LONDON, UK & SYDNEY, AUS – 24 January 2019: As executives struggle to understand their organisations’ exposure to cyber-risk, Huntsman Security has launched The Security Scorecard – the first tool of its kind to give instant visibility of an organisation’s Cyber Security Posture. The Scorecard is a standalone product that gives non IT people such as auditors, risk managers and senior executives a clear understanding of an entity’s cyber security exposure.
Security Scorecard Dashboard
The Scorecard technology automatically measures eight key security controls whose effectiveness determines just how secure an organisation is from a cyber-attack. Based on findings by the Australian Signals Directorate (ASD), these best practice controls can reduce the likelihood of a cyber-attack by more than 85 percent. Measuring against these, the Scorecard gives an immediate and automated understanding of risk and exposure: allowing the business to tune the effectiveness of the controls in line with its risk appetite.
“One of the biggest issues security teams face is presenting a convincing argument to the board about what measures need to be taken to reduce risk, and why,” said Jon Collins, industry analyst at Gigaom. “In this situation, the security team doesn’t want to present a list of thousands of outstanding actions, but a shortlist of the highest priorities. A simple scorecard acts as a paring knife, allowing organisations to act more quickly to reduce risk.
Ultimately, any organisation suffering a breach wants it to be because they fell victim to a complex, never-before-seen attack; not because they failed to follow basic precautions. Huntsman’s scorecard is a great starting point for security teams and executives who want to ensure they have taken essential precautions, based on clear criteria.”
Utilising the “Essential Eight” controls, the solution consists of eight processes that, together: prevent initial attacks, and limit the extent of incidents, recover data and restore systems availability.
The processes are split into a ’Top Four’ – application whitelisting, patching applications, patching operating systems and restricting admin privileges – that are critical to achieving security: plus a further four – disabling untrusted Microsoft office macros, user application hardening, multi-factor authentication and daily backup of important data. The ‘Top Four’ controls are mandatory for Australian federal government departments, and the eight controls collectively complement the best practices put in place by other Governments, such as the UK or USA.
The Security Scorecard continuously measures the performance of the controls, reporting clear metrics and red, amber, green colour-coded status that is easily understood by any audience.
Security Scorecard – Status of Controls
Armed with this information, stakeholders have an immediate overview of their exposure and security teams know whether to focus on these essential processes or examine other ways to reduce risk further.
A standalone product, the Scorecard has a small proactive footprint that sits alongside other security technologies. Security teams can continue with their primary operations without any distraction and without significant investment in new security systems. Because of this, the Scorecard is easy to implement for any organisation.
The Scorecard can be used by organisations in a supply chain to give visibility of their security posture to partners up and down the chain.
“No matter how good or detailed your criteria for effective security, if you only measure it once a year; it won’t give auditors a representative view of operations and it certainly won’t enable the proactive management of risk that security teams and executives aspire to”, said Peter Woollacott, CEO and founder of Huntsman Security.
As a Computer Aided Audit Tool (CAAT), the Scorecard comes into its own; rather than providing an expensive ‘snapshot in time’ it delivers a continuous view of cyber posture for auditors. It also serves to support security specialists in their pursuit of plugging any security gaps.
The Security Scorecard is available now: huntsmansecurity.com/products/security-scorecard/
Huntsman Security is a privately owned Australian cyber security software developer with offices in Sydney and London and operations in Tokyo and the Philippines. The client base comprises Government departments that include defence, intelligence, social welfare and law enforcement as well as critical infrastructure organisations. See www.huntsmansecurity.com/company/
Dominic Walsh +44 (0) 20 7436 0420
Security Analytics solutions, have expanded next-generation SIM from rules-based detection to include data science tools such as machine learning and artificial intelligence. Security Analytics enables the effective management of growing data volumes and infrastructure complexity. The capabilities help defend networks from increasingly sophisticated cyber attacks by enabling rapid detection, analysis and understanding of threats so complex cyber security attacks or insider threats can be identified and mitigated in real-time.
“Huntsman Enterprise SIEM combines SIM capabilities with behavioral anomaly detection. The add-on Huntsman Analyst Portal provides threat verification, investigation, and automated resolution … Options for multi tenant licencing and per-user pricing are also available.”
