Provider of Gartner recognised Integrated Risk Management (IRM) solutions and cybersecurity services, SureCloud, teams up with Australian information security, governance, risk and compliance specialist FirmGuard to deliver a suite of pioneering tech-based services. The strategic partnership combines SureCloud’s award-winning technology and methodologies with FirmGuard’s expertise in compliance readiness and advisory solutions across global and regional security standards and regulatory frameworks such as GDPR, APRA CPS234/CPG235 and ISO 27001. FirmGuard powered by SureCloud Using the SureCloud platform and the Secure Controls Framework™ (SCF), FirmGuard will deliver faster and more comprehensive readiness and mobilise engagements across multiple standards and control domains. The SureCloud platform offers enhanced end-user experiences, real-time reporting, digestible dashboards and other automation. These capabilities enable organisations to act on readiness findings and remediate them prior to compliance or certification and manage ongoing compliance obligations post-audit. Cyber and risk services This on-demand and subscription-based service will revolutionise the way clients consume cyber and risk services The partnership will also enable FirmGuard to provide a range of innovative cybersecurity services including an “as-a-service” proposition that gives its users access to SureCloud’s Cybersecurity-as-a-Service and PTaaS (Pen Testing as a Service) offering. This unique, on-demand and subscription-based service will revolutionise the way clients consume cyber and risk services with a focus on strategic outcomes with fixed cost and on-demand support. Governance and compliance frameworks Ben Jepson, VP Cyber Services, SureCloud said, “We are delighted to be partnering with FirmGuard to bring our unique-tech enabled services underpinned by our GRC platform into the ANZ & APAC markets. These markets present an exciting opportunity for us and the combination of SureCloud technology and FirmGuard’s experience and knowledge in the local cyber, risk and compliance market creates an ideal partnership. Our proposition which has supported a variety of organisations across EMEA and North America since 2006, will bring a unique user experience to clients making it easier to manage multiple governance and compliance frameworks, and providing a flexible subscription model to consume our accredited services.” National and international regulatory reforms Dan Ussher, Founder & CEO at FirmGuard said, “Organisations need to adapt to new regulatory frameworks while dealing simultaneously with a vast range of other national and international regulatory reforms. Compliance and InfoSec are complicated and often misunderstood. The partnership with SureCloud delivers enhanced capability to optimise existing services to deliver and manage multiple governance and compliance frameworks, fast." "Our on-demand advisory services are complimented with SureCloud’s proven processes and client base. We are excited to be powered by SureCloud and we see a bright future for two organisations with shared capability, technology and values to come together.”
SureCloud announces delivering its services through a cloud-based platform, offering a suite of pragmatic and integrated Cybersecurity, Risk, and Advisory services. The company has announced the launch of its Cyber Resilience Assessment (CRA) solution to provide security assurance for organisations transitioning to ‘the new normal’ of remote working. Cyber Resilience Assessment The new solution has been introduced in response to the changing threat landscape caused by the rapid move to remote working, in the wake of COVID-19 pandemic. During this period, organisations have had to adapt quickly to maintain business operations, which in turn, have led to potential compromises in cybersecurity. SureCloud’s Cyber Resilience Assessment provides a three-stage approach to address this issue. Assessment of new security and risk posture Firstly, a response analysis is undertaken to learn the lessons from the enforced move to remote working. This is followed by an assessment of the new security and risk posture considering factors such as radically changed perimeter security and data leakage potential. During this phase, a targeted phishing exercise is also undertaken in consideration of the dramatic rise in attacks over the course of the COVID period, up by 600%. Finally, based on outputs from the first two phases, a clear plan is produced to stabilise and secure the business considering new and emerging threats. Remote working guidelines SureCloud also provides useful remote working guides, which include cybersecurity best practices SureCloud also provides useful remote working guides, which include cybersecurity best practices, a checklist of security considerations, social engineering services and security clinics with SureCloud’s expert security consultants. These features, along with access to dynamic reporting using SureCloud’s Gartner recognised platform, basically mean the Cyber Resilience Assessment solution is an effective way to help organisations ensure their cyber resilience and stabilise their business operations. Countering business risks posed by remote working Speaking on the launch, Ben Jepson, Vice President of Risk Advisory at SureCloud, said, “Recent global events have caused a widespread business operational change, forcing organisations to adopt remote working practices in a phenomenally short period of time. We fully expect these new practices, or an iteration of them to be the new normal moving forward.” Ben adds, “Remote working can bring a range of new business risks that impact people, processes, and technology. Therefore, it is important for organisations to take stock of their new risk and security posture, learn lessons from enforced remote working, and implement a plan to ensure their cyber resilience moving forward.” Enhanced risk management and cybersecurity He continued, “SureCloud is dedicated to making risk management and cybersecurity as streamlined and straightforward as possible, so we are delighted to announce the launch of our Cyber Resilience Assessment service. We are confident that organisations will find it useful to gain security assurance in their transition to a new way of working.”
