Huntsman Security shares 2023 predictions: Cyber security risk management and governance to bring about industry change
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
Sydney, Australia, 07 December 2022
Huntsman Security today announced its cyber security predictions for 2023, including the importance of cyber security posture, systematic risk management and the expected changes driven by the insurance industry. In addition, the company outlines why cyber security guidelines are likely to become more global, and why the industry needs to evolve from “eminence-based” decision making to a more scalable evidence-based approach.
Cyber security posture management and risk assessment management rise to greater prominence
Although the rise in the number of ransomware attacks has flattened, organisations still need to be aware of areas of potential attack risk (attack surfaces) and must be able to demonstrate control of them. Organisations should focus on either:
As organisations seek greater efficiency, and adversaries continue to attack emerging weaknesses, 2023 will see the rapid adoption of these solutions to quickly and more accurately prioritise and report any changes in cyber posture.
Cyber insurance driving security control improvements
Security controls will be key to insurers better supporting their customers and more accurately pricing cyber risk. 2023 will see insurers demanding increased controls and quantitative measurement alongside a rise in regulatory requirements for cyber risk oversight.
Convergence of cyber corporate governance rules
Corporate governance rules are converging, with governments and organisations all facing similar if not the same threats. Organisations everywhere will need to comply with these increasingly common cyber controls to meet multi-national regulations. In 2023, cyber governance will become more formalised, and the cyber security decisions companies make, will be the subject of increasing accountability and scrutiny.
Shifting from eminence to evidence-based decision making
Cyber security decisions are often based on the eminence, reputation and experience of experts. With growing cyber resourcing issues, however, real-time evidence, new risk frameworks and measurement methodologies are becoming a more critical element of effective cyber governance.
2023 will see a move to evidence-based decision making – aided by the availability of technologies to enable the measurement and systematic management of risk data.
Huntsman Security has published a full whitepaper that includes further detail on the four predictions above, as well as other predictions, the paper can be downloaded here: Cyber Security Predictions 2023.
About Huntsman Security
Since 1999, Huntsman Security has been on the cutting edge of cyber security software development, serving some of the most sensitive and secure intelligence, defence and criminal justice environments in the world. With offices in Australia and the UK, and operations in Japan and the Philippines, we deliver risk management, monitoring and response technology through utilising machine learning and high speed in stream processing to collect and contextualise security data in real time. Our most sought-after products, used by government departments and commercial organisations worldwide, include:
Huntsman Security Media Contact
Spark Communications +44 (0) 20 7436 0420 huntsmansecurity@sparkcomms.co.uk
London, United Kingdom, 10 NOVEMBER 2021
Huntsman Security today announced the launch of SmartCheck for Ransomware – an automated, on-demand diagnostic application designed to assess the risk of a ransomware event. The application automatically gathers data directly from ongoing security operations to report an organisation’s posture against a set of security safeguards. These safeguards, align closely with those recently advised by the UK National Cyber Security Centre (NCSC) and the US National Institute of Science and Technology (NIST), and will give users confidence that they are following established cyber security best practice.
SmartCheck for Ransomware quickly and simply assesses organisations’ ransomware readiness and clearly presents a quantitative score measured against each of the 12 security controls. As a result, organisations can understand their risk exposure and adjust any of those security controls necessary to improve their security posture and ransomware readiness. Equally important, the verifiable report provides third parties, like insurers or prospective partners, with increased security trust levels at a time when supply chain security is a major concern.
“To protect against ransomware and effectively manage their security risks, it is vital that senior executives have clear visibility of their cyber posture,” said Peter Woollacott, CEO, Huntsman Security. “This goes beyond annual audits to having the relevant information available whenever the organisation needs it – whether to modify security settings to improve readiness; or to verify their posture to partners or insurers. By making assessments automated and in line with established best practice, we have given organisations access to reliable security information that they can use with confidence to improve their risk management processes.”
SmartCheck for Ransomware is designed to be easy to install and use, and is built with the same accuracy and reliability of Huntsman Security’s existing defence grade SIEM and Scorecard products. It measures the effectiveness of the key prevention, containment and recovery mitigation strategies across a cyber-attack sequence.
