www.trustwave.com
Open in
urlscan Pro
52.151.96.240
Public Scan
URL:
https://www.trustwave.com/en-us/company/newsroom/news/trustwave-launches-first-of-its-kind-cyber-supply-chain-risk-assessm...
Submission: On February 09 via api from CH — Scanned from GB
Submission: On February 09 via api from CH — Scanned from GB
Form analysis 4 forms found in the DOM
<form><span class="fieldset">
<p><input type="checkbox" value="check" id="chkMain" checked="" class="legacy-group-status optanon-status-checkbox"><label for="chkMain">Active</label></p>
</span></form>GET /en-us/search/
<form method="get" target="_self" action="/en-us/search/">
<div class="mb-7">
<input type="text" class="form-control" id="q" name="q" placeholder="Search trustwave.com">
</div>
</form>GET https://www2.trustwave.com/Subscription-Center-Subscribe.html
<form method="get" target="_blank" action="https://www2.trustwave.com/Subscription-Center-Subscribe.html">
<div class="row g-7">
<div class="col-md-6 col-lg-7">
<input type="text" class="form-control" name="Email" placeholder="Email Address">
</div>
<div class="col-md-6 col-lg-5">
<button class="btn btn-primary w-100" type="submit">Subscribe</button>
</div>
</div>
</form><form></form>Text Content
Cookie Notice
We use cookies to provide you a relevant user experience, analyze our traffic,
and provide social media features. Privacy Policy
Close
GOT IT
* Your Privacy
* Strictly Necessary Cookies
* Performance Cookies
* Functional Cookies
* Targeting Cookies
* Privacy Policy
Privacy Preference Centre
Active
Always Active
Save Settings
Allow All
Trustwave Responds: PwnKit (CVE-2021-4034). Learn More
* Services
Services
*
Managed Detection & Response Eradicate cyberthreats with world-class intel
and expertise
*
Managed Security Services Expand your team’s capabilities and strengthen
your security posture
*
Consulting & Professional Services Tap into our global team of tenured
cybersecurity specialists
*
Penetration Testing Subscription- or project-based testing, delivered by
global experts
*
Database Security Get ahead of database risk, protect data and exceed
compliance requirements
*
Email Security Catch email threats others miss and prevent data loss
View All Trustwave Services
* Solutions
Solutions
BY INDUSTRY
* Education
* Financial Sector
* Government
* Healthcare
* Hotels
* Legal
* Payment Services
* Restaurants
* Retail
BY REGULATION
* Data Privacy
* CMMC
* FISMA
* GDPR
* GLBA
* HIPAA
* ISO
* PCI
* SOX
BY TOPIC
* Microsoft Exchange Server Attacks Stay protected against emerging threats
* Rapidly Secure New Environments Security for rapid response situations
* Securing the Cloud Safely navigate and stay protected
* Securing the IoT Landscape Test, monitor and secure network objects
* Why Trustwave
Why Trustwave
* The Trustwave Approach A focus on threat detection and response
* Trustwave SpiderLabs Team Researchers, ethical hackers and responders
* Trustwave Fusion Platform Unprecedented security visibility and control
* SpiderLabs Fusion Center Our cybersecurity command center
* Security Operations Centers Distributed worldwide defense nodes
* Partners
Partners
* Technology Alliance Partners Key alliances who align and support our
ecosystem of security offerings
* Trustwave PartnerOne Program Join forces with Trustwave to protect against
the most advance cybersecurity threats
* Register
Login
* Resources
Resources
BLOGS
* Trustwave Blog
* SpiderLabs Blog
UPCOMING
* Webinars
* Events
MEDIA & ASSETS
* Document Library
* Video Library
* Analyst Reports
* Webinar Replays
* Case Studies
* Trials & Evaluations
NOTICES
* Security Advisories
* Software Updates
HELP
* Contact
* Support
* Login
Login
Fusion Platform Login
What is the Trustwave Fusion Platform?
