Australia’s first cyber security collaboration platform – Security Colony (securitycolony.com) – today released its “Vendor Risk Assessment” tool, enabling any organisation to risk assess their internet facing sites, and receive a profile reflecting their cyber security maturity.
To demonstrate the system, scores were calculated for each of the ASX 100 companies. Analysed by industry, the average industry scores – out of 10 – were as follows:
– The IT industry has the best average score, showing their understanding of the importance of consistent cyber security processes.
– Telecommunications and Financial Services round out the Top 3.
– Energy, Materials (including mining) and Industrials are less mature, reflecting the reduced focus they have placed on cyber security historically.
– Health Care is in the bottom 4, a significant concern given the sensitivity of data held.
The VRA tool was developed by Hivint in conjunction with a major financial services client, to ensure that their vendors were not a cause of business disruption, and gain assurance that information entrusted to them is secure.
Nick Ellsmore, Co-founder of Security Colony, explained the purpose for building the system: “While it’s important to know your own security posture, it’s equally as important to have a way to see the security posture of the companies you trust with your data.”
“The Security Colony VRA tool provides subscribers with a fast, lightweight, and low cost way to keep an ongoing watch on their suppliers’ cyber security posture.”
A study identified that 32% of companies do not evaluate third party vendors and this can be attributed to the cause of many global data breaches. However, the VRA space is a growing market where the demand for vendor security and risk management solutions are increasing.