“As the threat of ransomware grows everywhere, organisations need to regularly assess their state of readiness,” continued Woollacott. “With insurers such as AIG tightening terms and raising premiums in response to the ransomware threat, organisations that can’t demonstrate adequate security precautions will find insurance terms increasingly difficult to negotiate. At the same time, organisations need to take steps to ensure that ransomware will not disrupt their operations or those of their supply chains – making assessing partners’ security posture just as important as assessing their own. Updating ransomware risk management efforts to include SmartCheck for Ransomware to better address their ever changing risk environment will put organisations in a much better position to combat the threat of ransomware.”
For more information on Huntsman Security’s SmartCheck for Ransomware, visit https://huntsmanphp7.flywheelsites.com.
About Huntsman Security
Since 1999, Huntsman Security has been on the cutting edge of cyber security software development, serving some of the most sensitive and secure intelligence, defence and criminal justice environments in the world.
With offices in Australia and the UK, and operations in Japan and the Philippines, we deliver risk management, monitoring and response technology through utilising machine learning and high speed in stream processing to collect and contextualise security data in real time.
Our most sought-after products, used by government departments and commercial organisations worldwide, include:
Essential 8 Auditor an on-demand cyber vulnerability & maturity assessment tool, for quick implementation and use
Essential 8 Scorecard a continuous risk reduction & cyber security control measurement software enabling dynamic cyber risk management
Enterprise SIEM & MSSP SIEM a mission critical cyber security analytics application, providing a complete cyber threat detection, analysis, incident management and reporting system.
Huntsman Security Media Contact
Spark Communications +44 (0) 20 7436 0420 huntsmansecurity@sparkcomms.co.uk
London, United Kingdom. 14 APR 2021
Huntsman Security has unveiled the latest version of its SIEM Cyber Security Analytics solution in both an Enterprise and Managed Security Service Provider (MSSP) release. The addition of an innovative live MITRE ATT&CK® heatmap means that security analysts can now be continuously informed of ATT&CK® techniques as they are detected and propagate across a network. For the first time, analysts can interact with a live ATT&CK® heatmap which enables SOC teams to leverage MITRE ATT&CK® intelligence to improve attack data visualisation, and quickly and easily identify attack targets, origins and the security risks faced by their organisation.
Peter Woollacott, CEO of Huntsman Security commented: “The MITRE ATT&CK® framework is recognised globally as a powerful new adjunct to cyber security analysts’ activities. The problem until now has been for SOC teams to access the true value of the ATT&CK® knowledge base and apply it within their day-to-day operations. We have now made it accessible to all organisation types and sizes.”
“The new live ATT&CK® heatmap simplifies mapping an organisation’s cyber security posture against the MITRE ATT&CK® framework with its real time identification, recognition and management of potential cyber threats. By integrating the MITRE ATT&CK® framework into SOC workflows, SOC teams can now filter attack information by network or endpoint, developing predictive attack scenarios and pro-actively mitigate against anticipated events.”
In addition to the innovative heatmap feature, Huntsman Security’s Enterprise and MSSP SIEMs have been updated to include a range of improvements and new functionality for customers, managed service providers and end-users. Version 7 features a new look-and-feel with updated screens, icons, and display elements. Pre-existing UEBA capabilities have also been updated and reorganised to make their configuration and use simpler for SOC teams. A major update to the centralised management of system components, specifically with Managed Security Service Providers (MSSPs), enhances User Experience for greater operational efficiencies.
“Constantly finding new ways to understand security and improve how security teams work is essential in balancing security capability with business demands,” continued Peter Woollacott. “The recent trend towards remote and flexible working has made security environments more complex and diverse. To maintain adequate security oversight, analysts, whether part of an in-house team or MSSP, are seeking technology that simply integrates with existing systems to streamline detection and contextualisation processes to make real threats quicker to diagnose and mitigate.”
The MITRE ATT&CK® live heatmap and all the other improvements are available Out-Of-The-Box in both Huntsman Security’s Enterprise and MSSP SIEMs, version 7, which is offered to new and upgrading customers from 15th April 2021.
About MITRE ATT&CK®
The MITRE ATT&CK® framework provides a comprehensive knowledge base of common/observed attacker techniques and tactics – there are several hundred techniques and sub-techniques in total – that can be used to trace the path of an attack across a network from initial probes and intrusions to the eventual theft or destruction of data.
