DEFCON CYBER by Rofori Corp. is a software solution based on the National Institute of Standards and Technology (NIST) Cyber security Framework (CSF). DEFCON CYBER enables an organization and its supply chain to reduce incident response times and measure the supply chain cyber security risk posture through the successful execution of each supply chain organization’s cyber security risk management strategy. DEFCON CYBER is offered as a cloud service or an application add-on to an existing Microsoft SharePoint enterprise platform.
Supply chains have become the preferred targets of attack with the growing number of incursions initiated by bad actors due to the lack of cyber risk management focus within the supply chain. In the current cyber security environment, organizations and their supply chains tend to be reactionary, with limited human response times that are unable to cope with high volume machine-speed incident detection.
DEFCON CYBER representatives recommended its cyber security risk management system as a solution to the major challenges expressed at the NIST Cyber Supply Chain Risk Management Workshop held last week. The key challenges of combining cyber and the supply chain into a cohesive strategy include insufficient skills to identify, assess, and manage cyber risk. A significant gap in executing a strategy and improving upon it has been the lack of measuring and scoring supply chain entities in their ability to perform adequate system hygiene and to improve their risk posture, especially for small and medium sized organizations.
DEFCON CYBER is a software application that incorporates the Framework from a holistic approach by operationalizing the NIST CSF, thus enabling execution of both process and outcome measures, resulting in continuous cyber security risk management assessment and score. The Framework lays out a broad approach for organizations of all types and sizes to adopt a risk management approach to cybersecurity protection for their organization and their supply chains.
Many organizations and related supply chains do not have sufficient resources or skills to identify and respond to the rapidly increasing volume of indicators of cybersecurity compromise. Each supply chain organization needs to have the ability to execute a cybersecurity risk management strategy by responding to priority indicators of compromise, and being proactive in finding indicators of compromise.DEFCON CYBER operationalizes this risk management oriented approach in cyber security programs by linking the organization’s actions and response to its prioritized risk management strategy. DEFCON CYBER also enables the establishment of a cyber security program for organizations lacking a cyber security risk management approach.