The shift from reactive reporting to real-time oversight with the CISO platform
As regulatory scrutiny and board-level accountability intensify, security leaders turn to the platform of record - Panaseer - to gain continuous visibility into control performance, bringing clarity to cyber risk, putting continuous compliance into action, and reducing manual reporting.
London UK, 15 July 2025 – There’s a growing paradox at the heart of modern cybersecurity: Chief Information Security Officers (CISOs) are increasingly being held personally accountable for protecting the enterprise, but lack clear visibility and evidence into whether the controls designed to protect are working.
One of the interesting dichotomies to the CISO role is that you've got absolute accountability for the security of your organization, but you only actually manage a small portion of the technology and business processes that make up your organization.
Oli Newbury
Non-executive board director at Panaseer
“It's absolute accountability, but with quite small responsibility. And so, the challenge for a CISO is, how do you build a coalition of the willing around the importance of cyber risk management throughout the organization? How do you hold others to account for doing that better? How do you make sure it's a top organizational priority? Because without that, you will ultimately fail.”
For years, CISOs have relied on static spreadsheets and fragmented reports to provide security assurance. As cyber threats increase and regulation tightens, this approach no longer scales. Research from Panaseer, based on a survey of 400 security leaders across the UK and US, found that 61% of organizations experienced a security breach in 2024 due to failed or ineffective controls. Meanwhile, 85% of CISOs report increased scrutiny from boards, yet just 55% trust the data they must use to brief senior stakeholders.
Panaseer expands Continuous Controls Monitoring (CCM) CISO platform
To close this visibility gap, Panaseer has invested in its Continuous Controls Monitoring (CCM) platform. over the past 12 months, it has been increasingly known as The CISO's Platform. Designed to provide automated, real-time oversight of control performance across critical cybersecurity domains, Panaseer has expanded the platform’s reporting and insight functionality, with features such as scorecards, framework mapping and compound risk metrics, to keep pace with the evolving role of the CISO.
Rather than rely on siloed, point-in-time data from existing toolsets, the platform continuously validates control effectiveness across cybersecurity domains, surfacing the evidence CISOs need to answer fundamental security questions: Which controls are working (and which aren’t), where is risk accumulating and how can we mitigate it, what’s our compliance status, and what’s the right course of action with the resource available?
“There is always a lot of focus on controls. They are obviously hugely important. But there’s less of a focus on how all those controls are working and how, in aggregate, everything’s performing. As a CISO, I was working with teams to cut spreadsheets, PowerPoint decks, and just cranking data to get a view of how everything’s performing,” describes Oli.
“What I needed was an automated, out-of-the-box platform that provides visibility and oversight. When you think about the different platforms each of the executives in a company really relies on, traditionally, the CISO didn’t have a platform. Panaseer is now that platform, with the management and governance CISOs can rely on.”
Boardroom questions demand better answers
The need for accurate, timely controls assurance has moved from an operational concern to a fundamental challenge for CISOs. According to Panaseer, 90% of security leaders say they’re being asked to provide more proof of control effectiveness than ever before, yet 71% believe they could prevent more breaches if they spent less time on manual reporting.
Panaseer CEO Jonathan Gill comments, “CISOs are spending millions on controls they can’t see, can’t validate, and ultimately can’t rely on. Panaseer was built to flip that script - to give CISOs the operational truth they need to lead with confidence at an executive level. Every other C-suite role has a platform that provides the visibility and insight they need to lead and govern - finally, the CISO has a platform too.”
Bringing oversight to the office of the CISO
With Oli Newbury now supporting Panaseer in a Non-Executive Director capacity, the company continues to deepen its insight into the evolving role of the CISO, as many transition from risk taker to business enabler.
“The question every CISO has heard from the board – ‘Are we secure?’ – is impossible to answer without validated evidence,” explains Oli. “But with a platform that provides the proof and evidence that CISOs have long craved, you stop managing board perception and start managing reality. If you are going to be effective in an organization, you’ve got to bring the organization with you – and CISOs can only do that with an integrated view of what’s happening.”
About Panaseer
Panaseer is an enterprise cybersecurity company that helps organizations improve their security posture by continuously measuring whether controls are fully deployed and working effectively. It has been recognized by the World Economic Forum as a Technology Pioneer helping to solve the world’s most pressing issues.
Panaseer’s CCM platform gives CISOs a true picture of their security posture by measuring the performance of their cybersecurity defenses against established frameworks and regulations. This enables them to take targeted action to reduce cyber risk and provide accurate data to stakeholders and regulators. CCM also drives more efficient use of resources through automated processes and improved prioritization.
Related press & awards