About Huntsman Security
Huntsman Security – founded in Sydney, Australia – is a cyber security specialist focused on supporting its customers’ cyber resilience with real-time security threat detection, verification and resolution products. Its overarching aim is to simplify the security operations process for its customers and so limit their time at risk.
Huntsman Security’s SIEM & Security Analytics, Scorecard and Auditor solutions are deployed in mission-critical security environments in the national intelligence, border protection and critical infrastructure sectors globally. Huntsman Security’s offices are located in Sydney, Canberra and London with operations in Tokyo and the Philippines.
Huntsman Security Media Contact
Spark Communications +44 (0) 20 7436 0420 huntsmansecurity@sparkcomms.co.uk
LONDON, UK – February 12, 2020 – Huntsman Security was the winner of two categories at the TEISS Awards in London on 12th February.
The TEISS Awards 2020 were presented as part of the prestigious annual “European Information Security Summit – London”. TEISS publish cyber security news, information and analysis to a wide audience of IT and security professionals across Europe.
Huntsman Security’s “Essential 8 Scorecard” was awarded “Best Compliance Product” and “Best SME Security Product” at the event. The Essential 8 Scorecard provides immediate visibility of an organisation’s cyber risk posture by continuously monitoring and measuring performance without adding to the ongoing workload of the security team. Data is gathered, analysed and automatically fed to management reports for action by operational and executive stakeholders.
Piers Wilson, Head of Product Management, said: “It’s always great to have this kind of recognition – compliance is a big driver for many of our customers so to be awarded ‘Best compliance product’ by a respected organisation like TEISS is really fantastic.”
He continued: “Security risks are a growing management problem for smaller businesses and so the acknowledgement of the value of our solutions for these types of organisation, as the ‘SME product of the year’, was particularly pleasing.”
Huntsman Security CEO, Peter Woollacott said, “We’re very proud of the innovative work we’re doing to bring cyber risk measurement and continuous visibility to organisations, of all sizes, as they seek to defend against cyber threats – both within their internal networks and in their supply chains.”
“Compliance is an ongoing obligation for security and management teams; by automating the assessment and reporting of control effectiveness stakeholders can cost effectively improve their cyber resilience and more accurately decide where to focus effort in security improvements.”
END
Huntsman Security – founded in Sydney, Australia – is a cyber security specialist focused on supporting its customers’ cyber resilience with real-time security threat detection, verification and resolution products.
Their Next Gen SIEM & Security Analytics, Automation and Scorecard solutions are deployed in mission-critical security environments in the national intelligence, border protection and critical infrastructure sectors globally. Huntsman Security’s offices are located in Sydney, Canberra and London with operations in Tokyo and the Philippines.
Dominic Walsh +44 (0) 20 7436 0420
www.huntsmansecurity.com @tier3huntsman
Read More
LONDON, UK – August 12, 2019 – Huntsman Security has expanded its security analytics and scorecard toolset by partnering with Panintelligence to develop a fully-featured business intelligence (BI) dashboard and reporting interface, ‘WebView’.
Designed for management stakeholders, SOC leaders and customers of Managed Security Service Providers (MSSPs) that use Huntsman Security products, ‘WebView’ delivers market-leading BI technology via highly advanced, responsive graphical displays to browsers and mobile device users. It includes flexible options for customisation, configuration and the ability to drill into incident and alert data based on the user’s roles and priorities, allowing them to:
‘WebView’ enables security functions to provide rich, interactive views of cyber security risk and control effectiveness across the parts of the business they protect.
‘WebView’ dashboard
Peter Woollacott, CEO, Huntsman Security said:
“‘WebView’ allows our business users to examine security performance just as they would any other aspect of their business operations. And for mobile users on tablets or smart phones the interface gives them instant, on-demand access to the latest risk information.”
‘WebView’ is available now as part of new Huntsman Security Next Gen SIEM solution deployments and for existing customers.
END
Huntsman Security – founded in Sydney, Australia – is a cyber security specialist focused on supporting its customers’ cyber resilience with real-time security threat detection, verification and resolution products.
