ASX-listed cyber security exchange WhiteHawk has announced that it has been contracted by a US Federal Government CISO to implement WhiteHawk’s Cyber Risk Radar.
This will provide continuous monitoring, prioritisation, and near real-time mitigation of an enterprise’s teammates, vendors, or supply chain’s cyber risks over time, including the identification and prioritisation of a risk mitigation strategy.
US Federal Government and WhiteHawk’s deal details
WhiteHawk Cyber Risk Scorecards will be provided quarterly, virtually and remotely, for 150 to 300 vendors to this US Federal Government Chief Information Security Officer, via an integrated risk management dashboard.
The annual Software as a Service (SaaS) contract, will see WhiteHawk generate base revenues of $US580,000 and up to an additional $US600,000, with up to $US1.18m each year of the contract, with four additional option years at the same levels.
“After a successful Proof of Value, we are implementing our first 5-year Cyber Risk Radar contract with a U.S. Government CIO, who will work with us to take the capabilities of our platform and virtual services to the next level,” says CEO and founder Terry Roberts.
“This is about protecting a major US Government organisation from vendor risk. We are the prime contractor. A direct contract with us, not through another contractor,” she says.
WhiteHawk is the first global online cyber security exchange company enabling businesses of all sizes to take smart action against cybercrime with its platform. This is the first US Federal contract where WhiteHawk is the Prime Contractor.
On three other US Federal Department CIO Contracts, WhiteHawk is a Cyber Solution sub-contractor to Accenture Federal, SAIC and Guidehouse (formerly PWC Federal).
“Vendors are always a weak link in any organisation. You can have the best security ever but, of major cyber breaches, over a third are through vendors, contractors and providers.
“Reliance on vendors, suppliers and partners in this digital age means their risks are our risks. Previously, closing this back door involved primarily, compliance and self reporting.”
“WhiteHawk indulges in continuous risk monitoring of available datasets and AI-based analytics baked into our cyber risk score cards. WhiteHawk is the first global online cyber security exchange enabling businesses of all sizes to take smart action against cyber crime.”
What does the Cyber Risk Radar package include?
Cyber Risk Radar is an annual SaaS subscription service developed by WhiteHawk.
The platform offers quarterly services that include Cyber Risk Scorecards, Cyber Risk Portfolio Reports, and ongoing conversations with a professional cyber analyst for
- Risk research and discovery: Collect, analyse, and correlate publicly available data into actionable intelligence.
- Continuous monitoring and alerts: Understand an organizations security performance and be alerted to impactful changes.
- Focused analytics: Perform deep dives in the areas that need focus rather than the entire dataset.
- Ecosystem maps: Visualise the enterprise by understanding the supplier and vendor interconnections.
- Risk prioritization & mitigation: Prioritise mitigation and business actions based on levels for impact and performance.
- Integration into a centralised risk management dashboard: Continuous situational awareness, tracking, mitigation and management of the SCRM/VRM program.
- Portfolio assessments: Understand an organisation’s portfolio of all suppliers and vendors.
This contract is the result of a Proof of Value that was implemented early in 2019 across 10 vendors for the same US Government agency. WhiteHawk demonstrated through automation and subject matter expertise, the status and health of suppliers.
Global publicly available data sources, AI analytics, and custom Cyber Analytics assess and report on top risk indicators and vectors or areas that may require prioritised attention.
The Cyber Risk Radar approach is externally available data-based and non-invasive. WhiteHawk does not require access to internal assets and configurations to deliver its services.
