Cyrisma Mitigation Review Process

Overview 

This article outlines the process for reviewing a Cyrisma mitigation plan. Cyrisma is a CCSI SIEM tool utilized to improve organizational security.

Instructions

• Access the CCSI Cyrisma site.
• Enter the credentials provided to you by CCSI IT and click "Login":
  • 
• Click "Close" on the Cyrisma usage warning:
  • 
• Locate your assigned mitigation plan and select the "Details View" button on the right hand side:
  • 
• Review each item individually by clicking the "Review & Perform an Action" button on the right hand side:
  • 
• Review the item details:
  • Note the following:
    • File Name
    • Location - Where the file is stored.
    • Sensitive Data Type - Data type classification.
    • Context Found - The exact data identified by the scan.
  • After the item has been reviewed select the "Actions to be Taken" drop down and select one of the following:
    • Mark as False Positive - Use this if the context found does not match the sensitive data type.
    • Move to a Secure Location - Use this if the file has been moved off the device/workstation to another location (not copied).
    • Delete - Use this if the file/item has been deleted.
  • Select the "Submit Button"
  • 
• Repeat these steps until all identified items are mitigated and the plan is 100% complete.
• Notify CCSI IT if there are any questions or concerns.