Security Analytics encompasses the very areas that Huntsman Security has pioneered – dealing with high volumes of machine and user generated data, processing it at high speed using a range of analytics techniques including advanced correlation, machine learning, behaviour anomaly detection and alert verification to protect against attacks, compliance breaches and data loss.
Huntsman Security was one of only 3 vendors to score the maximum in compliance support criterion (a common driver for security investments) and also scored the maximum for its ability to handle large implementations. See here for more details.
“Forrester have carefully assessed market demand and a number of security analytics offerings in terms of how they solve the problem of detecting ever growing numbers of cyber threats quickly and effectively. So we are pleased to have been acknowledged as a Strong Performer in the provision of this type of technology to support the cyber resilience efforts of our customers.”
“The Wave assessment is thorough, and spans much of the breadth of technology we offer; mapping our capabilities against real-world cyber threat scenarios and security operations requirements – complex external attacks, insider threats, anomalous behaviour detection, incident response and attack visualisation. We believe that recognition for our security analytics solutions is a great endorsement of our position at the vanguard of this space.”
A copy of the Forrester Security Analytics Wave™ is available to download here.
About Huntsman Security
Huntsman Security – founded in Sydney, Australia – is a cyber security specialist focused on real-time security threat detection, verification and resolution. Their Security Analytics and Automation solutions are deployed in complex, diverse, enterprise level environments including national intelligence, border protection and critical infrastructure. Used on-premise, in the cloud or underpinning an MSSP solution, Huntsman Security offers defence-grade protection that proactively detects indicators of compromise and allows companies to quickly resolve issues. Huntsman has offices in Australia and the UK, with operations in Japan and the Philippines.
Huntsman Security Media ContactRead More
Huntsman Security, a leading vendor in advanced Security Analytics solutions and manufacturer of Huntsman technology increases investment in support.
Huntsman Security announced today its expansion in the Australian market to support the increasing demand for the ASD Essential Eight Monitoring solution that gives organisations the ability to benchmark their cyber posture against the Australian Signals Directorate’s recommended cyber mitigation strategies.
Martin Buckland has been appointed as General Manager APAC responsible for customer and partner engagement as well as strategic development.
Additionally, following a recent recruitment process, Huntsman Security has increased engineering resources in Canberra to ensure new and existing customer installations continue to receive a high level of local engineering support and training.
“Dealing with the volume and complexity of threats is an increasing challenge for organisations, the exposure to risk is enormous” commented CEO, Peter Woollacott. “Our customers can be assured that they have on-the-ground local support to ensure they are operating using all available automated functionality. Face-to-face training is also available for new users of Huntsman technology”.
The ASD Essential Eight Monitoring capability removes subjectivity associated with self-assessment and reporting. It instantly identifies real-time non-compliance for remediation and saves time, cost and money when compared to manual auditing methods or a breach.
About Huntsman Security
Huntsman Security is a privately owned Australian cyber security software developer with offices in Sydney and London and operations in Tokyo and the Philippines. The client base comprises Government departments that include defence, intelligence, social welfare and law enforcement as well as critical infrastructure organisations. See www.huntsmansecurity.com.
Huntsman Security Media Contact
Dominic Walsh +61 (0) 2 9419 3200 firstname.lastname@example.org
Continuing its aim to bolster international interoperability and innovation, Huntsman Security signs up to the growing international cyber security community organisation
London, 24 October 2017 – As part of its continued outreach and drive to build and contribute to communities of interest and collaboration in the global cyber security marketplace, Huntsman Security has signed up to the Global Cyber Alliance.
Huntsman Security participates in a range of industry fora and collaboration bodies in its primary markets of Australia, Asia, EMEA and North America. Piers Wilson, Head of Product Management said:
“Cyber security is very much a team sport; solutions need to interoperate, organisations need to be able to share techniques and threat intelligence, government and industry need to work together and the triumvirate of people, process and technology requires a balanced approach.”
“The GCA aims to promote this concerted cooperative approach to cyber risk across the globe and in all industries so it is a natural fit for Huntsman,” he continued.
Huntsman Security brings expertise and technology from high security, real-time environments and its solutions allow organisations in all sectors and at all levels of risk to benefit from its high speed cyber-risk detection, security analytics, automated threat verification and response orchestration capabilities.
