Aug 7, 2020

Rapid7: NICER - diagnosing the internet’s security flaws

rapid7
NICER
Internet security
William Girling
3 min
Digital security
Released at the end of July 2020, Rapid7’s NICER report is one of the most ambitious pieces of internet security-related research ever conducted...

Released at the end of July 2020, Rapid7’s NICER report is one of the most ambitious pieces of internet security-related research ever conducted.

Focusing on three core topics - National, Industry and Cloud Exposure - the report has been intended by Rapid7 as a conversation starter on the current state of internet security. 

In a world which is currently in the grip of a significant digital transformation, in no small part accelerated by the COVID-19 pandemic which has forced companies all around the world to consider operational alternatives, the question of security could not be more relevant.

The ‘myth of the silver city’

First and foremost, the NICER report aims to dispel the false notion that internet security is ideal in its current state. Although most people’s daily interactions with the internet give no hint of the fragility underneath, Rapid7 is keen to quantify and demonstrate the reasons why this is not the case.

Everybody can afford to be more vigilant and proactive in bolstering their cyber defences, the report posits. After all, technology might have advanced exponentially in the last 50 years, yet the threats presented by phishing scams and exploiting legacy software on the edge remain.

NICER includes lists of countries and industries rated by their exposure to risk so that interested parties can compare their ‘risk neighbourhood’ with others and measure relative progress.

Perhaps most disconcertingly, the most at risk industries are revealed to include financial services, retail and pharma (i.e. vital services), with many FTSE 100, Fortune 500 and Nikkei Index entities suffering disproportionately. 

This highlights Rapid7’s argument that a constant re-evaluation and reassessment of legacy systems is necessary; particularly amongst older, established or ‘traditional’ companies, outdated infrastructures that seem to operate well could be the Achilles heel which leads to great financial loss or security breaches in the future.

Starting a conversation on security

Far from being a final, declaratory statement, Rapid7 has intended NICER to be the opening remarks to a much broader conversation on the subject.

Commonly used security protocols such as Telnet and SMB are analysed at great length and a balanced summary of each system’s strengths, weaknesses and applicable use cases is presented.

The ultimate conclusion is an ambiguous one: “Things aren't great, but not disastrously bad and relatively small changes in how we design, develop and deploy services will still have a great impact on the stability, safety and security of the internet as a whole.”

Rapid7 hopes that its work, the result of four years’ research, will generate heated debate within the tech industry on how best to address the fundamental issues around internet security. 

Whether the answer lies in developing new protocols, re-evaluating how programmers are trained or something yet unthought of, the company hopes that the report will spur a serious discussion on what we desire the future of the internet to be.

Download the full NICER report here

Stay tuned for our feature article on NICER with Rapid7’s Director of Research Tod Beardsley - scheduled to appear in the October edition of FinTech Magazine.

Share article

Jun 11, 2021

SLK Software: Optimising performance in the digital economy

SLKSoftware
AI
Automation
CNAInsurance
2 min
Recently featured in our profile of CNA Insurance, we take a closer look at how SLK Software is powering disruption in the digital era

Established in 2000 in Bengaluru, India, SLK Software recognises that fast-paced digital transformation is creating an unprecedentedly fertile period of opportunity for global businesses.

As such, with a firm belief in the power of simplification and automation to yield new and exciting experiences, the company has been challenging the status quo for over 20 years through an approach that is:

  • Relationship oriented
  • Strategically focused on a desired outcome
  • Reliant on automation tech

Believing in purposeful automation

SLK’s specialisation in automation tech is full spectrum: artificial intelligence (AI) and machine learning (ML), Computer Vision, Natural Language Processing (NLP), Robotic Process Automation (RPA), and more, are all part of its core competencies. 

Citing 90% productivity improvements, 30% business growth through better customer experiences, and up to 20x faster go-to-market capabilities, the reasons for its focus are clear.

The company currently serves the banking, financial services, insurance, retirement services, M&A, manufacturing, and supply chain sectors. Solutions offered include:

Accelerating workflow processes

In addition to these services, SLK offers three products/platforms: Avo Assist - RPA, Avo Assure - Test Automation, and Avo Discover - Process Discovery.

 

 

The latter is a tool specifically calibrated to enable business users an easy method for capturing document processes. This can occur across any application, with these individual tasks then seamlessly combined for both improved compliance and governance. 

Carol Castelloni, VP of Transformation at CNA Insurance, highlighted this as providing critical support in helping the company meet its business objectives:

“SLK’s Avo Discover tool accelerates how we can document workflow processes, measure impacts on enhancements, and identifies future automation opportunities.” Liberated from having to focus on these process-driven aspects of business, CNA Insurance has been able to refocus its attention on creative problem-solving instead.

Ultimately, this is the most important benefit that SLK brings: it optimises the back end so that clients can channel their energy towards what matters the most, customers.

Read more about SLK Software and CNA Insurance in the June 2021 edition of FinTech Magazine.

Pictured: SLK Software team (source)

Share article