“It’s out…cybersecurity is no longer the secret thing we used to do behind the curtain,” stated a Fortune 500 SaaS CIO I met with a few weeks ago. “Every big move we make is now out in the open.” I pressed him for more details. “You see, a couple of years ago I could just send a 1-2 page cybersecurity summary letter to the occasional inquisitive customer and a high level review to our Board of Directors once per year. Now, we’re answering weekly 250 question customer questionnaires and briefing our Board each quarter. It’s insane.”
In simpler times, IT security teams ran an organization’s security program mostly like a covert program – autonomously and on a ‘need to know basis’. Environments were mostly on-premise which gave more freedom to control security (and security issues) more privately and at a predictable pace. Little outside attention was paid to the details of a security policies, pen test results, software patching cadences, and cryptography strategies.
But today, cybersecurity is no longer a secret. SaaS Companies are facing a security transparency movement where they find themselves openly getting assessed and having to explain deep details of their security program to a wide range of audiences at a moment’s notice. Topics like configuration management, vendor management, event logging, and classification of information must be ‘put out there’ for all to probe. “It’s become a bit of a game to decide how much information you really want to give out,” a Fortune 1000 CIO told me a few months ago. “I usually just give the very basics first and see if they come back with more questions. Usually they do, and then we’re forced to really open up the kimono.”
Apptega is here to help. Apptega delivers one-click reporting for assessments, audits, customer requests and Board presentations saving hundreds of hours of admin time with real-time data. You can show the end-to-end story of your entire cybersecurity program including real-time compliance scoring, achievements over time, areas of focus, project life cycles, and future implementation road maps for the next 12 months. An entire program with crisp dials, graphs and charts can be exported into PowerPoint, Excel and Word in seconds, instead of hours and days.
Want to learn more? Click here to schedule a demo today.
*** This is a Security Bloggers Network syndicated blog from Apptega Blog authored by Armistead Whitney. Read the original post at: https://blog.apptega.com/cybersecurity-is-no-longer-a-saas-companys-big-secret