Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Trustwave Launches new cyber supply chain tool

The firm has rolled out a risk assessment solution for the Pacific region in response to the spike in cyber threat activity.

user icon
Fri, 06 Aug 2021
Trustwave Launches new cyber supply chain tool
expand image

Cyber security services provider Trustwave has launched Managed Vendor Risk Assessment (MVRA) — a new solution that provides supply chain assessment services for enterprises and small businesses across the Pacific region.

The service is designed to facilitate access to deep, fully scalable cyber security vendor assessments amid a rise in demand for data processing and storage services and other cloud-based or security-sensitive offerings.

The rollout also seeks to fill gaps identified following major supply chain exposures, including the SolarWinds Orion breach.

============
============

Other features offered by the MVRA service include:

  • streamlined process to onboard vendors and collect essential data, including penetration test reports, audit reports, and technical and organisational data;
  • comprehensive security maturity questionnaire built on the NIST Cybersecurity Framework that is both reasonable and realistic for vendors to complete;
  • a further review of each vendor’s responses and data conducted by a skilled Trustwave specialist who understands possible indications and implications of vendor risk. Each answer and security asset is reviewed by Trustwave's experts for completeness and accuracy;
  • a report delivered for each vendor assessment within eight days, identifying the vendor’s maturity and risk rating on a consistent scale; and
  • delivery of an impact analysis with recommendations for remediating gaps and issues for each vendor.

“Part of the reason we built MVRA is our concern for the cyber resilience of the enterprise space,” Nick Ellsmore, head of consulting strategy at Trustwave, said.

“We are encountering gaps in organisations where vendors are left unassessed because of the perceived cost.

“MVRA gives organisations the ability to assess a large number of vendors with a consistency of measurement not possible before while still leveraging the expertise of genuine security consultants. For these organisations and the wider community, scalability brings safety.”

This technology has been developed by Findings, which automates the vendor assessment process, bolstering coverage of an organisation’s supply chain.

“While conventional methods apply a Pareto cutoff to invest their manual resources in some of their vendors, current attacks have shown this approach’s vulnerabilities and the need for wider coverage,” Kobi Freedman, co-founder and CEO of Findings, said.

“Security friction is becoming a global challenge on supply chains, whether from regulatory or objective risk.”

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.