WhiteHawk Limited (ASX: WHK) today announced it has kicked off five new cybersecurity proof of value (POV) engagements and contracts. The POVs are for a total of up to 100 vendors across three key sectors — the US government sector (a US agency and a department), the manufacturing sector, and two with the Defence Industrial Base (DIB).

WhiteHawk will provide continuous cyber risk monitoring and prioritisation for the remainder of 2020, plus two Cyber Risk Scorecards (one immediately and one at the end of the POV) for each vendor/supplier.

Through these POV Cyber Risk Radar engagements, WhiteHawk continues to demonstrate and validate the power, impact, scalability, and effectiveness of the Cyber Risk Radar annual SaaS subscription, across supply chains of any size.

This is a process that has proven successful in the past for the A$31.5 million capped company. WhiteHawk’s previous US Government Cyber Risk Radar POV, implemented early in 2019, resulted in a five year Software as a Service (SaaS) contract, as announced in July 2020. That contract is worth up to US$5.9 million (A$8.2M), or US$1.18 million (A$1.64M) per year over the five year term.

Terry Roberts, Executive Chair of WhiteHawk, commented on the new POVs, “Because we continuously vet innovative Cyber Risk companies and solutions, we know our Cyber Risk Radar is both comprehensive and cutting edge. Often the only way to effectively demonstrate this to a new client is through a low cost initial Proof of Value.

“Our experience has been, once a client experiences the full capability, they decide to implement it across a majority of their suppliers, vendors, teammates. The intent is that these POVs will lead to ongoing work with each of these organisations.”

Roberts is a 35-year veteran of the US national security and cyber intelligence community. She is a former deputy director of US Naval Intelligence, Department of Defence Senior Executive, and an Executive at the Carnegie Mellon Software Engineering Institute.

DoD’s Cybersecurity Maturity Model Certification

WhiteHawk has now dramatically expanded its ability to establish, automate, and disrupt how companies are managing their third party risk.

The company’s automated Cyber Risk Scorecards now include mapping to the new Cybersecurity Maturity Model Certification (CMMC). CMMC was kicked off this year by the US Office of the Secretary of Defence as the cyber resilience benchmark for all DIB contractors and suppliers and it is being phased into all DoD contracts over the next few years. There are reported to be approximately 330,000 subcontractors of the DoD industrial complex for which CMMC will apply to varying degrees

WhiteHawk’s Cyber Risk Scorecards enables the prime company to baseline and monitor the key cyber risks of their most critical suppliers and kick-off their third party CMMC management program.

US government contract extension

Today’s announcement builds on last week’s news that the company has been awarded a US$1.5 million (A$2.1M) contract extension with a US federal government department.

The contract extension, under an existing seven year cybersecurity contract, represents a 375% increase on the US$400K awarded to WHK under the contract in 2020. It’s also worth more than WhiteHawk's entire revenue for the last full financial year.

The award of this second year sub-contract is a huge validation of WHK’s cybersecurity tech and capabilities, and the fact that the contract value has increased substantially only reinforces that view.

For more on WhiteHawk, Wise-Owl this week published a research report that can be found here.