runbooks 1.1.3__py3-none-any.whl → 1.1.5__py3-none-any.whl

runbooks/security/executive_security_dashboard.py

@@ -52,38 +52,38 @@ from runbooks.common.rich_utils import (
 
 class SecurityMaturityLevel(Enum):
     """Security maturity levels for executive reporting."""
-    
-    INITIAL = "INITIAL"           # Ad-hoc security measures
-    MANAGED = "MANAGED"           # Basic security controls implemented
-    DEFINED = "DEFINED"          # Documented security processes  
+
+    INITIAL = "INITIAL"  # Ad-hoc security measures
+    MANAGED = "MANAGED"  # Basic security controls implemented
+    DEFINED = "DEFINED"  # Documented security processes
     QUANTITATIVELY_MANAGED = "QUANTITATIVELY_MANAGED"  # Metrics-driven security
-    OPTIMIZING = "OPTIMIZING"    # Continuous improvement culture
+    OPTIMIZING = "OPTIMIZING"  # Continuous improvement culture
 
 
 class RiskAppetite(Enum):
     """Business risk appetite levels."""
-    
-    VERY_LOW = "VERY_LOW"      # Risk-averse, maximum security
-    LOW = "LOW"                # Conservative approach
-    MODERATE = "MODERATE"      # Balanced risk/reward
-    HIGH = "HIGH"              # Aggressive growth, calculated risks
-    VERY_HIGH = "VERY_HIGH"    # Maximum risk tolerance
+
+    VERY_LOW = "VERY_LOW"  # Risk-averse, maximum security
+    LOW = "LOW"  # Conservative approach
+    MODERATE = "MODERATE"  # Balanced risk/reward
+    HIGH = "HIGH"  # Aggressive growth, calculated risks
+    VERY_HIGH = "VERY_HIGH"  # Maximum risk tolerance
 
 
 class BusinessImpactCategory(Enum):
     """Categories of business impact from security events."""
-    
-    FINANCIAL = "FINANCIAL"           # Direct monetary impact
-    OPERATIONAL = "OPERATIONAL"       # Business operations disruption
-    REPUTATIONAL = "REPUTATIONAL"     # Brand and customer trust impact
-    REGULATORY = "REGULATORY"         # Compliance and legal consequences
-    STRATEGIC = "STRATEGIC"          # Long-term strategic implications
+
+    FINANCIAL = "FINANCIAL"  # Direct monetary impact
+    OPERATIONAL = "OPERATIONAL"  # Business operations disruption
+    REPUTATIONAL = "REPUTATIONAL"  # Brand and customer trust impact
+    REGULATORY = "REGULATORY"  # Compliance and legal consequences
+    STRATEGIC = "STRATEGIC"  # Long-term strategic implications
 
 
 @dataclass
 class ExecutiveSecurityMetric:
     """Executive-level security metric with business context."""
-    
+
     metric_name: str
     current_value: float
     target_value: float
@@ -99,7 +99,7 @@ class ExecutiveSecurityMetric:
 @dataclass
 class ComplianceFrameworkStatus:
     """Status of compliance with specific framework."""
-    
+
     framework_name: str
     compliance_percentage: float
     target_percentage: float
@@ -117,7 +117,7 @@ class ComplianceFrameworkStatus:
 @dataclass
 class SecurityInvestmentROI:
     """Return on investment analysis for security initiatives."""
-    
+
     investment_name: str
     total_investment: float
     annual_operational_cost: float
@@ -135,7 +135,7 @@ class SecurityInvestmentROI:
 @dataclass
 class SecurityIncidentExecutiveSummary:
     """Executive summary of security incidents and response."""
-    
+
     reporting_period: str
     total_incidents: int
     critical_incidents: int
@@ -152,34 +152,34 @@ class SecurityIncidentExecutiveSummary:
 @dataclass
 class ExecutiveSecurityReport:
     """Comprehensive executive security report."""
-    
+
     report_id: str
     reporting_period: str
     generation_timestamp: datetime
-    
+
     # Executive Summary
     overall_security_posture_score: float  # 0-100
     security_maturity_level: SecurityMaturityLevel
     risk_appetite_alignment: float  # How well current posture aligns with risk appetite
-    
+
     # Key Metrics
     key_security_metrics: List[ExecutiveSecurityMetric]
     compliance_status: List[ComplianceFrameworkStatus]
     security_investments: List[SecurityInvestmentROI]
     incident_summary: SecurityIncidentExecutiveSummary
-    
+
     # Business Impact
     total_security_investment: float
     annual_security_roi: float
     risk_reduction_achieved: float
     cost_avoidance_realized: float
-    
+
     # Strategic Insights
     top_security_priorities: List[str]
     emerging_threats: List[str]
     industry_benchmark_comparison: Dict[str, float]
     board_recommendations: List[str]
-    
+
     # Operational Excellence
     automation_percentage: float
     team_efficiency_metrics: Dict[str, float]
@@ -190,10 +190,10 @@ class ExecutiveSecurityDashboard:
     """
     Executive Security Dashboard - C-Suite Security Intelligence
     ===========================================================
-    
+
     Provides business-focused security metrics, compliance reporting, and strategic
     security insights designed specifically for executive and board-level visibility.
-    
+
     Executive Features:
     - Business risk quantification with financial impact analysis
     - Multi-framework compliance status with audit readiness scores
@@ -204,29 +204,29 @@ class ExecutiveSecurityDashboard:
     """
 
     def __init__(
-        self, 
-        profile: str = "default", 
+        self,
+        profile: str = "default",
         output_dir: str = "./artifacts/executive-security",
-        risk_appetite: RiskAppetite = RiskAppetite.MODERATE
+        risk_appetite: RiskAppetite = RiskAppetite.MODERATE,
     ):
         self.profile = profile
         self.output_dir = Path(output_dir)
         self.output_dir.mkdir(parents=True, exist_ok=True)
         self.risk_appetite = risk_appetite
-        
+
         # Initialize management session for organization-level visibility
         self.session = self._create_secure_session()
-        
+
         # Executive metrics collection
         self.metrics_collector = ExecutiveMetricsCollector(self.session)
         self.compliance_analyzer = ComplianceStatusAnalyzer(self.session)
         self.roi_calculator = SecurityROICalculator()
         self.benchmark_analyzer = IndustryBenchmarkAnalyzer()
-        
+
         # Report generation components
         self.report_generator = ExecutiveReportGenerator(self.output_dir)
         self.visualization_engine = SecurityVisualizationEngine()
-        
+
         print_header("Executive Security Dashboard", "1.0.0")
         print_info(f"Profile: {profile}")
         print_info(f"Risk appetite: {risk_appetite.value}")
@@ -235,47 +235,44 @@ class ExecutiveSecurityDashboard:
     def _create_secure_session(self) -> boto3.Session:
         """Create secure management session for executive reporting."""
         try:
-            session = create_management_session(profile=self.profile)
-            
+            session = create_management_session(profile_name=self.profile)
+
             # Validate organization access for executive reporting
             try:
-                organizations = session.client('organizations')
+                organizations = session.client("organizations")
                 org_info = organizations.describe_organization()
                 print_success(f"Executive reporting scope: Organization {org_info['Organization']['Id']}")
             except ClientError as e:
                 print_warning(f"Limited organization access: {str(e)}")
-            
+
             sts_client = session.client("sts")
             identity = sts_client.get_caller_identity()
-            
+
             print_info(f"Executive session established for: {identity.get('Arn', 'Unknown')}")
             return session
-            
+
         except Exception as e:
             print_error(f"Failed to establish executive session: {str(e)}")
             raise
 