Their Next Gen SIEM & Security Analytics, Automation and Scorecard solutions are deployed in mission-critical security environments in the national intelligence, border protection and critical infrastructure sectors globally. Huntsman Security’s offices are located in Sydney and London with operations in Tokyo and the Philippines.
Fast-growing business intelligence and data analytics software developer Panintelligence is based in Leeds, UK. They provide BI and analytics platforms, which are used across a wide range of industry sectors and embedded within solutions to provide real-time business intelligence dashboards and predictive analytics.
Dominic Walsh +44 (0) 20 7436 0420
www.huntsmansecurity.com @tier3huntsman
Read More
LONDON, UK – JULY 10, 2019 – Huntsman Security has once again won a place in the UK government digital marketplace for its Security Analytics Protective Monitoring solution through G-Cloud 11. The solution includes log and activity monitoring, compliance reporting and the ability to leverage advanced analytics and threat detection.
Additionally, under this iteration of G-Cloud, customers can now also buy Huntsman Security’s new Security Scorecard to provide management-level security effectiveness KPI and metric reporting across on-premise and cloud estates.
The Scorecard allows trouble-free, trustworthy, quantitative, continuous measurement of cyber security posture – with weekly reports automatically generated and made available to security team leaders, risk/compliance managers or board-level stakeholders.
The solutions can be deployed as virtual appliances or software installation on the customer’s own on-premise or cloud environments and operate under the customer’s full operational control with coverage of cloud-based and local systems. Being available through the digital marketplace means that departments and agencies can purchase the solutions and deploy them quickly through pre-approved commercial arrangements.
Huntsman Security’s Security Scorecard is the first board-level cyber security posture reporting/assisted audit solution within the digital marketplace.
Full details are at:
Mairead Keaney, Head of EMEA for Huntsman Security, said: “Offering solutions through the digital marketplace means customers get easy access to leading-edge security scorecard, reporting and analytics technology in a way that maximises flexibility and speed of deployment”.
END
Huntsman Security is a privately owned Australian cyber security software developer with offices in Sydney and London and operations in Tokyo and the Philippines. The client base comprises Government departments that include defence, intelligence, social welfare and law enforcement as well as critical infrastructure organisations. See www.huntsmansecurity.com/company/
Dominic Walsh +44 (0) 20 7436 0420
www.huntsmansecurity.com @tier3huntsman
Read More
Leading Australian cyber security firm, Huntsman Security has launched a new product that will enable companies to assess in real-time how effective their security defences are. Affectionately known as ‘The Auditor’, it is a self-install, agentless product that gives internal and external stakeholders a clear objective measure of an organisation’s cyber resilience.
As government and commercial organisations continue to struggle with their exposure to cyber-risk, The Auditor gives instant visibility of an organisation’s security control effectiveness by providing cyber security performance metrics against the Australian Cyber Security Centre (ACSC) Essential 8 mitigation strategies identified in the Australian Government cyber security framework.
While the ‘Top Four’ controls are mandatory for Australian federal government departments, the eight controls collectively reflect the best practice recommendations by other Governments such as the UK and the USA. In NSW, state government policy requires a report detailing a maturity assessment against the ACSC Essential 8 by 31 August each year.
The Auditor compliments the successful “Essential 8 Scorecard” which was launched by Huntsman Security in 2018. With the Scorecard, CIOs are given a continuous, enterprise-wide view of their organisation’s performance against the Essential 8 controls. As a Computer Aided Audit Tool (CAAT), the Essential 8 Auditor comes into its own where a continuous view isn’t required. It delivers a real-time comprehensive audit of cyber posture.
Manual audits typically only deliver an out of date ‘security snapshot’ that can result in vulnerability blind spots. The Auditor sets a new benchmark in cyber auditing and can be used for compliance reporting and annual attestations. It also serves as a management tool to support security specialists in their pursuit of improving their security posture. The first release of the Essential 8 Auditor is scheduled for August 2019.
“No matter how good or detailed your criteria for effective security, if you only measure it once a year, it won’t give auditors a representative view of operations and it certainly won’t enable the proactive management of risk that security teams and executives aspire to”, said Peter Woollacott, CEO and Founder of Huntsman Security.
