Rethinking the Role of Compliance

Data-Driven RMF Series – Part 3: Implement

In part 3 of this series, we investigate meeting the Risk Management Framework’s Implement step, using a data-driven approach. The main objective of the Implement step is to “implement the controls in the security and privacy plans for the system and for the organization and to document in a baseline configuration, the specific details of the control implementation.” Thus, to achieve this, you design and develop custom security functionality in your systems; integrate commercial and open source components and security tools; rely on common control providers for shared capabilities; and establish and implement security policies and practices to operate and maintain your systems and controls to provide the required levels of assurance.

With traditional GRC tools, the focus is only on documenting implementation statements in the Implement step. At Qmulos we realize that documenting is not all that should be done. We believe all data is security relevant. Thus, it should be collected to fuel the data-driven RMF process. And all of the activities, systems and tools in the Implement step generate a VERY rich stream of machine data.

The Implement Step using Q-Compliance

Our flagship software solution, Q-Compliance, is built on top of the Splunk’s Data to Everything platform. This allows us to collect, store and analyze all of this data in real-time, as shown in Figure 1. Our solution integrates with ANY cyber security tool, application, device, and platform from on-premises or in the cloud. As a result, Q-Compliance’s flexibility provides a revolutionary real-time single source of truth about an organization’s actual security state.

Figure 1: Q-Compliance’s Data Architecture
Figure 1: Q-Compliance’s Data Architecture

The log, configuration, and event data that are collected are used to populate the Control Analytics Data Model in Q-Compliance that we described in Part 2 of this series. This data model normalizes differences in data formats from different data sources so that a common set of compliance analytics can be applied regardless of the underlying data source (e.g. a Cisco firewall vs Palo Alto Networks, Tenable vulnerability scanner vs. Rapid7, etc.). As you start ingesting data from your control implementations, the data automatically flows to execute the control analytics for the relevant subjects (organizations, systems, assets, users, etc.).

To assist with onboarding of the control implementation data, Q-Compliance provides capabilities such as the Control Monitoring Coverage dashboard, shown in Figure 2, to tell you which controls have relevant data to drive the analytics and where there are gaps.  When you have gaps, the Data Sources dashboard, also shown in Figure 2, can help you fill those gaps by listing common sources that can provide data for each control.

Implement Step through Q-Compliance
Figure 2: Control Monitoring Coverage and Data Sources dashboards

The benefits of using Q-Compliance for Step Three – Implement include:

  • High performance, scalable platform to collect ANY data from ANY source on premises or in the cloud
  • Thousands of out-of-the-box connectors/adaptors to integrate with various data sources
  • High performance analytics data model that abstracts away tool-specific dependencies for interoperability. This enables you to easily change control implementations or tools
  • Analytics that help you identify your gaps in control monitoring coverage and recommendations for potential tools and/or data sources

Explore the other RMF steps.

Others have also read ...

Blog

What is ISO 27001 Compliance?

ISO 27001 compliance involves adhering to the international standard for information security management systems (ISMS). This standard provides a systematic approach to managing sensitive information and ensuring data security.

Qmulos’ platform supports ISO 27001 compliance by automating the processes required to implement and maintain an ISMS. Our solutions provide real-time visibility into compliance status, ensuring that organizations can continuously meet the requirements of the standard.

Read More »
Press

Qmulos Recognized in 2024 Splunk Regional Partner Awards

Qmulos Named 2024 Regional Partner of the Year Winner for Outstanding Public Sector
Partnership – Qmulos, a next-generation compliance, security and risk management automation provider, announced today it has received the 2024 Regional Partner of the Year award for exceptional performance and commitment to their Splunk partnership.

Read More »

Request a Demo

Learn how QMULOS can help your company grow by scheduling a demo with our team.