Since its first release on 13 March 2023, the Human Managed web app hm.works has been getting fresh updates every single week to report on intel generated from any data source from our customers.
On 23 May, we released the cyber posture scorecard mapped to NIST Cybersecurity Framework (identify, protect, detect, respond, recover) by asset type (user, network, device, app, data), followed by their breakdown into respective Categories (asset management, governance, risk assessment, etc).
Today, we are excited to release yet another layer beneath the cyber posture scorecard:
control status assessment 📇
A page with your current posture score of NIST Category (e.g. identity management & access control) and the gap from your target score, followed by the control groups that make up the NIST Category's posture score with their respective scores calculated based on your org's current status on the following processes:
- control policy
- control implementation
- control operation
The control status assessment answers the top 3 things you need to know about the status of your cybersecurity controls:
- Does my control groups address the most common and damaging attack activities happening in my industry?
- Do I have consistent control across my assets to negate attacks?
- What measurement techniques do I implement to continuously assess my controls?
* * *
Now for some details...
control group score card
- What: Each control group is visualized in a card, with the following details:
- asset type(s) on which the control must be implemented (user, network, device, data, app)
- control group code name (e.g. AM-01 for Asset Management 01)
- control group's total score (out of 100) and their breakdown into three stages (policy, implementation, operations)
- control group's current status represented as a score (e.g. approved written policy / implemented on all systems, monitored)
- control group statements appearing upon hover (aka. jobs that need to be done to fully operationalize the control group)
- Why: Having a status scorecard for each control group shows you more context behind the overall cyber maturity scores, and allows you to take appropriate actions in specific processes within your org to close the gap.
- How: Send any dataset or connect any data source that contains information on your assets, controls and configs to hm.works for an automated and continuous asessement on your cyber posture maturity.
* * *
And that is hm.works 1.12! We will be releasing more features and updates regularly, so stay tuned.
To get the latest news from Human Managed, follow us on LinkedIn and check out our blog.
* * *
Want to discuss how we can help solve your cyber, digital, or risk operations through data?
Want a test run of the hm.works app?
Have any questions or feedback?
Please contact us at email@example.com.