Home / News & Analysis / RiskRecon’s security assessment services for third party vendors raises $25 million

RiskRecon’s security assessment services for third party vendors raises $25 million

In June of this year, Chinese hackers managed to install software into the networks of a contractor for the U.S. Navy and steal information on a roughly $300 million top secret submarine program.

Two years ago, hackers infiltrated the networks of a vendor servicing the Australian military and made off with files containing a trove of information on Australian and U.S. military hardware and plans. That hacker stole roughly 30 gigabytes of data, including information on the nearly half-a-trillion dollar F-35 Joint Strike Fighter program.

Third party vendors, contractors, and suppliers to big companies have long been the targets for cyber thieves looking for access to sensitive data, and the reason is simple. Companies don’t know how secure their suppliers really are and can’t take the time to find out.

“The Department of Defense can have the best cybersecurity on the planet, but when that moves off to a subcontractor how can the DOD know how the subcontractor is going to protect that data?” says Kelly White, the chief executive of RiskRecon, a new firm that provides audits of vendors’ security profile.

The problem is one that the Salt Lake City-based executive knew well. White was a former security executive for Zion Bank Corporation after spending years in the cyber security industry with Ernst & Young and TrueSecure — a Washington DC-based security vendor.

When White began work with Zion, around 2% of the company’s services were hosted by third parties, less than five years later and that number had climbed to over 50%. When White identified the problem in 2010, he immediately began developing a solution on his own time. RiskRecon’s chief executive estimates he spent 3,000 hours developing the service between 2010 and 2015, when he finally launched the business with seed capital from General Catalyst .

And White says the tools that companies use to ensure that those vendors have adequate security measures in place basically boiled down to an emailed check list that the vendors would fill out themselves.

That’s why White built the RiskRecon service, which has just raised $25 million in a new round of funding led by Accel Partners with participation from Dell Technologies Capital, General Catalyst, and F-Prime Capital, Fidelity Investments venture capital affiliate.

The company’s software looks at what White calls the “internet surface” of a vendor and maps the different ways in which that surface can be compromised. “We don’t require any insider information to get started,” says White. “The point of finding systems is to understand how well an organization is managing their risk.”

White says that the software does more than identify the weak points in a vendor’s security profile, it also tries to get a view into the type of information that could be exposed at different points on an network,

According to White, the company has over 50 customers among the Fortune 500 who are already using his company’s services across industries like financial services, oil and gas and manufacturing.

The money from RiskRecon’s new round will be used to boost sales and marketing efforts as the company looks to expand into Europe, Asia and further into North America.

“Where there’s not transparency there’s often poor performance,” says White. “Ccybersecurity has gone a long time without true transparency. You can’t have strong accountability without strong transparency.”

Check Also

Facebook cracks down on opioid dealers after years of neglect

Facebook’s role in the opioid crisis could become another scandal following yesterday’s release of harrowing new statistics from the Center for Disease Control. It estimated there were nearly 30,000 synthetic opioid overdose deaths in the US in 2017, up from roughly 20,000 the year before. When recreational drugs like Xanax and OxyContin are adulterated with the more powerful synthetic opioid Fentanyl, the misdosage can prove fatal. Xanax, OxyContin, and other pain killers are often bought online, with dealers promoting themselves on social media including Facebook. Hours after the new stats were reported by the New York Times and others, a source spotted that Facebook’s internal search engine stopped returning posts, Pages, and Groups for searches of “OxyContin”, “Xanax”, “Fentanyl”, and other opioids, as well as other drugs like “LSD”. Only videos, often news reports deploring opiate abuse, and user profiles whose names match the searches are now returned. This makes it significantly harder for potential buyers or addicts to connect with dealers through Facebook. However, some dealers have taken to putting drug titles into their Facebook profile names, allowing accounts like “Fentanyl Kingpin Kilo” to continue showing up in search results. It’s not exactly clear when the search changes occurred. On some search result pages for queries like “Buy Xanax”, Facebook is now showing a “Can we help?” box that says “If you or someone you know struggles with opioid misuse, we would like to help you find ways to get free and confidential treatment referrals, as well as information about substance use, prevention and recovery.” A “Get support” button opens the site of The Substance Abuse and Mental Health Services Administration, a branch of the US department of health and human services that provides addiction resources. Facebook had promised back in June that this feature was coming. Facebook search results for many drug names now only surface people and video news reports, and no longer show posts, Pages, or Groups which often offered access to dealers When asked, Facebook confirmed that it’s recently made it harder to find content that facilitates the sale of opioids on the social network. Facebook tells me it’s constantly updating its approach to thwart bad actors who look for new ways to bypass its safeguards. The company confirms it’s now removing content violating its drug policies, it’s blocked hundreds of terms associated with drug sales from showing results other than links to news about drug abuse awareness. It’s also removed thousands of terms from being suggested as searches in its typeahead. Prior to recent changes, buyers could easily search for drugs and find posts from dealers with phone numbers to contact Regarding the “Can we help?” box, Facebook tells me this resource will be available on Instagram in the coming weeks, and it provided this statement: “We recently launched the “Get Help Feature” in our Facebook search function that directs people looking for help or attempting to purchase illegal substances to the SAMHSA national helpline. When people search for help with opioid misuse or attempt to buy opioids, they will be prompted with content at the top of the search results page that will ask them if they would like help finding free and confidential treatment referrals. This will then direct them to the SAMHSA National Helpline. We’ve partnered with the Substance Abuse & Mental Health Services Administration to identify these search terms and will continue to review and update to ensure we are showing this information at the most relevant times.” Facebook’s new drug abuse resource feature The new actions follow Facebook shutting down some hashtags like “#Fentanyl” on Instagram back in April that could let buyers connect with dealers. That only came after activists like Glassbreakers’ Eileen Carey aggressively criticized the company demanding change. In some cases, when users would report Facebook Groups or Pages’ posts as violating its policy prohibiting the sale of regulated goods like drugs, the posts would be removed but Facebook would leave up the Pages. This mirrors some of the problems it’s had with Infowars around determining the threshold of posts inciting violence or harassing other users necessary to trigger a Page or profile suspension or deletion. Facebook in some cases deleted posts selling drugs but not the Pages or Groups carrying them Before all these changes, users could find tons of vendors illegally selling opioids through posts, photos, and Pages on Facebook and Instagram. Facebook also introduced a new ads policy last week requiring addiction treatment centers that want to market to potential patients be certified first to ensure they’re not actually dealers preying on addicts. Much of the recent criticism facing Facebook has focused on it failing to prevent election interference, privacy scandals, and the spread of fake news, plus how hours of browsing its feeds can impact well-being. But its negligence regarding illegal opioid sales has likely contributed to some of the 72,000 drug overdose deaths in America last year. It serves as another example of how Facebook’s fixation on the positive benefits of social networking blinded it to the harsh realities of how its service can be misused. Last year, Facebook CEO Mark Zuckerberg said that learning of the depths of the opioid crisis was the “biggest surprise” from his listening tour visiting states across the U.S, and that it was “really saddening to see.” The fact that he called this a “surprise” when some of the drugs causing the crisis were changing hands via his website is something Facebook hasn’t fully atoned for, nor done enough to stop. The new changes should be the start of a long road to recovery for Facebook itself.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.