Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

10/21/2013
11:31 AM
50%
50%

Agiliance-Former CIA CISO Offer Cybersecurity Evals

Online Cyber Stress Test uses the Agilance RiskVision cloud platform to evaluate an organization's preparedness against cyber-risks

Cyber Security Preparedness Evaluations Developed by Retired CISO for U.S. Central Intelligence Agency Being Delivered via Agiliance RiskVision Cloud Service Washington and Sunnyvale, Calif. - October 18, 2013 - 2BSecure LLC, a global consulting firm focused on demystifying technology security risk, and Agiliance®, Inc., the leading independent provider of Integrated Risk Management solutions for Governance and Security programs, today announced the launch of a free online Cyber Stress Test, which scores an organization's cyber security risks in the face of real-time and sustained threats.

The Cyber Stress Test was designed by Robert Bigman, whose career spanned 30 years at the U.S. Central Intelligence Agency (CIA), with the last 15 years as its CISO. The Cyber Stress Test is based on his experience protecting some of the world's most sensitive networks and quantifies an organization's security risk posture across five categories - Program Governance, Security Organization, Policies and Standards, Technical Security, and Mitigation Procedures. The overall and category risk scores generated by the Cyber Stress Test provide a pragmatic benchmark and actionable insights for determining an organization's cyber security preparedness including areas that need strengthening against threats.

The award-winning Agiliance RiskVisionT Managed Risk-as-a-Service (M-RaaS) is being used to implement the Cyber Stress Test evaluations. It presents users with a confidential, comprehensive, and secure survey of 79 questions that requires simple yes, no, or don't know answers. Users can complete the test in one or multiple sessions, browse questions non-linearly by category, and save their partial answers at any time. Once submitted, they can view, share, and print accurate and persistent risk scores for overall and individual category results.

Organizations are encouraged to take the Cyber Stress Test before they fall victim to a debilitating cyber-attack, or to a regulator who tests them before they test themselves. According to the Ponemon Institute 2013 Cost of Cyber Crime Study, since 2012 cybercrime costs have risen 26% and the time it takes to resolve cyber-attacks has increased 33%. Independent research studies estimate the global cost of cybercrime for enterprises and consumers to be between USD 300 billion and USD 500 billion. Meanwhile, in November the UK Bank of England, Treasury and Financial Conduct Authority (FCA) will simulate a major cyber-attack on banks to assess the preparedness of the UK's core financial services providers.

"The Cyber Stress Test was inspired by the Dodd-Frank Act Capital Stress Test given annually to major US financial services institutions," said Robert Bigman, chief executive officer at 2BSecure. "After consulting with a wide range of CIOs, CROs, and CISOs in the commercial sector, we identified a large unmet need for a comprehensive, easy to implement security risk assessment service that provides visibility into an organization's cyber threat preparedness from governance to mitigation. That is exactly what the Cyber Stress Test delivers."

"You can schedule an audit, but you can't schedule a cyber-attack," said Agiliance president and chief executive officer Joe Fantuzzi. "We collaborated with Robert and 2BSecure to make it fast and easy for organizations to take the Cyber Stress Test using the Agiliance RiskVision cloud service. It provides a simple and secure way for any global organization to measure their risk posture and establish a baseline for knowing where and how they need to harden their cyber security defenses."

Click here to see an example Cyber Stress Test report. Register here to test your cyber security defense readiness. Once registered, you will receive an email with a link to the Cyber Stress Test on behalf of and for the benefit of your organization.

About 2BSecure

2BSecure was founded by Robert Bigman upon retiring from a 30 year career at the Central Intelligence Agency. With over 25 years of information security experience, Robert served the last 15 years as the Agency's Chief Information Security Officer. Receiving numerous awards, Robert built the model information security program in the U.S. Intelligence Community. Robert contributed to almost every Intelligence Community and U.S. Government information security policy and frequently briefed congressional committees and presidential commissions. For more information, please visit http://2bsecurellc.vpweb.com.

About Agiliance

Agiliance is the leading independent provider of Integrated Risk Management solutions for Governance and Security programs. Agiliance RiskVision is automating how Global 2000 companies and government agencies achieve continuous monitoring of big data across financial, operations, and IT domains to orchestrate incident, threat, and vulnerability actions in real time. Agiliance RiskVision customers demonstrate automation use cases within 30 days on-demand, and within 60 days on-premise, made possible by a configurable platform and applications, broad library of technology integrations, and vast domain and regulatory content. Agiliance RiskVision scales with businesses, effectively managing assets, data, people, and processes to achieve 100% risk and compliance coverage. Its real-time risk analysis leads to optimized business performance and better investment decisions. For more information, please visit www.agiliance.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...