     async def generate_executive_security_report(
-        self,
-        reporting_period: str = "monthly",
-        include_benchmarks: bool = True,
-        board_presentation: bool = False
+        self, reporting_period: str = "monthly", include_benchmarks: bool = True, board_presentation: bool = False
     ) -> ExecutiveSecurityReport:
         """
         Generate comprehensive executive security report for C-suite consumption.
-        
+
         Args:
             reporting_period: Reporting period (monthly, quarterly, annual)
             include_benchmarks: Include industry benchmark analysis
             board_presentation: Generate board-ready presentation materials
-            
+
         Returns:
             ExecutiveSecurityReport with comprehensive business-focused metrics
         """
-        
+
         report_id = f"executive-security-{reporting_period}-{int(time.time())}"
         start_time = datetime.utcnow()
-        
+
         console.print(
             create_panel(
                 f"[bold cyan]Executive Security Report Generation[/bold cyan]\n\n"
@@ -287,48 +284,42 @@ class ExecutiveSecurityDashboard:
                 border_style="cyan",
             )
         )
-        
+
         # Collect executive-level security metrics
         print_info("Collecting executive security metrics...")
         key_security_metrics = await self._collect_key_security_metrics()
-        
+
         # Analyze compliance status across frameworks
         print_info("Analyzing compliance framework status...")
         compliance_status = await self._analyze_compliance_status()
-        
+
         # Calculate security investment ROI
         print_info("Calculating security investment ROI...")
         security_investments = await self._analyze_security_investments()
-        
+
         # Generate incident executive summary
         print_info("Analyzing security incidents...")
         incident_summary = await self._generate_incident_summary(reporting_period)
-        
+
         # Calculate overall security posture
         overall_posture_score = self._calculate_overall_security_posture(
             key_security_metrics, compliance_status, incident_summary
         )
-        
+
         # Determine security maturity level
-        maturity_level = self._assess_security_maturity(
-            key_security_metrics, compliance_status, security_investments
-        )
-        
+        maturity_level = self._assess_security_maturity(key_security_metrics, compliance_status, security_investments)
+
         # Analyze risk appetite alignment
-        risk_alignment = self._analyze_risk_appetite_alignment(
-            overall_posture_score, incident_summary
-        )
-        
+        risk_alignment = self._analyze_risk_appetite_alignment(overall_posture_score, incident_summary)
+
         # Calculate business impact metrics
-        business_metrics = self._calculate_business_impact_metrics(
-            security_investments, incident_summary
-        )
-        
+        business_metrics = self._calculate_business_impact_metrics(security_investments, incident_summary)
+
         # Generate strategic insights
         strategic_insights = await self._generate_strategic_insights(
             key_security_metrics, compliance_status, include_benchmarks
         )
-        
+
         # Create comprehensive executive report
         executive_report = ExecutiveSecurityReport(
             report_id=report_id,
@@ -342,273 +333,299 @@ class ExecutiveSecurityDashboard:
             security_investments=security_investments,
             incident_summary=incident_summary,
             **business_metrics,
-            **strategic_insights
+            **strategic_insights,
         )
-        
+
         # Generate visualizations and presentations
         if board_presentation:
             await self._generate_board_presentation(executive_report)
-        
+
         # Export comprehensive report
         await self._export_executive_report(executive_report)
-        
+
         # Display executive summary
         self._display_executive_summary(executive_report)
-        
+
         return executive_report
 
     async def _collect_key_security_metrics(self) -> List[ExecutiveSecurityMetric]:
         """Collect key security metrics for executive reporting."""
-        
+
         metrics = []
-        
+
         # Security Posture Score
         current_posture = await self.metrics_collector.get_security_posture_score()
-        metrics.append(ExecutiveSecurityMetric(
-            metric_name="Overall Security Posture",
-            current_value=current_posture,
-            target_value=90.0,
-            trend="improving" if current_posture > 85 else "stable",
-            business_impact="Directly correlates to cyber insurance rates and regulatory compliance",
-            last_updated=datetime.utcnow(),
-            benchmark_comparison={"Industry Average": 78.0, "Best in Class": 95.0},
-            executive_summary=f"Current security posture at {current_posture:.1f}%, targeting 90%+ for optimal risk management"
-        ))
-        
+        metrics.append(
+            ExecutiveSecurityMetric(
+                metric_name="Overall Security Posture",
+                current_value=current_posture,
+                target_value=90.0,
+                trend="improving" if current_posture > 85 else "stable",
+                business_impact="Directly correlates to cyber insurance rates and regulatory compliance",
+                last_updated=datetime.utcnow(),
+                benchmark_comparison={"Industry Average": 78.0, "Best in Class": 95.0},
+                executive_summary=f"Current security posture at {current_posture:.1f}%, targeting 90%+ for optimal risk management",
+            )
+        )
+
         # Mean Time to Detection (MTTD)
         mttd_hours = await self.metrics_collector.get_mean_time_to_detection()
-        metrics.append(ExecutiveSecurityMetric(
-            metric_name="Mean Time to Detection (MTTD)",
-            current_value=mttd_hours,
-            target_value=4.0,  # Target: 4 hours
-            trend="improving" if mttd_hours < 6 else "declining",
-            business_impact="Faster detection reduces breach impact and regulatory penalties",
-            last_updated=datetime.utcnow(),
-            benchmark_comparison={"Industry Average": 12.0, "Best in Class": 2.0},
-            action_required=mttd_hours > 8,
-            executive_summary=f"Current detection time {mttd_hours:.1f} hours, industry leading practices achieve <4 hours"
-        ))
-        
+        metrics.append(
+            ExecutiveSecurityMetric(
+                metric_name="Mean Time to Detection (MTTD)",
+                current_value=mttd_hours,
+                target_value=4.0,  # Target: 4 hours
+                trend="improving" if mttd_hours < 6 else "declining",
+                business_impact="Faster detection reduces breach impact and regulatory penalties",
+                last_updated=datetime.utcnow(),
+                benchmark_comparison={"Industry Average": 12.0, "Best in Class": 2.0},
+                action_required=mttd_hours > 8,
+                executive_summary=f"Current detection time {mttd_hours:.1f} hours, industry leading practices achieve <4 hours",
+            )
+        )
+
         # Mean Time to Remediation (MTTR)
         mttr_hours = await self.metrics_collector.get_mean_time_to_remediation()
-        metrics.append(ExecutiveSecurityMetric(
-            metric_name="Mean Time to Remediation (MTTR)",
-            current_value=mttr_hours,
-            target_value=24.0,  # Target: 24 hours
-            trend="stable",
-            business_impact="Faster remediation minimizes business disruption and data loss",
-            last_updated=datetime.utcnow(),
-            benchmark_comparison={"Industry Average": 48.0, "Best in Class": 12.0},
-            executive_summary=f"Current remediation time {mttr_hours:.1f} hours, targeting <24 hours for critical issues"
-        ))
-        
+        metrics.append(
+            ExecutiveSecurityMetric(
+                metric_name="Mean Time to Remediation (MTTR)",
+                current_value=mttr_hours,
+                target_value=24.0,  # Target: 24 hours
+                trend="stable",
+                business_impact="Faster remediation minimizes business disruption and data loss",
+                last_updated=datetime.utcnow(),
+                benchmark_comparison={"Industry Average": 48.0, "Best in Class": 12.0},
+                executive_summary=f"Current remediation time {mttr_hours:.1f} hours, targeting <24 hours for critical issues",
+            )
+        )
+
         # Security Automation Percentage
         automation_percentage = await self.metrics_collector.get_automation_percentage()
-        metrics.append(ExecutiveSecurityMetric(
-            metric_name="Security Automation Rate",
-            current_value=automation_percentage,
-            target_value=80.0,
-            trend="improving",
-            business_impact="Higher automation reduces operational costs and human error",
-            last_updated=datetime.utcnow(),
-            benchmark_comparison={"Industry Average": 45.0, "Best in Class": 85.0},
-            executive_summary=f"{automation_percentage:.1f}% of security operations automated, targeting 80%+ for optimal efficiency"
-        ))
-        
+        metrics.append(
+            ExecutiveSecurityMetric(
+                metric_name="Security Automation Rate",
+                current_value=automation_percentage,
+                target_value=80.0,
+                trend="improving",
+                business_impact="Higher automation reduces operational costs and human error",
+                last_updated=datetime.utcnow(),
+                benchmark_comparison={"Industry Average": 45.0, "Best in Class": 85.0},
+                executive_summary=f"{automation_percentage:.1f}% of security operations automated, targeting 80%+ for optimal efficiency",
+            )
+        )
+
         # Vulnerability Management Efficiency
         vulnerability_coverage = await self.metrics_collector.get_vulnerability_coverage()
-        metrics.append(ExecutiveSecurityMetric(
-            metric_name="Vulnerability Coverage",
-            current_value=vulnerability_coverage,
-            target_value=95.0,
-            trend="stable",
-            business_impact="Comprehensive vulnerability management reduces attack surface",
-            last_updated=datetime.utcnow(),
-            benchmark_comparison={"Industry Average": 75.0, "Best in Class": 98.0},
-            executive_summary=f"{vulnerability_coverage:.1f}% vulnerability coverage across infrastructure"
-        ))
-        
+        metrics.append(
+            ExecutiveSecurityMetric(
+                metric_name="Vulnerability Coverage",
+                current_value=vulnerability_coverage,
+                target_value=95.0,
+                trend="stable",
+                business_impact="Comprehensive vulnerability management reduces attack surface",
+                last_updated=datetime.utcnow(),
+                benchmark_comparison={"Industry Average": 75.0, "Best in Class": 98.0},
+                executive_summary=f"{vulnerability_coverage:.1f}% vulnerability coverage across infrastructure",
+            )
+        )
+
         # Security Training Effectiveness
         training_effectiveness = await self.metrics_collector.get_security_training_effectiveness()
-        metrics.append(ExecutiveSecurityMetric(
-            metric_name="Security Awareness Training Effectiveness",
-            current_value=training_effectiveness,
-            target_value=85.0,
-            trend="improving",
-            business_impact="Effective training reduces human-error based security incidents",
-            last_updated=datetime.utcnow(),
-            benchmark_comparison={"Industry Average": 65.0, "Best in Class": 90.0},
-            executive_summary=f"{training_effectiveness:.1f}% training effectiveness, human error incidents reduced by 40%"
-        ))
-        
+        metrics.append(
+            ExecutiveSecurityMetric(
+                metric_name="Security Awareness Training Effectiveness",
+                current_value=training_effectiveness,
+                target_value=85.0,
+                trend="improving",
+                business_impact="Effective training reduces human-error based security incidents",
+                last_updated=datetime.utcnow(),
+                benchmark_comparison={"Industry Average": 65.0, "Best in Class": 90.0},
+                executive_summary=f"{training_effectiveness:.1f}% training effectiveness, human error incidents reduced by 40%",
+            )
+        )
+
         return metrics
 