Huntsman Security, 2019 Australian Technology Competition semi-finalists, will be at the Australian Security Summit 2019 in Canberra on 9 July with CEO, Peter Woollacott available for enquiries on the new product. Come and meet the team of experts at the AuSec Summit, booth B07, Hotel Realm Canberra.
END
Huntsman Security is a privately owned Australian cyber security software developer with offices in Sydney and London and operations in Tokyo and the Philippines. The client base comprises Government departments that include defence, intelligence, social welfare and law enforcement as well as critical infrastructure organisations. See www.huntsmansecurity.com/company/
Anne Aziz-Parker (02) 9419 3200
mediarelations@huntsmansecurity.com
www.huntsmansecurity.com @tier3huntsman
Read More
LONDON, UK & SYDNEY, AUS – 24 January 2019: As executives struggle to understand their organisations’ exposure to cyber-risk, Huntsman Security has launched The Security Scorecard – the first tool of its kind to give instant visibility of an organisation’s Cyber Security Posture. The Scorecard is a standalone product that gives non IT people such as auditors, risk managers and senior executives a clear understanding of an entity’s cyber security exposure.
Security Scorecard Dashboard
The Scorecard technology automatically measures eight key security controls whose effectiveness determines just how secure an organisation is from a cyber-attack. Based on findings by the Australian Signals Directorate (ASD), these best practice controls can reduce the likelihood of a cyber-attack by more than 85 percent. Measuring against these, the Scorecard gives an immediate and automated understanding of risk and exposure: allowing the business to tune the effectiveness of the controls in line with its risk appetite.
“One of the biggest issues security teams face is presenting a convincing argument to the board about what measures need to be taken to reduce risk, and why,” said Jon Collins, industry analyst at Gigaom. “In this situation, the security team doesn’t want to present a list of thousands of outstanding actions, but a shortlist of the highest priorities. A simple scorecard acts as a paring knife, allowing organisations to act more quickly to reduce risk.
Ultimately, any organisation suffering a breach wants it to be because they fell victim to a complex, never-before-seen attack; not because they failed to follow basic precautions. Huntsman’s scorecard is a great starting point for security teams and executives who want to ensure they have taken essential precautions, based on clear criteria.”
Utilising the “Essential Eight” controls, the solution consists of eight processes that, together: prevent initial attacks, and limit the extent of incidents, recover data and restore systems availability.
The processes are split into a ’Top Four’ – application whitelisting, patching applications, patching operating systems and restricting admin privileges – that are critical to achieving security: plus a further four – disabling untrusted Microsoft office macros, user application hardening, multi-factor authentication and daily backup of important data. The ‘Top Four’ controls are mandatory for Australian federal government departments, and the eight controls collectively complement the best practices put in place by other Governments, such as the UK or USA.
The Security Scorecard continuously measures the performance of the controls, reporting clear metrics and red, amber, green colour-coded status that is easily understood by any audience.
Security Scorecard – Status of Controls
Armed with this information, stakeholders have an immediate overview of their exposure and security teams know whether to focus on these essential processes or examine other ways to reduce risk further.
A standalone product, the Scorecard has a small proactive footprint that sits alongside other security technologies. Security teams can continue with their primary operations without any distraction and without significant investment in new security systems. Because of this, the Scorecard is easy to implement for any organisation.
The Scorecard can be used by organisations in a supply chain to give visibility of their security posture to partners up and down the chain.
“No matter how good or detailed your criteria for effective security, if you only measure it once a year; it won’t give auditors a representative view of operations and it certainly won’t enable the proactive management of risk that security teams and executives aspire to”, said Peter Woollacott, CEO and founder of Huntsman Security.
As a Computer Aided Audit Tool (CAAT), the Scorecard comes into its own; rather than providing an expensive ‘snapshot in time’ it delivers a continuous view of cyber posture for auditors. It also serves to support security specialists in their pursuit of plugging any security gaps.
