news
Panaseer issues cyber measurement guidance to protect enterprises from compromise
anaseer , the first Continuous Controls Monitoring
P
( CCM ) platform for enterprise security , has announced guidance on best practice cybersecurity measurements to help avoid incidents . Currently , there is limited industry guidance around the most important metrics to evaluate and how to standardise calculations and policies as part of a highquality security metrics programme . With the right metrics , organisations improve visibility into and raise their security posture , helping to limit exposure to successful attacks , such as ransomware , or vulnerabilities including FireEye or SolarWinds .
Among highly regulated , global organisations , Panaseer has determined that the top 10 most frequently used security metrics are ( in order of popularity ):
1 . Vulnerability remediation SLA compliance 2 . Endpoint detection SLA compliance 3 . Vulnerability scan coverage 4 . CMDB inventory completeness coverage 5 . Endpoint detection coverage 6 . Vulnerability outlier analysis 7 . Active Directory enrolment coverage 8 . Application security scan coverage
9 . Application security SLA compliance 10 . Active employee leavers
Panaseer ’ s CCM platform includes these and hundreds of other best practice security metrics via its new in-platform Security Metrics Catalogue . In addition to Panaseer ’ s expertise , the Security Metrics Catalogue has been curated from a wide community of customers , industry experts and framework organisations such as NIST and in collaboration with the Centre for Internet Security ( CIS ). The proposition also provides recommendations to enable security teams to instantly improve their security metrics programme overall via metric groupings that include a ‘ getting started ’ collection , a peer-based recommendation collection , a customer favourites collection and access to newly emerging metric suggestions .
NHS Digital defends its plans to share patient data with third-parties
HS Digital has defended wide-spread criticism about
N its plans to share patient data with third-parties .
Fears grew around the confidentiality of patient data , but the organisation pointed out that patients can opt-out of the process .
An NHS Digital spokesperson said : “ Patient data is already used every day to plan and improve healthcare services , for research that results in better treatments and to save lives . During the pandemic , data from GPs has been used to benefit millions of us : helping to identify and protect those most vulnerable , rollout our world-leading vaccine programme and identify hospital treatments which have prevented people dying from COVID .
“ We have engaged with doctors , patients , data , privacy and ethics experts to design and build a better system for collecting this data . The data will only be used for health and care planning and research purposes , by organisations which can show they have an appropriate legal basis and a legitimate need to use it .
“ We take our responsibility to safeguard patient data extremely seriously . Researchers wanting to access this data will need each request to be approved by the Independent Group Advising on the Release of Data ( IGARD ) and a GP Professional Advisory Group ( PAG ), with representatives from the British Medical Association and the Royal College of General Practitioners .”
The spokesperson said that NHS Digital will not allow data to be used solely for commercial purposes , nor will it approve requests for data to be used for insurance or marketing purposes , promoting or selling products or services and market research .
10 www . intelligentciso . com