Software tool for managing information security
What is KyberMan ...
A reliable tool for every company to manage information and cyber security. It effectively supports the performance of the function of a cyber security manager and architect in accordance with Czech legislation (ZoKB, VoKB), the ISO/IEC 2700x standard and also with the pan-European directive on cyber security NIS2.
Why KyberMan particularly …
Supports visual modeling of assets and risks in ArchiMate
Automatically generates selected documents according to Cyber Security Directive (CSD or VoKB in Czech)
Provides an overview of the organization’s compliance with regulatory requirements (CSD, ISO…)
Generates a cyber security incident report for NCISA (NÚKIB in Czech)
Has a prepared list of threats and vulnerabilities, offers appropriate measures according to ISO/EIC 27001:2022
Asset register receives information from operational and security monitoring
It links Asset register to Configuration database and Ticketing system
Modules
Evaluation methodology
Setting scales for rating assets and risks. Evaluation methods according to CCD, OWASP Risk Rating Methodology.
Change management
Change requests can be created and managed according to a set workflow. Changes affecting C-I-A are versioned in the risk analysis. Both the original and new status can be displayed.
Asset management
Modelling of Asset register and visualization of bonds in ArchiMate. ArchiMate diagrams can be imported/exported in The Open Group ArchiMate Model Exchange File Format from other CASE tools. Organization of assets by types clearly in a tree structure. Asset value „calculator“ according to a preset methodology (CSD, OWASP).
Events and Incidents
Management of cyber incidents and events, from the reception of reports, through the collection of alerts from monitoring, categorization of events and incidents, subsequent recording of solutions, automatic generation of reports for NCISA (NÚKIB) and calculation of SLA by the tool.
Risk management
Depending on selected assets type, it automatically suggests threats, vulnerabilities and measures according to ISO/IEC 27001:2022. Risk modeling in ArchiMate diagram. Risk value „calculator“ according to a preset methodology (VoKB, OWASP).
Security measures
Creating a risk management plan. Resources, people, deadlines, method of implementation, etc. Generating a statement of applicability. Overview of introduced and excluded measures according to VoKB, ISO/IEC 27001:2022.
Security documentation
Keeping documentation in accordance with Annex No. 5 to Decree No. 82/2018 Coll. Automatic generation of documents and their versioning. Review, approval and electronic signature by committee members, asset guarantors, etc. Custom templates and document content.
Integration to surrounding systems
Current information from operational monitoring (MS SCOM) and security monitoring (SIEM) can be displayed for the selected asset, which enables a quick assessment of the impact of a cyber security event/incident. The related configuration items and their attributes from the CMDB can be displayed for the selected asset. Overview of events, incidents and asset changes from the ticketing system.
Key features
Segment focus
Security management not only of the organization’s information assets, but also covers the processes of selected segments such as healthcare or public administration
On-premise / SaaS
For risk management of critical information infrastructure, it is possible to install on-premise. For others, the SaaS can be an option. Delivery including CMDB and ITSM modules (ServiceDesk) or integration into existing systems. Optionally expandable with other relevant editions of FaMa+ (medical devices, electronic circulation of documents).
Easy integration
Easy integration via SOAP/REST API to CMDB, ticketing system, operational and security monitoring. Linkable to CASE tools via The Open Group ArchiMate Model Exchange File Format.
Compliance and standards
ISO/IEC 27001:2022, decree no. 82/2018 Coll. (VoKB), EU Directive 2022/2555 (NIS2), ArchiMate v3.2 (import or export in The Open Group ArchiMate Model Exchange File Format), NÚKIB report in XML format.
Customization options
Customization of dashboards. Flexibility to save own form layouts, sorting and filters. Option to set your own workflow. Editing output report templates. Custom application roles. Setting the logging scope.
Security
On-premise operation at the customer site. Multi-factor authentication / SSO. Role-based access control and data-based access control (conditions). Audit records. Tested according to OWASP ASVS.
Automatic notifications
Automatic SMS and e-mail messages linked to a specific event and responsible person. Link to workflow status change. Customizing message content.
Responsive design
The application page is always appropriately laid out according to the screen size (PC, mobile device, portrait/landscape).
Electronic circulation of documents
The option to comment on approved documents in the embedded PDF browser. Setting up your own workflow and approving documents. Support for guaranteed and qualified electronic signature according to EIDAS.
Information security management system technology
The FaMa+ ISMS (KyberMan) information security management software architecture is designed as three-layered, where the individual layers are mutually integrated into a functional unit:
Presentation layer
Application layer
Data Layer
The Kyberman tool can be integrated with these FaMa+ editions
Operation of hospitals
Today’s advanced medical devices (such as analyzers, X-rays…) are devices connected to an internal network. Linking Kyberman with Medical Device Registry will enable cyber risk management even in this information-critical area of hospitals.
Electronic circulation of documents
Generated documents of security documentation can be published to designated groups of recipients via the Electronic Circulation of Documents, control their access to the documents, notify them and check the familiarization.
Process and data integration
Integration via SOAP/REST web services will enable the integration of KyberMan with the existing ticketing system, configuration database, operational and security monitoring. The CS manager will thus obtain an up-to-date and comprehensive overview of the immediate state of security assets (ongoing event/incident), as well as the history (e.g. for evaluating the effectiveness of implemented measures, assessing changes with an impact on CS, etc.)