Blog by Bill Van Vleet, CEO of Haystax Technology A recent Deloitte survey of CFOs’ attitudes toward crisis preparedness* found that 97 percent of them are concerned about cyber-attacks – hardly surprising given the high-profile breaches of late. What’s more surprising, though, are the other threats that ranked high on the CFOs’ list. Eighty-five percent consider malicious attacks (terrorism, tampering, etc.) a major threat, with only 23 percent feeling prepared to deal with them, and more than 85 percent consider natural disasters a major threat, with only 20 percent considering themselves prepared. Eighty percent of CFOs in manufacturing, retail and wholesale consider confrontations a major threat, with only 20 percent saying they’re sufficiently prepared. Among energy/resources and manufacturing respondents, 80 percent consider industrial/technological failures a major threat. I’d say the CFOs have good reason to be concerned about all these risks – and also about insider threats, which didn’t make it onto the survey but probably would have ranked highly as well. The threats themselves are challenging enough. Add to that the fact that each is probably managed in a separate silo of the organization – if the threat is being managed at all. It’s no wonder that few feel prepared to deal with any of these potential crises. There may be no one who is taking a holistic/comprehensive view of threats across the entire enterprise. Yet that’s exactly what’s needed, and that’s what we do at Haystax Technology. When we talk about enterprise threat management (ETM), we mean something different than what most companies who offer it mean. Google the term and you’ll find us first, but you’ll also find companies who use “enterprise threat management” to refer only to cyber threats – an important piece, no doubt, but which we regard as one-dimensional ETM. Haystax offers holistic, comprehensive enterprise threat management that gives organizations a multi-dimensional view of threats – and a view that puts the threats into context and prioritizes them, so that an individual doesn’t have to. Our ETM technology, based on a patented algorithm, has the ability to not only identify but also raise to the surface the most immediate and serious threats in the physical realm, the cyber realm, the atmospheric/weather realm and the human realm. You don’t have to choose which one is most important at the moment; the ETM should do that for you. Let’s say you’re in a critical infrastructure organization in Oklahoma. Your cyber team is probably receiving hundreds of alerts about potential risks. The Haystax ETM has the ability to examine all of those and decide if any reaches the level of real danger to the organization. At the same time, our ETM system is monitoring physical infrastructure sensors and weather sensors from the National Weather Service. It might also have compiled a list of the individuals posing the most risk as insider threats to the company, based on various risk factors. On this particular day, the highest risk might be from an impending tornado. That information is what you’ll receive – the weather threat rising above all the others in terms of risk. No need for the IT specialist to sort through hundreds, even thousands, of alerts if the risk of a cyber-attack isn’t high. Better to be shoring up back-up systems in case critical systems go down in a storm. With this kind of holistic threat management, you know where to put your resources and what to focus on, putting you already ahead of the game. When we talk about enterprise threat management, we mean allowing you to protect critical infrastructure and key resources, protect against loss from fraud, protect people and systems from natural hazards and human threats, protect data and networks, and even more. In other words, you can protect the entire enterprise. This is what we think real enterprise threat management should accomplish, so that CFOs, CEOs, CIOs, CISOs, HR leads, and anyone else looking to avoid crises can manage their response to threats appropriately – before, not just after, the threat becomes real. We’ll return to this topic in future posts, discussing Haystax’ specific approach and offering advice for enterprise threat management. * CFO Signals: What North America’s top chief financial officers are thinking — and doing , 2nd quarter 2015
For over 25 years, Haystax has been the provider of world-class commercial software products for direct use by individuals in the agencies charged with protecting our communities, cities, and country. Thus, our product is one of the most widely deployed risk management software solutions, used by school, law enforcement, fire, emergency management, and other government agencies across the United States.