In recent times, there has been a relentless growth in attempts to disrupt legitimate activities on the internet by the hacking fraternity. Motives range from political, through purely malicious, to criminal but the tide has turned, and motives are now clearly for financial gain. Ensuring that you do not become a victim is extremely important. The costs, effects and damage can be life-threatening to your organisation. After a successful attack, life will never be the same again, even if the business survives. Many incidents have occurred in recent times which illustrate the devastating effects of cyber-attacks.
It is apparent, that organisations are not comprehending the risk of operating within a connected world and more recently, the old adage of “you’re only as strong as your weakest link” is ringing true; there has been many examples that demonstrate the devastating impact a 3rd party supplier breach can have to the contracting brand.
You may not be the cause of the breach, but rather a careless supplier may be the ultimate cause, but you will bear the brunt of the negative impact. Rapidly determines a sub-brand / supplier’s susceptibility to ransomware that is delivered as a once-off service but can be extended into a long-term Third-Party Risk Management (TPRM) service if required.
Powered by the Black Kite platform, It uses open-source intelligence (OSINT) techniques to collect data from 400+ OSINT resources from a span of internet-wide scanners. The Platform uses standard scoring models like MITRE Cyber Threat Susceptibility Assessment (CTSA), Common Weakness Risk Analysis Framework (CWRAF), Common Weakness Scoring System (CWSS), Common Vulnerability Scoring System (CVSS), and Factor Analysis of Information Risk (FAIR).
Specific to identifying susceptibility to a ransomware attack the RSI follows a process of inspecting, transforming, and modelling data with the goal of discovering the likelihood of a ransomware incident. Utilising the Black Kite’s platform whose data is collected from a variety of OSINT sources such as internet-wide scanners, hacker forums, the deep/dark web, and many more.
The service provides an approximation for each supplier/partners susceptibility to ransomware. and provide tangible results within hours.
The Black Kite platform points out vulnerabilities and attack patterns using 20 categories and over 400 controls as hackers look to exploit you, and your third-party suppliers by typically targeting the following areas:
You can perform a bulk importation of your entire supply chain and we will generate reports on the susceptibility of a ransomware attack, as well as for Technical, Financial and Compliance Risk in a matter of minutes. They are then automatically graded with a percentage score of how susceptible they are to a successful ransomware attack. We will then analyse the data and compile into simple, readable reports for supply chain reports, detailed company reports, and ransomware mitigation reports. You can also schedule each type of report and have them automatically sent to the right stakeholders within your business or directly to the supplier if required
A standard report that will give you every vendor, supplier, and 3rd party in one single pane of glass dashboard. You can then sort and rank each supplier based on what is important to you. You can then flag risky suppliers (according to your own defined internal thresholds) for action and then share the reports with your suppliers and create tickets to delegate any necessary follow ups or interventions.
Get a detailed single report on each supplier showing how they compare to other companies in their industry as well as the ransomware indicators that are specific for them
For you to validate the platform we can provide a full Proof of Value for up to 5 of your suppliers . This will enable you to get a full understanding of the platform and to see your suppliers susceptibility they are to a ransomware attack as well as their security, compliance and financial risk to you in the event of a breach.
The Proof-of-Value step are straight forward and are defined as follows:
Do you know the risks that you face, or the risk your suppliers pose to you? Try a free risk assessment to understand the level of detail we can provide for Technical, Compliance and Financial risks.
Key findings from the reports we will share with you about you, your chosen supplier or partner, are as follows:
Cyber Security is essential for ensuring the confidentiality, integrity, and availability of services, data, or IT environments. Cyber threats can cause significant damage to an organisation’s reputation, financial stability, and operational capability. Here are a few reasons why Cyber Security is important:
Confidentiality:
Cyber Security helps to ensure that sensitive data and information are kept confidential and are not accessed by unauthorised persons. Confidentiality breaches can result in a loss of trust from customers or stakeholders, legal consequences, and financial losses.
Integrity:
Cyber Security also ensures that data and information are not tampered with or altered in any way. This ensures the accuracy and reliability of data, and prevents intentional or unintentional changes that can result in negative consequences..
Availablity:
Cyber Security measures help to ensure that services, data, and IT environments are available and accessible to authorised users when needed. This ensures that there are no disruptions to business operations and customer service, which can result in financial losses and damage to the organisation’s reputation.
This section highlights testimonials and evaluations from our clients, showcasing how we continuously strive to enhance our services. Your feedback helps us grow and ensures we meet your needs effectively
AEC provided a superb Online ISO9001 Auditor class. One of the most important aspects was their ability to conduct the 4-day class in a live web-based format! In these times of tight budgets this saved our company the associated travel expenses. I highly recommend AEC!
We really enjoyed the 9001 course that we took through AEC and were able to take the knowledge that we gained through that course to allow us to successfully have our ISO certification renewed for another three years. Thank you for your time and assistance.
