Article by Pedro Sousa
Enterprise Architecture Director – Link Group
IT risk management is an essential activity in almost all organizations. Analyzing associated risks requires a holistic view of the organization, analyzing the impact of each technological artifact, whether at the system level, information processes, or even the infrastructure. This informative collection, regardless of what we name it, represents the core of the enterprise architecture of the organization.
Atlas Risk Secure is an IT risk management solution from Link Consulting, based on the Atlas Enterprise Architecture solution, enabling a more comprehensive risk management approach, from infrastructure to business. The latest release we are finalizing integrates AI engines at different stages of the risk management process, which I will describe next.
In Atlas Risk Secure, infrastructure discovery is automated for both on-premises assets and public cloud assets, particularly in Azure and AWS. This consolidated and structured view of IT assets is a crucial factor in managing infrastructure and risk analysis.
The integration of AI engines allows an initial analysis of the infrastructure, identifying potential risks and the corresponding controls. It is up to the risk manager to select the most relevant and appropriate ones for the organization.
Detection and mitigation of vulnerabilities in IT systems follow, which is essential for risk mitigation.
Atlas Risk Secure integrates several state-of-the-art penetration testing solutions, some focused on servers and others on web applications. Detected vulnerabilities are assigned a default criticality level, in line with databases maintained by international communities. However, Atlas Risk Secure adjusts the risk by analyzing the impact these vulnerabilities may have on the organization’s systems, processes, and business information, tailoring the associated risk accordingly. This criticality adjustment helps prioritize risk mitigation activities more effectively.
Once vulnerabilities are identified and prioritized, the AI engine proposes a plan to resolve them, estimating the time and effort required, considering the available technical team described in the organization’s structure.
In addition to the proposed plan, the AI engine offers, in most cases, the specific commands to resolve vulnerabilities, the verification steps to ensure successful operation, and a rollback process if needed.
Atlas Risk Secure also structures the organization's asset catalog, from laptops to mobile devices and other equipment, supporting integrated asset and security management. AI engines also reconcile the vulnerability resolution plan with asset maintenance plans, logging all interventions and incidents.
Finally, Atlas Risk Secure structures risk mitigation and maintenance operations into processes (defined in BPMN) supported by the solution. These processes can specify tasks to be performed by humans, systems, or AI engines, allowing further automation of risk management processes and beyond.
At Linkcom, we believe technological innovation is the key to tackling the digital security challenges that all companies face. With our experience and advanced solutions, we are ready to help your organization protect its critical assets, optimize risk management, and ensure continuous and secure operations.
Contact us to learn how Atlas Risk Secure can transform how you manage technological risks in your business.
Comments