     async def _analyze_compliance_status(self) -> List[ComplianceFrameworkStatus]:
         """Analyze compliance status across multiple frameworks."""
-        
+
         compliance_statuses = []
-        
+
         # SOC 2 Compliance
         soc2_score = await self.compliance_analyzer.get_soc2_compliance_score()
-        compliance_statuses.append(ComplianceFrameworkStatus(
-            framework_name="SOC 2 Type II",
-            compliance_percentage=soc2_score,
-            target_percentage=100.0,
-            last_assessment=datetime.utcnow() - timedelta(days=30),
-            next_assessment=datetime.utcnow() + timedelta(days=335),  # Annual
-            gaps_identified=5 if soc2_score < 100 else 0,
-            gaps_remediated=15,
-            estimated_remediation_cost=75000.0,
-            business_risk_if_non_compliant="Loss of enterprise customers, $2M+ annual revenue impact",
-            audit_readiness_score=soc2_score,
-            certification_status="certified" if soc2_score >= 95 else "pending",
-            key_findings=[
-                "Access controls implementation excellent",
-                "Logging and monitoring fully compliant", 
-                "Minor gaps in incident response documentation"
-            ]
-        ))
-        
+        compliance_statuses.append(
+            ComplianceFrameworkStatus(
+                framework_name="SOC 2 Type II",
+                compliance_percentage=soc2_score,
+                target_percentage=100.0,
+                last_assessment=datetime.utcnow() - timedelta(days=30),
+                next_assessment=datetime.utcnow() + timedelta(days=335),  # Annual
+                gaps_identified=5 if soc2_score < 100 else 0,
+                gaps_remediated=15,
+                estimated_remediation_cost=75000.0,
+                business_risk_if_non_compliant="Loss of enterprise customers, $2M+ annual revenue impact",
+                audit_readiness_score=soc2_score,
+                certification_status="certified" if soc2_score >= 95 else "pending",
+                key_findings=[
+                    "Access controls implementation excellent",
+                    "Logging and monitoring fully compliant",
+                    "Minor gaps in incident response documentation",
+                ],
+            )
+        )
+
         # PCI DSS Compliance (if applicable)
         pci_score = await self.compliance_analyzer.get_pci_dss_compliance_score()
         if pci_score > 0:  # Only include if PCI applies
-            compliance_statuses.append(ComplianceFrameworkStatus(
-                framework_name="PCI DSS",
-                compliance_percentage=pci_score,
-                target_percentage=100.0,
-                last_assessment=datetime.utcnow() - timedelta(days=90),
-                next_assessment=datetime.utcnow() + timedelta(days=275),  # Quarterly
-                gaps_identified=3 if pci_score < 100 else 0,
-                gaps_remediated=8,
-                estimated_remediation_cost=125000.0,
-                business_risk_if_non_compliant="Unable to process payments, business operations halt",
-                audit_readiness_score=pci_score,
-                certification_status="certified" if pci_score >= 98 else "pending",
-                key_findings=[
-                    "Payment data encryption fully implemented",
-                    "Network segmentation meets requirements",
-                    "Vulnerability scanning program operational"
-                ]
-            ))
-        
+            compliance_statuses.append(
+                ComplianceFrameworkStatus(
+                    framework_name="PCI DSS",
+                    compliance_percentage=pci_score,
+                    target_percentage=100.0,
+                    last_assessment=datetime.utcnow() - timedelta(days=90),
+                    next_assessment=datetime.utcnow() + timedelta(days=275),  # Quarterly
+                    gaps_identified=3 if pci_score < 100 else 0,
+                    gaps_remediated=8,
+                    estimated_remediation_cost=125000.0,
+                    business_risk_if_non_compliant="Unable to process payments, business operations halt",
+                    audit_readiness_score=pci_score,
+                    certification_status="certified" if pci_score >= 98 else "pending",
+                    key_findings=[
+                        "Payment data encryption fully implemented",
+                        "Network segmentation meets requirements",
+                        "Vulnerability scanning program operational",
+                    ],
+                )
+            )
+
         # HIPAA Compliance (if applicable)
         hipaa_score = await self.compliance_analyzer.get_hipaa_compliance_score()
         if hipaa_score > 0:  # Only include if HIPAA applies
-            compliance_statuses.append(ComplianceFrameworkStatus(
-                framework_name="HIPAA",
-                compliance_percentage=hipaa_score,
-                target_percentage=100.0,
-                last_assessment=datetime.utcnow() - timedelta(days=60),
-                next_assessment=datetime.utcnow() + timedelta(days=305),  # Annual
-                gaps_identified=2 if hipaa_score < 100 else 0,
-                gaps_remediated=6,
-                estimated_remediation_cost=95000.0,
-                business_risk_if_non_compliant="Healthcare operations suspended, $5M+ fines possible",
-                audit_readiness_score=hipaa_score,
-                certification_status="certified" if hipaa_score >= 95 else "pending",
-                key_findings=[
-                    "PHI encryption and access controls compliant",
-                    "Audit trail systems fully operational",
-                    "Business associate agreements current"
-                ]
-            ))
-        
+            compliance_statuses.append(
+                ComplianceFrameworkStatus(
+                    framework_name="HIPAA",
+                    compliance_percentage=hipaa_score,
+                    target_percentage=100.0,
+                    last_assessment=datetime.utcnow() - timedelta(days=60),
+                    next_assessment=datetime.utcnow() + timedelta(days=305),  # Annual
+                    gaps_identified=2 if hipaa_score < 100 else 0,
+                    gaps_remediated=6,
+                    estimated_remediation_cost=95000.0,
+                    business_risk_if_non_compliant="Healthcare operations suspended, $5M+ fines possible",
+                    audit_readiness_score=hipaa_score,
+                    certification_status="certified" if hipaa_score >= 95 else "pending",
+                    key_findings=[
+                        "PHI encryption and access controls compliant",
+                        "Audit trail systems fully operational",
+                        "Business associate agreements current",
+                    ],
+                )
+            )
+
         # AWS Well-Architected Security Pillar
         aws_wa_score = await self.compliance_analyzer.get_aws_well_architected_score()
-        compliance_statuses.append(ComplianceFrameworkStatus(
-            framework_name="AWS Well-Architected Security",
-            compliance_percentage=aws_wa_score,
-            target_percentage=90.0,
-            last_assessment=datetime.utcnow() - timedelta(days=14),
-            next_assessment=datetime.utcnow() + timedelta(days=76),  # Quarterly
-            gaps_identified=8 if aws_wa_score < 90 else 0,
-            gaps_remediated=12,
-            estimated_remediation_cost=45000.0,
-            business_risk_if_non_compliant="Suboptimal cloud security posture, increased breach risk",
-            audit_readiness_score=aws_wa_score,
-            certification_status="compliant" if aws_wa_score >= 85 else "needs_improvement",
-            key_findings=[
-                "Identity and access management strong",
-                "Data protection measures implemented",
-                "Infrastructure protection needs enhancement"
-            ]
-        ))
-        
+        compliance_statuses.append(
+            ComplianceFrameworkStatus(
+                framework_name="AWS Well-Architected Security",
+                compliance_percentage=aws_wa_score,
+                target_percentage=90.0,
+                last_assessment=datetime.utcnow() - timedelta(days=14),
+                next_assessment=datetime.utcnow() + timedelta(days=76),  # Quarterly
+                gaps_identified=8 if aws_wa_score < 90 else 0,
+                gaps_remediated=12,
+                estimated_remediation_cost=45000.0,
+                business_risk_if_non_compliant="Suboptimal cloud security posture, increased breach risk",
+                audit_readiness_score=aws_wa_score,
+                certification_status="compliant" if aws_wa_score >= 85 else "needs_improvement",
+                key_findings=[
+                    "Identity and access management strong",
+                    "Data protection measures implemented",
+                    "Infrastructure protection needs enhancement",
+                ],
+            )
+        )
+
         return compliance_statuses
 
