As an official partner of global third-party cyber risk monitoring platform Black Kite, SLVA Cybersecurity is positioned to analyse and secure South African organisations’ cybersecurity posture.

SLVA Cybersecurity is both a value-added reseller and managed security service provider (MSSP) of Black Kite.

Security threats are nothing new in the digital age, but one danger companies need to be more aware of today is the growing security threat that is connected risk, or to put it another way, the impact of third-party breaches.

This is a significant consideration for organisations given that no fewer than one in four organisations suffered from a cyber attack in the last year that resulted in production, reputation and financial losses, notes Patrick Evans, CEO of SLVA Cybersecurity.

“SLVA Cybersecurity is pleased to officially partner with Black Kite, a company that is redefining vendor risk management with the world’s first global third-party cyber risk monitoring platform, built from a hacker’s perspective,” he says.

With vulnerabilities constantly emerging that are quickly exploited by cybercriminals, and a lack of due diligence in certain industries leading to breaches, it is clear that both the threats and the potential attack vectors will continue to evolve.

Considering how quickly both the attack surface and the threat environment are evolving, many chief information security officers (CISOs) find it challenging to keep track of their entire security posture, adds Evans.

“The real problem is that cybercriminals attack companies via third parties – essentially ‘island-hopping’ their way into target organisations. Black Kite’s solution is designed to help the CISO gain awareness of what is most relevant in the threat landscape, across their organisation, and crucially, potential third-party risks. The solution’s reporting mechanism gives concise and actionable insight into which areas an organisation is doing well in their cybersecurity approach, and which areas require immediate attention to protect what matters.

“Unsecured external-facing assets, such as databases and servers, pose a major risk to businesses. This risk increases significantly when it is a third party managing the data on behalf of a company, or even within a shared responsibility agreement,” he says.

It should also be noted that attacks do not discriminate between private and public sector entities – in fact, databases in the public sector are quite often out of date and remain unpatched, while typically also having a wide attack surface – leaving behind a weak defence strategy and therefore an easy target.

Evans explains that Black Kite is a non-intrusive intelligence-gathering platform that identifies critical vulnerabilities, pinpoints compliance gaps, quantifies cyber risk in financial terms, and can detect the likelihood of a ransomware attack with high-fidelity data.