Insuranceciooutlook

Digital Defense, Inc. (DDI): A Premier Provider of Managed Security Risk Assessment

Larry Hurtado, President & CEO, Digital Defense, Inc.Larry Hurtado, President & CEO
According to ABI Research, the technology market intelligence expert, the Cyber Security Liability Insurance market will continue to grow to $10 billion by 2020. “As the market evolves, CIOs must know the security posture of the organizations in which they serve to effectively negotiate with cyber insurance brokers and fully leverage the products they offer,” begins Larry Hurtado, President and CEO, Digital Defense, Inc. (DDI).

“Protecting the sensitive data of an organization requires a CIO to stay abreast of the strategies and tactics used by the cyber enemies or hackers who threaten their organizations. CIOs must also be rigorous in their efforts to make sure the technologies, people, and processes that help run and protect their organizations are functioning properly and are at the ready to fend off cyber-attacks,” says Hurtado. This is where DDI comes in and supports CIOs with solutions that regularly assess the security postures of the strategic elements that encompass the businesses they represent.

Vulnerability management is a cornerstone element of every organization’s cyber defense program. To best serve CIOs, DDI delivers this essential capability through a unique Vulnerability Management as a Service (VMaaS™) model which encompasses leading edge patented technology and unparalleled support. “We measure the experience of our clients with the Net Promoter Score (NPS) which helps us to effectively respond to our clients’ concerns. Our current NPS is one of the best in the industry,” shares Hurtado.

DDI places great importance on the accuracy of vulnerability scan data. Whether serving as a guide for enterprise vulnerability remediation programs or as referential data leveraged by other security mechanisms in a security ecosystem, the accuracy of this data is of paramount importance. In a recent study DDI found many security assessment tools have difficulty keeping track of the security posture of the devices (e.g. workstations, servers, etc.) in an IT network over time.

The inability to keep track of the security posture of network devices leads to mistakes being made in an organization’s security risk management stemming from bad or “dirty data.”


CIOs must know the security posture of the organizations in which they serve to effectively negotiate with cyber insurance brokers and fully leverage the products they offer


The company believes CIOs are already having to “dance” around dirty data when presenting information to their boards. To further illustrate the significance of this problem, DDI created the “Dirty Data Dancing Tool.” This tool, accessible from DDI’s website, shows how much drift an organization can experience over time. The drift can only be minimized by using DDI’s vulnerability scanning solution or by employing impractical measures such as running authenticated scanning on all devices within an organization’s network.

In addition to exceptional support and accuracy of assessment results, DDI believes in helping CIOs utilize competition to achieve superior security risk reduction and potentially lower insurance premiums. “Today, there are many organizations taking advantage of DDI’s Frontline Business Group, a feature available in the company’s vulnerability management platform, Frontline Vulnerability Manager (FVM) that enables a client to configure FVM in such a way that it allows security vulnerability data to be managed on a line of business or geographic basis. Leveraging DDI’s Security GPA® scoring mechanism, clients can introduce gaming and competition within their Security and IT Operations functions,” points out Hurtado.

The company’s broad portfolio of Security Risk Assessment solutions helps evaluate both network and environmental security to improve the security awareness and stay compliant to various regulations and data security standards. “With our security awareness programs, we also educate people on key information security principles and increase the security IQ of our clients’ team,” says Hurtado. The company’s network and environmental assessments determine whether their clients’ security processes are producing the desired outcomes or not. Armed with greater clarity, CIOs can make informed decisions about the risk that they decide to accept, defer, mitigate or transfer.” Hurtado concludes, “Forging ahead, DDI plans to provide their clients with exceptional support and further automation of the end-to-end lifecycle management of vulnerabilities.”