HP Introduces New Information-Security Service to Help Businesses Reduce Risk
HP has announced new consulting services to help clients make rapid, data-driven decisions about the management information-security risk across their organizations.
Dubbed HP Security Metrics Services, the new offering is designed to help customers understand the risks that a security incident could potentially have on business objectives.
Related Reading: Security Metrics – What is a “Metric”?
HP Security Metrics Services utilize an organization’s existing sources of security data, set parameters that give stakeholders a clear alert when their business objectives are at risk, and enable them to determine their overall risk posture, the company explained.
According to HP, the new services will help businesses:
• Improve accountability for security actions
• Improve spending allocation and budget justification
• Speed evaluation of risk exposure for timely action
• Mitigate reputation damage
• Demonstrate regulatory compliance with better incident reporting as well as trends in threats and vulnerabilities that may affect compliance
• Anticipate security incidents that have significant potential to affect executive business objectives
• Reduce risk exposure and minimize security incident damage by alerting key stakeholders to risks, enabling them to take timely and effective action
• Deepen executive-level security engagement by demonstrating how specific security risks imperil business objectives.
• Statistically model how business innovation and changes can affect risk trends on an ongoing basis, enabling scenario testing and leading to better risk-based decision-making
By utilizing a framework that links IT assets to 34 identified key risk components, customers can prioritize their business objectives and processes and correlate them to threats, vulnerabilities and incidents, HP said. These components are supported by a predefined library of security data sources, which specifies how the data is gathered and used to provide ongoing business-related risk information.
By leveraging the framework, changes in risk indicators can alert stakeholders to see which risk component category has triggered the change. Once the category has been identified, users are able to drill down into the associated higher-level reporting, trending, information dashboard and data layers to investigate causes of the changed risk-indicator status.
HP Security Metrics Services is currently available worldwide.