Our cyber security products span from our next gen SIEM used in the most secure government and critical infrastructure environments, to automated cyber risk reporting applications for commercial and government organisations of all sizes.
Supply chain, or third-party, risk management is fundamental to your organisation’s cyber security. Supply chain partners are increasingly putting organisations at risk from their poor cyber security practices – either exposing data that is shared with them or presenting a risk of their own outages (e.g. due to ransomware) impacting the organisations that rely on them. There is also the risk that suppliers to large organisations will be seen as a soft target and used as a point of access to the ultimate target of an attack.
Organisations need to establish and maintain “trusted relationships” with supply chain participants and partners and that begins with:
Typically, organisations undertake a level of due diligence before entering into a supply agreement; this might include product/service quality, commercial performance, legal undertakings, and financial risk. It now means more; it means shared security standards, minimum acceptable levels of controls, IT/security audit rights and even vendor security risk ratings to better manage your organisation’s cyber security position.
How can you quantify trust and cyber posture of your supply chain partners as it relates to your business risk? Huntsman Security’s Essential 8 Scorecard delivers an aggregate score that allows your stakeholders to instantly measure cyber posture against eight key security controls. Imagine being able to automatically report the following to your risk and compliance team:
If you need a quick way to assess cyber security posture and ransomware risk – a key component in managing the disruption caused by these attacks within your suppliers – Huntsman Security’s SmartCheck for Ransomware allows you or your suppliers, partners and other third parties to quickly conduct an ad hoc assessment against the 12 top ransomware defensive controls (as advised by ACSC, NIST and NCSC). This means:
Being able to access business metrics, when you want them, is very important. Our software automatically collects data and creates continuous scorecards or ad hoc reports that give instant or scheduled visibility of security performance to the security operations, risk and compliance teams. Aggregated reports also provide the Board with a summary measure of the status of threats, by supply chain partner, and their potential risk to business operations.
The underlying technology gathers data from key security sources within the partner ICT environment to report their ongoing security operations and define any shortcomings.
Measuring the key metrics of your supply chain partners’ cyber security position enables risk-based cyber security decision-making, identifies partners requiring particular assistance and drives cyber risk mitigation across the broader enterprise supply chain. It gives management the key insights necessary to evaluate and manage the cyber health and competitiveness of your business.
Read by directors, executives, and security professionals globally, operating in the most complex of security environments.