ENTERPRISE SECURITY

SecurityScorecard Partners with Tenable to Deliver Complete Cyber Risk Monitoring

SecurityScorecard | August 23, 2021

SecurityScorecard, the global leader in security ratings, today announces a partnership with Tenable the Cyber Exposure company, to deliver a comprehensive view into an organization's risk posture by marrying Tenable's unmatched visibility and depth of analytics into enterprise environments with external cyber monitoring powered by SecurityScorecard. As a result of this partnership, CISOs, IT leaders and security teams are able to review their SecurityScorecard rating, assess their external cybersecurity health, and understand their risk posture directly within the Tenable Lumin dashboard.

"Understanding your up-to-date risk posture has become a necessity in a world that's increasingly more complex, dynamic and transient," said Ray Komar, vice president of technical alliances, Tenable. "We're excited to partner with SecurityScorecard to give customers complete visibility into the risks that exist inside and outside their environment, and guidance for how to most effectively reduce that risk, all in a single platform."

Point-in-time or periodic cybersecurity testing procedures have become antiquated. Today's cyber risks change by the minute and companies need a solution that keeps pace with the dynamic nature of cybersecurity by continuously monitoring for exposures and measuring the security posture and cyber resilience across the organization.

"Organizations must be proactive to address cyber breaches, and security ratings are the foundation to measuring and understanding security resilience in real time," says Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. "Together, SecurityScorecard and Tenable are advancing a new standard for continuous monitoring by blending external and internal risk assessments, which provide organizations with a holistic view into the risks that exist in their environments."

The integration pairs Tenable Lumin's advanced analytics capabilities for assessing risk alongside real-time visibility of external vulnerabilities from SecurityScorecard. This arms Tenable Lumin customers with the intelligence to develop external risk management and threat detection playbooks through real-time updates, allowing organizations to effectively identify and respond to threats and risks.

SecurityScorecard continuously monitors millions of entities globally, and uses non-intrusive proprietary methods to assess their security posture across ten risk categories to instantly deliver an easy-to-understand "A" through "F" rating; including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. On a daily basis, these ratings are updated based on objective, publicly-available data that, similar to credit ratings, provides an "outside-in" view of an entity's security posture.

About SecurityScorecard
Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with tens of millions of companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 18,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Spotlight

Do you know the biggest threat to your business does not need to come from outside, but from within? Internal security threats do not necessarily mean spies being sent in by your competitors to crash your business, just as we see in the movies; rather it can be your employees — the same people you have entrusted with the goings on of your operations. It’s not that they are plotting against you, and usually, they don’t even know that they are putting your business in danger. The reason why your employees are such a threat to your business has to do with something that you probably would never expect. What is it? – Carelessness.

Spotlight

Do you know the biggest threat to your business does not need to come from outside, but from within? Internal security threats do not necessarily mean spies being sent in by your competitors to crash your business, just as we see in the movies; rather it can be your employees — the same people you have entrusted with the goings on of your operations. It’s not that they are plotting against you, and usually, they don’t even know that they are putting your business in danger. The reason why your employees are such a threat to your business has to do with something that you probably would never expect. What is it? – Carelessness.

Related News

DATA SECURITY

CyberSN acquires Leader Matt Donato of cybersecurity staff to expand reach into the Southeast & Mid-Atlantic region

prnewswire | November 17, 2020

CyberSN, an innovation engaged ability securing firm in the U.S. zeroed in only on cybersecurity experts has reported its extension in the Southeast and Mid-Atlantic areas with the employing of Matt Donato and Drew Crisan in Charlotte, NC. Matt Donato joins CyberSN as its Managing Director South Region liable for all action from Washington DC to Florida. Preceding CyberSN Matt was one of the Founders of a Charlotte, NC based cybersecurity staffing firm. "I am so eager to join the CyberSN family and consolidate my affection for cybersecurity with the staggering assets at CyberSN. I am anticipating extending the CyberSN brand in this locale," said Donato. Drew Crisan additionally joins CyberSN as its Cybersecurity Recruiting Manager for the East and South Regions. CyberSN Founder and CEO Deidre Diamond said of the extension, "we are seeing an expanded interest for our administrations, particularly our Resume Service, called Talent Scout, where we accomplish a large portion of the work and our customers do half, for a large portion of the cost. This development with solid pioneers like Matt and Drew implies we can more readily support this area." North Carolina is a developing business sector with a 128% development in tech work postings in 2019 and an extended requirement for 3,960 extra data security examiners by 2024. These positions are progressively open to out-of-territory up-and-comers, which will permit neighborhood organizations to use the CyberSN public organization of employment searchers. As indicated by NCTECH's positions rundown, "the Charlotte locale added 39,413 tech occupations a year ago," which was instrumental in CyberSNs' choice to add assets to this district, said Diamond. "We are multiplying down broadly in all business sectors. Our resume administration, dispatched recently, has demonstrated to be truly attractive. With more administration hands on the wheel, we can support substantially more of the network we love," said Diamond. About CyberSN Founded in 2014, CyberSN is solely focused on the cybersecurity talent industry serving as a trusted brand across the U.S. Recognized by their unique care and dedication to the cyber community, diversity and inclusion initiatives, and KnowMoreTM, their cybersecurity job posting and talent matching platform.