     async def _analyze_security_investments(self) -> List[SecurityInvestmentROI]:
         """Analyze ROI of security investments for executive reporting."""
-        
+
         investments = []
-        
+
         # Security Automation Platform Investment
         automation_roi = self.roi_calculator.calculate_automation_platform_roi()
-        investments.append(SecurityInvestmentROI(
-            investment_name="Security Automation Platform",
-            total_investment=450000.0,
-            annual_operational_cost=180000.0,
-            quantified_benefits={
-                "Incident Response Time Reduction": 320000.0,
-                "Manual Task Elimination": 280000.0,
-                "Compliance Automation": 150000.0
-            },
-            risk_reduction_value=1200000.0,
-            productivity_gains=560000.0,
-            compliance_cost_avoidance=200000.0,
-            incident_cost_avoidance=800000.0,
-            roi_percentage=245.0,
-            payback_period_months=18,
-            net_present_value=1650000.0,
-            business_justification="Automation platform delivers 245% ROI through operational efficiency and risk reduction"
-        ))
-        
+        investments.append(
+            SecurityInvestmentROI(
+                investment_name="Security Automation Platform",
+                total_investment=450000.0,
+                annual_operational_cost=180000.0,
+                quantified_benefits={
+                    "Incident Response Time Reduction": 320000.0,
+                    "Manual Task Elimination": 280000.0,
+                    "Compliance Automation": 150000.0,
+                },
+                risk_reduction_value=1200000.0,
+                productivity_gains=560000.0,
+                compliance_cost_avoidance=200000.0,
+                incident_cost_avoidance=800000.0,
+                roi_percentage=245.0,
+                payback_period_months=18,
+                net_present_value=1650000.0,
+                business_justification="Automation platform delivers 245% ROI through operational efficiency and risk reduction",
+            )
+        )
+
         # Zero Trust Architecture Implementation
         zero_trust_roi = self.roi_calculator.calculate_zero_trust_roi()
-        investments.append(SecurityInvestmentROI(
-            investment_name="Zero Trust Architecture",
-            total_investment=850000.0,
-            annual_operational_cost=200000.0,
-            quantified_benefits={
-                "Breach Impact Reduction": 2500000.0,
-                "Remote Work Security": 400000.0,
-                "Insider Threat Prevention": 600000.0
-            },
-            risk_reduction_value=3500000.0,
-            productivity_gains=400000.0,
-            compliance_cost_avoidance=300000.0,
-            incident_cost_avoidance=2800000.0,
-            roi_percentage=385.0,
-            payback_period_months=12,
-            net_present_value=2850000.0,
-            business_justification="Zero Trust architecture provides 385% ROI through comprehensive security modernization"
-        ))
-        
+        investments.append(
+            SecurityInvestmentROI(
+                investment_name="Zero Trust Architecture",
+                total_investment=850000.0,
+                annual_operational_cost=200000.0,
+                quantified_benefits={
+                    "Breach Impact Reduction": 2500000.0,
+                    "Remote Work Security": 400000.0,
+                    "Insider Threat Prevention": 600000.0,
+                },
+                risk_reduction_value=3500000.0,
+                productivity_gains=400000.0,
+                compliance_cost_avoidance=300000.0,
+                incident_cost_avoidance=2800000.0,
+                roi_percentage=385.0,
+                payback_period_months=12,
+                net_present_value=2850000.0,
+                business_justification="Zero Trust architecture provides 385% ROI through comprehensive security modernization",
+            )
+        )
+
         # Cloud Security Platform
         cloud_security_roi = self.roi_calculator.calculate_cloud_security_roi()
-        investments.append(SecurityInvestmentROI(
-            investment_name="Cloud Security Platform",
-            total_investment=320000.0,
-            annual_operational_cost=120000.0,
-            quantified_benefits={
-                "Cloud Compliance Automation": 180000.0,
-                "Multi-Cloud Visibility": 220000.0,
-                "DevSecOps Integration": 160000.0
-            },
-            risk_reduction_value=750000.0,
-            productivity_gains=340000.0,
-            compliance_cost_avoidance=180000.0,
-            incident_cost_avoidance=450000.0,
-            roi_percentage=195.0,
-            payback_period_months=22,
-            net_present_value=890000.0,
-            business_justification="Cloud security platform enables secure digital transformation with 195% ROI"
-        ))
-        
+        investments.append(
+            SecurityInvestmentROI(
+                investment_name="Cloud Security Platform",
+                total_investment=320000.0,
+                annual_operational_cost=120000.0,
+                quantified_benefits={
+                    "Cloud Compliance Automation": 180000.0,
+                    "Multi-Cloud Visibility": 220000.0,
+                    "DevSecOps Integration": 160000.0,
+                },
+                risk_reduction_value=750000.0,
+                productivity_gains=340000.0,
+                compliance_cost_avoidance=180000.0,
+                incident_cost_avoidance=450000.0,
+                roi_percentage=195.0,
+                payback_period_months=22,
+                net_present_value=890000.0,
+                business_justification="Cloud security platform enables secure digital transformation with 195% ROI",
+            )
+        )
+
         return investments
 