Peter Woollacott, Huntsman Security’s CEO, said: “We’ve seen the kinds of concerted attacks that once plagued only the higher echelons of government become all too prevalent in the wider corporate space. Where once only the defence and intelligence sectors had to worry about state-sponsored attacks, and only the police had to worry about organised crime, in the connected world of modern technology those risks are faced by everyone.”
About The Global Cyber Alliance
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks.
GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police, and the Center for Internet Security. Learn more at www.globalcyberalliance.org.
About Huntsman Security
Huntsman Security pioneered intelligent enterprise and cyber security with its landmark platform, Huntsman Enterprise SIEM, incorporating Behaviour Anomaly Detection (BAD). The Huntsman Analyst Portal® adds a whole new level of intelligence to automated incident response and the threat resolution process. Huntsman Security patented key aspects of BAD to detect anomalies in real time and so provides early warning of cyber threats, data leakage, malware and fraud. The Huntsman portfolio is a defence-grade cyber security platform which includes threat detection, security analytics and incident resolution. It is deployed in central government, finance and infrastructure environments in the UK, Japan and Australia. See www.huntsmansecurity.com.
Huntsman Security Media ContactRead More
London, 26 July 2017 – UK police forces detected and investigated at least 779 cases of potential misuse of data by personnel between January 1st 2016 and April 10th 2017 according to a Freedom of Information (FOI) request by Huntsman Security. Despite the high number of cases, the request also revealed that forces are actively following recommendations to address this issue.
34 forces across the UK confirmed that they have implemented plans to ensure they have the capability and capacity required to seek intelligence on potential abuse of authority by staff. For all but one of the forces, those plans include monitoring IT systems to ensure they aren’t being accessed or used for unethical purposes. The findings come in the wake of the PEEL: Police Legitimacy 2016 report, which found that forces needed to do more to investigate and prevent staff abuse of IT systems and sensitive personal data, in order to protect the legitimacy of, and trust in, the police.
“Public trust and legitimacy is critical for the police: without these, a modern police force risks losing the confidence of the people it aims to serve,” said Peter Woollacott, CEO, Huntsman Security. “If there is any prospect of the safety and security of information being at risk, then every action should be taken to safeguard it before damage is done. The PEEL report highlighted that forces cannot rely on abuses being reported.
Implementing systems that don’t themselves intrude on privacy, but can identify when someone is accessing data that they shouldn’t be, is a good way for forces to ensure all personnel are behaving in an ethical manner when it comes to sensitive data.”
Published in January 2017, the PEEL report investigated whether police forces and personnel were treating their privileged status ethically, and how this affected their legitimacy. The investigation reviewed issues such as whether personnel were accessing and abusing forces’ stored personal data – and found more than a third (37%) of forces ‘required improvement’. The report stated that ‘many [forces] need to improve their ability to seek out intelligence’ on the subject, rather than waiting for complaints from members of the public or within the organisation.
Compared to 603 investigations taking place in 2016, there were 176 in the first 100 days of 2017. As some forces were unable to reveal the number of cases in 2017 due to on-going investigations, it is likely that the true figure will be higher. Given that one of the recommendations from the PEEL report was the implementation of better monitoring systems, the hope is that police forces will continue to become more adept at identifying misuse of systems and applications.
“The fact that so many potential cases were reported shows that this is still a serious problem. However, it is very encouraging to see forces taking concrete steps to address the issue,” continued Woollacott. “These statistics underline just how complicated data protection really is. Regardless of whether they are a police force or a pension fund, all organisations need to make sure that their data is being stored and used correctly by all personnel. Critically, they need to be able to continuously monitor to ensure that this is the case.”
About the Freedom of Information Request:
Huntsman Security contacted 45 police forces across the UK. Ten forces did not respond, while one responded but did not provide any information.
About Huntsman Security
Huntsman Security pioneered intelligent enterprise and cyber security with its landmark platform, Huntsman® Enterprise SIEM, incorporating Behaviour Anomaly Detection (BAD). The Huntsman Analyst Portal® adds a whole new level of intelligence to automated incident response and the threat resolution process. Huntsman® patented key aspects of BAD to detect anomalies in real time and so provides early warning of cyber threats, data leakage, malware and fraud. Huntsman® is a defence-grade cyber security platform which includes threat detection, security analytics and incident resolution. Huntsman® is deployed in central government, finance and infrastructure environments in the UK, Japan and Australia. See www.huntsmansecurity.com.
