DATA SECURITY

GM Sectec and SecurityScorecard Bolster Design Partnership

SecurityScorecard | March 17, 2022

SecurityScorecard
SecurityScorecard, the leader in security ratings, and GM Sectec, a leader in cyber protection laser-focused on the payments industry, today announced a design partnership to expedite the global growth and acceptance of security ratings in more than 55 countries across the globe.

GM Sectec's network of over 50,000 clients and end users across the world now has quick insight into the security posture of suppliers and business partners, as well as the capacity to conduct self-assessments, thanks to the relationship with SecurityScorecard.

COVID-19 has contributed in greater usage of digital tools and data generation, with the World Bank estimating that by the end of the year, yearly total Internet traffic will have climbed by 50% from 2020, reaching 4.8 zettabytes. The article emphasizes how businesses are more interconnected, as well as how rising digitalization has pushed the global population onto a new path of cyber dangers and assaults. In comparison to other insurable risks, the rapid increase in ransomware highlights the speed and scope of cyber risk. Ransomware attacks have climbed by 150% in the last year, with total ransoms paid up by 311% 2. Insurance providers had a record high loss ratio of 67% 3 as a result of the huge increase in frequency and severity.

"Enhancing our existing alliance with SecurityScorecard, supports organizations anywhere in the world in hardening their security posture and achieving the adoption of secure technologies and practices. Organizations need to understand their true cyber risk and be able to respond quickly and efficiently to strengthen their position."

Héctor Guillermo Martínez, president of GM Sectec

SecurityScorecard is the industry's top platform for security evaluations, with thousands of firms using it throughout the world. Vendor risk management, self-monitoring, board reporting, cybersecurity insurance underwriting, and M&A due diligence have all seen increased use cases as the firm has grown.

Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard said that "Organizations look to SecurityScorecard to transform the way they understand, mitigate, and communicate cybersecurity risk. Partnering with GM Sectec delivers value to organizations around the world by providing clearer visibility to their cyber postures and dramatically improving their ability to communicate, mitigate and respond to risks."

GM Sectec has over 50,000 clients and users throughout the globe, as well as four Critical Incident Response and Replication Centers (CIRRCs), three in the US and one in Mexico, that provide managed detection and security services to its customers 24 hours a day, seven days a week, 365 days a year. SOC 2 Type 2 Service Organization, TMA Certified, authorized to use CERT, PCI Qualified Security Assessor, PCI Approved Scanning Vendor, PCI Point-to-Point-Encryption (P2PE), PCI PIN, PCI PFI, UL Listed, Visa Preferred Partner in Cybersecurity, and FIRST Incident Response team member are just a few of the certifications the company has received.

Spotlight

In this Q3-2014 report, Forrester evaluates the 15 most significant EMM providers and details how each vendor fulfills the 27 evaluation criteria points.


Other News
DATA SECURITY, ENTERPRISE IDENTITY

SandboxAQ Acquires Cryptosense to Accelerate Delivery of Security Solutions to Global Organizations

SandboxAQ | September 14, 2022

SandboxAQ, an enterprise SaaS company delivering the compound effects of AI and Quantum tech (AQ) to governments and the Global 1000, today announced it has acquired Cryptosense, a leading cybersecurity and encryption analysis software company. SandboxAQ's acquisition comes just weeks after the company unveiled its Strategic Investment Program and initial investment in evolutionQ. The acquisition of Cryptosense complements and accelerates the deployment of SandboxAQ's Post-Quantum Cryptography (PQC) solutions to corporations and government institutions worldwide. SandboxAQ's cybersecurity products enable large enterprises to scale cryptography management across their IT infrastructure, providing CISOs with a single, 360° view of how encryption is used throughout the enterprise – a critical first step in migrating to PQC. This migration to stronger cybersecurity is important for critical infrastructure sectors such as financial services, technology, energy, biopharma, logistics, and government. Cryptosense is used by leading technology and financial services organizations and is a fellow NIST NCCOE partner. The combined customer relationships will help SandboxAQ bring its PQC solutions to market faster and protect these organizations and their customers from existing and emerging quantum threats, such as Store Now, Decrypt Later (SNDL) attacks. "Rapid advances in quantum computing and AI challenge the effectiveness and performance of existing cryptography-based cybersecurity solutions. The combined leadership, talent, and expertise that SandboxAQ and Cryptosense bring to the marketplace accelerates the deployment of more effective cryptography solutions to protect the world against the security threats of today and tomorrow," said Jack D. Hidary, CEO of SandboxAQ. "The caliber of the Cryptosense team is recognized throughout the information security community, with the leadership by Graham Steel and Clément Jeanjean. We welcome Cryptosense to the SandboxAQ family and look forward to our continued success as one company." "The complementary functionality and expertise between Cryptosense and SandboxAQ enables us to build and deliver SaaS solutions at scale with higher touch customer service. PQC implementation is critical to protect the world's sensitive data and together we will make a greater impact." Dr. Graham Steel, Cryptosense founder Cryptosense was advised by Stifel and Hogan Lovells and SandboxAQ was advised by Morgan Lewis. About SandboxAQ SandboxAQ is an enterprise SaaS company, providing solutions at the nexus of AI and Quantum technology (AQ) to address some of the world's most challenging problems. The company's core team and inspiration formed at Alphabet Inc., emerging as an independent, growth-capital-backed company in 2022. About Cryptosense Cryptosense is an enterprise SaaS company that helps organizations identify and catalog the cryptography leveraged within their applications and infrastructure. Some of the largest technology and financial services companies worldwide use Cryptosense for their cybersecurity needs. Cryptosense announced a $4.8 million funding round in May 2021 backed by Amadeus Capital Partners, Elaia Partners and BGV.

