Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Trustwave Launches First-of-Its-Kind Cyber Supply Chain Risk Assessment Solution for the Pacific Region

SecurityNewsSaaS
By AIT News Desk
  • In The Face of Increased Concern About Vendor Cybersecurity Risk, Company Behind SolarWinds Vulnerability and GoldenTax Discoveries Creates Fully Scalable Solution

Trustwave, a leading managed security services provider focused on managed detection and response, has launched a first-of-its-kind cyber supply chain risk assessment solution for enterprises and SMBs in the Pacific region. The service, called Managed Vendor Risk Assessment (MVRA), gives organisations access to deep, fully scalable cybersecurity vendor assessments formerly prohibitively expensive.

Global #cybersecurity leader Trustwave has launched a first-of-its-kind cyber #supplychain risk assessment solution for enterprises and SMBs in the Pacific region.

Demand for this solution has been driven by organisations increasingly reliant on external vendors for the provision of data processing and storage services, as well as a range of other cloud-based or security-sensitive services. Greater outsourcing and deeper integration with vendors means heightened supply chain risk exposure.

In addition, recent supply chain breaches discussed extensively in the media, including the SolarWinds Orion breach, have raised awareness of the need to move away from ad hoc vendor assessments or those built solely on technology which frequently miss vulnerabilities or lead to bad commercial outcomes for both parties.

Recommended AI News: Delta Presents via Its Virtual Exhibition Its New Energy-Efficient Solutions for 5G and IoT Peripheral Computing

“Part of the reason we built MVRA is our concern for the cyber resilience of the enterprise space. We are encountering gaps in organisations where vendors are left unassessed because of the perceived cost. MVRA gives organisations the ability to assess a large number of vendors with a consistency of measurement not possible before while still leveraging the expertise of genuine security consultants. For these organisations and the wider community, scalability brings safety,” said Nick Ellsmore, global head of strategy, consulting & professional services at Trustwave.

Ellsmore said that MVRA is a solution informed by decades of real-world consulting experience on the cybersecurity frontlines married to best-in-class risk assessment technology.

This Trustwave  technology has been developed by Findings whose platform is a global solution of choice in VRM automation for enterprises and vendors of all sizes. By automating the labour-heavy process of vendor assessments, Findings allows for fuller coverage of the organisation’s supply chain, and therefore heightened security and lower supply chain risk.

“While conventional methods apply a Pareto cutoff to invest their manual resources in some of their vendors, current attacks have shown this approach’s vulnerabilities and the need for wider coverage,” says Kobi Freedman, co-founder and CEO of Findings. “Security friction is becoming a global challenge on supply chains, whether from regulatory or objective risk.”

Ellsmore added, “MVRA uses Findings’ technology to accelerate and harmonise critical elements of the audit. Riding on top of this is a layer of experience and strategic human cybersecurity thinking specifically applied to deliver the best outcomes.”

Recommended AI News: Quobyte Releases Hadoop Native Driver To Unlock The Power Of Enterprise Analytics, Machine Learning, Streaming, And Real-Time Applications

“It takes people to assess people. Purely technological solutions to the vendor supply chain risk are sometimes adequate but often come up short because they tend to minimise real risk while amplifying smaller risks. They don’t apply a business thinking lens.”

Ellsmore also said that part of the challenge is what he calls “Go/No Go” decisions about third-party suppliers. These decisions are being made without enough information and consistency. For example, a fully automated supply chain assessment might lead a company to rule out a vendor too quickly without considering the business implications.

“What we’re seeing is unintended cybersecurity consequences,” Ellsmore said. “A marketing department, for instance, gets rid of a very effective customer engagement technology based on a superficial vendor risk assessment, only to find three months later everyone on the team is surreptitiously using a handful of different, unvetted solutions to fill this gap.”

Based on 25 years of cybersecurity services experience and thousands of risk assessments, the service encompasses both an automated and specialist-led assessment, built on a software-as-a-service (SaaS) platform that is easy to use by organisations of all sizes.

The MVRA service provides:

  • Streamlined process to onboard vendors and collect essential data, including penetration test reports, audit reports, and technical and organisational data;
  • Comprehensive security maturity questionnaire built on the NIST Cybersecurity Framework that is both reasonable and realistic for vendors to complete;
  • A further review of each vendor’s responses and data conducted by a skilled Trustwave specialist who understands possible indications and implications of vendor risk. Each answer and security asset is reviewed by our experts for completeness and accuracy;
  • For each vendor assessed, a report is delivered within eight days. The report identifies the vendor’s maturity and risk rating on a consistent scale, helping clients understand the potential risk exposure as it pertains to the nature of their business – the type of system, sensitivity and volume of data, and nature of the supply chain link;
  • Assessment reports also importantly deliver an impact analysis with recommendations for remediating gaps and issues for each vendor.

Recommended AI News: FlexClip Launches Resource-Rich Video Maker For Creating Stunning Videos

AIT News Desk

AIT News Desk is a trained group of web journalists and reporters who collect news from all over the technology landscape. The technical space includes advanced technologies related to AI, ML, ITops, Cloud Security, Privacy and Security, Cyberthreat intelligence, Space, Big data and Analytics, Blockchain and Crypto.
To connect, please write to AiT Analyst at news@martechseries.com.

You might also like More from author

Comments are closed.