Prevalent-News-Logo

Supports Rapid Growth in Vendor Risk Management Market

WARREN, NJ (February 1, 2017) – Prevalent, Inc., the leader in Third-Party Risk Management and Vendor Threat Intelligence, today announced the appointment of Brian Zeman as the Company’s new Chief Operating Officer (COO).

“The increasing proliferation of third party data breaches has fueled the demand for Prevalent’s products and more than tripled the size of the company in 2016,” said Jonathan Dambrot, Prevalent CEO and Co-Founder. “With over 20 years of broad operating experience across Sales, Marketing and Services, Brian provides Prevalent with the crucial expertise needed to successfully manage our growth and scale our business.”

(more…)

Prevalent-News-Logo

First Universal Third-Party Risk Management Evidence Sharing Portal

WARREN, NJ (January 25, 2017) – Prevalent, Inc., the leader in Third-Party Risk Management and Vendor Threat Intelligence, today announced the first global vendor evidence sharing portal, the Synapse Exchange™. As the security industry’s first unified, cross-sector third-party risk management platform, Synapse Exchange automates and speeds the exchange of the full array of data that’s critical to reducing cyberattack risks associated with third- and fourth-party vendors, while sharply reducing costs and complexities for enterprises, vendors and supply chain partners. Exchange leverages Prevalent’s next-generation third party risk management platform, Synapse, which includes evidence collection and remediation workflows, risk scoring, reporting, and myriad other features developed over years of exclusive third party risk management focus.

(more…)

Prevalent-Blog-Logo

An Ode to Narcotics

I admit, the title of this blog was written to grab your attention.  But it was also legitimately inspired by recent personal events.  About a month ago, my daughter underwent shoulder surgery, and given her multiple shoulder injuries over the years, it was an extensive procedure that involved bone graphs and several medical terms I don’t understand and can’t pronounce (or spell).  We brought her home with a collection of Schedule II narcotics that would make the members of Aerosmith (circa 1978) salivate.

(more…)

Prevalent-News-Logo

Official Healthcare Information Sharing and Analysis Center to Leverage Prevalent Vendor Network Experience for Third-Party Risk Management

WARREN, NJ (December 8, 2016) – Prevalent, Inc., the leader in Third-Party Risk Management and Vendor Threat Intelligence and Churchill & Harriman, the recognized leader in enterprise risk management and third-party risk assessments, today jointly announced that NH-ISAC has chosen the purpose-built Prevalent Synapse™ platform and Churchill & Harriman’s risk assessment services for the third-party risk management element of its mission to protect the nation’s critical healthcare infrastructure from physical and cyber threats.

“Third-party risk is a valid concern for any organization in the healthcare ecosystem.”, said Denise Anderson, NH-ISAC President. “We are excited to be working with Prevalent and Churchill and Harriman to leverage the NH-ISAC community and offer risk assessment services via CYBERFIT that are both efficient and affordable.”

(more…)

Prevalent-Blog-Logo

When most of us think of our vendors handling sensitive information, we tend to gravitate toward the obvious: the payroll processing company, our contracts law firm, our accounting firm with our financial data, or the patent law firm with all our intellectual property. Frankly, the company that builds and maintains the company website isn’t typically top of mind.

Ask the Australian Red Cross if they agree.

(more…)

Prevalent-Blog-Logo

In a way, the Sony breach was really good for the cyber security community.  A watershed moment in the industry’s history, it began a transformation from infosec as a compliance requirement – a nuisance – to a legitimate enterprise need, right up there with sales and product development (well, not exactly, but you get the idea).  It prompted increased investment in infosec technologies (e.g. SIEM), and accelerated the development of new ones (e.g. UBA).

But, I’m afraid, it was not so good for the third party risk community.

“But Jeff.  That’s silly.  After Sony – and on the heels of Target especially – regulatory organizations and companies alike began to appreciate the importance of their vendors’ information security.”

My point exactly.

(more…)

Prevalent-Blog-Logo

It’s a foundational principle of all football offensive coordinators:  if something is working, keep running it until the defense proves they can stop it.  Your top wide receiver is consistently beating the opponent’s rookie cornerback?  Keep throwing to him.  Your offensive line is opening holes that result in 7 yards a carry every play?  Keep running the football.  Unfortunately, cyber criminals have learned the same lesson.

A recent report from the Anti Phishing Working Group (APWG) noted a 61% quarter-over-quarter increase in phishing attacks from the first quarter to the second in 2016.  The number of attacks from January through March was 289,371, while the number grew to 466,065 in the following three months.

Why?

Because if you spot a weakness in your opponent, keep exploiting it until they show they can stop it.  Phishing is all the rage among the bad guys… because it works.

(more…)

Prevalent-Blog-Logo

A quick quiz. What’s higher? 1) The percentage of Americans that correctly understand that the Earth revolves around the Sun, or 2) the percentage of organizations that admitted a phishing attack had penetrated their defenses in 2015. The winner? #2, by a comfortable margin.

In 2012, the National Science Foundation surveyed 2,200 Americans and asked them: “Does the Earth go around the Sun, or does the Sun go around the Earth?” 74% got it right.[1] {Insert your own American educational system joke here.}

In the spring of 2016, a Cloudmark-sponsored study surveyed 300 companies, all with more than 1,000 employees, and 84% admitted that a spear phishing attack had penetrated their security defenses in the last year.[2]

(more…)

Prevalent-News-Logo

The Industry’s First Behind-the-Firewall Insight

Warren, New Jersey – September 15, 2016 – Prevalent, Inc., the leader in Third-Party Risk Management and Vendor Threat Intelligence, today announced the availability of its proprietary VendorThreatIQ™ product, which introduces 2 new industry risk scores – Threat Investment Quotient (TIQ) and Potential Threat Impact (PTI) – that are now included in Prevalent’s Vendor Threat Monitor (VTM) product.

“The cyber security world has changed dramatically in the past few years,” offered Norman Menz, Prevalent CTO and Co-Founder. “The ability of a vendor to prevent an attack is nearly irrelevant when considering their security posture.  Rapid detection and isolation of an attack is imperative, as external penetration of defenses by today’s sophisticated threats is almost a foregone conclusion.”

(more…)

Prevalent-Blog-Logo

The wheel. Fire. Antibiotics. Indoor Plumbing. HBO Go. That’s how I’d rank history’s greatest inventions nowadays given my addiction – shared with my wife – to Game of Thrones. We’re working our way rapidly though the entire series, and the dialogue in a Season 4 episode caught my attention recently. In a conversation with his “adopted” niece, Davos Seaworth was asked if he was a pirate in his younger days. He replied that he’d not been a pirate, but rather a smuggler. When asked by the girl what the difference was, he replied, “Well, if you’re a smuggler, and you’re well-known, you’re not doing it right.”

(more…)