White Cyber Knight – WCK is at the vanguard in the fields of Cyber Security Risk Assessment and Compliance. WCK is involved in leading research and standardization activities, and developed innovative software solutions for multiple business and security needs.
SMB (Small to Medium Business) suppliers that are part of supply chain of large enterprises have become the target for indirect cyber-attacks. Significant security incidents last year were initiated through such suppliers typically less protected than their customers, and thus were identified by hackers as the weak link leading to enterprise domains access. Enterprises are struggling to control these complex interactions and the cyber threats they pose to their internal infrastructure. As a result, new security regulations require large enterprises to assess their providers, as part of their own liability. The requirement started in the banking sector, it is expanding to the critical infrastructures, and due to the last version of the Privacy Law in Europe it will include every SMB that will receive customer information from and enterprise.
The challenge:There are about millions SMBs in the world. This is a new security assessment burden. With a current shortage of 1M security experts, the required personnel are simply not available. Even if they were available, no enterprise, with 1000-3000 suppliers, will pay for a manual assessments of those suppliers.
The solution provides a simple user-friendly Self-Assessment interface for the SMB suppliers with sophisticated analytics and cyber tools in the back. Based on the supplier’s profile (services, connectivity, etc.); it automatically sets the needed security requirements. The supplier is guided through a simple self-assessment. It is asked factual questions tailored for him, including their maturity model. It can attach evidences. The portal provides recommendations for each SMB, dashboards, reports, and remediation workflows.
The portal was developed on top of our unique proven risk management platform of WCK that serves as the management solution for the enterprise, to centrally assess the risks of the SMBs.
The enterprise is able to control and visualize the whole compliance process, including: The status of its suppliers, risk patterns across multiple suppliers, required regulatory changes, the ways suppliers’ risks may affect its critical supply chain processes. And how the organization should protect itself if it must work with a risky supplier.
The SMBs Portal can serve enterprises, MSSPs, or implemented as a stand-cloud solution. It can also be integrated with WCK’s GRC platform for enterprises. This integrated ecosystem provides comprehensive overall coverage of security management – internal and external.
In the next phase we will be able to add analysis of logs from firewalls. Map threat alerts to identified vulnerabilities, and if aloud to retrieve information from the SMB (beta solutions were already developed).
The development of the Self-Assessment Portal was completed 2 months ago. It is already installed and working in two banks in Israel, and there is sales process of 20 opportunities, in Israel, Europe and India. The pricing model is 100-200 USD per Vendor. Depends on Geographic.
For more information, or to try out an online assessment, contact firstname.lastname@example.org.