     async def _generate_incident_summary(self, reporting_period: str) -> SecurityIncidentExecutiveSummary:
         """Generate executive summary of security incidents."""
-        
+
         # Calculate reporting period dates
         end_date = datetime.utcnow()
         if reporting_period == "monthly":
@@ -617,111 +634,108 @@ class ExecutiveSecurityDashboard:
             start_date = end_date - timedelta(days=90)
         else:  # annual
             start_date = end_date - timedelta(days=365)
-        
+
         # Get incident data (in production, this would query actual incident management systems)
         incident_data = await self.metrics_collector.get_incident_summary(start_date, end_date)
-        
+
         return SecurityIncidentExecutiveSummary(
             reporting_period=reporting_period,
-            total_incidents=incident_data.get('total_incidents', 12),
-            critical_incidents=incident_data.get('critical_incidents', 2),
-            average_response_time=incident_data.get('avg_response_time', 3.2),
-            average_resolution_time=incident_data.get('avg_resolution_time', 18.5),
+            total_incidents=incident_data.get("total_incidents", 12),
+            critical_incidents=incident_data.get("critical_incidents", 2),
+            average_response_time=incident_data.get("avg_response_time", 3.2),
+            average_resolution_time=incident_data.get("avg_resolution_time", 18.5),
             incidents_by_category={
                 "Phishing Attempts": 5,
                 "Malware Detection": 3,
                 "Unauthorized Access": 2,
                 "Data Loss Prevention": 1,
-                "Compliance Violation": 1
+                "Compliance Violation": 1,
             },
-            financial_impact=incident_data.get('financial_impact', 125000.0),
+            financial_impact=incident_data.get("financial_impact", 125000.0),
             lessons_learned=[
                 "Enhanced email security filters reduced phishing success rate by 60%",
                 "Automated incident response reduced average resolution time by 40%",
-                "Zero trust architecture prevented lateral movement in 2 incidents"
+                "Zero trust architecture prevented lateral movement in 2 incidents",
             ],
             preventive_measures_implemented=8,
             automation_improvements=4,
             executive_actions_required=[
                 "Approve additional security awareness training budget",
-                "Review and update incident response playbooks"
-            ]
+                "Review and update incident response playbooks",
+            ],
         )
 
     def _calculate_overall_security_posture(
         self,
         metrics: List[ExecutiveSecurityMetric],
         compliance: List[ComplianceFrameworkStatus],
-        incidents: SecurityIncidentExecutiveSummary
+        incidents: SecurityIncidentExecutiveSummary,
     ) -> float:
         """Calculate overall security posture score for executive reporting."""
-        
+
         # Weighted scoring model
         weights = {
-            'metrics': 0.4,      # 40% weight on key metrics
-            'compliance': 0.4,    # 40% weight on compliance
-            'incidents': 0.2      # 20% weight on incident performance
+            "metrics": 0.4,  # 40% weight on key metrics
+            "compliance": 0.4,  # 40% weight on compliance
+            "incidents": 0.2,  # 20% weight on incident performance
         }
-        
+
         # Calculate metrics score
         metrics_score = 0.0
         if metrics:
             metrics_score = sum(
-                min(100, (metric.current_value / metric.target_value) * 100)
-                for metric in metrics
+                min(100, (metric.current_value / metric.target_value) * 100) for metric in metrics
             ) / len(metrics)
-        
+
         # Calculate compliance score
         compliance_score = 0.0
         if compliance:
-            compliance_score = sum(
-                framework.compliance_percentage for framework in compliance
-            ) / len(compliance)
-        
+            compliance_score = sum(framework.compliance_percentage for framework in compliance) / len(compliance)
+
         # Calculate incident score (inverse - fewer/faster is better)
         incident_score = 100.0  # Start with perfect score
         if incidents.total_incidents > 10:  # More than 10 incidents reduces score
             incident_score -= min(30, (incidents.total_incidents - 10) * 2)
         if incidents.average_response_time > 4:  # Slow response reduces score
             incident_score -= min(20, (incidents.average_response_time - 4) * 5)
-        
+
         # Calculate weighted final score
         overall_score = (
-            metrics_score * weights['metrics'] +
-            compliance_score * weights['compliance'] +
-            incident_score * weights['incidents']
+            metrics_score * weights["metrics"]
+            + compliance_score * weights["compliance"]
+            + incident_score * weights["incidents"]
         )
-        
+
         return max(0.0, min(100.0, overall_score))
 
     def _assess_security_maturity(
         self,
         metrics: List[ExecutiveSecurityMetric],
         compliance: List[ComplianceFrameworkStatus],
-        investments: List[SecurityInvestmentROI]
+        investments: List[SecurityInvestmentROI],
     ) -> SecurityMaturityLevel:
         """Assess organizational security maturity level."""
-        
+
         # Calculate maturity indicators
         automation_rate = 0.0
         compliance_avg = 0.0
         investment_sophistication = 0.0
-        
+
         # Get automation rate from metrics
         for metric in metrics:
             if "automation" in metric.metric_name.lower():
                 automation_rate = metric.current_value
                 break
-        
+
         # Calculate average compliance
         if compliance:
             compliance_avg = sum(f.compliance_percentage for f in compliance) / len(compliance)
-        
+
         # Assess investment sophistication
         if investments:
             roi_avg = sum(inv.roi_percentage for inv in investments) / len(investments)
             investment_sophistication = min(100, roi_avg / 2)  # Normalize to 0-100
-        
+
         # Determine maturity level
         if automation_rate >= 80 and compliance_avg >= 95 and investment_sophistication >= 80:
             return SecurityMaturityLevel.OPTIMIZING
@@ -735,149 +749,145 @@ class ExecutiveSecurityDashboard:
             return SecurityMaturityLevel.INITIAL
 
     def _analyze_risk_appetite_alignment(
-        self,
-        security_posture: float,
-        incidents: SecurityIncidentExecutiveSummary
+        self, security_posture: float, incidents: SecurityIncidentExecutiveSummary
     ) -> float:
         """Analyze how well current security posture aligns with business risk appetite."""
-        
+
         # Define risk appetite thresholds
         risk_thresholds = {
-            RiskAppetite.VERY_LOW: {'min_posture': 95, 'max_incidents': 2},
-            RiskAppetite.LOW: {'min_posture': 90, 'max_incidents': 5},
-            RiskAppetite.MODERATE: {'min_posture': 80, 'max_incidents': 10},
-            RiskAppetite.HIGH: {'min_posture': 70, 'max_incidents': 20},
-            RiskAppetite.VERY_HIGH: {'min_posture': 60, 'max_incidents': 50}
+            RiskAppetite.VERY_LOW: {"min_posture": 95, "max_incidents": 2},
+            RiskAppetite.LOW: {"min_posture": 90, "max_incidents": 5},
+            RiskAppetite.MODERATE: {"min_posture": 80, "max_incidents": 10},
+            RiskAppetite.HIGH: {"min_posture": 70, "max_incidents": 20},
+            RiskAppetite.VERY_HIGH: {"min_posture": 60, "max_incidents": 50},
         }
-        
+
         threshold = risk_thresholds[self.risk_appetite]
-        
+
         # Calculate alignment score
-        posture_alignment = min(100, (security_posture / threshold['min_posture']) * 100)
-        incident_alignment = min(100, (threshold['max_incidents'] / max(1, incidents.total_incidents)) * 100)
-        
+        posture_alignment = min(100, (security_posture / threshold["min_posture"]) * 100)
+        incident_alignment = min(100, (threshold["max_incidents"] / max(1, incidents.total_incidents)) * 100)
+
         # Weighted average
-        alignment_score = (posture_alignment * 0.7 + incident_alignment * 0.3)
-        
+        alignment_score = posture_alignment * 0.7 + incident_alignment * 0.3
+
         return min(100.0, alignment_score)
 
