British Airways data breach throws WhiteHawk’s US Government contract into light

By Meagan Evans. Published at Sep 14, 2018, in Technology

Another week, another data breach. This time British Airways is the latest victim of a major cyberattack, with personal and financial details of 38,000 customers stolen from its website and mobile app.

The airline could be fined up to €1 billion under new European Commission regulations where data breach penalties can be levied up to 4% of the companies' turnover, plus there’s significant risk of damage to customer relations and brand reputation.

The attack is reported to be the result of supply chain risk and highlights just how important is it for organisations to have adequate cybersecurity.

The US Government is certainly aware of this.

It has recognised that key departments, including Department of Defense, Department of Homeland Security, the Intelligence Community, as well as Government Owned Utilities, are highly targeted and in great need of an effective, scalable cyber risk framework.

The US Government recently upped its focus on the systemic risks posed by IT and software supply chain vendors at Department of Defense and Department of Homeland Security specifically, and is taking proactive action to protect itself from cyber threats.

A contract with global online cyber security exchange provider, WhiteHawk Limited (ASX:WHK) and its 360 Cyber Risk Framework is currently being implemented across US Government supply chain companies.

This US Government implementation, specifically in relation to the departments mentioned, has a deep focus on supply chain risk analytics, which can prevent the type of breach recently suffered by British Airways.

The tailored version of the 360 Cyber Risk Framework provides BitSight cyber risk ratings, continuous monitoring, cyber risk alerts and WhiteHawk risk analytics, AI Risk Profile, and matching to vendor options in real-time to the US Government to provide continuous Insight across hundreds of vendors at once.

The contract is providing sensitive risk analytics and mitigation, providing much needed added protections to a breadth of office and mission functions.

The initial phase of the contract is due to commence immediately, followed by customer evaluation and planning for expansion. Due to the sensitive focus of this contract, the current scope and future expansion remains commercial in confidence.

It should be noted, however, that this is an early stage tech company and success is no guarantee. Investors should seek professional financial advice before making an investment.

A September 7 BBC article explains that breaches of the type suffered by British Airways, which are supply chain attacks, are an increasing problem for websites that embed code from third-party suppliers. Third parties may supply code to run payment authorisation, present ads or allow users to log into external services.

WhiteHawk’s 360 Risk Framework is designed to vet such software vendors and service providers in advance of a breach. WhiteHawk is promoting tailored versions of this Framework to US based financial institutions, commercial and federal manufacturers, US utilities and government.

It has a current pipeline of potential contracts at varying stages of negotiation to supply the 360 Cyber Risk Review and Mitigation automated approach. This has positioned the company to potentially close an additional four sales of the 360 Cyber Risk Framework in 2018 and first quarter 2019.

The latest customer channel focus is on the 3200+ power and water utilities across the United States, including regional power associations, regulators, and larger private utilities who are all searching for how to gain continuous insight into and to address their cyber related risks.

This process drives companies that are in a prime company’s supply chain to WhiteHawk's CyberSecurity Exchange, to mitigate key cyber risks in real-time. Some of the current pipeline companies have supply chains exceeding 5000 companies.

Supply chain company or vendor risk management programs are tend to be primarily focused on financial and product/service risk checks by a large staff of personnel and business processes. WhiteHawk saw an opportunity for an end-to-end approach that leverages best of breed open data sets and premier risk tradecraft, baked into AI driven algorithms and analytics displayed in an integrated dashboard.

This means that WhiteHawk's risk insights can be scaled across hundreds and even thousands of vendors and supply chain companies. Additionally, WhiteHawk’s Cybersecurity Exchanges’ ability has been integrated to mitigate all critical cyber related risks.

S3 Consortium Pty Ltd (CAR No.433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information only. Any advice is general advice only. Neither your personal objectives, financial situation nor needs have been taken into consideration. Accordingly you should consider how appropriate the advice (if any) is to those objectives, financial situation and needs, before acting on the advice.

Conflict of Interest Notice

S3 Consortium Pty Ltd does and seeks to do business with companies featured in its articles. As a result, investors should be aware that the Firm may have a conflict of interest that could affect the objectivity of this article. Investors should consider this article as only a single factor in making any investment decision. The publishers of this article also wish to disclose that they may hold this stock in their portfolios and that any decision to purchase this stock should be done so after the purchaser has made their own inquires as to the validity of any information in this article.

Publishers Notice

The information contained in this article is current at the finalised date. The information contained in this article is based on sources reasonably considered to be reliable by S3 Consortium Pty Ltd, and available in the public domain. No “insider information” is ever sourced, disclosed or used by S3 Consortium.