NEO

Cyber Solution

Preventing cyber attacks – that is the mission of NEO. With NEO, we have developed a tool that takes protection against cyber crime to a higher level. This improvement results from NEO’s exclusive global access to technology that was previously available to selected government and regulatory users only.

More about NEO

External Attack Surface Management

EASM

Internet-based services are based on an ecosystem of third-party services and infrastructures. These, in turn, build on even more third-party infrastructures. For example, a single page in a web application can rely on content and code from hundreds of different third-party sources, such as user trackers, ads, fonts, and many others.
Some of these sources and services are under your control directly – but most are not. So third-party assets and sources are indirectly connected to your company’s websites, software applications, and core IT network, known as “Shadow IT.” The company’s internal IT department typically has no control over this third-party content. At the same time, the enterprise – especially the management – is responsible for the security of the entire ecosystem.
Even with an ideal internal IT security, a security breach anywhere in Shadow IT can lead to a threat to your services and ultimately to your users, customers and business. Gartner refers to this highly exposed ecosystem as the “external attack surface” and has recently recommended the adoption of an External Attack Surface Management (EASM) approach. NEO Cyber Solution identifies your organization’s entire Shadow IT and uncovers potential vulnerabilities in order to close them – while collaborating with the third party, if necessary.

%

of attacks leveraged vulnerabilities

Scan-and-exploit was #1 initial attack vector, surpassing phishing, the top attack vector in 2019.

IBM X-Force Threat Intelligence Index 2021

Cyber risks

Cyber Risks are no longer a marginal topic

Ongoing digitalization means that almost all companies have digitalized their administration, production and sales to the maximum extent possible or will do so in the near future.

These conversions have not only taken place in companies. Criminals have also found new fields of activity in the environment of digitalization – with drastic consequences for the companies as well as their management boards.
Delegating cyber security to the internal IT department has not been enough for a long time now. It is a task of the absolute top management to set up a company in such a way that data theft, a business interruption or blackmailing due to cyber crime cannot take place. While a few years ago cyber attacks were more directed against large global players, today they also take place almost 24/7 against medium-sized and even smaller companies.
Cyber criminals who penetrate IT systems, steal data or paralyze production processes are now highly professional in their organization. Their criminal business is so lucrative that they can afford methods and working equipment that were once reserved for government operators.
Over the years, a race has developed between cyber criminals and IT security specialists that can only be countered with the highest level of attention and care. The good news is that solutions exist that cannot completely prevent a (successful) attack, but can significantly reduce its likelihood of occurrence and impact.

NEO

Fields of operation

NEO can be used wherever a high degree of digitization has been achieved. In 2021, this affects almost every company. Consistently, NEO can be successfully applied in all industries and scales.
It does not matter whether the company implements NEO directly or whether NEO is integrated via business associations or cyber insurance, for example. All cases have in common that NEO noticeably reduces the risk of becoming a victim of cybercrime. This benefits either the company directly or, for example, the entire risk community of policyholders, insurer and reinsurer.
In the public sector, NEO ensures that critical infrastructures such as airports, hospitals, water and energy suppliers receive the best possible protection against cybercrime so that they can fulfill their important tasks at all times.

Fields of operation

Insurer
Re-Insurer
Broker / Consultants
Associations
Companies
Public Sector

Goals

Avoidance of
business interruption

For companies, business interruption is one of the greatest risks. In addition to enormous additional costs, relationships with customers and suppliers can be permanently damaged. Therefore, the top priority for any company management must be to maintain the use and revenue from its own business.

This goal has always applied against the backdrop of long-known dangers, e.g., from property damage, but more recently also to damage caused by cybercrime. It makes no difference whether customer management systems are hijacked, sensitive development data is stolen or digitally controlled production is brought to a standstill. In all cases, the company cannot maintain its scheduled operations.

The length of time and cost to resume regular business operations can be enormous. The consequences, such as loss of customers, suppliers or reputation, have an existential impact. Even an insurance solution aimed purely at compensating for losses does not provide conclusive help here. Therefore, the primary goal must remain to prevent business interruptions and their consequences.