risk Assessment Multi-Layer Reporting

 

Tactical Level

 

Risk Assessment Multi-Layer Reporting

Risk Assessment Multi-Layer Reporting

 

Find out more

Speak to one of our experts