     def _calculate_business_impact_metrics(
-        self,
-        investments: List[SecurityInvestmentROI],
-        incidents: SecurityIncidentExecutiveSummary
+        self, investments: List[SecurityInvestmentROI], incidents: SecurityIncidentExecutiveSummary
     ) -> Dict[str, Any]:
         """Calculate business impact metrics for executive reporting."""
-        
+
         total_investment = sum(inv.total_investment + inv.annual_operational_cost for inv in investments)
         total_roi = sum(inv.roi_percentage * inv.total_investment for inv in investments) / max(1, total_investment)
         risk_reduction = sum(inv.risk_reduction_value for inv in investments)
         cost_avoidance = sum(inv.incident_cost_avoidance + inv.compliance_cost_avoidance for inv in investments)
-        
+
         return {
-            'total_security_investment': total_investment,
-            'annual_security_roi': total_roi,
-            'risk_reduction_achieved': risk_reduction,
-            'cost_avoidance_realized': cost_avoidance
+            "total_security_investment": total_investment,
+            "annual_security_roi": total_roi,
+            "risk_reduction_achieved": risk_reduction,
+            "cost_avoidance_realized": cost_avoidance,
         }
 
     async def _generate_strategic_insights(
         self,
         metrics: List[ExecutiveSecurityMetric],
         compliance: List[ComplianceFrameworkStatus],
-        include_benchmarks: bool
+        include_benchmarks: bool,
     ) -> Dict[str, Any]:
         """Generate strategic insights for executive decision making."""
-        
+
         # Top security priorities based on gaps and risks
         top_priorities = [
             "Accelerate security automation adoption to achieve 80% target",
-            "Complete SOC 2 compliance remediation for Q3 audit readiness", 
+            "Complete SOC 2 compliance remediation for Q3 audit readiness",
             "Implement advanced threat detection to reduce MTTD to <4 hours",
             "Expand security awareness training to reduce human error incidents",
-            "Enhance cloud security posture for digital transformation initiatives"
+            "Enhance cloud security posture for digital transformation initiatives",
         ]
-        
+
         # Emerging threats relevant to the business
         emerging_threats = [
             "AI-powered social engineering attacks targeting executives",
             "Supply chain compromises affecting cloud service providers",
             "Ransomware attacks targeting backup and recovery systems",
             "Insider threats in remote work environments",
-            "API security vulnerabilities in digital transformation initiatives"
+            "API security vulnerabilities in digital transformation initiatives",
         ]
-        
+
         # Industry benchmark comparison
         industry_benchmarks = {}
         if include_benchmarks:
             industry_benchmarks = await self.benchmark_analyzer.get_industry_benchmarks()
-        
+
         # Board recommendations
         board_recommendations = [
             "Approve $2M additional investment in security automation for 300% ROI",
             "Establish cyber risk committee with quarterly board reporting",
             "Review and update cyber insurance coverage based on current risk profile",
             "Implement executive security awareness program for C-suite protection",
-            "Develop incident response communication plan for stakeholder management"
+            "Develop incident response communication plan for stakeholder management",
         ]
-        
+
         # Operational excellence metrics
         automation_percentage = 0.0
         for metric in metrics:
             if "automation" in metric.metric_name.lower():
                 automation_percentage = metric.current_value
                 break
-        
+
         team_efficiency_metrics = {
             "Incident Response Efficiency": 87.0,
             "Compliance Reporting Automation": 92.0,
             "Threat Detection Accuracy": 94.0,
-            "Security Tool Integration": 78.0
+            "Security Tool Integration": 78.0,
         }
-        
+
         vendor_performance_scores = {
             "Security Platform Provider": 89.0,
             "Managed Security Services": 85.0,
             "Compliance Assessment Vendor": 91.0,
-            "Security Training Provider": 83.0
+            "Security Training Provider": 83.0,
         }
-        
+
         return {
-            'top_security_priorities': top_priorities,
-            'emerging_threats': emerging_threats,
-            'industry_benchmark_comparison': industry_benchmarks,
-            'board_recommendations': board_recommendations,
-            'automation_percentage': automation_percentage,
-            'team_efficiency_metrics': team_efficiency_metrics,
-            'vendor_performance_scores': vendor_performance_scores
+            "top_security_priorities": top_priorities,
+            "emerging_threats": emerging_threats,
+            "industry_benchmark_comparison": industry_benchmarks,
+            "board_recommendations": board_recommendations,
+            "automation_percentage": automation_percentage,
+            "team_efficiency_metrics": team_efficiency_metrics,
+            "vendor_performance_scores": vendor_performance_scores,
         }
 
     async def _generate_board_presentation(self, report: ExecutiveSecurityReport):
         """Generate board-ready presentation materials."""
-        
+
         print_info("Generating board presentation materials...")
-        
+
         presentation_dir = self.output_dir / f"board_presentation_{report.report_id}"
         presentation_dir.mkdir(exist_ok=True)
-        
+
         # Generate executive slides (would integrate with presentation tools)
         slides_content = self._create_board_slides_content(report)
-        
+
         slides_file = presentation_dir / "executive_security_briefing.md"
-        with open(slides_file, 'w') as f:
+        with open(slides_file, "w") as f:
             f.write(slides_content)
-        
+
         print_success(f"Board presentation generated: {slides_file}")
 
     def _create_board_slides_content(self, report: ExecutiveSecurityReport) -> str:
         """Create board presentation slide content."""
-        
+
         return f"""# Executive Security Briefing
 **Reporting Period:** {report.reporting_period}  
-**Generated:** {report.generation_timestamp.strftime('%B %d, %Y')}
+**Generated:** {report.generation_timestamp.strftime("%B %d, %Y")}
 
 ## Executive Summary
 - **Overall Security Posture:** {report.overall_security_posture_score:.1f}%
-- **Security Maturity Level:** {report.security_maturity_level.value.replace('_', ' ').title()}
+- **Security Maturity Level:** {report.security_maturity_level.value.replace("_", " ").title()}
 - **Risk Appetite Alignment:** {report.risk_appetite_alignment:.1f}%
 - **Annual Security ROI:** {report.annual_security_roi:.1f}%
 
@@ -904,7 +914,7 @@ class ExecutiveSecurityDashboard:
 
     def _format_metrics_for_slides(self, metrics: List[ExecutiveSecurityMetric]) -> str:
         """Format metrics for board slide presentation."""
-        
+
         formatted_metrics = []
         for metric in metrics[:5]:  # Top 5 metrics
             trend_emoji = "📈" if metric.trend == "improving" else "📊" if metric.trend == "stable" else "📉"
@@ -912,29 +922,35 @@ class ExecutiveSecurityDashboard:
                 f"- **{metric.metric_name}:** {metric.current_value:.1f} "
                 f"(Target: {metric.target_value:.1f}) {trend_emoji}"
             )
-        
+
         return "\n".join(formatted_metrics)
 
     def _format_compliance_for_slides(self, compliance: List[ComplianceFrameworkStatus]) -> str:
         """Format compliance status for board slides."""
-        
+
         formatted_compliance = []
         for framework in compliance:
-            status_emoji = "✅" if framework.compliance_percentage >= 95 else "⚠️" if framework.compliance_percentage >= 80 else "❌"
+            status_emoji = (
+                "✅"
+                if framework.compliance_percentage >= 95
+                else "⚠️"
+                if framework.compliance_percentage >= 80
+                else "❌"
+            )
             formatted_compliance.append(
                 f"- **{framework.framework_name}:** {framework.compliance_percentage:.1f}% {status_emoji}"
             )
-        
+
         return "\n".join(formatted_compliance)
 
     def _format_recommendations_for_slides(self, recommendations: List[str]) -> str:
         """Format recommendations for board slides."""
-        
-        return "\n".join(f"{i+1}. {rec}" for i, rec in enumerate(recommendations[:5]))
+
+        return "\n".join(f"{i + 1}. {rec}" for i, rec in enumerate(recommendations[:5]))
 
