OpenSAFE - Redefining Security Performance and Achievement.
| Apps | Cores | Core Briefs |
| Cybersecurity Domain | Business Alignment | Improve the alignment of the company’s cybersecurity strategy with its business imperatives, and enhance abilities to detect and repel more advanced attacks. You can streamline processes, capture opportunities, short-circuit variances, and create a customized business flow to achieve your goals. The result is increased profitability and a closer match of tactics with vision. |
| Response Readiness | Reframe cybersecurity perceptions and build a new definition of success based on business impact and using mitigated financial loss as a key metric. Ensure security incident management readiness, open lines of communication, facilitate alerts, and minimize detection response time. | |
| Threat Context | Focus on those internal incursions with greatest potential impact. Instead of attempting to anticipate a seemingly infinite variety of external breach possibilities, organizations can concentrate on the relatively fewer internal incursions that really matter. | |
| Threat Context | Engage in real-world attack simulations to establish a realistic assessment of internal capabilities in withstanding a targeted, focused attack. Similar in effect to military live-fire training programs, organizations can have benign external hackers engage in a real “sparring match” with their cybersecurity teams to assess preparedness and response effectiveness. | |
| Digital Trust Imparatives | Talent | Existing cybersecurity talent should be increased and trained, using holistic security practices and emerging technologies to address the number and sophistication of cyberattacks. |
| Technology | Enterprise cybersecurity teams should establish innovation and testing capabilities to rapidly and efficiently identify and test new technologies (such as behavioral analytics, automation, cognitive computing and physical/ digital integration) to keep pace with the evolution of cyber threats. | |
| Parity | Cybersecurity operations and executive management should collaborate to identify and close gaps between security requirements and execution ability in areas such as talent and training; technology and process; and budgets and finance, with an eye toward ensuring a high level of enterprise-wide security preparedness. | |
| Budget | Enterprises should change how cybersecurity funding is viewed. Instead of treating costs as overhead, companies should adopt a holistic approach—one that includes the cost of securing data and allowing it to be used—as part of overall business initiative financial requirements. | |
| Management | Executive management should assume a visible, vocal, and engaged position on cybersecurity, fostering a culture that values and leverages enterprise-wide digital trust. | |
| Self - Sustaining Enterprise | Operating | An operating model that provides an in-depth understanding of the risk from devices and vulnerabilities within the environment, their potential impact on business processes, along with the agility to mitigate identified risks quickly. |
| Identity | A persistent identity and the capability to analytically identify assets and their role and function. Embed identity management into your business processes for tighter IT security. Reduce risk and centrally manage user access across your enterprise with Identity Management. | |
| Security | Identify, analyze, and neutralize real cyberattacks as they are happening and before serious damage occurs. The Enterprise Threat Detection application enables real-time security intelligence (RTSI) to help effectively manage your systems’ vulnerability to external and internal cybersecurity threats and help ensure data loss prevention (DLP). | |
| Flexibility | Respond rapidly to evolving trends in today’s connected marketplace with a powerful platform for innovation. Analyze huge data volumes to identify new customers and patterns, adapt promotions to new opportunities, and adjust processes to maximize flexibility while minimizing cost. |
