Home > News > featured news > CFGI and SecurityScorecard Collaborate to Provide Security Rating Monitoring as a Service

DATA SECURITY

CFGI and SecurityScorecard Collaborate to Provide Security Rating Monitoring as a Service

CFGI | May 26, 2021

CFGI, a leading provider of Accounting Advisory, Cybersecurity and IT Risk Advisory solutions, and SecurityScorecard, the worldwide leader in cybersecurity ratings, today announced a new partnership to streamline and strengthen how organizations manage their cybersecurity and third-party risk through the use of Security Ratings.

CFGI has partnered with SecurityScorecard to non-intrusively evaluate an organizations' cybersecurity using an 'outside-in methodology. This approach enables CFGI to monitor and update the cybersecurity ratings of our clients in a very continuous manner. With these cybersecurity ratings and the extensive information on which they are based, organizations are presented with valuable information for assessing compliance with industry-leading cybersecurity risk standards.

As a SecurityScorecard managed security services provider (MSSP), CFGI will be delivering industry-leading cybersecurity ratings to clients to enhance their security posture, ensure adherence to regulatory requirements, and continuously monitor third-party risk. This partnership comes at a time when risk and compliance teams are experiencing unprecedented pressure to successfully manage their own and third-party risk, due to changing regulatory requirements, higher numbers of vendors, and more pressure from the board of directors. Heightened regulatory scrutiny has created the necessity for next-generation solutions to assist organizations in better manage the risk posed by their business partners. With the partnership between CFGI and SecurityScorecard, organizations can now be aware of cybersecurity gaps and advised on what is needed to fill them.

What value do CFGI clients receive?

• Technical dashboards and detailed reports with your most critical risk factors.

• Easy-to-read board-level reports and workflow tools for cybersecurity assessments.

• Risk remediation advisory services by CFGI, whose experts work closely with your technology teams or third parties.

• Ability to view your historical vulnerabilities and threats for continued improvement.

• Ability to quantify and demonstrate your return on security investments.

• Ability to benchmark your cybersecurity current state against industry peers and competitors.

About CFGI

CFGI, a portfolio company of The Carlyle Group, is a highly specialized financial consulting company that supports the office of the CFO with all its accounting, finance, risk management, and digital transformation needs. As an extension of your SOX, internal audit, corporate finance, or cybersecurity team, CFGI can serve in a variety of capacities – from technical accounting or finance transformation advisor to IPO and M&A support to controller or CFO.

Spotlight

Artificial Intelligence for an Omnichannel World

Great customer experiences are built on great customer journeys but in an omnichannel world, journeys can easily lead to wrong turns. Today, CX practitioners know the secret to creating a positive customer experience lies in the vast amounts of complex data their omnichannel contact centers generate. This report by CX Network ex

More featured news

Spotlight

Artificial Intelligence for an Omnichannel World

Great customer experiences are built on great customer journeys but in an omnichannel world, journeys can easily lead to wrong turns. Today, CX practitioners know the secret to creating a positive customer experience lies in the vast amounts of complex data their omnichannel contact centers generate. This report by CX Network ex

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SlashNext Introduces Generative AI Solution for Email Security

SlashNext | March 01, 2023

On February 28, 2023, SlashNext, a leading SaaS-based Integrated Cloud Messaging Security solutions provider across web, email and mobile, announced the release of Generative HumanAI™, the industry's first artificial intelligence solution using generative AI to defend against advanced business email compromise (BEC), executive impersonation, supply chain attacks, and financial fraud. Adding Generative HumanAI ensures that customers have peace of mind, despite threat actors utilizing widely available AI tools to aid their efforts. The solution already has a 99.9% detection rate with its existing AI capabilities. Generative HumanAI predicts vast numbers of potential AI-generated BEC threats by utilizing AI data augmentation and cloning technologies to evaluate a core threat and then produce thousands of other versions of that same core threat, which allows the system to train itself on possible variations. This new solution joins SlashNext's existing HumanAI capabilities, which imitate human threat researchers by combining computer vision, natural language processing, and machine learning with relationship graphs and deep contextualization to thwart sophisticated multichannel messaging attacks. Features of HumanAI consist: Relationship Graphs & Contextual Analysis establish a baseline of known-good writing styles and communication patterns for each employee and supplier to detect unusual conversation and communication styles. BEC Generative AI Augmentation automatically generates thousands of new BEC variants from today's threat to stop tomorrow's attacks. Natural Language Processing analyzes text in the email body and attachments for tone, emotion, topic, intent and manipulation triggers related to social engineering tactics. Computer Vision Recognition leverages SlashNext's LiveScan™ to inspect URLs in real-time for any visual divergence, such as layouts and images, to detect credential phishing webpages. Sender Impersonation Analysis evaluates headline details and email authentication results to stop impersonation attacks. File Attachment Inspection analyzes social engineering traits of attachments and malicious codes to stop ransomware. SlashNext has been developing this patent-pending solution internally for over two years and is at the forefront of multichannel messaging security. Its threat researchers recognized that generative AI would soon change the face of BEC attacks. About SlashNext SlashNext is a leading cloud-based messaging security solutions provider to safeguard against malicious messages across all digital channels. Its integrated messaging security platform, called SlashNext Complete™, is equipped with patented HumanAI™ technology having a detection accuracy rate of 99.9% and is capable of detecting real-time threats across various messaging channels such as mobile, email and web-based messaging applications like LinkedIn, M365, Gmail, WhatsApp, Slack, Telegram, Teams, and others. By taking advantage of SlashNext's Integrated Cloud Messaging Security, businesses can safeguard their sensitive information from data theft and financial fraud breaches. The company's solution is designed to detect and prevent zero-hour threats in real-time to ensure their customers' highest level of security.