Huntsman Security Media ContactRead More
LONDON, UK – July 07, 2017 – Huntsman Security is delighted to announce that its product suite received a “Best Security Product” award, voted for by the delegates and attendees at the ISSA-UK Summer Conference on July 6.
Reflecting the culmination and evolution of its security analytics, behavioural anomaly detection and attack detection technology, Huntsman®’s solution brings security analytics, automated threat verification and response capability to enterprises that are struggling to deal with the volume of alerts and false positives generated by modern security controls and the need to respond to real threats in a timely manner.
Andy Burston, Security Specialist at Huntsman® in the UK said: “This is a great endorsement of the solution – our approach to industrialise and automate the threat detection, verification and response process gives tangible benefits, including time and energy savings, repeatability and reduced time-at-risk to our customers.”
Philip Black, Huntsman®’s presenter during the ISSA-UK event added: “Really the people that deserve credit for this award are the development team at Huntsman®, they are responsible for turning the innovative ideas and designs we have into the end product that’s been successful today.
“The business value of being able to detect cyber threats more quickly, understand them and then automatically respond is pretty clear.”
This award adds to the recognition and acclaim the Huntsman Security portfolio has received, including being included in the Forrester Research Vendor Landscape and Wave™ for Security Analytics solutions and being shortlisted finalist in several awards including the National Technology Awards, UK IT Industry Awards and Cyber Security Awards.
Information on Huntsman Solutions can be found at: www.huntsmansecurity.com.
Try our free 5 Step Cyber Security benchmark tool as a first step —> http://smixly.com/awyvuP
— Ends —
About Huntsman Security:
Huntsman Security – founded in Sydney, Australia – is a cyber security specialist focused on real-time security analytics and threat detection, automated verification and resolution.Read More
LONDON, UK – May 24, 2017 – Huntsman® once again won a place in the primary UK government digital marketplace for IT products and services with its security Protective Monitoring Solution offering through the G-Cloud 9 framework. The solution features include log and activity monitoring, compliance reporting and the ability to leverage advanced analytics and threat detection.
Huntsman®’s solution for public sector customers is aligned to past compliance standards and current guidance, including the former GPG13 guide and the more recent NCSC updated guidance on security operations and monitoring at https://www.ncsc.gov.uk/topics/monitoring.
The solution is deployed as a virtual appliance on customer’s own on-premise or cloud environment and provides robust and comprehensive protective monitoring capabilities under their full operational control that includes cloud-based and local systems as well as network, platform and application logs.
Being available through the digital marketplace means that departments and agencies can purchase the technology and deploy it quickly through pre-approved commercial arrangements.
Huntsman® was the first software solution within the digital marketplace and has continued to offer self-managed, on-premise deployment and protective monitoring of both cloud and local systems since.
Full details are at: https://www.digitalmarketplace.service.gov.uk/g-cloud/services/719705209626868
Mairead Keaney, Head of EMEA for Huntsman Security, said: “Offering solutions to public sector customers through the digital marketplace means they can get easy access to leading-edge security analytics and compliance monitoring technology that is flexible to procure, deploy and operate. It gives peace of mind and full visibility of security event activity across cloud and on-premise systems”.
About Huntsman Security:
Huntsman Security – whose parent Tier-3 was founded in Sydney, Australia – is a cyber security specialist focused on real-time security analytics and automation to provide threat detection, verification and resolution. Deployed in mission-critical security environments, national intelligence, border protection, banking and infrastructure globally, Huntsman offers defence-grade cyber security that proactively detects indicators of compromise and allows companies to quickly resolve issues. Huntsman® is deployed in complex, diverse environments across the world, and has offices in the US, Australia, the UK and Japan.