Read More

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

AwareGO Launches Employee Cybersecurity Risk Audit for Organizations

AwareGO | October 17, 2022

Human cyber risk management and awareness company AwareGO announced today that during the National Cybersecurity Awareness Month, the company launches its long-awaited full Employee Cybersecurity Risk Audit and consultation. “Today, around 90% of all successful cybersecurity attacks involve employees enabling the break-in. It is therefore critical for anyone responsible for an organization's cybersecurity to have a clear picture of what employees know and how they behave in the face of potential threats. Only then is it possible to effectively respond with training or other risk-reducing approaches.” said AwareGO Chief Executive Officer Ari Jonsson, Ph.D. “AwareGO's Human Risk Assessment software is the first of its kind when it comes to measuring both the knowledge and the behavior of employees for a broad range of cybersecurity threats, going far beyond just phishing. This capability is allowing us to now launch our full-service Employee Cybersecurity Risk Audit for organizations. In this audit, our cybersecurity experts work directly with individual organizations to set up the appropriate assessment, execute it, evaluate the outcome and map that to effective risk-reducing decisions.” AwareGO is renowned for its industry-leading Human Risk Assessment and its uniquely effective approach to security awareness training. Created by cybersecurity experts, behavioral scientists and interaction designers, the Human Risk Assessment uses interactive scenarios to assess employees across a wide range of threat areas and key behaviors. The resulting dashboards and reports help identify vulnerable departments and roles, and offer actionable insights to create informed security strategies to improve any organization’s overall cyber defense and reduce cybersecurity risks. The Employee Cybersecurity Risk Audit is designed to apply the capability of the Human Risk Assessment as effectively and as efficiently as is possible for client organizations, so that they may quickly identify vulnerabilities among their employees and address them right away. The audit is conducted by AwareGO experts who will work with clients through the entire process. The first step is to work with the client to determine the scope and priorities for the audit, based on company structure, risk profile, security stance and more. Then, the employees will be assessed across six different threat areas: phishing; passwords; sensitive data handling; device handling; physical security; and remote work. When that has been completed, our experts deliver a detailed report on the results and consult with the client to identify potential next steps to reduce vulnerabilities, as well as to develop an informed cybersecurity strategy for the future — backed up by data. Organizations interested in the Employee Cybersecurity Risk Audit can schedule a 15-30 minute call with AwareGO through this web page to learn more about the process and to get a price quote based on the expected scope of the project for their case. About AwareGO AwareGO is a global provider of human cyber risk and awareness solutions that help enterprises, and SMEs identify, quantify and remediate the human risk factor when it comes to cybersecurity. To date, AwareGO has successfully trained more than 8 million employees worldwide. Based in Iceland, the company has locations in the United States, Czech Republic, and Croatia.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

LMG Security Introduces New Proactive Cybersecurity Solutions

LMG Security | September 30, 2022

LMG Security, an internationally recognized cybersecurity consulting firm, has expanded its popular selection of cybersecurity advisory, testing, and training services with a new line of cybersecurity solutions. These solutions are designed to reduce the burden organizations face from implementing or managing cybersecurity technology, as well as create fast, easy access to skilled cybersecurity staff to augment internal teams. LMG Security is pleased to announce it now offers the following new solutions and services: Virtual CISO and Staff Augmentation: Organizations struggle to find and retain cybersecurity talent. LMG Security provides staff augmentation services that enable organizations to quickly access the specialized cybersecurity skills they need on a fractional basis. Endpoint Detection and Response Implementation: LMG Security implements and seamlessly integrates an endpoint detection and response solution that helps organizations defend against zero-day attacks, supply chain vulnerabilities, and other common cybersecurity threats. Multi-Factor Authentication Implementation (MFA): Protect against attack vectors such as phishing, business email compromise, and cross-cloud attacks with a customized MFA implementation. Password Manager Implementation: A password manager is a simple, affordable way to decrease the risk of a data breach from weak or reused passwords. LMG Security's team implements the password manager and ensures that it is optimally configured. Managed On-Demand Employee Cybersecurity Training: Get experts to design and manage your cybersecurity training for you. An LMG Security cybersecurity specialist will plan and monitor your training program to ensure your employees have the skills to be an effective "human firewall." Continuous Attack Surface Monitoring: LMG Security's team implements and seamlessly integrates a solution that scans Internet-facing systems to help organizations identify assets that are exposed or vulnerable. All LMG Security cybersecurity solutions are implemented and managed by experts who ensure that each solution follows all cybersecurity best practices and is optimally integrated with each organization's existing tech stack. "Organizations are struggling to find and hire skilled cybersecurity talent. "We make it easy for our clients by offering expert virtual CISO and cybersecurity staff augmentation services, as well as implementation and management services for key cybersecurity solutions." Davidoff continued, "IT teams are stretched to the limit at most organizations. We're excited to launch these new cybersecurity solutions that will help organizations defend against the constantly changing threat landscape." Sherri Davidoff, president and CEO of LMG Security ABOUT LMG Security LMG Security is an internationally recognized leader in the cybersecurity consulting industry. This full-service cybersecurity firm provides one-stop shopping for a wide array of cybersecurity services. Specializing in technical testing, advisory and compliance services, and training for more than a decade, the LMG Security team's security testing services were featured on the Today show. In addition, the team has published cutting-edge research on cell phone intrusion detection and banking Trojans, written books on network forensics, data breaches, and an upcoming book on ransomware and cyber extortion, and routinely speak or train at Black Hat, RSA and many other security conferences. LMG Security is privately held and headquartered in Missoula, Montana.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