* MailMarshal SEG Login
* Legacy TrustKeeper Login
* Incident Response
Incident Response
EXPERIENCING A SECURITY BREACH?
Get access to immediate incident response assistance.
24 HOUR HOTLINES
* AMERICAS
+1 855 438 4305
* EMEA
+44 8081687370
* AUSTRALIA
+61 1300901211
* SINGAPORE
+65 68175019
Recommended Actions
Loading...
NEWSROOM
NEWS RELEASES
Trustwave News Releases document our latest announcements, including corporate
news, product and service launches and industry accolades.
TRUSTWAVE LAUNCHES FIRST-OF-ITS-KIND CYBER SUPPLY CHAIN RISK ASSESSMENT SOLUTION
FOR THE PACIFIC REGION
access_timeAugust 04, 2021
share
*
*
*
* email
In The Face of Increased Concern About Vendor Cybersecurity Risk, Company Behind
SolarWinds Vulnerability and GoldenTax Discoveries Creates Fully Scalable
Solution
--------------------------------------------------------------------------------
SYDNEY, AUSTRALIA – Trustwave, a leading managed security services provider
focused on managed detection and response, has launched a first-of-its-kind
cyber supply chain risk assessment solution for enterprises and SMBs in the
Pacific region. The service, called Managed Vendor Risk Assessment (MVRA), gives
organisations access to deep, fully scalable cybersecurity vendor assessments
formerly prohibitively expensive.
Demand for this solution has been driven by organisations increasingly reliant
on external vendors for the provision of data processing and storage services,
as well as a range of other cloud-based or security-sensitive services. Greater
outsourcing and deeper integration with vendors means heightened supply chain
risk exposure.
In addition, recent supply chain breaches discussed extensively in the media,
including the SolarWinds Orion breach, have raised awareness of the need to move
away from ad hoc vendor assessments or those built solely on technology which
frequently miss vulnerabilities or lead to bad commercial outcomes for both
parties.
“Part of the reason we built MVRA is our concern for the cyber resilience of the
enterprise space. We are encountering gaps in organisations where vendors are
left unassessed because of the perceived cost. MVRA gives organisations the
ability to assess a large number of vendors with a consistency of measurement
not possible before while still leveraging the expertise of genuine security
consultants. For these organisations and the wider community, scalability brings
safety,” said Nick Ellsmore, global head of strategy, consulting & professional
services at Trustwave.
Ellsmore said that MVRA is a solution informed by decades of real-world
consulting experience on the cybersecurity frontlines married to best-in-class
risk assessment technology.
This technology has been developed by Findings – whose platform is a global
solution of choice in VRM automation for enterprises and vendors of all sizes.
By automating the labour-heavy process of vendor assessments, Findings allows
for fuller coverage of the organisation’s supply chain, and therefore heightened
security and lower supply chain risk.
“While conventional methods apply a Pareto cutoff to invest their manual
resources in some of their vendors, current attacks have shown this approach’s
vulnerabilities and the need for wider coverage,” says Kobi Freedman, co-founder
and CEO of Findings. “Security friction is becoming a global challenge on supply
chains, whether from regulatory or objective risk.”
Ellsmore added, “MVRA uses Findings’ technology to accelerate and harmonise
critical elements of the audit. Riding on top of this is a layer of experience
and strategic human cybersecurity thinking specifically applied to deliver the
best outcomes.”
“It takes people to assess people. Purely technological solutions to the vendor
supply chain risk are sometimes adequate but often come up short because they
tend to minimise real risk while amplifying smaller risks. They don’t apply a
business thinking lens.”
Ellsmore also said that part of the challenge is what he calls “Go/No Go”
decisions about third-party suppliers. These decisions are being made without
enough information and consistency. For example, a fully automated supply chain
assessment might lead a company to rule out a vendor too quickly without
considering the business implications.
“What we’re seeing is unintended cybersecurity consequences,” Ellsmore said. “A
marketing department, for instance, gets rid of a very effective customer
engagement technology based on a superficial vendor risk assessment, only to
find three months later everyone on the team is surreptitiously using a handful
of different, unvetted solutions to fill this gap.”