Read More

DATA SECURITY, ENTERPRISE SECURITY, PLATFORM SECURITY

Contrast Security Launches New Partner Program, Security Innovation Alliance

Contrast Security | February 02, 2023

On February 1, 2023, Contrast Security (Contrast), a leading code security platform, announced the launch of its new partner program, the Security Innovation Alliance (SIA), a worldwide ecosystem of system integrators (SIs), cloud, channel, and technology alliances. SIA's mission is to provide customers with unrivaled, fully integrated application security solutions from Contrast and its strategic alliance partners, which include Amazon/Amazon Web Services (AWS), GitLab Inc., Microsoft, VMware, Armor Code, PagerDuty, Zimperium, Anchore, Wallarm, Neosec, Noname Security, Ermetic, Cloudwize, BLST Security, ProtectOnce, Scribe Security, Wiz, and Legit Security. Furthermore, the team will concentrate on expanding collaborations with SIs, technology providers, and independent software providers (ISVs). SIA and Contrast's robust strategic partner integrations will not only enable partners to integrate with the Contrast Secure Code Platform seamlessly but will also enable clients to realize the following benefits: To use Contrast's services confidently as part of a more extensive program for application security (AppSec). Increase the predictability of security and decrease the risk of implementing new code and AppSec technologies. Increased trust and confidence in already implemented technologies. SIA is designed to boost its partners' business capabilities to satisfy AppSec clients' demands. Contrast collaborates with each partner to deliver a customized experience that meets their specific interests and business requirements, including a streamlined onboarding process, joint marketing campaigns, integration support and access to the company's impressive install base. SIA is led by Goodman, a seasoned Alliance professional, and several other industry leaders, including Tracey Mead, Vice President, Strategic Alliances, System Integrators; Frank Gasparovic, Director, Ecosystem Engineering; Rachael Mott, Senior Director, Strategic Alliances, Technology Partners; Callie McCormick, Global Director of Channel Sales; and Ram Yonish, VP of EMEA Alliances. About Contrast Security Founded in 2014, Contrast Security is a leading code security platform firm purposely created for developers to get secure code flowing quickly and trusted by security teams to protect business applications. With Contrast, developers, security, and operations teams can swiftly secure code across the entire Software Development Life Cycle (SDLC) to defend against today's targeted Application Security (AppSec) threats. It also provides free security testing to all developers through CodeSec. Established by cybersecurity industry experts to replace old AppSec solutions that cannot secure modern organizations, the company defends its customers from major cybersecurity attacks, which include some of the world's top brands, such as BMW, AXA, DocuSign, Zurich, Sompo Japan, and American Red Cross, as well as several other prominent leading Fortune 500 companies.

