As the world recovers from the WannaCry ransomware attack, and New Zealand breathes a collective sigh of relief, one cyber security start-up is seizing the moment.
Based in Auckland and built to service a growing market, CyberSecure 360 is delivered through four core offerings, ranging from creating policies, processes and procedures through to implementing threat monitoring solutions and real-time monitoring.
“What makes us unique is our end-to-end approach to cyber security,” CyberSecure 360 chief cyber security officer Mathew Jose told Reseller News.
“We mitigate risks by identifying risks arising from people, process and technology.
“Our promise is that by using our solutions, you can measure the business becoming secure over time. We have also made sure that our solutions are modular and are easy to understand.”
With three staff currently on board, the business officially launched on 6 March 2017, as a subsidiary of Ubiquity in New Zealand.
“When we looked for a cyber security partner for Ubiquity, we found organisations that simply wanted to sell us technology products,” Jose explained.
“Or they wanted to charge exorbitant amounts of money for simply doing an audit. We recognised that we could spend a lot of money but not actually improve our security position.”
Consequently, Jose realised that to succeed, the business would have to cover every aspect of security, from software, to physical building and access, through to staff policies, procedures, monitoring and response.
“We also needed to cover the security of suppliers,” he explained. “And we needed to continually test our security to make sure it's actually working.”
Drawing on technical expertise and corporate experience, Jose and his team explored the ISO27k frameworks for security, yet came to the conclusion that they don’t suit most businesses in New Zealand.
“We needed to deliver measurable security value quickly and to continually improve over time,” Jose told Reseller News.
“We needed a logical, modular approach that gave us clear visibility of our security framework, that prioritises the highest risks and that allows us to plug-in enhancements as resource and budget allow.”
Step forward CyberSecure 360, an end-to-end solution spanning Framework, Perimeter, People and Monitor offerings.
“The CyberSecure 360 People is a security awareness program and Framework is a homegrown framework from ISO 27001 recommendation which has gone through years of iterations,” Jose said. “They are entirely ours.”
Meanwhile, Jose said CyberSecure 360 Perimeter used best in class industry products such as AlienVault USM and Webroot end-point protection for perimeter protection, while CyberSecure 360 Monitoring is the company’s managed security services offering.
“We are looking for partners in cyber security space,” he added. “Cyber security is a vast domain, and as such there are specialist areas like firewall configuration and modification, penetration testing, etc. which we don’t do and are looking for partnering with like-minded companies to provide a wide range of services.”
According to Jose, businesses in New Zealand “have all heard the stats” before when it comes to security, statistics that show 58,000 Kiwi companies have been hit by cyber crime during the past two years.
With an estimated cost ranging between $250m - $400m per year, it paints a daunting picture for organisations nationwide.
Yet despite a rise in attacks, nearly half of businesses locally fail to have adequate cyber response plans in place.
“But for New Zealand companies the reputational risk to directors and CEOs is too great to ignore,” Jose added. “A company needs to develop an appropriate end-to-end security approach and this needs to be driven at the executive level.
“Implementing a suitable security position is a journey while maintaining it requires ongoing monitoring, testing and reviewing.”
For Jose, complexity continues to rank as the primary reason why cyber security is ignored in boardrooms.
“When you engage with CyberSecure 360 we identify the most immediate high risk issues and address those first,” Jose added. “We'll work with your team to understand your business and develop a security roadmap that's just right.
“We'll then recommend the actions you need to take over time and in the right order addressing the highest priority risks as budget and resources allow.
“It’s a modular framework with plug-in solutions that's easy to understand and provides faster speed to value.”