SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Qualys launches advanced TruRisk Platform for agile cyber risk management
Thu, 23rd Nov 2023

Qualys, an expert in cloud-based IT, security and compliance solutions, has revealed its advanced Qualys Enterprise TruRisk Platform. Unveiled by CEO Sumedh Thakar at the annual Qualys Security Conference in Orlando, Florida, the newly developed platform has been designed to enhance adaptive cyber risk management.

This innovative solution aims to help customers quantitatively evaluate, effectively communicate, and proactively nullify potential cyber risks, emphasising the influence of these risks on business operations.

The inception of this platform can be traced back to a concerted effort by Qualys 18 months ago. Determined to develop robust tools that could facilitate the management of attack surfaces, vulnerabilities, and remedial measures, the company took the unique approach of tightly integrating these functionalities.

The result is a streamlined platform that allows security leaders to more capably identify, prioritise, and action the remediation of cyber risks, thus maximising the positive impact on their respective businesses.

Thakar spoke in an official company blog post about the significant transformation this new platform heralds for Qualys, particularly with regard to the management and diminution of cyber risk for CISOs and security practitioners. He stressed the inherent difficulties created by inconsistent cyber risk scoring methodologies, compounded by the widespread use of disparate cybersecurity point solutions.

Thakar pointed out, "Despite a market push to release more cyber risk measurement solutions, security leaders and stakeholders have no reliable means of aggregating, correlating, and translating cyber signals from a growing cybersecurity stack into meaningful cyber risk mitigation and remediation strategies."

However, the Qualys Enterprise TruRisk Platform directly addresses these issues, offering a unified view of risk under one agent and through a single scalable solution.

With almost half of all CISOs reporting directly to the CEO and over 90% regularly briefing their Board of Directors on cyber risk exposure, the importance of sound cyber risk management has rarely been more pertinent.

However, security leaders currently find themselves in a labyrinthine maze of risk data stemming from multiple security solutions, and teams split between IT and security. This situation often leads to misrepresentations and inaccurate portrayals of cyber risk, which, in turn, fails to effectively reduce the business' cyber risk.

The Enterprise TruRisk Platform resolves such issues by centralising cyber risk management and offering actionable insights necessary for communicating actual cyber risk posture to both internal security and business risk stakeholders. It also provides external executive stakeholders, from board members to cyber risk insurers, with the critical data required to make accurate business decisions.

The platform allows users to measure cyber risk by aggregating data across Qualys and non-Qualys security and IT tools within the organisation's ecosystem. It translates varied cyber risk data into commonly understood actionable insights and quantifiable business impact metrics.

Depending on the need, the level of detail in these reports can be custom-tailored for different leadership audiences. Most importantly, it offers precision remedial actions and mitigation tactics to eliminate cyber risk across the extended enterprise. These measures extend beyond merely patching to introduce dynamic methods for risk reduction which don't compromise operational efficiencies.