JupiterOne is helping to bring the human element back to cybersecurity asset management with MySecurity
We couldn’t wait to announce an upcoming innovation that is very personal to us. In celebration of Cybersecurity Awareness Month, JupiterOne is embracing the National Cybersecurity Alliance’s theme of “See Yourself in Cyber,” demonstrating that while cybersecurity is a complex topic, people remain the most important element.
Why should you “see yourself in cyber?"
People will always be at the heart of security. Taking precautions to protect yourself online, both at home and in the workplace, is critical. According to the Verizon 2022 Data Breach Investigations Report (DBIR), "The human element continues to drive breaches. This year 82% of breaches involved the human element. Whether it is the use of stolen credentials, phishing, misuse, or simply an error, people continue to play a very large role in incidents and breaches alike."
"Today's users are more tech savvy than ever, and we miss an opportunity by not engaging them directly to help secure our organizations. By leveraging JupiterOne’s MySecurity, security teams can not only influence their users to improve individual security posture, but can also drive better security outcomes for their organizations overall."
Jason Chan, Former VP of Information Security at Netflix
What is MySecurity?
MySecurity will leverage the foundational asset inventory and visibility capabilities of JupiterOne’s Cyber Asset and Attack Surface Management (CAASM) platform. It will provide custom, curated insights along with a consumable dashboard that summarizes each user’s security health within their environment. These individual views will allow users to collect information on assets they own, such as user IDs, accounts, and access granted to third-party vendors. More importantly, MySecurity will provide information on potential problems such as unsecured devices, weak passwords, and third party apps that need to be updated. With MySecurity, employees can make informed decisions to reduce risky behavior and tech debt by better understanding what they have access to, along with the risks involved.
“Every employee can help improve their company’s security by taking active steps to reduce security tech debt and risk," said Erkang Zheng, founder and CEO at JupiterOne. "With MySecurity, every employee is empowered with easy-to-understand information about their security profile. It will help protect their company, so it can focus on innovation and drive the business forward.”
“Nomadic users. Ephemeral SaaS services. Myriad devices (some managed – many not). It’s the modern security milieu that demands shared responsibility. JupiterOne’s MySecurity bodes to extend the shared responsibility model to the user – enabling them to work responsibly while security governs effectively.”
Richard Seiersen, Author of The Metrics Manifesto
- Creates security allies, helping democratize security responsibility across your organization
- Elevates data in an easily-consumable view, summarizing each user’s asset ownership within their environment
- Provides contextual, actionable security intelligence on what users can do to improve their individual and overall security
Creating security allies throughout your organization
It’s not uncommon to think security is the responsibility of the security team alone. The truth is, it’s everyone's responsibility. Every user, device, access point, or login, just to name a few, is a potential entry point for an attacker.
By heightening awareness, actions, and accountability to all employees within an organization, MySecurity reinforces the shared responsibility model of security. Every employee, regardless of role, from intern to developer to executive, can now take true ownership and accountability for securing their environment’s assets. It helps teams that don’t focus on security-related tasks every day participate and improve organizational security in a meaningful way. Our goal is to create security allies throughout your organization who can use business intelligence to identify and reduce risk from vulnerabilities and other issues.
Security is a team sport. I’m really excited to see JupiterOne’s MySecurity capability. The way JupiterOne uses a data-driven approach to connect the dots between assets, problems, and owners to present each employee in the organization a consolidated view of their own security posture helps make this “team sport” more of a reality than concept. It is very aligned to my philosophy towards cybersecurity and the program I am building at Pendo.
Chuck Kesler, CISSP, CISM, Chief Information Security Officer at Pendo.io
We didn't forget about SecOps teams
MySecurity will become an innovative layer of the JupiterOne platform to improve traditional security awareness approaches by intuitively helping individuals understand their cyber asset attack surface, identify their security blind spots, and actively improve their organization’s security posture. But it won't stop there.
MySecurity will also provide a new channel for managers and team leads to encourage the awareness and adoption of new, strategic security processes. Distributed teams will be better able understand and manage security-related issues, and make progress on prioritizing and fixing the most important tasks. Security Operations and Engineering will have additional context on overall security posture and clear action steps on how to resolve key problems, see what tasks are open, and assign security tasks to newly created allies. Both the individual and team views provide a powerful way to reduce blind spots and close security gaps.
When can you expect to hear more about MySecurity?
Innovations like MySecurity continue to democratize healthy security practices and enhance security visibility across your organizations. We believe if you can keep your employees and teams informed, you can reduce risks from the start. Look for the official launch of MySecurity in early 2023. In the meantime, book a demo to learn more about securing your cloud and hybrid environments with JupiterOne.