Israeli Startup IDRRA Announces Platform for Vendor Risk Management
IsraelDefense
| 23/07/2018
bigstockphoto
Supply chain/vendor threats have become a central risk that organizations must mitigate. Protecting the organization itself, while important, does not address the risk that comes from third parties or their sub-contractors. An attacker that is looking for a way into an organization will enter through the weakest link that will bring the attacker to his/her desired targets within the organization. As part of risk management, the information security market is developing solutions along two lines – technical scanning and business process evaluation.
There have been many high-profile cybersecurity events in recent years, in organizations like Maersk, Lockheed Martin, Target, and others, that have happened due to compromises within an organization's supply chain. The potential for damage and developing regulations have brought about the need for every organization to understand and manage how its vendors handle business data and what processes they follow.
Israeli startup IDRRA has announced its complete solution for implementing the supply chain/vendor risk management methodology of the Israel National Cyber Directorate (INCD). The solution is partly based on a partnership with Normshield, an American company offering a technical scanning solution to evaluate suppliers/vendors. This is offered alongside IDRRA's solution for evaluating business processes within an organization in an automated manner.
IDRRA has developed an AI solution in the compliance and information security realms that facilitates the automation of processes that are currently manual processes. One of the company's solutions enables security risk management, data protection, and privacy for vendors of large organizations. IDRRA serves dozens of large customers in Israel and across the world and collaborates with a number of large players in the field.
"In recent months, IDRRA has been part of a professional working group within the INCD that has been building a methodology and future standard for Vendor Risk Management (VRM) for organizations in the market," said Kobi Freedman, founder and CEO of IDRRA. "As part of introducing this methodology, we allow any organization to register for our platform free of charge and begin managing their supply chain risk using this methodology – with the possibility of addressing specific needs of the organization, such that it can implement a VRM program with minimal time and monetary investment."
The methodology allows an organization to evaluate and certify the preparedness of its vendors and will be adopted by customers as part of their future communication with those vendors. The purpose of the INCD is to create a process that will improve the readiness and security of many organizations that up until now were unable to meet the standards required by their customers.
Additionally, IDRRA has announced its partnership with Normshield, a market leader that provides a solution for scanning the supply chain of several American government agencies. As part of its collaboration with IDRRA, Normshield will provide its unique Rapid Scorecard solution – a one-time scan that allows for report receipt within 60 seconds.
"Existing continuous scanning solutions in the market are an excellent offering, though too expensive to allow customers to scan the whole of their suppliers as often as they would like to. The joint solution offered by IDRRA and Normshield will address a significant gap found in the market today," added Freedman.
bigstockphoto
Supply chain/vendor threats have become a central risk that organizations must mitigate. Protecting the organization itself, while important, does not address the risk that comes from third parties or their sub-contractors. An attacker that is looking for a way into an organization will enter through the weakest link that will bring the attacker to his/her desired targets within the organization. As part of risk management, the information security market is developing solutions along two lines – technical scanning and business process evaluation.
There have been many high-profile cybersecurity events in recent years, in organizations like Maersk, Lockheed Martin, Target, and others, that have happened due to compromises within an organization's supply chain. The potential for damage and developing regulations have brought about the need for every organization to understand and manage how its vendors handle business data and what processes they follow.
Israeli startup IDRRA has announced its complete solution for implementing the supply chain/vendor risk management methodology of the Israel National Cyber Directorate (INCD). The solution is partly based on a partnership with Normshield, an American company offering a technical scanning solution to evaluate suppliers/vendors. This is offered alongside IDRRA's solution for evaluating business processes within an organization in an automated manner.
IDRRA has developed an AI solution in the compliance and information security realms that facilitates the automation of processes that are currently manual processes. One of the company's solutions enables security risk management, data protection, and privacy for vendors of large organizations. IDRRA serves dozens of large customers in Israel and across the world and collaborates with a number of large players in the field.
"In recent months, IDRRA has been part of a professional working group within the INCD that has been building a methodology and future standard for Vendor Risk Management (VRM) for organizations in the market," said Kobi Freedman, founder and CEO of IDRRA. "As part of introducing this methodology, we allow any organization to register for our platform free of charge and begin managing their supply chain risk using this methodology – with the possibility of addressing specific needs of the organization, such that it can implement a VRM program with minimal time and monetary investment."
The methodology allows an organization to evaluate and certify the preparedness of its vendors and will be adopted by customers as part of their future communication with those vendors. The purpose of the INCD is to create a process that will improve the readiness and security of many organizations that up until now were unable to meet the standards required by their customers.
Additionally, IDRRA has announced its partnership with Normshield, a market leader that provides a solution for scanning the supply chain of several American government agencies. As part of its collaboration with IDRRA, Normshield will provide its unique Rapid Scorecard solution – a one-time scan that allows for report receipt within 60 seconds.
"Existing continuous scanning solutions in the market are an excellent offering, though too expensive to allow customers to scan the whole of their suppliers as often as they would like to. The joint solution offered by IDRRA and Normshield will address a significant gap found in the market today," added Freedman.
