As organizations continue to build out their security infrastructure, it becomes difficult to know whether they’re getting good value, and more important, whether they’re leaving holes in their security approach. Gutsy, promises to answer these questions by applying data science, AI and a technique called process mining to cybersecurity effectiveness measurement and governance.
The current practice is that organizations manually log and aggregate data, leading to human biases and errors. Gutsy tackles this problem by enabling CISOs to quantify, know and show the service level agreements before, and most critically after, security investments. The results give CISOs a level of measurement for ROI, governance and audit compliance they previously never achieved.
“The concept of process mining is actually pretty simple,” explains Ben Bernstein, co-founder and CEO of Gutsy. “If you can collect all the relevant events from all the systems involved in a process you can normalize and correlate this data and represent it as a series of steps that deliver an outcome. Of course, doing this accurately and at scale requires advanced software, including AI capabilities, as well as deep domain knowledge of the business needs the processes serve.” The foundation of Gutsy’s technological approach is process mining, being used for the first time in cybersecurity.
Gutsy is designed to automatically observe every execution of a monitored process, and develop a comprehensive, data-driven view of each individual step. The results are presented in a dashboard that enables security teams to see any anomalies, malfunctions or underperforming tools in their stack.
This helps CISOs measure performance by clearly showing the efficiency and consistency of their existing security processes and tools, and identify delays and inefficiencies within each process. In addition, Gutsy delivers analysis of comparative capabilities of processes and tools over time as well as comparison to industry standards and best practices. For example, Gutsy can show a CISO a data-derived view of how their vulnerability management process is working in one dashboard pane, with another pane depicting how NIST SP 800-400 recommends it should work, to see where their process differs from these best practices.
Improving Governance
Until now, it has been hard for a CISO to quantify the ROI on cybersecurity investments and measure progress. They might be able to show that they bought some tools or brought in some consultants, but it’s hard to know whether that really reduces risk.
With Gutsy, the CISO can show how data security processes worked before these investments, quantify the SLA that they delivered, show how consistently they did it and show how these measures compare to these same observations after the investments. The CISO can now measure and communicate clearly about ROI and outcomes and an oversight committee can track progress over time towards measurable objectives.
Security governance is a crucial part of an organization’s compliance and risk management function. Decision-makers and security leaders need the tools necessary to conduct oversight, performance management and reporting on all organizational security systems and processes. This is where Gutsy helps the enterprise, says Yoav Leitersdorf, managing partner of YL Ventures.
“Gutsy is redefining cybersecurity governance with an entirely new approach, and their IP lies in how the team has learned to collect and analyze event data from every cybersecurity tool connected to an organization’s environment. We are talking about every tool – from vulnerability management and incident response to identity management. The platform then creates visual representations – highly detailed decision trees – of their processes,” said Leitersdorf.
With these capabilities, Gutsy can help organizations transform security governance from a laborious, manual and time-consuming task to a streamlined, efficient and automated process that can improve outcomes, and better measure cybersecurity ROIs.
Gutsy’s founders are backed by $51M in seed funding led by YL Ventures and Mayfield Fund. Historically it has been difficult for enterprise CISOs to objectively quantify return on cybersecurity investments and their effectiveness, but with Gutsy, now they may be able to do so.
Read the full article here