About Risk Management
Risk Management in Skyhigh CASB includes an overview of the risks associated with the discovered services, including a graphical representation of the risk percentages of high, medium, and low-risk services.
The Risk Management page allows you to customize the weights assigned to the Risk Attributes associated with any cloud service. You can change weights at an attribute or a category level, impacting how risk scores for cloud services are calculated. Any change impacts the scoring of all cloud services. The Risk Management page also provides a chart showing the number of services used in your organization that are high, medium, or low risk.
To access this page, go to Governance > Risk Management.
You can also access this page from the Services page. Select a Service, and from the Services Details page, click Actions > Edit Global Risk Weighting.
With the Skyhigh CASB 5.3.2 release, the default risk weight for the Cyber Risk category has changed. The Cyber Risk category has now been allocated five percent points to the overall Risk Category Weight (the other 5 categories' weights are now reduced by one percent point each). For details on each available Risk Category and Risk Category Weight distribution, see:
| S.No | Risk Category | Risk Category Weight |
|---|---|---|
|
|
Data Risk Management | 22% |
|
|
User and Device Risk Management | 22% |
|
|
Service Risk Management | 20% |
|
|
Business Risk Management | 18% |
|
|
Legal Risk Management | 13% |
|
|
Cyber Risk Management | 5% |
This change in the Risk Category Weight distribution impacts the risk score computation of all the CSPs. Some CSPs moved from Low to Medium and some moved from Medium to Low. To view the list of CSPs impacted, see the List of CSPs impacted. If you are using the CLR functionality to automatically block high-risk services (or any other criteria that depends on the risk score of the CSPs), anticipate a change in the count of CSPs getting blocked or unblocked as a result of the change in risk scores of these CSPs.