Read More

DATA SECURITY

Smithers Announces the Launch of Information Security Services

Smithers | May 25, 2021

Smithers, a leading provider of testing, consulting, information, and compliance services, is pleased to announce the launch of its information security services department. This agency will provide auditing and certification services for NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC), as well as other customized information security offerings. Smithers Quality Assessments Division offers 25+ years of high-touch, value-added third-party auditing expertise to the CMMC program, including trained, professional auditors to perform CMMC assessments for organizations that are current suppliers to the United States (US) Department of Defense, as well as those looking to meet the requirements of being a supplier. Smithers' information security service offering ensures the security of clients' sensitive data by delivering reliable assessments on time and with a high level of touch. "Information security threats continue to intensify as a significant concern to organizations of all sizes," says Jeanette Preston, President of Smithers Quality Assessments Division. "As a matter of business continuity, many companies would be required to ensure sensitive data security as a requirement to do business with defense, governmental agencies, and highly regulated industries." The information security services department will be launched and led by Aaron Troschinetz, General Manager for Smithers Quality Assessments Division in North America. "During audits, we see that clients have a genuine need for these facilities," Troschinetz says. "Companies do not need multiple vendors because we provide information security in addition to our existing auditing and certification services. Smithers is now capable of serving as their full-service trusted partner." About Smithers Smithers is a multinational provider of testing, consulting, information, and compliance services that were founded in 1925 and is headquartered in Akron, Ohio. Smithers serves customers in the transportation, life science, packaging, fabrics, parts, consumer, and energy sectors through laboratories and operations in North America, Europe, and Asia. Smithers integrates science, technology, and business expertise to provide accurate data on time and with a high touch, allowing consumers to innovate with confidence.

Read More

DATA SECURITY

Google Announces Cybersecurity Action Team to Support the Security Transformations of Public and Private Sector Organizations

Cybersecurity Action Team | October 13, 2021

Google announced the Google Cybersecurity Action Team. Made up of experts from across the company, the Google Cybersecurity Action Team will be the world's premier security advisory team with the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises and small businesses. To deliver on this mission, the Google Cybersecurity Action Team will provide: Strategic advisory services for customers' security strategies, including transformation workshops and educational content. This function will advise customers on the structure of their digital security transformation and provide program management and professional services support. Trust and compliance services that map our global compliance certifications to industry control frameworks, enabling customers to simplify their compliance journey. Security customer and solutions engineering that deliver proven blueprints and architectures for deploying Google Cloud products and services securely and in accordance with regulatory requirements, as well as comprehensive solutions for autonomic security operations, cyber resilience and more. Threat intelligence and incident response services, which include threat briefings, preparedness drills, incident support and rapid response engagements to stay on top of the evolving security landscape. The vision of this team is to guide customers through the cycle of security transformation - from their first transformation roadmap and implementation, through increasing their cyber-resilience preparedness for potential events and incidents, and engineering new solutions as requirements change. This effort will begin within Google Cloud, building on our close partnerships with organizations of all sizes, and will evolve to bring Google security to more organizations as it progresses. "Cybersecurity is at the top of every C-level and board agenda, given the increasing prominence of software supply chain exploits, ransomware, and other attacks. To address these unprecedented security challenges facing organizations in every industry today, we are announcing the creation of the Google Cybersecurity Action Team," said Thomas Kurian, CEO of Google Cloud. "The Google Cybersecurity Action Team is part of our ongoing commitment to be the best partner for our enterprise and government customers along their security transformation journey." Recent attacks like USAID, Colonial Pipeline, and Solarwinds all speak to a major shift in the needs of threat protection. In August, Google dedicated $10 billion over the next five years to strengthen cybersecurity, including expanding zero trust programs, securing software supply chain frameworks, enhancing open-source security and strengthening the digital security skills of the American workforce. The Google Cybersecurity Action team is one of our efforts under these commitments. "The Cybersecurity and Infrastructure Security Agency (CISA) recently established the Joint Cyber Defense Collaborative (JCDC). This initiative will unite government and private sector entities to enhance efforts to prevent and respond to malicious cyber activity against the nation's critical infrastructure," said CISA Director Jen Easterly. "It's great to see a large company like Google Cloud orient itself to support the cybersecurity of all organizations large and small through its Cybersecurity Action Team, and as part of the JCDC and other initiatives, we look forward to partnering with them and other tech companies in this vital effort." "Google Cloud has been a critical partner in the BBVA security journey, helping us protect our customers' sensitive and proprietary data with modern frameworks like zero trust and secure-by-default products like Google Workspace," said Alvaro Garrido, Chief Security Officer at BBVA. "We look forward to the strategic services and guidance the Google Cybersecurity Action Team will deliver as we continue on our security transformation." Under the Google Cybersecurity Action Team, Google Cloud will deliver full spectrum security and customer engineering solutions that will help organizations address business and security challenges. These will build on existing offerings like Autonomic Security Operations, which helps businesses transform their organization's Security Operations Center (SOC) and Web App and API Protection, which provides customers a comprehensive solution for protecting against modern internet threats. Today, Google Cloud announced a new security and resiliency framework that delivers customers a comprehensive security management program with cloud technologies that are aligned to the National Institute of Standards and Technology's Cybersecurity Framework. Additionally, Google also announced its new Work Safer offering, designed to help organizations, their employees, and partners collaborate and communicate securely and privately in today's hybrid work environment. It uniquely brings together the cloud-native, zero-trust solutions of Google Workspace with industry-leading solutions from across Google and its cybersecurity partners, CrowdStrike and Palo Alto Networks. Customers need a consistent approach to preparing for and defending against cybersecurity threats,Our comprehensive suite of security solutions delivered through our platform and amplified by the Google Cybersecurity Action Team will help protect organizations against adverse cyber events with capabilities that address industry frameworks and standards. Phil Venables, Vice President and Chief Information Security Officer at Google Cloud and founder of the Google Cybersecurity Action Team About Google Cloud Google Cloud accelerates organizations' ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Read More