The application of standard IT Risk Management to modern-day digital assets (including cloud-based web applications, smart devices, organizational Twitter or Facebook pages) is neither scalable or cost-effective due to the vast scope of device and application types.
Leveraging ‘digital asset’ telemetry to automate and scale risk monitoring, reporting, and mitigation. This solution will constantly process the asset telemetry to analyze the data to fine-tune Risk Prediction as well as Risk Assistance / Avoidance. The term DevRiskOps leverages the trend of DevOps to deeply integrate risk management into the roadmap of an organization’s digital transformation journey.
The following are capabilities of the RSA DevRiskOps solution:
- Provide a flexible data model of an organization’s digital structure and associated risks.
- Provide live monitoring, reporting and mitigation of risks by using latest architectural techniques.
- Adoption of simple “natural language” rules for risk triggers based on one or more events.
- Acquisition of asset telemetry via polling agents for non-conforming assets.
- Development of “risk prediction” using the latest data analysis techniques.
- Provision of basic “risk assistance” via chat-bots.
Potential use cases include:
- A startup company is disrupting their target market by rapidly deploying a SaaS solution. The company has secured substantial funding and the business stakeholders are strongly interested in balancing risk management vs. costs as their risk exposure is constantly evolving.
- An established company is feeling the heat from their competition and startups. They have embarked on a digital transformation journey however the business stakeholders believe their current risk management solution won’t scale appropriately. The company will face increased risk exposure from a surge of threat sources such as sensors and smart devices.
- A startup is extensively using social media to drive campaigns and promote its brand value. The use of Facebook and Twitter are used extensively to engage with their customer base. With a new round of funding secured, the organization is very interested in safeguarding their hard-earned image with a risk management solution.