     def _display_executive_summary(self, report: ExecutiveSecurityReport):
         """Display executive summary to console."""
-        
+
         # Executive overview panel
         overview_content = (
             f"[bold green]Executive Security Report Generated[/bold green]\n\n"
@@ -945,13 +961,9 @@ class ExecutiveSecurityDashboard:
             f"[bold]Risk Appetite Alignment:[/bold] {report.risk_appetite_alignment:.1f}%\n"
             f"[bold]Annual Security ROI:[/bold] {report.annual_security_roi:.1f}%"
         )
-        
-        console.print(create_panel(
-            overview_content,
-            title="📊 Executive Security Overview",
-            border_style="green"
-        ))
-        
+
+        console.print(create_panel(overview_content, title="📊 Executive Security Overview", border_style="green"))
+
         # Key metrics table
         metrics_table = create_table(
             title="Key Security Metrics",
@@ -960,24 +972,24 @@ class ExecutiveSecurityDashboard:
                 {"name": "Current", "style": "green"},
                 {"name": "Target", "style": "yellow"},
                 {"name": "Trend", "style": "blue"},
-                {"name": "Action Required", "style": "red"}
-            ]
+                {"name": "Action Required", "style": "red"},
+            ],
         )
-        
+
         for metric in report.key_security_metrics[:6]:  # Show top 6 metrics
             trend_symbol = "↗️" if metric.trend == "improving" else "→" if metric.trend == "stable" else "↘️"
             action_symbol = "⚠️" if metric.action_required else "✅"
-            
+
             metrics_table.add_row(
                 metric.metric_name[:25] + "..." if len(metric.metric_name) > 25 else metric.metric_name,
                 f"{metric.current_value:.1f}",
                 f"{metric.target_value:.1f}",
                 f"{trend_symbol} {metric.trend}",
-                action_symbol
+                action_symbol,
             )
-        
+
         console.print(metrics_table)
-        
+
         # Financial impact summary
         financial_content = (
             f"[bold cyan]Security Investment Analysis[/bold cyan]\n\n"
@@ -986,165 +998,161 @@ class ExecutiveSecurityDashboard:
             f"[yellow]Cost Avoidance Realized:[/yellow] ${report.cost_avoidance_realized:,.0f}\n"
             f"[magenta]Net Security Value:[/magenta] ${(report.risk_reduction_achieved + report.cost_avoidance_realized - report.total_security_investment):,.0f}"
         )
-        
-        console.print(create_panel(
-            financial_content,
-            title="💰 Financial Impact Summary",
-            border_style="blue"
-        ))
+
+        console.print(create_panel(financial_content, title="💰 Financial Impact Summary", border_style="blue"))
 
     async def _export_executive_report(self, report: ExecutiveSecurityReport):
         """Export comprehensive executive report."""
-        
+
         # Export detailed JSON report
         json_report_path = self.output_dir / f"executive_security_report_{report.report_id}.json"
-        
+
         report_data = {
-            'report_metadata': {
-                'report_id': report.report_id,
-                'reporting_period': report.reporting_period,
-                'generation_timestamp': report.generation_timestamp.isoformat(),
-                'risk_appetite': self.risk_appetite.value
+            "report_metadata": {
+                "report_id": report.report_id,
+                "reporting_period": report.reporting_period,
+                "generation_timestamp": report.generation_timestamp.isoformat(),
+                "risk_appetite": self.risk_appetite.value,
             },
-            'executive_summary': {
-                'overall_security_posture_score': report.overall_security_posture_score,
-                'security_maturity_level': report.security_maturity_level.value,
-                'risk_appetite_alignment': report.risk_appetite_alignment
+            "executive_summary": {
+                "overall_security_posture_score": report.overall_security_posture_score,
+                "security_maturity_level": report.security_maturity_level.value,
+                "risk_appetite_alignment": report.risk_appetite_alignment,
             },
-            'key_metrics': [
+            "key_metrics": [
                 {
-                    'metric_name': metric.metric_name,
-                    'current_value': metric.current_value,
-                    'target_value': metric.target_value,
-                    'trend': metric.trend,
-                    'business_impact': metric.business_impact,
-                    'benchmark_comparison': metric.benchmark_comparison,
-                    'action_required': metric.action_required,
-                    'executive_summary': metric.executive_summary
+                    "metric_name": metric.metric_name,
+                    "current_value": metric.current_value,
+                    "target_value": metric.target_value,
+                    "trend": metric.trend,
+                    "business_impact": metric.business_impact,
+                    "benchmark_comparison": metric.benchmark_comparison,
+                    "action_required": metric.action_required,
+                    "executive_summary": metric.executive_summary,
                 }
                 for metric in report.key_security_metrics
             ],
-            'compliance_status': [
+            "compliance_status": [
                 {
-                    'framework_name': framework.framework_name,
-                    'compliance_percentage': framework.compliance_percentage,
-                    'target_percentage': framework.target_percentage,
-                    'audit_readiness_score': framework.audit_readiness_score,
-                    'certification_status': framework.certification_status,
-                    'business_risk_if_non_compliant': framework.business_risk_if_non_compliant,
-                    'estimated_remediation_cost': framework.estimated_remediation_cost,
-                    'key_findings': framework.key_findings
+                    "framework_name": framework.framework_name,
+                    "compliance_percentage": framework.compliance_percentage,
+                    "target_percentage": framework.target_percentage,
+                    "audit_readiness_score": framework.audit_readiness_score,
+                    "certification_status": framework.certification_status,
+                    "business_risk_if_non_compliant": framework.business_risk_if_non_compliant,
+                    "estimated_remediation_cost": framework.estimated_remediation_cost,
+                    "key_findings": framework.key_findings,
                 }
                 for framework in report.compliance_status
             ],
-            'security_investments': [
+            "security_investments": [
                 {
-                    'investment_name': investment.investment_name,
-                    'total_investment': investment.total_investment,
-                    'roi_percentage': investment.roi_percentage,
-                    'payback_period_months': investment.payback_period_months,
-                    'risk_reduction_value': investment.risk_reduction_value,
-                    'business_justification': investment.business_justification
+                    "investment_name": investment.investment_name,
+                    "total_investment": investment.total_investment,
+                    "roi_percentage": investment.roi_percentage,
+                    "payback_period_months": investment.payback_period_months,
+                    "risk_reduction_value": investment.risk_reduction_value,
+                    "business_justification": investment.business_justification,
                 }
                 for investment in report.security_investments
             ],
-            'incident_summary': {
-                'total_incidents': report.incident_summary.total_incidents,
-                'critical_incidents': report.incident_summary.critical_incidents,
-                'average_response_time': report.incident_summary.average_response_time,
-                'financial_impact': report.incident_summary.financial_impact,
-                'lessons_learned': report.incident_summary.lessons_learned,
-                'executive_actions_required': report.incident_summary.executive_actions_required
+            "incident_summary": {
+                "total_incidents": report.incident_summary.total_incidents,
+                "critical_incidents": report.incident_summary.critical_incidents,
+                "average_response_time": report.incident_summary.average_response_time,
+                "financial_impact": report.incident_summary.financial_impact,
+                "lessons_learned": report.incident_summary.lessons_learned,
+                "executive_actions_required": report.incident_summary.executive_actions_required,
+            },
+            "business_impact": {
+                "total_security_investment": report.total_security_investment,
+                "annual_security_roi": report.annual_security_roi,
+                "risk_reduction_achieved": report.risk_reduction_achieved,
+                "cost_avoidance_realized": report.cost_avoidance_realized,
             },
-            'business_impact': {
-                'total_security_investment': report.total_security_investment,
-                'annual_security_roi': report.annual_security_roi,
-                'risk_reduction_achieved': report.risk_reduction_achieved,
-                'cost_avoidance_realized': report.cost_avoidance_realized
+            "strategic_insights": {
+                "top_security_priorities": report.top_security_priorities,
+                "emerging_threats": report.emerging_threats,
+                "board_recommendations": report.board_recommendations,
+                "industry_benchmark_comparison": report.industry_benchmark_comparison,
             },
-            'strategic_insights': {
-                'top_security_priorities': report.top_security_priorities,
-                'emerging_threats': report.emerging_threats,
-                'board_recommendations': report.board_recommendations,
-                'industry_benchmark_comparison': report.industry_benchmark_comparison
-            }
         }
-        
-        with open(json_report_path, 'w') as f:
+
+        with open(json_report_path, "w") as f:
             json.dump(report_data, f, indent=2)
-        
+
         print_success(f"Executive security report exported to: {json_report_path}")
 
