US English (US)
FR French

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Create a Ticket

  • Return to HighGround
English (US)
US English (US)
FR French
  • Home
  • Cyber KPI's
  • Primary KPI's

Overview of the CyberCompliance KPI

Learn more about how your CyberCompliance is determined

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Create a Ticket

  • Dashboard
    CEO CTO CFO
  • Technical Drilldown
    Helpful Resources
  • Compliance Manager
    Compliance Status' Helpful Resources
  • Cyber Trend Data
  • Pro Services
    Rewards Buy or Enquire Helpful Resources
  • Cyber KPI's
    Role-Based KPI's Primary KPI's Getting Started
  • Sign Up & Sign In
    Helpful Resources
  • Integrations
    Referrals Guides for Each Tool Helpful Resources
  • Settings
    Notifications Personal Profile System Settings User Management Subscriptions
+ More

Dashboard

Technical Drilldown

Compliance Manager

Cyber Trend Data

Pro Services

Cyber KPI's

Role-Based KPI's

Primary KPI's

  Overview of the CyberScore KPI

  Overview of the CyberThreat Level KPI

  Overview of the CyberCompliance KPI

Getting Started

Sign Up & Sign In

Integrations

Settings

Your CyberCompliance is a powerful indicator of how well you are managing your organisations cyber security. 

Different to how strong your current cyber security posture (CyberScore) is and how likely you are to experience a cyber-attack based on correlated data from your security tools (CyberThreat Level), your CyberCompliance is concerned with Information Security Governance, Risk and Compliance (GRC). 

Whilst technology and tools are as essential part of protecting your organisation from cyber-attack, a strong and diligent approach to managing your cyber security is essential to identifying and controlling your risks, preparing to respond and ensuring you can recover from a cyber-attack, and ensuring alignment between your IT/Cyber security teams and the Board of Directors of the business.

We believe transparency is essential, so we provide you with the drilldown so you can understand how your CyberCompliance score has been derived.



How do I read my CyberCompliance

Quantitative – your actual score represented as a single number between 0 and 100, you know exactly what your score is – no fluffy stuff for you to learn before understanding what your CyberScore is.
 
Graded Scores – having a number attributed to your CyberCompliance is helpful, but it doesn’t mean much when there are so many factors which contribute to your specific score. With our graded score system, HighGround shows you what you are doing well, where you can improve, and where you are lacking entirely.

Click to see more:


Clicking on the CyberCompliance box on your dashboard will open a detailed breakdown of your CyberCompliance Score, with columns containing the following information:

  • Compliance Component: the type of Compliance Documentation
  • Impact on Score: the number of points added to your CyberCompliance score as a result of this Compliance Component
  • Running Score: your ComplianceScore at the time the points for that Complaince Component were added
  • Details: the reason for that component's impact on your CyberCompliance score



Next to each individual Compliance Component are Compliance Status' - which indicates the impact that component is having on your CyberCompliance Score. A green icon indicates a 'healthy' state, whilst an orange icon indicates a 'warning' state, and a red icon indicates a 'critical' state. You can read more about these status' in or Compliance Status' section.


In the left-hand column, you can see the individual factors within that component that are contributing to your CyberCompliance score. Any 'warning' or 'critical' state factors will contain a suggestion for how to improve your CyberCompliance underneath.

How do I Drive my CyberCompliance?

By utilizing our vast array of free resources and/or using your own, the Compliance Manager gives you best possible start to improving or recording your cyber security compliance.

Powerful features such as uploading your policies, procedures, and plans, reviewing, and auditing your plans and procedures, to running annual cyber reviews with your board, HighGround packs an enormous punch when it comes to managing your cyber security. Perhaps most important of all is the giving you something to manage, as most organisations are simply overwhelmed with the plethora of information available that they simply don’t make a start at all. Concentrate on ‘making it green’ and you won’t stray too far wrong!


INFO

Read our Guide to the Compliance Manager article to learn how to upload, audit, edit and test the policies, plans and procedures that drive your CyberCompliance!

What effects my CyberCompliance?

There are many elements that can impact your CyberCompliance. These are the main ones:

  • Lack of attention to compliance – such as missing Incident Response Plans, BCDR Plans and Information Security Policies.
  • Failing to comply with best practices and international standards such as UK Cyber Essentials.
  • Failing to Identify your current cyber security posture and thus your risks, by performing regular Risk Assessments.
  • Failing to perform regular cyber security reviews with your Board of Directors. Cyber Security must not only be discussed at the highest level of your organisation, it must be aligned with the direction of the business to ensure protection from the risks it faces.
 

How do I maintain awareness of my CyberCompliance?

It is essential that you are continually aware of your CyberCompliance and any changes to it. That’s why we make it easy for you to get on with your many other priorities safe in the knowledge that when something changes, we will let you know.
 
 You have 4 options for staying up to date of your CyberCompliance:

  • WebApp – you can login to highground.io and check your cyber security at any time.
     
  • Mobile App – you can open the HighGround app on your phone or tablet at any time.
     
  • Push Notifications – when your CyberScore changes, you will be notified in alignment with your notification preferences, defined by your both your organisations global administrator and yourself.
     
  • Cyber Reports – configure email reports on a regular basis or login to the WebApp and send them manually. Note: only accounts with a Pro subscription can schedule their cyber reports – Freemium users must login to at highground.io and send these manually.


NOTE

CyberCompliance is a probabilistic visualisation of your cyber security compliance and is not an exact science. Your CyberCompliance is designed to be used alongside other KPIs such as your CyberScore, CyberThreat Level and Cyber Investment to help you stay aware of your cyber security and to make informed decisions. Whilst we use algorithms to identify gaps and problems by aggregating data from multiple tools, it is essential that you maintain the relevant systems, spend time building accurate policies and procedure including distributing these amongst your staff and educating on them, regularly review and test your plans and procedures, regularly and accurately identify your risks and meet with your board of directors to ensure you maintain awareness of the business direction and the associated risks/compliance requirements. Otherwise, this could render your CyberCompliance and other KPIs inaccurate. For example, if you review your Incident Response Plan inaccurately or you fail to meet with your Board of Directors/don’t diligently discuss your cyber security with the board, your data will be inaccurate and thus your CyberCompliance will not accurately represent your cyber security posture.


low cybercompliance improve cybercompliance increase cybercompliance compliance details cybercompliance impact on cyberscore

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Overview of the CyberThreat Level KPI

    Learn more about how your CyberThreat Level is determined

  • Overview of the CyberScore KPI

    Learn more about how your CyberScore is determined

  • Guide to the Risky Users KPI

    Learn more about how your Risky Users are determined

  • Guide to the Active Risks KPI

    Learn more about how your Active Risks are determined

Create Ticket

Reach out to our support team

Open a Ticket

Copyright 2023 – m3 Networks Limited.

Knowledge Base Software by Helpjuice

0
0
Expand