About the CISO Executive Report
The CISO Executive report provides an executive-level summary of the industry KPIs presented in various Vulcan Cyber reports. It highlights security posture rating (SPR) and business group benchmarking, SLA compliance, and campaign coverage, as well as a Scatter Plot widget showing what Business Groups have the most impact on the organizational SPR. We recommend visiting this CISO persona-based report monthly or quarterly.
Use the Filters pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info.
Before you dive in
First, make sure you cover Reports (Analytics) Filters and Data Drilling to learn about the expected behavior of the trends and the presented data.
KPIs
The CISO KPIs are the first and main widgets you encounter when entering the CISO Executive report.
What does each KPI represent?
KPI | Description | What to strive for? |
Security Posture Rating (SPR) | The percentage of assets that have a maximum risk score below the SPR risk threshold, i.e., the percentage of assets that comply with your security posture policy. Altering the SPR threshold will affect this value, with lower thresholds representing higher SPR. This KPI also indicates the percentage of positive (in green), negative (in red), or neutral (in grey) stats change compared to previous periods.
| The higher the SPR is, the more compliant your environment is with the organization's security posture. |
Assets Compliant with SLA | Percentage of assets that are compliant with the SLA policy. | The higher the percentage is, the more compliant your environment is with the organization's security posture. |
Campaign Coverage | Percentage of findings (instances) in remediation campaigns (in open tickets). | The higher the percentage is, the more findings (instances) are being addressed in remediation campaigns. |
Widgets and trends
SPR over time
Percentage of organizations meeting the Security Posture Rating requirement over time. These are assets that are above the minimum security threshold. Data-drill-down buttons allow a deeper view into the data.
Attack Surface Report
Use the attack surface report to learn about the risk changes on assets that affected the SPR changes you observed over time. Read more here on the Attack Surface Report feature.
Assets and SPR by Business Group
Scatter plot comparing different Business Groups' SPR and the number of assets in each Business Group. This widget helps you understand what Business Groups have the most impact on the organization's SPR.
Findings (Instances) and SPR by Business Group
Scatter plot comparing different Business Groups' SPR and the number of findings (instances) in each Business Group. This widget helps you understand what Business Groups have the most impact on the organization SPR.
Assets Compliant with SLA over time
Percentage of SLA-compliant assets over time. Data-drill-down buttons allow a deeper view into the data.
Campaign Coverage over time
Percentage of findings (instances) being addressed by remediation campaigns over time by Risk Level. Higher values are better, and an emphasis should be placed on High and Critical vulnerabilities.
Reports (Analytics) FAQ and Data Validation
Read our Reports (Analytics) FAQ and Data Validation article here.