The Security Scorecard is available now: huntsmansecurity.com/products/security-scorecard/
END
Huntsman Security is a privately owned Australian cyber security software developer with offices in Sydney and London and operations in Tokyo and the Philippines. The client base comprises Government departments that include defence, intelligence, social welfare and law enforcement as well as critical infrastructure organisations. See www.huntsmansecurity.com/company/
Dominic Walsh +44 (0) 20 7436 0420
www.huntsmansecurity.com @tier3huntsman
Read More
Security Analytics solutions, have expanded next-generation SIM from rules-based detection to include data science tools such as machine learning and artificial intelligence. Security Analytics enables the effective management of growing data volumes and infrastructure complexity. The capabilities help defend networks from increasingly sophisticated cyber attacks by enabling rapid detection, analysis and understanding of threats so complex cyber security attacks or insider threats can be identified and mitigated in real-time.
“Huntsman Enterprise SIEM combines SIM capabilities with behavioral anomaly detection. The add-on Huntsman Analyst Portal provides threat verification, investigation, and automated resolution … Options for multi tenant licencing and per-user pricing are also available.”
Security Analytics encompasses the very areas that Huntsman Security has pioneered – dealing with high volumes of machine and user generated data, processing it at high speed using a range of analytics techniques including advanced correlation, machine learning, behaviour anomaly detection and alert verification to protect against attacks, compliance breaches and data loss.
Huntsman Security was one of only 3 vendors to score the maximum in compliance support criterion (a common driver for security investments) and also scored the maximum for its ability to handle large implementations. See here for more details.
“Forrester have carefully assessed market demand and a number of security analytics offerings in terms of how they solve the problem of detecting ever growing numbers of cyber threats quickly and effectively. So we are pleased to have been acknowledged as a Strong Performer in the provision of this type of technology to support the cyber resilience efforts of our customers.”
“The Wave assessment is thorough, and spans much of the breadth of technology we offer; mapping our capabilities against real-world cyber threat scenarios and security operations requirements – complex external attacks, insider threats, anomalous behaviour detection, incident response and attack visualisation. We believe that recognition for our security analytics solutions is a great endorsement of our position at the vanguard of this space.”
A copy of the Forrester Security Analytics Wave™ is available to download here.
END
About Huntsman Security
Huntsman Security – founded in Sydney, Australia – is a cyber security specialist focused on real-time security threat detection, verification and resolution. Their Security Analytics and Automation solutions are deployed in complex, diverse, enterprise level environments including national intelligence, border protection and critical infrastructure. Used on-premise, in the cloud or underpinning an MSSP solution, Huntsman Security offers defence-grade protection that proactively detects indicators of compromise and allows companies to quickly resolve issues. Huntsman has offices in Australia and the UK, with operations in Japan and the Philippines.
Huntsman Security Media Contact
Dominic Walsh https://huntsmanphp7.flywheelsites.com | +44 (0) 207 436 0420 | media@huntsmansecurity.com
Read More
Huntsman Security, a leading vendor in advanced Security Analytics solutions and manufacturer of Huntsman technology increases investment in support.
Huntsman Security announced today its expansion in the Australian market to support the increasing demand for the ASD Essential Eight Monitoring solution that gives organisations the ability to benchmark their cyber posture against the Australian Signals Directorate’s recommended cyber mitigation strategies.
Martin Buckland has been appointed as General Manager APAC responsible for customer and partner engagement as well as strategic development.
Additionally, following a recent recruitment process, Huntsman Security has increased engineering resources in Canberra to ensure new and existing customer installations continue to receive a high level of local engineering support and training.
“Dealing with the volume and complexity of threats is an increasing challenge for organisations, the exposure to risk is enormous” commented CEO, Peter Woollacott. “Our customers can be assured that they have on-the-ground local support to ensure they are operating using all available automated functionality. Face-to-face training is also available for new users of Huntsman technology”.
The ASD Essential Eight Monitoring capability removes subjectivity associated with self-assessment and reporting. It instantly identifies real-time non-compliance for remediation and saves time, cost and money when compared to manual auditing methods or a breach.
END
About Huntsman Security
Huntsman Security is a privately owned Australian cyber security software developer with offices in Sydney and London and operations in Tokyo and the Philippines. The client base comprises Government departments that include defence, intelligence, social welfare and law enforcement as well as critical infrastructure organisations. See www.huntsmansecurity.com.
Huntsman Security Media Contact
Dominic Walsh +61 (0) 2 9419 3200 media@huntsmansecurity.com
www.huntmsansecurity.com @tier3huntsman
Read More