 
 class ExecutiveMetricsCollector:
     """Collect executive-level security metrics from various sources."""
-    
+
     def __init__(self, session: boto3.Session):
         self.session = session
-    
+
     async def get_security_posture_score(self) -> float:
         """Get overall security posture score."""
         # In production, this would aggregate from security tools
         return 87.5
-    
+
     async def get_mean_time_to_detection(self) -> float:
         """Get mean time to detection in hours."""
         # In production, this would query SIEM/SOAR systems
         return 3.2
-    
+
     async def get_mean_time_to_remediation(self) -> float:
         """Get mean time to remediation in hours."""
         # In production, this would query incident management systems
         return 18.5
-    
+
     async def get_automation_percentage(self) -> float:
         """Get percentage of automated security operations."""
         # In production, this would analyze automated vs manual operations
         return 72.0
-    
+
     async def get_vulnerability_coverage(self) -> float:
         """Get vulnerability assessment coverage percentage."""
         # In production, this would query vulnerability management systems
         return 89.0
-    
+
     async def get_security_training_effectiveness(self) -> float:
         """Get security awareness training effectiveness."""
         # In production, this would query training and phishing simulation platforms
         return 78.0
-    
+
     async def get_incident_summary(self, start_date: datetime, end_date: datetime) -> Dict[str, Any]:
         """Get incident summary for reporting period."""
         # In production, this would query incident management systems
         return {
-            'total_incidents': 12,
-            'critical_incidents': 2,
-            'avg_response_time': 3.2,
-            'avg_resolution_time': 18.5,
-            'financial_impact': 125000.0
+            "total_incidents": 12,
+            "critical_incidents": 2,
+            "avg_response_time": 3.2,
+            "avg_resolution_time": 18.5,
+            "financial_impact": 125000.0,
         }
 
 
 class ComplianceStatusAnalyzer:
     """Analyze compliance status across multiple frameworks."""
-    
+
     def __init__(self, session: boto3.Session):
         self.session = session
-    
+
     async def get_soc2_compliance_score(self) -> float:
         """Get SOC 2 compliance percentage."""
         # In production, this would integrate with compliance management tools
         return 94.0
-    
+
     async def get_pci_dss_compliance_score(self) -> float:
         """Get PCI DSS compliance percentage."""
         # In production, this would integrate with PCI compliance tools
         return 96.0
-    
+
     async def get_hipaa_compliance_score(self) -> float:
         """Get HIPAA compliance percentage."""
         # In production, this would integrate with HIPAA compliance tools
         return 91.0
-    
+
     async def get_aws_well_architected_score(self) -> float:
         """Get AWS Well-Architected Security pillar score."""
         # In production, this would use AWS Well-Architected Tool API
@@ -1153,17 +1161,17 @@ class ComplianceStatusAnalyzer:
 
 class SecurityROICalculator:
     """Calculate ROI for security investments."""
-    
+
     def calculate_automation_platform_roi(self) -> Dict[str, Any]:
         """Calculate ROI for security automation platform."""
         # Complex ROI calculation would be implemented here
         return {}
-    
+
     def calculate_zero_trust_roi(self) -> Dict[str, Any]:
         """Calculate ROI for zero trust architecture."""
         # Complex ROI calculation would be implemented here
         return {}
-    
+
     def calculate_cloud_security_roi(self) -> Dict[str, Any]:
         """Calculate ROI for cloud security platform."""
         # Complex ROI calculation would be implemented here
@@ -1172,7 +1180,7 @@ class SecurityROICalculator:
 
 class IndustryBenchmarkAnalyzer:
     """Analyze security metrics against industry benchmarks."""
-    
+
     async def get_industry_benchmarks(self) -> Dict[str, float]:
         """Get industry benchmark data for comparison."""
         # In production, this would integrate with industry benchmark services
@@ -1181,20 +1189,20 @@ class IndustryBenchmarkAnalyzer:
             "Mean Time to Detection": 12.0,
             "Mean Time to Remediation": 48.0,
             "Security Automation Rate": 45.0,
-            "Compliance Score Average": 82.0
+            "Compliance Score Average": 82.0,
         }
 
 
 class ExecutiveReportGenerator:
     """Generate executive reports and presentations."""
-    
+
     def __init__(self, output_dir: Path):
         self.output_dir = output_dir
 
 
 class SecurityVisualizationEngine:
     """Generate security visualizations for executive reporting."""
-    
+
     def __init__(self):
         pass
 
@@ -1202,46 +1210,49 @@ class SecurityVisualizationEngine:
 # CLI integration for executive security dashboard
 if __name__ == "__main__":
     import argparse
-    
-    parser = argparse.ArgumentParser(description='Executive Security Dashboard')
-    parser.add_argument('--profile', default='default', help='AWS profile to use')
-    parser.add_argument('--period', choices=['monthly', 'quarterly', 'annual'], 
-                       default='monthly', help='Reporting period')
-    parser.add_argument('--risk-appetite', choices=['very_low', 'low', 'moderate', 'high', 'very_high'],
-                       default='moderate', help='Business risk appetite')
-    parser.add_argument('--board-presentation', action='store_true', help='Generate board presentation')
-    parser.add_argument('--include-benchmarks', action='store_true', default=True, help='Include industry benchmarks')
-    parser.add_argument('--output-dir', default='./artifacts/executive-security', help='Output directory')
-    
+
+    parser = argparse.ArgumentParser(description="Executive Security Dashboard")
+    parser.add_argument("--profile", default="default", help="AWS profile to use")
+    parser.add_argument(
+        "--period", choices=["monthly", "quarterly", "annual"], default="monthly", help="Reporting period"
+    )
+    parser.add_argument(
+        "--risk-appetite",
+        choices=["very_low", "low", "moderate", "high", "very_high"],
+        default="moderate",
+        help="Business risk appetite",
+    )
+    parser.add_argument("--board-presentation", action="store_true", help="Generate board presentation")
+    parser.add_argument("--include-benchmarks", action="store_true", default=True, help="Include industry benchmarks")
+    parser.add_argument("--output-dir", default="./artifacts/executive-security", help="Output directory")
+
     args = parser.parse_args()
-    
+
     # Map risk appetite
     risk_mapping = {
-        'very_low': RiskAppetite.VERY_LOW,
-        'low': RiskAppetite.LOW,
-        'moderate': RiskAppetite.MODERATE,
-        'high': RiskAppetite.HIGH,
-        'very_high': RiskAppetite.VERY_HIGH
+        "very_low": RiskAppetite.VERY_LOW,
+        "low": RiskAppetite.LOW,
+        "moderate": RiskAppetite.MODERATE,
+        "high": RiskAppetite.HIGH,
+        "very_high": RiskAppetite.VERY_HIGH,
     }
-    
+
     async def main():
         dashboard = ExecutiveSecurityDashboard(
-            profile=args.profile,
-            output_dir=args.output_dir,
-            risk_appetite=risk_mapping[args.risk_appetite]
+            profile=args.profile, output_dir=args.output_dir, risk_appetite=risk_mapping[args.risk_appetite]
         )
-        
+
         report = await dashboard.generate_executive_security_report(
             reporting_period=args.period,
             include_benchmarks=args.include_benchmarks,
-            board_presentation=args.board_presentation
+            board_presentation=args.board_presentation,
         )
-        
+
         print_success(f"Executive security report generated: {report.report_id}")
         print_info(f"Overall security posture: {report.overall_security_posture_score:.1f}%")
         print_info(f"Security maturity level: {report.security_maturity_level.value.replace('_', ' ').title()}")
         print_info(f"Annual security ROI: {report.annual_security_roi:.1f}%")
         print_info(f"Total security value: ${report.risk_reduction_achieved + report.cost_avoidance_realized:,.0f}")
-    
+
     # Run the async main function
-    asyncio.run(main())
+    asyncio.run(main())