Quantibly — Q Companion

Priority: Detroit ransomware response is in containment, 47 case workers remain overdue on HIPAA training, and DOL grant evidence has 34 days remaining.

Security Score

72/100

Elevated

Open Incidents

1 critical

MFA Coverage

81%

Volunteers at 54%

Grant Compliance

81%

HHS, DOL, HIPAA mix

Threat and Incident Trend

Exposure Mix

Executive Signals

Detroit ransomware attemptCritical

DOL grant review in 34 daysAudit

Volunteer MFA gapAccess

Morning Actions

Now

Authorize HHS breach notification assessment

Today

Deploy HIPAA training to overdue case workers

This week

Close DOL access-control evidence gaps

Sources

Deep Dive Workspace

Morning brief

Detroit response is time-sensitive. HIPAA training and DOL evidence closure remain the next strongest risk reducers.

I can synthesize incidents, compliance gaps, field safety exposure, and board-ready summaries from your security data.

Risk Register

Risk	Owner	Appetite	Status	Next Action
R-007 Detroit Ransomware	CISO	Above	Critical	HHS notification assessment
R-003 Volunteer MFA Gap	IT Admin	Above	Elevated	MFA enforcement campaign
R-012 DOL Access Control Evidence	Compliance Mgr	Above	Elevated	Complete evidence package

Overdue Check-ins

2 remote service sites

Travel Flags

1 risk score 82

Safety Coverage

89%

Location pulse active

Data Protection Snapshot

Beneficiary records on affected server847

Case worker notes protection74%

Outstanding DPIAs4

Compliance by Framework

HHS (2 CFR 200)84%

DOL (FISMA)76%

HIPAA79%

Incident Command

Incident	Phase	Owner	Clock	Status
INC-2026-0089 Detroit Ransomware	Containing	Amir Patel	6h into 72h window	Critical
Mobile device compromise investigation	Analyzing	Security Officer	12h	Open
Backup integrity alert	Mitigating	IT Admin	1d	Stable

Access Governance

Dormant accounts47

MFA enabled81%

Volunteer MFA54%

Training Compliance

Overall compliance78%

HIPAA overdue learners47

CISA phishing training92%

Threat Intelligence Feed

CISA nonprofit ransomware campaignMatched

Critical CVEs pending2

Case management software advisoryWatch

Audit & Evidence

Artifact	Framework	Status	Next Step
Post-Incident Review — Detroit	HIPAA / HHS	Drafted	Review and approve
DOL Access Control Evidence	DOL	Gap	Upload 9 items
Business Continuity Test Evidence	NIST	Outdated	Schedule DR test

Beneficiary Records Protected

124K

Grant Value Protected

$13M

Security ROI

$10.8x

Tab Visibility & Order

InsightsLocked / Visible

Deep DiveVisible

ImpactVisible

Alert Thresholds & Escalation Rules

P1 IncidentImmediate to CISO + ED

Staff overdue check-in1h delay, 4h escalate

Connected Systems

Microsoft TeamsConnected

Google WorkspaceConnected

SIEM IntegrationEnterprise plan

Roles & Permissions

CISO (Admin)Full access

Compliance ManagerCompliance + Audit

Field DirectorField Safety

Recent Setting Changes

Alert Threshold — Risk Score80 → 85

P1 Escalation Delay1h → 30m

Agent Q

Security Intelligence Assistant

Good morning Marcus. The Detroit office ransomware attempt is contained, but your highest funding risk this week is still the HIPAA training gap.

What is your first priority this morning?