We now have our defense and alerting layers in place. The next obvious step is to present this to our stakeholders. There are various stakeholders interested in knowing the state of our information and cyber security. These are also called Interested Parties (a term coined by the ISO organization for the various standards and frameworks used). 
The various stakeholders interested in our status are our 

• Leadership and Senior Management
• Customers
• Suppliers
• Regulators
• Employees

 to name a few. These are high level categories and as a CISO, you should try to identify the different groups and their expectations. This will help us in identifying the various security controls and alerts required, and some of the alerts can be generated and passed onto the stakeholders directly as well so that they are aware of incidents happening. Transparency in these situations always helps, and certain conditions force you to have a greater level of transparency than the regular ones, and this is ok.

The flow described in this season can be used by in either of the below situations:

·       you and work standalone/ 

·       work with a consultant/expert 

·       can be used to run the show via the Arrka Privacy Management Platform (both for Security and Privacy). 

Dashboards are customisable and configurable in the Arrka Platform for various stakeholders to view and relate to the results.

For details, reach out to us on [email protected]; [email protected]; twitter: sameeranja, twitter: arrka2; Give a reference of this cast and avail credits on the platform usage and subscription. The Arrka Platform is made by SMB and for the SMB.