About PANOPTESEC - Introduction

Organisations large and small, public, private or commercial have become increasingly dependent on networks and computer systems to support their business operations and services. Unfortunately, as this dependency has grown, so too have the motives and capabilities of cyber adversaries to attack these networks and computer systems. Regardless of their motives, cyber attackers are often able to penetrate networks and computer systems to extract valuable information (theft), tamper with the accuracy of the information (manipulation) and overload or otherwise prevent access to needed services and systems (denial of service). Any of such tactics used by the cyber adversaries can have significant negative impacts on an organisation's business, reputation and liabilities. In the era of open networks and platforms, pioneered by paradigms such as the internet, web services, cloud computing and mobile computing, attacks find more venues to exploit the complexity and scale of use to cause increasingly substantial damages.

According to the Centre for Strategic and International Studies, Continuous Vulnerability Assessment and Remediation as well as having an operational Incident Response Capability are identified as two of the Twenty Critical Security Controls for Effective Cyber Defense. However, despite the need for these capabilities, commercial solutions do not meet the challenging demands of modern networks and systems including:

  1. Accurate identification and capture of the mission or business process dependencies on supporting networks and systems in a repeatable manner;
  2. Automated calculation of the priority systems to defend based on mission or business process priorities and a complete mapping of the supporting networks and systems;
  3. Automated collection and correlation of system configuration, status and events from multiple sources;
  4. Automated collection and correlation of cyber security system data (e.g., vulnerability scanner data, intrusion detection system data) from multiple sources;
  5. Automated assessment of mission or business process risks in response to the dynamic nature of the networks, systems and threats; and
  6. Automated development of prioritized risk response activities (courses of action) including prioritization of proactive mitigation actions in response to known vulnerabilities and reactive mitigation actions in response to identified cyber incidents.