Mohamoud Jibrell, Co-Founder & CEOIn today’s complex business environment, a trusted supplier— with access to organizational network and confidential data—often turns out to be the weakest cybersecurity link for an organization. What if, in 60 seconds, the company could generate a cyber risk scorecard for any of their supplier and ascertain the cyber risk factors? Virginia-headquartered NormShield enables enterprises to assess and monitor their cyber risk posture as well as that of their partners by performing non-intrusive cyber risk assessments and converting the data into an actionable scorecard. “By employing NormShield’s pioneering Cyber Risk Scorecard, organizations can effortlessly discover what hackers already know about them and their third-party partners,” says Mohamoud Jibrell, Co-founder and CEO of NormShield. “Our unique benchmarking capabilities allow companies to compare their cyber risk posture with industry peers.”
When hackers identify their targets, they initially conduct cyber reconnaissance to map the Internet footprint, collect login credentials, and identify critical data. To succeed in their mission, they leverage open source intelligence resources, such as Internet-wide scanners, deep and dark web, social networks, leaked database dumps, and more. NormShield uses the same open source intelligence tools and techniques to gather data in a non-intrusive way and classifies it into security categories. Advanced algorithms perform contextualization and analysis that converts data into risk intelligence and generate easy-to-understand scorecards and dashboards.
NormShield’s Rapid Cyber Risk Scorecard provides intuitive and easy-to-understand dashboards for executives and detailed technical data and mitigation strategies for frontline engineers. In contrast with legacy tools like MS Excel sheets, the modern approach provides executives with entire supply chain risk monitoring capability. Moreover, it provides letter-grades by risk category—which includes website security, DNS security, and application security, among others—with rich underlying data on ways to mitigate each risk in the order of priority.
Rapid Cyber Risk Scorecard also offers cyber insurance companies the ability to assess the potential customers’ IT risks and allows global companies to monitor their supply chain effectively. The solution performs these risk assessments with high accuracy in about 60 seconds. For instance, procurement departments can instantly run a cyber risk assessment of their suppliers to determine vulnerabilities before onboarding them.
By employing NormShield’s pioneering Cyber Risk Scorecard, organizations can effortlessly discover what hackers already know about them and their third-party partners
Similarly, a cyber insurance company, before underwriting and pricing a new policy, can assess the potential risks facing their customers and validate their compliance with regulatory requirements.
What’s more, NormShield has a Comprehensive Cyber Risk Scorecard that provides a more detailed analysis of the company or its supplier’s cyber risk posture. The firm’s customers use the comprehensive scorecards to monitor their own external cyber risk and to assess suppliers that hold PII or confidential information.
NormShield’s scorecards are designed on the shared responsibility model through which the security team of a company, their supply chain partners, as well as third parties can jointly manage and control the shared cyber ecosystem.
As a case in point, NormShield recently helped a global retail holding company to identify the loopholes in its security architecture. By conducting cyber risk assessment, NormShield found that some of their franchisees had significantly weak cybersecurity standards than that of the holding company. The client had little or no control over their franchisees which were connected to the holding company’s payment and procurement system until NormShield stepped in. By leveraging NormShield’s Comprehensive Cyber Risk Scorecard, the client made all their franchisees comply with the current industry security standards.
Focused on tackling the evolving threats, NormShield aims to disrupt the cybersecurity industry with its highly creative team and long-term collaboration with clients. The company will soon introduce a more intrusive assessment feature in its scorecard that actively scans a company’s security prowess.