About G-Cloud 9 / Digital marketplace
The Digital Marketplace is the online platform that all public sector organisations can use to find and buy cloud-based services. Public sector organisations, including agencies and arm’s length bodies, can use the Digital Marketplace to find people and technology for digital projects, including:
UK Media Contact:
+44 (0) 20 7436 0420Read More
Sydney, 8 December 2016. Huntsman Security announced today the launch of its Automated Cyber Security capability that industrialises threat management using reliable, repeatable processes to decrease an organisation’s time at risk to seconds.
“Dealing with the volume and complexity of threats manually is no longer an option for organisations, the risks are too great” commented CEO, Peter Woollacott. “Our customers can now automate a number of security functions, including threat verification and resolution to reduce risk and free up skilled security resources to focus on high value activity such as threat hunting and improving vulnerability management”.
The Security Director of an Australian Government department customer said:
“I am blown away by what we can see. The level of visibility and insight it gives us is far beyond any that we had before. The team is really focused now on investigating identified threats such as this one and building more proactive robust processes”.
The Huntsman Analyst Portal® Security Analytics capability was developed over 2 years and has been acknowledged for its real-time automated capabilities in Forrester Research’s Vendor Landscape Report: Security Analytics published in November 2016. Huntsman’s state-of-the-art platform uses a variety of complementary technologies to deliver:
The benefits to any organisation are significant; both at a security operations and a business level. Analysts and risk practitioners get real-time visibility of incidents and relevant supporting intelligence for timely and effective response. The resulting workflow efficiencies enable security resources to be redeployed in more effective proactive activities. These operational improvements enable the timely advice of threats that require a business response, in seconds rather than days and weeks.
Please contact Huntsman Security at email@example.com for further information.
About Huntsman Security
Huntsman Security is a private Australian company that pioneered intelligent enterprise and cyber security with its landmark platform, Huntsman® Enterprise SIEM, incorporating intelligent machine-learning and Behaviour Anomaly Detection (BAD). In Forrester Research’s Vendor Landscape Report: Security Analytics, Huntsman® is now acknowledged for delivering an end to end process for information security management using real-time Security Analytics. The capability delivers real-time safe automation to reduce an organisation’s time at risk. Huntsman® is deployed in central government, finance and infrastructure environments in the UK, Japan and Australia. See www.huntsmansecurity.com.
Huntsman Security Media Contacts
UK Dominic Walsh +44 (0) 845 222 2010 firstname.lastname@example.org
AUS Paul Wickham +61 (0) 412 398 489 email@example.comRead More
Massive growth in interest around security analytics, threat management and automation has driven rapid evolution of Huntsman Security cyber risk solutions with new version released today
Sydney, May 31 2016. Huntsman® today announced the latest release of its enterprise-wide cyber defence technology. This update enhances the security analytic capabilities, expands the cloud integration connector and delivers increased response capabilities.
“This new version builds on the existing capabilities we have in enterprise security analytics, machine-learning and automated threat resolution – extending the capabilities of the core technology and continuing to increase its maturity.” said Piers Wilson, Huntsman’s Head of Product Management.
Peter Woollacott, Huntsman® founder and CEO, said: “Building on our proven track record of machine-learning, anomaly detection and security analytics, Huntsman® is the first vendor in the sector to recognise and address the need for automated threat verification to re-engineer the detection-to-resolution process and reduce the time-at-risk.
This latest release maintains that innovation – and has been driven not only by our own R&D but also customer requirements and extensive discussions with leading market analysts.
Industry experts are now recognising and recommending the value of both machine learning and automation in the end-to-end cyber security threat management process.”
The latest releases of Huntsman Enterprise SIEM and Huntsman Analyst Portal®, now generally available, provide increased functionality in terms of the analytic capability to further improve threat detection, operator useability, and process automation to eliminate false positives and provide cyber security analysts with the information necessary to accurately respond, at speed, to only real threats.
Recent research by FireEye in the 2016 M-Trends report highlighted that 53% of breaches are still detected externally, with an average time from compromise to discovery of hundreds of days. “As breaches continue to hit the news, organisations are increasingly looking to speed up the response and provide certainty to stakeholders that they have the necessary people, technology and processes in place to detect attacks and respond.” commented Piers Wilson.
The enhancements to cloud integration capabilities also deliver improved monitoring and visibility for businesses that have adopted cloud services for IT delivery.
Please contact Huntsman Security at firstname.lastname@example.org for further information.