Snoop is a fintech start-up, established in spring of 2019 by a team of former senior managers at Virgin Money. Drawing on their heritage of building consumer champion brands and solutions, as well as the opportunities fostered by Open Banking, the co-founding group wanted to create an application which would deliver personalised advice to users across all of their spending, including direct debits and payment accounts. AI-driven analysis and cloud-based platform Snoop enables users to connect all bank accounts and payment cards to a single cloud-based platform, Open Banking Snoop enables users to connect all of their bank accounts, credit cards and payment cards to a single cloud-based platform, Open Banking and then uses Artificial Intelligence (AI) to analyse their spending and transaction patterns. The powerful application then automatically identifies ways for users to ‘spend smarter, save smarter, live smarter’, using hyper-personalisation to provide them with a feed of ‘snoops’. These could include advice that a particular recurring payment is fluctuating, providing suggestions for recommended product switching, and tips to make a consumers money go further. Whilst Snoop is not a bank, it does interface with systems that handle customers’ financial information and is regulated by the FCA and Open Banking regimes. As such, enterprise-grade cyber security services and a robust approach to identifying and managing cyber risk and compliance was critical from the outset. Partnering with third-party specialists who could provide this expertise from the beginning was vital. Risk advisory and penetration testing services SureCloud’s agile and flexible technology, as well as its broad expertise across cyber security and risk, made the company the perfect fit for advising Snoop as it builds its platform. SureCloud partnered with Snoop in autumn 2019 and provided a range of risk advisory services, beginning with a holistic assessment of the cyber risk posture of Snoop that resulted in a prioritised roadmap of risk-based mitigation. This was complemented by traditional penetration testing across all aspects of Snoop’s website and mobile app and supplemented by ongoing cyber security expertise. Strategic advisory and tactical testing This combination of strategic advisory and tactical testing ensured that Snoop developed a Platform that incorporated true security-by-design and ensured a secure and compliant application from the outset, with risks prioritised and mitigated in a logical way. In addition, SureCloud is also supporting Snoop to understand how it needs to develop its internal capabilities to support these activities as the business grows. “Building a start-up is different in almost every way from managing projects at an international organisation, and SureCloud understood that from the beginning,” said Jem Walters, Co-Founder & CTO at Snoop. Secure, robust and compliant app SureCloud’s services have helped us to build the most secure, robust and compliant app possible from day one" Jem adds, “SureCloud’s services have helped us to build the most secure, robust and compliant app possible from day one, and are also helping us to develop our internal capability in line with our ongoing needs. SureCloud is more than a third-party supplier for the company. It is an integral partner for our team. Their expertise, responsiveness and flexibility enable us to meet our business and delivery objectives in a timely and efficient manner.” Enterprise-grade security The Snoop app beta was launched in February 2020 and SureCloud supports Snoop with regular cyber risk advisory and penetration testing services to ensure enterprise-grade security and peace of mind as the business grows rapidly. “When processing users’ financial information, top-level security is absolutely critical,” said Walters, adding “SureCloud has not only ensured that we have built the most robust application from day one, its ongoing penetration testing and risk assurance means that we are generating ongoing intelligence as to our security status and risk profile. As you’d expect, we take security just as seriously as a bank, and SureCloud understands that perfectly.” Expert risk advisory and cyber risk assessment Walters further stated, “SureCloud has been great at understanding the journey we are on as a start-up. The team knew that we needed a really comprehensive cyber risk assessment, imagining multiple different future possibilities, but also that this would need to evolve and adapt as we built the platform. We have received expert advice from SureCloud throughout, both on our key cyber risks and how to best mitigate them.” Snoop and SureCloud’s cloud-based technology offers a platform with security, compliance at its heart" “In just a few months of being active, we have already processed over 12 million bank transactions and made over 10 million personalised recommendations, and this is before we’ve gone live to the general public,” said Walters, adding, “This is hugely exciting, but also an enormous challenge in terms of maintaining security and compliance as we start to scale rapidly. Both Snoop’s, and SureCloud’s cloud-based technology, means that we are building a platform with security and compliance at its heart.” Efficient strategic partnership “We are proud to be working with Snoop. The pedigree of the team is so strong and the app can make a really tangible difference to people’s lives,” said Ben Jepson, Vice President of Risk Advisory at SureCloud, adding “Working with a start-up brings very different challenges to working with an established business. You have to set out a comprehensive risk advisory roadmap, but also be ready for things to change very quickly. We’re very glad that our agile and adaptive philosophy has worked so well for Snoop.” SureCloud is a provider of cloud-based, integrated risk management products and cyber security services, which reinvent the way businesses and individuals, manage risk. SureCloud also offers a wide range of cyber security testing and assurance services.
