When I joined Sepio 18 months ago, I was asked by leadership to take part in developing the next generation of the Sepio platform by applying my experience as a CISO in multiple types of organizations. To tackle this mission, we first reached out to our fantastic customers’ CISOs and collected their wish-list requirements. In addition, we reviewed other cyber security platforms addressing other enterprise security layers and how they integrate with Sepio’s breakthrough data and visibility. Putting together all these wonderful insights, information, and advice, we realized that, in addition to many new features and improvements, we also needed to ensure that the next generation of Sepio supports the CISO’s (and the security team’s) action flows or processes. In other words, the newest version of our platform should support the typical method being used by CISOs (and security teams), which starts with conducting routine security controls, followed by risk assessments based on the outcome of the security controls, and concluding with addressing the risk by remediation, such as compensation controls.
The outcome of this process is the new version of Sepio, which follows exactly this method by providing the CISO with:
- Bottom up, holistic and continuous visibility of all assets as the mapping security control.
- A risk score for each asset, all together building up the overall risk posture.
- Actionable implementation of the control layer through remediation (such as policy enforcement or alerts) to compensate and / or remediate the risk scores and the organization’s risk posture.
To implement this flow, we integrated two modules based on our groundbreaking data collection platform: the asset risk score module and the policies module.
Many ask how we calculate the individual asset risk score. The answer is: through a comprehensive analysis of multiple, different risk indicators, each of which contributes a different level of risk to the final score. These risk indicators can be categorized into the following 4 groups in an increased severity order from low to high:
- Unsupervised asset
- Asset anomalies (for example, physical layer based Asset DNA mismatch, rare devices, unexpected devices or components, unexpected port speed, etc.)
- Known vulnerability (device CVE and / or firmware CVE, and / or component CVE)
- Known attack tool (based on Sepio’s Asset DNA match)
The policies module provides the control by enabling selective enforcement and / or alerts based on asset groups. As asset groups can be a combination of any type of asset (OT, IoT, IT, peripheral, or component) across the organization, it provides a useful tool to control entire parts within the organization by enabling a single policy (for example, a policy for a branch or a city).
To summarize, Sepio’s latest version provides CISOs with a powerful tool to conduct security control across the organization’s entire asset ecosystem. Sepio brings unparalleled asset visibility, accurate asset risk scores and enables actionable control to achieve risk mitigation or compensation to any asset group within the organization.