Securicom Expands Compliance and Cyber Resilience Services with CYRISMA
Founded in 2002 in Johannesburg, South Africa, Securicom is a leading Managed IT Security Services Provider (MSSP) with 20 years of industry experience. It offers a wide range of end-to-end cloud-based IT security services to businesses across three continents, with primary growth centers in South Africa and the US. Securicom’s expertise spans 15 countries, allowing the team to adapt to various industries and organizational structures.
The Problem
In early 2023, Securicom was in the market for a vulnerability scanning and assessment tool to replace Tenable. The in-house Tenable solution that they were using was no longer viable from a financial perspective. Of the multiple products they considered at the time, CYRISMA stood out because of the range of features it offered.
The Solution
CYRISMA was introduced to the Securicom team by Dries Morris, the Strategic Advisor and Co-Owner of the company, and it quickly became their preferred option. In their research, the team had evaluated solutions like the Qualys Cloud Platform, RiskSense, Orca Security and Rapid7, and they found that CYRISMA included more functionality and features than anything else they had trialed.
More than just a Vulnerability Scanner
While they were looking primarily for a vulnerability scanner at the time, the Securicom team liked that CYRISMA offered a much wider set of risk management features. Within its vulnerability component, CYRISMA could do internal authenticated and unauthenticated scans, external scans, and also web application scans – something that the other solutions provided only at an additional cost. Other platform features, such as compliance assessments, dark web monitoring, CIS Benchmarking, risk quantification and more, would enable Securicom to extend a range of related services to their clients. This would increase value for their SMB clients significantly without increasing costs.
“CYRISMA not only hit all of the right tick-boxes for us, it also included other features that allowed us to offer value-add services to clients at no additional charge.”
– Michael Morton, Chief Compliancy Officer, Securicom
CYRISMA as a Cyber Resilience Tool
CYRISMA is now a core component of Securicom’s Cyber Resilience package, designed to help clients cover all their bases with foundational security controls before moving on to the more advanced MDR services. It works especially well for smaller businesses who can meet a lot of their protective security needs with CYRISMA while keeping costs under control.
Driving Growth with Compliance Assessment Offerings
In the US and South Africa, CYRISMA’s compliance feature-set has been a significant growth driver for Securicom. It has been especially popular with smaller Healthcare organizations in the US that need to meet HIPAA compliance. In the South African market, Financial Services, Retail and Manufacturing sector organizations have benefited from PCI DSS compliance assessments and the other compliance frameworks CYRISMA covers. Financial services organizations, being heavily regulated, have been quick to adopt CYRISMA to take advantage of the compliance and risk reduction features.
“In the South African context, we are seeing a lot of engagement and success (with CYRISMA) in the Financial Services and Retail sectors, and to a smaller extent in the Manufacturing sector, all driven by compliance.”
– Douw Gerber, Business Development Manager, Securicom
Risk Scorecards and Presenting Risk in Monetary Terms
When introducing CYRISMA to clients, Securicom uses the platform’s Overall Risk Dashboard to demonstrate what a high-level risk report would look like. In addition to an overall risk grade, this covers specific performance metrics in four assessment areas – Data Sensitivity, Vulnerability Scanning, Secure Configuration and Compliance. It also displays risk in monetary terms (both USD and Rand) so C-level executives and business-focused leaders can see how cyber risk affects the business bottomline.
As CYRISMA adds more compliance frameworks to its GRC module, Securicom continues to see success with SMBs in the more regulated sectors like healthcare and financial services. Additionally, CYRISMA remains a significant part of Securicom clients’ cyber resilience programs, enabling them to put foundational security controls in place before they move on to more advanced detection and response capabilities.