Read More

DATA SECURITY, SOFTWARE SECURITY

Virtru Joins NIST NCCoE Data Security Consortium

Virtru | March 03, 2023

On March 2, 2023, Virtru, a prominent figure in data-centric security and privacy, announced its involvement in NIST's National Cybersecurity Center of Excellence (NCCoE) Data Classification Practices: Facilitating Data-Centric Security Management initiative. As part of a team of global technology leaders, Virtru will collaborate with NIST to develop recommended data classification and data-centric security practices, which will protect data while supporting business practices and transactions. The goal of this collaborative effort is to promote data-centric security on a larger scale. As systems become more mobile, dispersed and shared across different environments and stewardship, traditional network-centric security measures are increasingly ineffective at protecting information. Data-centric security aims to safeguard data at the object level by securing it directly rather than simply securing the systems and networks that store and transmit it. Organizations employing this approach can identify their data, its characteristics, and the security and privacy requirements needed to control and protect it fully. Virtru has a long-standing history of partnering with the public- and private-sector organizations to achieve data-centric security, serving the federal intelligence community, the largest financial institutions globally, and over 8,000 organizations worldwide. Virtru's technology enables organizations to enforce policy, encryption and access controls directly to data being transmitted via files, emails and SaaS applications while allowing organizations to manage their encryption keys for complete control and data sovereignty. Virtru's Chief Technology Officer, Will Ackerly, commented, "Data-centric security is central to everything we do at Virtru," He further emphasized, "Our goal is to enable the mission — that means moving data freely, but securely. Being a member of NIST's NCCoE Data Classification project is a manifestation of more than a decade of hard work. By tagging data appropriately, we can help ensure public- and private-sector organizations can trust that their data will be used and shared appropriately, just as the data creator intended. This is vital to the future of collaboration." (Source – Globe Newswire) About Virtru Virtru is a leading data security and privacy solutions provider. With end-to-end encryption for major data-sharing platforms like Microsoft and Google, it helps customers take charge of their data wherever it is shared. It empowers organizations to keep control of their data by ensuring that it is protected everywhere it is stored and shared. The company is trusted by over 8,000 customers worldwide and is dedicated to safeguarding their sensitive data according to the highest security standards. Its Trusted Data Format (TDF) is an industry standard that provides persistent data protection through encryption technology for data shared via email, collaboration tools, cloud environments, and enterprise SaaS applications.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SlashNext Introduces Generative AI Solution for Email Security

SlashNext | March 01, 2023

On February 28, 2023, SlashNext, a leading SaaS-based Integrated Cloud Messaging Security solutions provider across web, email and mobile, announced the release of Generative HumanAI™, the industry's first artificial intelligence solution using generative AI to defend against advanced business email compromise (BEC), executive impersonation, supply chain attacks, and financial fraud. Adding Generative HumanAI ensures that customers have peace of mind, despite threat actors utilizing widely available AI tools to aid their efforts. The solution already has a 99.9% detection rate with its existing AI capabilities. Generative HumanAI predicts vast numbers of potential AI-generated BEC threats by utilizing AI data augmentation and cloning technologies to evaluate a core threat and then produce thousands of other versions of that same core threat, which allows the system to train itself on possible variations. This new solution joins SlashNext's existing HumanAI capabilities, which imitate human threat researchers by combining computer vision, natural language processing, and machine learning with relationship graphs and deep contextualization to thwart sophisticated multichannel messaging attacks. Features of HumanAI consist: Relationship Graphs & Contextual Analysis establish a baseline of known-good writing styles and communication patterns for each employee and supplier to detect unusual conversation and communication styles. BEC Generative AI Augmentation automatically generates thousands of new BEC variants from today's threat to stop tomorrow's attacks. Natural Language Processing analyzes text in the email body and attachments for tone, emotion, topic, intent and manipulation triggers related to social engineering tactics. Computer Vision Recognition leverages SlashNext's LiveScan™ to inspect URLs in real-time for any visual divergence, such as layouts and images, to detect credential phishing webpages. Sender Impersonation Analysis evaluates headline details and email authentication results to stop impersonation attacks. File Attachment Inspection analyzes social engineering traits of attachments and malicious codes to stop ransomware. SlashNext has been developing this patent-pending solution internally for over two years and is at the forefront of multichannel messaging security. Its threat researchers recognized that generative AI would soon change the face of BEC attacks. About SlashNext SlashNext is a leading cloud-based messaging security solutions provider to safeguard against malicious messages across all digital channels. Its integrated messaging security platform, called SlashNext Complete™, is equipped with patented HumanAI™ technology having a detection accuracy rate of 99.9% and is capable of detecting real-time threats across various messaging channels such as mobile, email and web-based messaging applications like LinkedIn, M365, Gmail, WhatsApp, Slack, Telegram, Teams, and others. By taking advantage of SlashNext's Integrated Cloud Messaging Security, businesses can safeguard their sensitive information from data theft and financial fraud breaches. The company's solution is designed to detect and prevent zero-hour threats in real-time to ensure their customers' highest level of security.

