Enter the Matrix: Cyber Security Risk Assessments Demystified

By Tal Zamir. April 2, 2020

Cyber security professionals are, by definition, in the risk management business. Your job is all about making sure information systems and sensitive data are protected against cyber attacks. And now with COVID 19 pushing more workers — and work — online than ever before, getting a handle on your evolving risk couldn’t be more critical.

“Risk” can be defined in a number of ways. To make sure we’re all on the same page, let’s go with how the National Institute of Standards and Technology (NIST) defines it: “Risk is a function of the likelihood of a threat event’s occurrence and potential adverse impact should the event occur.”

How do you discover what your company’s level of risk really is? The best way is to conduct thorough risk assessments on a regular basis. They provide the foundational knowledge required to pinpoint your most important devices and data, identify threats, and eliminate and/or minimize the chances of malware and human error compromising your information assets.

Risk Assessment Tools

There’s no shortage of tools and matrices for helping CISOs and IT staff map risk levels. Some of the more popular ones include:

These assessments include both qualitative information (i.e., deciding which data, if exposed, could have significant impacts on your business) and quantitative techniques (i.e., using probabilistic models to calculate risk levels). I can’t overstate the importance of quantitative data. Without it, subjectivity in the risk assessment process can weaken the credibility of, and cause senior management to question, your findings, thereby compromising risk management programs.

Common Risk Management Guidance

A key part of all cyber security risk assessment programs is implementing security controls. Among the most critical controls mentioned by NIST and others are those that keep privileged / sensitive data and systems isolated. In NIST’s words, these include:

  • “Least privilege” – not mixing privileged and non-privileged accounts and information
  • “Provide separate processing domains to enable finer-grained allocation of user privileges”
  • “Security function isolation”
  • “Heterogeneity – employ virtualization techniques to support the deployment of a diversity of operating systems”
  • “Virtualization techniques can assist in isolating untrustworthy software or software of dubious provenance into confined execution environments.”
  • “Restrict the use of non-organizationally owned systems or system components to process, store, or transmit organizational information”
  • “Non-persistence”

Hysolate’s Security Controls

The Hysolate platform fulfills all of the above NIST guidelines to help organizations improve their security posture. It splits a single physical endpoint, which is the gateway cybercriminals use to access privileged information, into multiple isolated operating system environments. These OSes are built on top of a bare-metal hypervisor that sits below the physical device’s OS.

Hysolate uses a virtual air gap to separate the environments. This vGap provides all the security benefits of having separate physical devices for privileged and non-privileged work, without the hassles and costs inherent in users having to juggle multiple devices. 

To mitigate risks, you dedicate one OS to privileged information that must be kept free of potential threats like malware, and make it fully locked down. The other OS is reserved for general day-to-daywork. It’s open to the internet and used for email and non-privileged information. If people try to use the wrong VM for a particular task, Hysolate automatically redirects them to the correct one.

Any cyber criminals that breach the general OS are completely contained within it. They cannot reach the privileged OS or even see that it exists. For added protection, configure that general OS to be non-persistent so that it’s wiped clean at specified intervals.

Want to build Hysolate into your cyber security risk management program? Learn how easy it is to safeguard sensitive data. Start your free trial here.

 

About the Author

Tal is a 20-year software industry leader with a track record of solving urgent business challenges by reimagining how technology works. An entrepreneur at heart, he has pioneered multiple breakthrough cybersecurity and virtualization products. Before founding Hysolate, Tal incubated next-gen end-user computing products in the CTO office at VMware. Earlier, he was part of the leadership team at Wanova, a desktop virtualization startup acquired by VMware. Tal began his career in an elite IDF technology unit, leading mission-critical cybersecurity projects that won the prestigious Israeli Defense Award. He holds multiple US patents as well as an M.Sc. degree in Computer Science, and the honor of valedictorian, from the Technion.

Share this article: