Case Study
CISO Dashboard
Risk Data Technology
Client
U.S. Bank Cooperative
Services
Information & Cybersecurity, Cybersecurity, Risk Analytics & Reporting, Business Intelligence & Reporting
Project Overview
Due to increased regulatory scrutiny as well as growing operational risk across its end-to-end technology stack, he Client’s newly appointed Chief Information Security Officer (CISO) sought improved visibility into the information security environment. Reference Point provided expertise across industry benchmarks and metrics as well as skillsets in data visualization to define Key Performance Indicators and Key Risk Indicators as well as build an Information Security dashboard for senior stakeholders, compliance, and operational teams. The RP team successfully designed CISO dashboards using Tableau and by bringing together information from various Information Security systems.
Solution
Reference Point deployed a team consisting of an Information Security Subject Matter Expert and analytics consultants to define requirements and ultimately build a platform with interactive dashboards to visualize the current Information Security environment and allow for actionable insights and drill-downs into deeper detail.
Through data gathering and exploration exercises, Reference Point provided guidance on how to address inefficiencies in the extraction, translation, and tracking of information security data, which increased stakeholder productivity and awareness of poor data tracking capabilities when interacting with data.
Along with building the platform, RP also developed an Excel tool to allow the Client to seamlessly update the database going forward with minimal manual work, ensuring ongoing data relevancy and accuracy.
Impact
Reference Point’s approach created a foundation for Information Security data and tools reporting that can be used in a variety of use cases such as customer requests, compliance satisfaction, and internal team awareness.
The dashboards provided live operational tracking and compliance satisfaction metrics in comparison to industry standards, enabling key stakeholders to make informed resourcing decisions in conformity with the industry's best practices.
The Client was able to close out a long-standing NIST compliance issue by turning the collection of Information Security source systems into a unified, interactive dashboard.
The dashboard enabled operational teams to better monitor the InfoSec environment across various capacities including, but not limited to vulnerability management, patch management, attacks, and endpoint status.
End-to-End Services, Working Together
We approach every engagement with our client in mind—creating solutions that are tailored to fit the task at hand. Our interrelated services offerings address a wide range of client needs. Whether a company is looking to solve a problem or capitalize on an opportunity, we can help them to achieve and exceed their goals—effectively and efficiently.