Organisations stand to save thousands of pounds by more regular, scalable and automated penetration testing.
CyberScore™ aims to help organisations of all sizes and sectors assess their current cybersecurity posture and bolster their defences – at scale, and for a fraction of the time and cost of traditional penetration testing.
According to recent research from GCHQ, 80 – 90% of the economic losses due to cybercriminality stem from organisations’ inability to exercise the basics. Cyber security has now become a critical business risk at board level, rather than just a headache for IT departments. In the wake of high-profile attacks such as NotPetya and WannaCry, government departments warning about Russian supply chain attacks and UK NHS Trusts failing basic security practice under the CyberEssentials programme, CEOs are left scratching their heads.
Created by a team of developers and former GCHQ, government and defence employees, CyberScore™ empowers businesses to become more cyber savvy, mitigate risk, protect bottom lines and safeguard reputations in an ever-changing, highly dynamic threat landscape. Born of the need to simplify the practice of cyber security and educate organisations and their employees in the process, the tool automates penetration testing and expands it from a narrow view to an evidence-based assessment of the internal network and wider supply chain of suppliers and partners – in a matter of seconds.
After downloading and running the software across a network, businesses are provided with a free, top level summary of the organisational calculated risk rating. Detailed technical reports and high level assessments for the board can also be provided for a fee, and are designed to show any potential vulnerabilities on the network. It can also assess the likelihood of an organisation passing a Cyber Essentials certification.
CyberScore™ is much cheaper and more reliable than traditional penetration testing, which usually costs tens of thousands of pounds and weeks of time spent by humans to conduct testing manually. XQ Cyber’s tool automatically analyses the data mined from inside and outside an organisation, identifies any vulnerabilities found, and relays this information back to the user, with a rating from 1-10 for the internal assessment and a letter from A-F for the external, along with the option of a Get Well Plan to remediate any issues. Using the third party dashboard, an organisation can also use CyberScore™ to build a heat map of their supply chain. By having a view of potential risk – either internally or throughout the supply chain – organisations can have proactive conversations with suppliers and partners, and make better procurement and business decisions based on the scores provided through the tool.
“At XQ Cyber, we’re on a mission to help organisations gain a far clearer understanding of the importance of cybersecurity within a business”, said David Carroll, CEO of XQ Cyber. “CyberScore™ will not only give businesses an easy-to-understand rating of the security of their own networks and those of any third parties they deal with, but will also advise on how to fix any issues that arise, how to get well again, and how to communicate the health of their network with suppliers.”
“With CyberScore™, organisations will be able to apply smart technology to basic problems in order to assess the cybersecurity of themselves, their suppliers and their partners,” continued Carroll. “Much like a credit rating is used to demonstrate a company’s financial reliability; the ultimate goal is for ‘CyberScore™’ to enter the lexicon and used to communicate the strength of a company’s cybersecurity.”
Rupert Lee-Browne, CEO, Caxton FX added: “As a fast-growth financial business, we need confidence that not only are our networks super-secure but that our cybersecurity partner is able to provide a truly scalable system. With outside actors targeting financial companies far more than ever before, and Category One attacks now considered an inevitability by the NCSC and industry, a tool such as CyberScore™ enables us to remain as secure as possible in our networks to avoid a potentially crippling cyber-attack.”