Visualise and mitigate cyber risks

April 2024 Security Services & Risk Management

SecurityHQ announced its latest risk and incident management capabilities for the SHQ response platform. The SHQ Response Platform acts as the emergency room, and the risk centre provides the wellness hub for all cyber security monitoring and actions. This has included a complete rewrite of how risks are visualised and how customers work with their security team.

The Risk Centre is designed to prevent emergencies before they arise. To make this possible, SecurityHQ has combined its intellectual property and knowledge on risk mitigation and cybersecurity, and merged this with several recognised sources in the industry, including the National Institute of Standards and Technology (NIST), the National Cyber Security Centre (NCSC), and MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK), to provide actions on how to identify, map, and raise risks.

“SHQ Response Platform is unique in the industry as it follows a combination of different sources and is always viewed within the context of the customer. The Risk Centre itself is what makes this such a unique offering, as the user is now able to calculate the impact of security threats to the business, the likelihood of risks happening, identify all the different tactics and techniques, and highlight how best to mitigate these risks, all from a single location,” says Chris Cheyne, SOC Director & CTO, SecurityHQ.

SecurityHQ, NIST, MITRE, & NCSC intelligence combined

With the SHQ Response Platform, users are now able to:

• Map threats, assets and vulnerabilities to derive risks.

• Manage risks in accordance with NIST 800-30.

• Identify maturity and high impact mitigations, linked to NIST 800-53.

• Track mitigations, task assignments, and progress.

• Link compliance incidents to risk, to reduce repetitive incidents creating noise.

• Receive monthly tailored executive reports, delivered by data analytics team, to prioritise actions.

• View incident graphic card, which showcases real-time incident information, including time-line perspective tab, graphical representation tab, and MITRE tactics tab.

• Investigate and prioritise incidents. Categorise incidents against MITRE ATT&CK, and assign risk level, based on CIA attributes, asset criticality, and possible impact.

"We have not seen any platforms out there that are doing this. We see a lot of risk management platforms, but they do not deal with the detail of cyber security risks in a very good way. The SHQ Response Platform has simplified cybersecurity, by enabling customers to be part of their security journey. It was built so that businesses could learn more about potential threats, and solve cyber-related issues, together with their designated security experts," says Feras Tappuni, CEO, SecurityHQ.

For more information, contact SecurityHQ Southern Africa, +27 11 702 8555, [email protected],

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Eighty percent of fraud fighters expect to deploy GenAI by 2025
Security Services & Risk Management
A global survey of anti-fraud pros by the ACFE and SAS reveals incredible GenAI enthusiasm, according to the latest anti-fraud tech study by the Association of Certified Fraud Examiners (ACFE) and SAS, but past benchmarking studies suggest a more challenging reality.

Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Proactive strategies against payment fraud
Financial (Industry) Security Services & Risk Management
Amid a spate of high-profile payment fraud cases in South Africa, the need for robust fraud payment prevention measures has never been more apparent, says Ryan Mer, CEO of eftsure Africa.

How to prevent and survive fires
Fire & Safety Security Services & Risk Management
Since its launch in August 2023, Fidelity SecureFire, a division of the Fidelity Services Group, has been making significant strides in revolutionising fire response services in South Africa.

A long career in mining security
Technews Publishing Editor's Choice Security Services & Risk Management Mining (Industry)
Nash Lutchman recently retired from a security and law enforcement career, initially as a police officer, and for the past 16 years as a leader of risk and security operations in the mining industry.

Risk management: There's an app for that
Editor's Choice News & Events Security Services & Risk Management
Zulu Consulting has streamlined the corporate risk management process with the launch of Risk-IO, a web-based app designed to consolidate and guide risk managers through the process, monitoring progress as one proceeds.

Integrated information platform for risk management
Editor's Choice News & Events Security Services & Risk Management
Online Intelligence recently launched version 7 of its CiiMS risk and security platform. Speaking to SMART Security Solutions after the launch event, the company’s Arnold van den Bout described the enhancements in version 7.

Global Identity Fraud Report revealing eight-month ‘mega-attack’
Editor's Choice Security Services & Risk Management
AU10TIX recently released its Q4 Global Identity Fraud Report, with the research identifying two never-before-seen attack patterns, with the worst case involving 22 000+ AI-generated variations of a single U.S. passport.

Linking of security officers by security businesses
PSiRA (Private Security Ind. Regulatory Authority) News & Events Security Services & Risk Management
[Sponsored] By law, all security businesses are required to declare their employees to PSiRA so that they can be accounted for administratively. Failure to link employees by security businesses is a contravention of the Code of Conduct and a criminal offence.