OneSpan Launches Virtual Room Enabling Secure Face-to-Face Transactions

OneSpan | September 19, 2022

OneSpan™ , the digital agreements security company, today announced the general availability of its secure Virtual Room cloud service which enables organizations to deliver live, high-touch assistance to their customers in a high-assurance virtual environment. This next-generation customer engagement solution gives organizations the ability to balance identity security, authentication, and e-signature solutions from the broader OneSpan portfolio with a high-assurance virtual experience that is the next best thing to entering a branch or meeting in person. Virtual Room complements digital-first transaction experiences by providing a unique opportunity for organizations to create personalized, high-touch, human-assisted interactions, and by improving the customer experience, increasing agreement completion rates, and reducing security risks and fraud. “Today, businesses requiring a high degree of security and regulatory compliance rely daily on a variety of technologies that use insecure, shared links and expose users to elevated risks including data breaches and compliance violations in the anywhere economy. This should not be the case. Organizations and their customers want to be confident that the person joining a virtual meeting is the person they claim to be. And multi-million dollar business agreements transacted digitally should not be subject to fraud fallout. “Today’s off-the-shelf video conferencing tools do not offer optimal security. As the complexity and value of transactions increase, customers want a live interaction rather than relying on a virtual assistant or self-service experience. We built Virtual Room for these scenarios to help our customers complete an agreement or transaction where they need a personal touch and where security is paramount.” Matthew Moynahan, President and CEO at OneSpan Combining OneSpan’s heritage in high-assurance identity verification and authentication with agreement co-browsing, web-enabled videoconferencing, rich collaboration features, and built-in e-signature, Virtual Room helps organizations engage and transact with customers with confidence. Virtual Room can be used for multiple high-value customer agreements, including account opening and maintenance, wealth management, and car financing. Virtual Room enables organizations to: Verify the identities of participants, utilizing OneSpan’s identity verification and mobile and hardware authentication solutions; Interact with signers remotely; Simultaneously review documents and address questions; Capture legally binding e-signatures in real-time; and Record virtual sessions to reinforce the electronic evidence captured in the audit trails. A recent report from Aragon highlighted the need for higher assurance within these processes. “It’s important for buyers to look for a provider that has global security compliance expertise in all aspects of the workflow, from the initial identity verification and authentication steps, to creating a secure virtual interaction environment and all the way through to securing the final output or artifact of the transaction, for compliance and enforceability purposes. Equally important, buyers should look for a vendor that has the flexibility to adapt any step in the digital workflow to meet local regulations for digital identity, secure customer authentication, transaction risk analysis, and the many other security requirements, which differ from one country to the next.” As a secure solution for customer-facing digital agreements where the integrity of the agreement is paramount, ​Virtual Room allows organizations to embrace a new way of working that’s more distributed, virtual, and dynamic, enabled by advancements in cloud technology. With the onset of the anywhere economy, and with more transactions being completed online, identity verification and authentication technologies are critical in the digital agreements process. This purpose-built, high-assurance digital agreement solution includes identification and authentication capabilities that enable organizations to increase the integrity and completion rates of agreements and transactions in a highly-secure and protected ecosystem without impacting user experience or productivity. About OneSpan OneSpan helps organizations accelerate digital transformations by enabling secure, compliant, and refreshingly easy customer agreements and transaction experiences. Organizations requiring high assurance security, including the integrity of end-users and the fidelity of transaction records behind every agreement, choose OneSpan to simplify and secure business processes with their partners and customers. Trusted by global blue-chip enterprises, including more than 60% of the world’s largest 100 banks, OneSpan processes millions of digital agreements and billions of transactions in 100+ countries annually.

Read More