ENGAGEMENT
A large national bank faced challenges in efficiently collecting, analyzing and disseminating critical cybersecurity, asset management and spending information. Leveraging PowerBI, the initiative developed security metrics dashboards. The bank desired assistance with data identification, metrics design, data ingestion and visualization. The result was over 30 internally published metrics, accompanied by a robust backlog of 50+ metrics slated for future development.
PROBLEM
The Chief Technology Officer (CTO) requested current, actionable data from the Chief Information Security Officer (CISO) and Chief Legal Officer (CLO). However, the bank’s existing dashboards were managed by individual contributors and small teams using Excel, often stored locally. This decentralized approach made it difficult to produce useful, timely analytics and metrics. Requests for data required extensive validation, cleaning, and sanitizing, often resulting in outdated, incomplete and ineffectively presented information. The new CISO sought a clearer understanding of cyber performance and technology risk, while the CLO required timely updates and relevant information to present to the Board of Directors. The inability to quantify the impact and results of decisions limited what could confidently be provided to leadership.
Despite having all the relevant security systems, the bank faced challenges as each system was managed and reported on individually. Data was not combined, correlated or linked between systems to offer deeper insights. Instead, team members crafted bespoke reports in response to specific requests for information, lacking consistency from report to report.
SOLUTION
DayBlink Consulting embarked on a meticulous review of the existing metrics and conducted interviews with many stakeholders across seven different teams to identify the current state, existing pain points and desired future analytical goals. The process began with data identification and continued through analytics design, data ingestion and visualization. DayBlink Consulting identified relevant data sources across the bank’s various security systems. This included understanding what data was available, its format, and how it was currently being used. The team designed wireframes to align on the design and incorporate feedback and enhancement requests from various stakeholders. These wireframes served as blueprints for the metrics dashboards. We then created views to blend data across more than 25 datasets, developing additional logic as needed to ensure comprehensive data integration. This step was crucial for creating a unified view of the bank’s cybersecurity posture. Within two months, DayBlink Consulting developed and published 30 metrics across 10 dashboards. These dashboards were designed for a wide variety of stakeholders to analyze performance and guide future decision-making. Metrics included overall cyber risk quantification, controls effectiveness, security tool adoption by team/organization, employees at risk for phishing and crown jewels susceptibility. DayBlink Consulting documented all processes, procedures, and methodologies in the program to enable the client team to maintain this effort after the engagement ended. This included a robust backlog of more than 50 additional metrics requested by stakeholders, as well as performance benchmarks for each metric.
Finally, DayBlink delivered demos to key stakeholders to train them on usage and ensure the effort would continue.
RESULT
The engagement resulted in significant improvements in the bank’s management of its cybersecurity posture. The CISO, CRO and CTO developed a deeper understanding of their cyber risk posture and began using data from the dashboards in weekly meetings and communications with their respective organizations. The CISO developed the following year’s strategic and financial plans grounded in these metrics, providing a clear and quantifiable insight into actual team member performance. Several team members received additional coaching and/or internal job realignment based on trends in their risk quantifications, resulting in greater confidence in the team and improved performance. This new confidence enabled less administrative load on leadership, as the analytics provided far clearer insight than previous 1:1 sessions. Recognizing the value of the metrics program, the bank decided to task a full-time cyber engineer with supporting and further expanding the program. This decision was a testament to the value recognized by the senior leadership team and ensured the sustainability and growth of the metrics program.