Read More

DATA SECURITY, ENTERPRISE SECURITY, PLATFORM SECURITY

Contrast Security Launches New Partner Program, Security Innovation Alliance

Contrast Security | February 02, 2023

On February 1, 2023, Contrast Security (Contrast), a leading code security platform, announced the launch of its new partner program, the Security Innovation Alliance (SIA), a worldwide ecosystem of system integrators (SIs), cloud, channel, and technology alliances. SIA's mission is to provide customers with unrivaled, fully integrated application security solutions from Contrast and its strategic alliance partners, which include Amazon/Amazon Web Services (AWS), GitLab Inc., Microsoft, VMware, Armor Code, PagerDuty, Zimperium, Anchore, Wallarm, Neosec, Noname Security, Ermetic, Cloudwize, BLST Security, ProtectOnce, Scribe Security, Wiz, and Legit Security. Furthermore, the team will concentrate on expanding collaborations with SIs, technology providers, and independent software providers (ISVs). SIA and Contrast's robust strategic partner integrations will not only enable partners to integrate with the Contrast Secure Code Platform seamlessly but will also enable clients to realize the following benefits: To use Contrast's services confidently as part of a more extensive program for application security (AppSec). Increase the predictability of security and decrease the risk of implementing new code and AppSec technologies. Increased trust and confidence in already implemented technologies. SIA is designed to boost its partners' business capabilities to satisfy AppSec clients' demands. Contrast collaborates with each partner to deliver a customized experience that meets their specific interests and business requirements, including a streamlined onboarding process, joint marketing campaigns, integration support and access to the company's impressive install base. SIA is led by Goodman, a seasoned Alliance professional, and several other industry leaders, including Tracey Mead, Vice President, Strategic Alliances, System Integrators; Frank Gasparovic, Director, Ecosystem Engineering; Rachael Mott, Senior Director, Strategic Alliances, Technology Partners; Callie McCormick, Global Director of Channel Sales; and Ram Yonish, VP of EMEA Alliances. About Contrast Security Founded in 2014, Contrast Security is a leading code security platform firm purposely created for developers to get secure code flowing quickly and trusted by security teams to protect business applications. With Contrast, developers, security, and operations teams can swiftly secure code across the entire Software Development Life Cycle (SDLC) to defend against today's targeted Application Security (AppSec) threats. It also provides free security testing to all developers through CodeSec. Established by cybersecurity industry experts to replace old AppSec solutions that cannot secure modern organizations, the company defends its customers from major cybersecurity attacks, which include some of the world's top brands, such as BMW, AXA, DocuSign, Zurich, Sompo Japan, and American Red Cross, as well as several other prominent leading Fortune 500 companies.

Read More

DATA SECURITY, SOFTWARE SECURITY

Virtru Joins NIST NCCoE Data Security Consortium

Virtru | March 03, 2023

On March 2, 2023, Virtru, a prominent figure in data-centric security and privacy, announced its involvement in NIST's National Cybersecurity Center of Excellence (NCCoE) Data Classification Practices: Facilitating Data-Centric Security Management initiative. As part of a team of global technology leaders, Virtru will collaborate with NIST to develop recommended data classification and data-centric security practices, which will protect data while supporting business practices and transactions. The goal of this collaborative effort is to promote data-centric security on a larger scale. As systems become more mobile, dispersed and shared across different environments and stewardship, traditional network-centric security measures are increasingly ineffective at protecting information. Data-centric security aims to safeguard data at the object level by securing it directly rather than simply securing the systems and networks that store and transmit it. Organizations employing this approach can identify their data, its characteristics, and the security and privacy requirements needed to control and protect it fully. Virtru has a long-standing history of partnering with the public- and private-sector organizations to achieve data-centric security, serving the federal intelligence community, the largest financial institutions globally, and over 8,000 organizations worldwide. Virtru's technology enables organizations to enforce policy, encryption and access controls directly to data being transmitted via files, emails and SaaS applications while allowing organizations to manage their encryption keys for complete control and data sovereignty. Virtru's Chief Technology Officer, Will Ackerly, commented, "Data-centric security is central to everything we do at Virtru," He further emphasized, "Our goal is to enable the mission — that means moving data freely, but securely. Being a member of NIST's NCCoE Data Classification project is a manifestation of more than a decade of hard work. By tagging data appropriately, we can help ensure public- and private-sector organizations can trust that their data will be used and shared appropriately, just as the data creator intended. This is vital to the future of collaboration." (Source – Globe Newswire) About Virtru Virtru is a leading data security and privacy solutions provider. With end-to-end encryption for major data-sharing platforms like Microsoft and Google, it helps customers take charge of their data wherever it is shared. It empowers organizations to keep control of their data by ensuring that it is protected everywhere it is stored and shared. The company is trusted by over 8,000 customers worldwide and is dedicated to safeguarding their sensitive data according to the highest security standards. Its Trusted Data Format (TDF) is an industry standard that provides persistent data protection through encryption technology for data shared via email, collaboration tools, cloud environments, and enterprise SaaS applications.

Read More

More featured news