| |OCTOBER 202419CIOReviewdetailed information on hardware, software, data flows, and interconnections.BRM then automatically creates threat and risk models, develops attack trees that show all possible attack paths, and highlights the conditions for success. It identifies specific weaknesses associated with each attack path and assesses the likelihood and potential damage of exploitation, ensuring mitigation efforts are directed toward areas with the highest impact.Once BRM has prioritized potential vulnerabilities, BOR takes over. BOR is a vulnerability analysis and detection platform that enhances assessment accuracy and unifies outputs from multiple vulnerability analysis tools into one comprehensive report. The report is imported back into BRM for recalculated residual risk.In summary, the Blade Suite provides both top-down and bottom-up analyses, assesses systems in an operational context, identifies vulnerabilities, and suggests optimal controls and countermeasures. The detailed report consolidates results into a single view, helping businesses take appropriate action on identified vulnerabilities and informing their clients and stakeholders about how issues are being addressed to prevent future attacks.Based on the insights from BRM and BOR, KDM Analytics customers can develop targeted mitigation strategies to address the most critical areas. These strategies are designed to ensure that resources are allocated to enhance security where it counts most.KDM Analytics customers include government organizations, defense departments, and critical infrastructure providers. Some large aerospace and defense organizations have used KDM Analytics' BRM to automate risk assessments. Their testimony is that using Blade Suite reduces service costs and man-hours by 80 percent.One organization, Acquired Data Solutions (ADS), wanted certain capabilities in its solution, including model-driven evidence-based assessments, adaptability in operational technology component assessments, an extensive cybersecurity knowledge base, and capability prioritization for control measures. BRM satisfied these needs in several ways: a user-friendly workflow, comprehensive knowledge about cyber risks, and intelligent reporting capabilities. As Tony Barber, Principal Consultant at ADS, said: "Using BRM, we were able to provide `More Insight' with `Less Effort'. We achieved an 80 percent decrease in costs due to reduced resource needs and an 80 percent decrease in man-hours for work performance."Through risk simplification, ADS identified major attackers and threats, making system architecture and data flows easier to map out. The effectiveness of BRM in reducing risk and enhancing the protection of industrial control systems is demonstrated by quantifiable ROI that validates the technology's value proposition for this purpose.With the power of KDM Analytics, organizations and the vendors who develop systems for them can now benefit from these products by reducing cybersecurity risks, minimizing financial losses, and safeguarding critical infrastructure--all while achieving substantial cost reductions compared to current risk management practices. We differentiate ourselves with the most efficient and automated approach to cyber risk assessment. Our solution enable organizations to be proactive and preventive against cyber attacks by extending a digital engineering framework into their cybersecurity assessments.
< Page 9 | Page 11 >