Digital transformation is a slogan that is becoming a reality for many companies. It is no longer about using information technology to do the same thing more effectively; it’s about transforming the company and its products in depth. The potential for innovation is immense and the technical challenges are tangible. Chief among them is the need to secure increasingly interconnected processes that circulate astronomical amounts of data.
At the same time, the legal requirements for data protection are being strengthened, particularly with the coming of the European General Data Protection Regulation (GDPR). Given these evolutions, it is better to reinforce one’s defenses in terms of cybersecurity. CASES have been supporting companies and administrations in their efforts for more than 10 years. It is in this perspective that the MONARC (Method for the Optimization of Risk Analysis CASES) method and tool has been developed, and which enables companies to carry out risk analysis by benefiting from the accumulated experience of others.
This week, some 30 CISOs and consultants participated in a MONARC training session.
They discovered with interest the MONARC method and the risk analysis platform. They asked many questions concerning the tool’s functionality and were very interested in the “GDPR model” which identifies the legal risks associated with the processing of personal data.
These two training days have revealed a growing interest in the MONARC tool. Interest extended well beyond the borders of the Grand Duchy as Belgian and Parisian companies were present. Requests for partnerships and in-house training were expressed.
There are several reasons which explain this enthusiasm:
- The need to manage the risks related to information security are becoming more and more evident;
- MONARC saves up to 80% of the time needed for a complete risk analysis as it is based on shared risk profiles;
- The MONARC tool is supported by a completely open source ecosystem, which avoids software license fees and allows users to modify it and to make it evolve according to their own needs.
This last advantage deserves to be emphasized: indeed, there are few open source risk analysis tools. This has several advantages:
- Access to the source code of the tool makes it possible to adapt MONARC to specific needs
- MONARC is completely free
- Users do not need to depend on a single provider. They can choose any competent provider to help them develop or customize MONARC.
- Bug fixes and the development of new features are done by the same development community that participated in the project. They do not depend on the goodwill of a specific software publisher. Given the marked interest in MONARC, this community should be able to expand and continually advance the functionality of the tool.
Finally, the success of these training days attests to the relevance of the approach proposed by MONARC in terms of risk analysis. It is also a guarantee of the evolution of the tool, as the tool is enriched and improved with each application.