Adam Holliday

The application of risk in cyber security plays an integral role as a basis of evidence for decision making as well as providing visibility over existing and potential security postures. To effectively leverage this utility, Risk Management must be integrated within a solution that unifies immediate, short-term, and longerterm functions that deliver cyber security capabilities for secure business services. Through structured language and entity models, integration of systems and processes enables automation that scale when unified holistically. Risk however is something that also integrates human motive with machine applications. It relates the management of source security data with traffic flow, asset criticality, asset owners, controls, as well as policy and predicted representations. The management of risk requires workflow design to manage decoupled governing practises and third-party involvement. What risk highlights is the importance of human-machine teaming, and it is the enhancement of that teamwork that is the focus of the case example, which elaborates on how layered architecture and interoperating mesh security solutions forms the basis of Red Piranha’s Consolidated Security Platform and holistic adoption of Cyber Security Risk Management (CSRM). The novel contribution of this paper is in outlining the adoption of CSRM within a Consolidated Security Platform (CSP). Moreover, the novel contribution here is in demonstrating how CSRM integrates multiple dimensions to leverage automation when unified in a way that can task both workflow and dataflow for its own end.