Based on 25 years of cybersecurity services experience and thousands of risk
assessments, the service encompasses both an automated and specialist-led
assessment, built on a software-as-a-service (SaaS) platform that is easy to use
by organisations of all sizes.
The MVRA service provides:
* Streamlined process to onboard vendors and collect essential data, including
penetration test reports, audit reports, and technical and organisational
data;
* Comprehensive security maturity questionnaire built on the NIST Cybersecurity
Framework that is both reasonable and realistic for vendors to complete;
* A further review of each vendor’s responses and data conducted by a skilled
Trustwave specialist who understands possible indications and implications of
vendor risk. Each answer and security asset is reviewed by our experts for
completeness and accuracy;
* For each vendor assessed, a report is delivered within eight days. The report
identifies the vendor’s maturity and risk rating on a consistent scale,
helping clients understand the potential risk exposure as it pertains to the
nature of their business – the type of system, sensitivity and volume of
data, and nature of the supply chain link;
* Assessment reports also importantly deliver an impact analysis with
recommendations for remediating gaps and issues for each vendor.
For more information about Managed Vendor Risk Assessment (MVRA) from Trustwave,
please contact cpspacific@trustwave.com. You can also view our offering overview
here.
ABOUT TRUSTWAVE
Trustwave is a leading cybersecurity and managed security services provider
focused on threat detection and response. Offering a comprehensive portfolio of
managed security services, consulting and professional services, and data
protection technology, Trustwave helps businesses embrace digital transformation
securely. Trustwave is a Singtel company and the global security arm of Singtel,
Optus and NCS, with customers in 96 countries. For more information about
Trustwave, visit https://www.trustwave.com.
* About
* Contact
* Support
* Careers
* News Releases
STAY INFORMED
Sign up to receive the latest security news and trends from Trustwave.
Subscribe
SERVICES
* Managed Detection & Response
* Managed Security Services
* Consulting & Professional Services
* Penetration Testing
* Database Security
* Email Security
* All Services
WHY TRUSTWAVE
* The Trustwave Approach
* Trustwave SpiderLabs
* SpiderLabs Fusion Center
* Trustwave Fusion Platform
* Securing Operation Centers
PARTNERS
* Global Technology Partners
* PartnerOne Program
* Become a Partner
* PartnerOne Portal Login
COMPANY
* Leadership Team
* Our History
* Awards & Accolades
* Global Locations
* Careers
* Media Coverage
* News Releases
SOLUTIONS BY TOPIC
* Microsoft Exchange Server Attacks
* Securing the Cloud
* Rapidly Securing New Environments
* Securing the IoT Landscape
SOLUTIONS BY INDUSTRY
* Education
* Financial Sector
* Government
* Healthcare
* Hotels
* Legal
* Payment Services
* Restaurants
* Retail
SOLUTIONS BY REGULATION
* Data Privacy
* CMMC
* FISMA
* GDPR
* GLBA
* HIPAA
* ISO
* PCI
* SOX
BLOGS
* Trustwave Blog
* SpiderLabs Blog
UPCOMING
* Webinars
* Events
MEDIA & ASSETS
* Document Library
* Video Library
* Analyst Reports
* Webinar Replays
* Case Studies
* Trials & Evaluations
NOTICES
* Security Advisories
* Software Updates
HELP
* Contact
* Support
English German (Deutsche) Japanese (日本語)
* Legal
* Terms of Use
* Privacy Policy
Copyright © 2022 Trustwave Holdings, Inc. All rights reserved.
Loading
HELP US STOP THE ROBOT UPRISING
This is a bot-free zone. Please check the box to let us know you're human.
THANK YOU
Download Now
--------------------------------------------------------------------------------
Read complimentary reports and insightful stories in the
Trustwave Resource Center
THANK YOU
One of our sales specialists will be in touch shortly.
--------------------------------------------------------------------------------
Read complimentary reports and insightful stories in the
Trustwave Resource Center