The Government of Jersey has appointed SureCloud to manage its government-wide cyber security transformation programme, which aims to maintain the reputation of Jersey as a safe place to work and live. The new two-year deal forms part of the government’s Cyber Security Strategy, announced in 2017, to enhance its cyber resilience during its period of modernisation. Cyber Security Strategy The Government of Jersey provides key operational services to more than 106,000 citizens and 7,000 businesses in Jersey. All of its services, including tax, healthcare, waste management, social services and education, depend on the security and availability of IT and Operational Technology (OT) systems. The financial services and tourism industries also heavily rely on the availability and security of the government’s services. Cyber Security Programme Management Service SureCloud to deliver a Cyber Security Programme Management Service, includes establishing governance SureCloud will deliver a Cyber Security Programme Management Service which includes establishing governance and reporting processes for all elements of the government’s cyber security programme. This will involve providing risk and issue management, programme governance, information security processes as well as financial, quality and information management. It will also coordinate, lead and communicate business change across cyber security projects. This will be led by a dedicated Programme Director who will proactively manage the day-to-day management of the government’s cyber security programme and proactively monitor overall progress, as well as resolving any risks and issues that may arise. Cyber Security solutions “The Government of Jersey wants the island to remain a stable and attractive place to live and do business, in both the physical and digital world,” comments Ben Jepson, Vice President of Risk Advisory at SureCloud. “Cyber security is a prerequisite for this, which is why the government is investing in this cyber security programme. With our experience, knowledge and hands-on team, we are confident we can help them enhance their cyber security and move their transformation programme forwards.” The Cyber Security Programme Management Service, which launches on 3rd March, will be delivered in two 12-month tranches. The first is split into six distinct projects: Programme Management, Managed Security Service Provider (MSSP), Governance Improvement, Identity and Access Management, Asset Management and People Security. The second includes preparing for, and developing, procurement documentation for tranche two projects. Cyber Security expert Stuart Powell, CISO at Government of Jersey, concludes, “As we embark on a period of extensive change and modernisation, cyber security is a critical enabler for delivering government services to the citizens and businesses of Jersey. We were impressed with SureCloud’s offering for improving our cyber security capability in quality and scale as well as their Programme Director who we are looking forward to working with.”
