SecurityScorecard | August 23, 2021
SecurityScorecard, the global leader in security ratings, today announces a partnership with Tenable the Cyber Exposure company, to deliver a comprehensive view into an organization's risk posture by marrying Tenable's unmatched visibility and depth of analytics into enterprise environments with external cyber monitoring powered by SecurityScorecard. As a result of this partnership, CISOs, IT leaders and security teams are able to review their SecurityScorecard rating, assess their external cybersecurity health, and understand their risk posture directly within the Tenable Lumin dashboard.
"Understanding your up-to-date risk posture has become a necessity in a world that's increasingly more complex, dynamic and transient," said Ray Komar, vice president of technical alliances, Tenable. "We're excited to partner with SecurityScorecard to give customers complete visibility into the risks that exist inside and outside their environment, and guidance for how to most effectively reduce that risk, all in a single platform."
Point-in-time or periodic cybersecurity testing procedures have become antiquated. Today's cyber risks change by the minute and companies need a solution that keeps pace with the dynamic nature of cybersecurity by continuously monitoring for exposures and measuring the security posture and cyber resilience across the organization.
"Organizations must be proactive to address cyber breaches, and security ratings are the foundation to measuring and understanding security resilience in real time," says Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. "Together, SecurityScorecard and Tenable are advancing a new standard for continuous monitoring by blending external and internal risk assessments, which provide organizations with a holistic view into the risks that exist in their environments."
The integration pairs Tenable Lumin's advanced analytics capabilities for assessing risk alongside real-time visibility of external vulnerabilities from SecurityScorecard. This arms Tenable Lumin customers with the intelligence to develop external risk management and threat detection playbooks through real-time updates, allowing organizations to effectively identify and respond to threats and risks.
SecurityScorecard continuously monitors millions of entities globally, and uses non-intrusive proprietary methods to assess their security posture across ten risk categories to instantly deliver an easy-to-understand "A" through "F" rating; including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. On a daily basis, these ratings are updated based on objective, publicly-available data that, similar to credit ratings, provides an "outside-in" view of an entity's security posture.
Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with tens of millions of companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 18,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.
NPCore | November 26, 2021
NPCore, a joint venture member of Born2Global Centre, has its sights set on a greater share of the IT security market in Southeast Asia, recently joining forces with Vietnamese IT security service provider Viet Cyber Security. Together, the two companies set up NPCore Vietnam Joint Stock Company, a joint venture which will see them coordinate efforts in the IT security industry. NPCore is an AI-based new variant malware (APT) response solution provider offering optimal security solutions.
NPCore has provided cyber security solutions and since 2021, it has participated in a project for supporting overseas expansion of D.N.A (Data, Network, AI) convergence products led by Born2Global Centre.
The joint enterprise will see the two partners collaborate in technology and, more importantly, concerted sales and marketing activities in the Southeast Asian IT security market. The goal is to lay the foundation for a stable supply of IT security services in local markets to obtain market trust and continue expanding the business at an increasing pace. NPCore has confirmed that it is ready to aggressively engage Viet Cyber Security's local networks and customers towards expanding its market presence. NPCore's solution (Zombie Zero) can defend against any path through which malicious code can flow from the network to the endpoint.
It currently holds 12 patents as well as the International Common Criteria (CC) certification for its proprietary security technologies and has more than 100 global references.
"The local joint enterprise was established in Vietnam as it is a market with active investment taking place in national security, corporate IT security, and other fields. It will be a local platform for entry into the Southeast Asian markets Vietnam included and will put us on the map as an IT security service provider in the region."
NPCore CEO Han Seung-cheol
Furthermore, the joint venture between NPCore and Viet Cyber Security was established as part of the Born2Global Centre's partnership program. Through its support of DNA-convergence products and services, Born2Global Centre serves as a launchpad for innovative startups to enter global markets. Born2Global Centre provides startups with different levels of consulting services, from partnership exploration & creation to business establishment, operations, joint R&D projects, and market expansion.
IPKeys | September 09, 2021
IPKeys Power Partners, the leading cybersecurity, cyber compliance, and smart grid technology company, announced today the release of its groundbreaking SigmaFlow Beacon platform to provide utilities, generators, and grid operators a simple, unified solution for cybersecurity monitoring and compliance requirements.
The SigmaFlow Beacon platform is built specifically to help organizations align with North American Electric Reliability Corp. (NERC) compliance mandates. It provides NERC registered entities with a single solution to advance, simplify and improve existing cybersecurity and monitoring requirements.
"We are pleased to provide utilities, generators and grid operators a system that ensures unification of cybersecurity monitoring and NERC-CIP compliance requirements," said Robert Nawy, CEO IPKeys. "It is long past time for the worlds of compliance and cyber defense to converge to provide cyber assurance for our power grid. The SigmaFlow Beacon unites needed capabilities of real-time cybersecurity monitoring with governance and regulation."
The SigmaFlow Beacon provides one, purpose-built solution for NERC baseline management, collecting the critical cyber data in real time and seamlessly incorporating the approval process within the SigmaFlow workflow and evidence platform. SigmaFlow Beacon technology is built for rapid deployment, making it faster and easier to implement than current monitoring solutions. It will save utilities valuable time, and provide seamless Critical Infrastructure Protection, improved cybersecurity, and audit ready results.
Today, NERC registered entities must use multiple vendors and systems to monitor baseline security and compliance data. These solutions are not connected to workflow, making the correlation between change management and baseline authorization next to impossible because multiple changes could be made since the facilities' last scan.
"SigmaFlow Beacon is a major step towards our vision of bringing compliance and security teams together, at the same time simplifying the act of maintaining compliance while enhancing real world cybersecurity," said Louis Riendeau, IPKeys Vice President, Operations & Product Management.
"Many of our clients and Governance & Regulation communities tend to get a sense of false cybersecurity validation by passing NERC compliance audits, SigmaFlow Beacon and the entire IPKeys Cyber Lab-as-a-Service platform introduces automated NERC compliance and advancement in real cybersecurity protection," said Trey Kirkpatrick, VP, NERC Implementation Services and Consulting.
Benefits of a Unified Approach between Cybersecurity and Compliance
Improved cybersecurity: The fewer moving parts, the fewer opportunities for errors—and the fewer cracks for hackers to get in through. With cybersecurity and compliance in sync, there is a shared knowledge between organizations.
Time Savings: When a crisis strikes, immediate action is vital. With unified security and compliance, there is less risk of misunderstanding or miscommunication between organizations, less need for work to be redone, and fewer questions about completion.
Seamless CIP management: Unified end-to-end management of security and compliance ensures consistent CIP management, while providing more efficient and accessible records, greater access to critical information, and reducing data errors, missed assignments or due dates.
Always audit-ready: All data is stored in one secure location, and is consistent, connected, complete and primed for scrutiny.
Large cybersecurity incidents like the SolarWinds breach or the Colonial Pipeline hack garner most of the attention, but hundreds of smaller attacks have impacted businesses, municipalities, and utilities across the country - and the threat is accelerating. According to Statescoop, between 2013 and 2018, 180 documented cyberattacks occurred, while 236 incidents have been reported since 2019.
About IPKeys Power Partners
IPKeys Power Partners' industry-leading, secure OT and IoT intelligence platform addresses the complex cybersecurity, data, and communications challenges faced by operators of mission-critical networks for customers in the energy, government, and industrial markets. The company's suite of solutions encompass cybersecurity and cyber compliance for dynamic OT/IT environments, data analytics, secure energy management, and public safety network monitoring. The company is headquartered in New Jersey and has offices in California, Louisiana, Maryland, Texas, and Virginia.