SureCloud, the provider of cloud-based, integrated risk management solutions and cyber security services, has announced the launch of its new Risk Advisory practice. SureCloud Risk Advisory SureCloud Risk Advisory will deliver a range of integrated cyber, risk and advisory services, uniquely underpinned by its cloud-based platform. This means organisations will have a central point of access to a range of risk assessment, base lining, information assurance and governance services and associated management information, all delivered as-a-service in the cloud. This launch demonstrates SureCloud’s evolution to provide clear, holistic visibility of the entire risk and security posture. It is also as a response to organisations’ growing demands for real-time practical, flexible and pragmatic support through professional services automation. SureCloud’s Risk Advisory services will help align organisational needs with industry best practice Cyber security and risk expertise SureCloud’s Risk Advisory services will help align organisational needs with industry best practice, as well as helping to advise on how to prioritise the areas which are most crucial in achieving their business objectives. The new team offers a flexible approach to the consumption of cyber security and risk expertise, with SureCloud working as either an extension of the organisation’s security team or as an independent security expert. The new practice will be headed up by Ben Jepson with Craig Moores having responsibility for the delivery function and service development. Both recently joined SureCloud from global cyber security and risk mitigation specialist NCC Group, bringing many years of cyber and risk experience combined with a high level of commercial acumen. Enhancing enterprise security Richard Hibbert, SureCloud CEO, said “SureCloud Risk Advisory is our proactive response to the evolving enterprise risk landscape and customer demand for professional services delivered through supporting technology”. He adds, “With cyber security threats growing more sophisticated every day, and organisations increasingly – and rightly – demanding real-time, highly flexible and holistic support in assessing and responding to those threats, the time was right to leverage our existing platform and offer advisory services in a way that is easily digestible in the same way we do for our security testing clients today. The appointment of Ben and Craig to lead the new division brings impeccable leadership and consultancy experience into the mix. We’re all very excited to take SureCloud Risk Advisory forward.”
SureCloud, globally renowned provider of cloud-based, integrated risk management solutions and cyber security services, has further enhanced its senior management team with the twin appointments of Ben Jepson as Vice-President and Craig Moores as Practice Director, of SureCloud’s new Risk Advisory division. Jepson will have overall responsibility and Moores will be accountable for the delivery capability within the new practice. Both join from global cyber security specialist NCC Group and will bring their experience in international business development, cyber security and risk consultancy to establish and grow SureCloud’s new Risk Advisory practice. Uniquely, the practice will deliver its services through the award-winning SureCloud platform, enabling deeper relationships with clients as opposed to one-off project engagements. Risk-based cyber security services Risk-based cyber security services covers assessments, remediation services, and advisory-as-a service solutions Risk-based cyber security services covering assessments, remediation services, board-level advisory and advisory-as-a service solutions will form the core offerings, designed to help organisations manage their cyber security and risk to ensure it aligns with their business objectives. Previously Director of the Risk Management and Governance (RMG) division at global cyber security specialist NCC Group, Jepson brings 20 years of senior experience in corporate risk mitigation and cyber security, and an impressive track record in leading international teams and building world-leading, highly profitable professional services functions. Cyber security and information risk management expert Moores will ultimately be responsible for the delivery function and service portfolio within the new practice. He was part of the senior delivery team at NCC Group, responsible for leading and delivering complex cyber security solutions aligned to strategic business objectives, and brings broad cyber security experience including strong technical software development and project management. Moores has particular strengths in information risk management, PCI DSS, strategic planning and business auditing, and is also certified CISSP, Lead Auditor and PCI DSS QSA. Security and risk management Commenting on his appointment, Jepson said, “SureCloud is entering an exciting period of its development, which is precisely why I wanted to join. By bringing cyber and risk together in a holistic Risk Advisory practice, all uniquely underpinned by the SureCloud platform, we’re offering a genuinely comprehensive approach to risk management.” Moores added “Risk management is embedded in SureCloud’s culture, and it’s fantastic that I’ll be leading the delivery team in the Risk Advisory arm of the business to help build on its current strong position. I’m looking forward to advising organisations on how they can make informed, educated decisions to help mitigate risk so that they can unleash their full potential.” Cloud-based security platform The new Risk Advisory function within SureCloud really sets us apart in the market" Richard Hibbert, SureCloud CEO, said “The new Risk Advisory function within SureCloud really sets us apart in the market and is a direct response to customer demand for professional service automation. Our cloud-based platform has built a fantastic reputation for being agile, intuitive and dynamic, and by delivering Risk Advisory services in the same way, we offer organisations everything needed to assess and baseline their environments against industry best practice.” He adds, “Both Ben and Craig bring outstanding skills and experience to the table, with strong business acumen. They are experts in their field, and we are extremely confident that they’ll help us build on the success we’ve already achieved, and that they will be invaluable members of our team.” GRC software and risk advisory SureCloud is a provider of Gartner recognised GRC software and cyber & risk advisory services. Whether buying products or services, organisations benefit from automated workflows and insight from the award-winning SureCloud platform. All of SureCloud’s service offerings are fully compatible with the GRC suite of products, enabling a seamless integration of information.