ThreatConnect Acquires Cyber Risk Quantification Pioneer Nehemiah Security
Creates the world’s only cybersecurity platform aligning the
entire security lifecycle to the goal of reducing risk.
Combination of Cyber Risk Quantification, Intelligence,
Orchestration, Automation and Response continually
informs and improves security operations and risk management.
ThreatConnect Inc.®, the leader in reducing complexity
and enabling better decision making in cybersecurity, today
announces the acquisition of Nehemiah Security, Inc,
(“Nehemiah”) a pioneer in the rapidly growing Cyber Risk
Quantification (CRQ) space. On August 18, 2020,
ThreatConnect through its purchaser entity, NS Holdings
LLC, acquired substantially all of the assets and assumed
selected liabilities of Nehemiah. The acquisition adds Cyber
Risk Quantification to ThreatConnect’s existing Threat
Intelligence Platform (TIP) and Security Orchestration,
Automation and Response (SOAR) capabilities, creating the
world’s only cybersecurity platform aligning the entire
security lifecycle to the goal of reducing risk.
ThreatConnect Risk Quantifier (RQ – formerly Nehemiah
Risk Quantifier) enables the identification of the risks that
matter most to the organization by quantifying them based
on potential financial or operational impact, unifying
security and the business to a common goal. This
quantification relies on generally accepted risk models such
as the popular Factor Analysis of Information Risk (FAIR)
model, among others. It is also established in part by, and
continuously informed by, threat intelligence, vulnerability
management, operations and response data found within
ThreatConnect and other integrations. Using this risk-led
approach to cybersecurity makes prioritization easy for
security teams, enabling them to filter out noise and focus
on what matters most. With CRQ, TIP and SOAR
capabilities combined, ThreatConnect unifies the actions of
the security team around the most critical risks, supports
their response with streamlined and automated workflows
and strengthens the entire security ecosystem through
powerful technology integrations.
With the acquisition, ThreatConnect further delivers on its
mission of revolutionizing the way organizations protect
themselves by turning intelligence into action. Adding CRQ
to the ThreatConnect Platform creates the most powerful
decision and operational support system in cybersecurity.
For security executives, their teams and the stakeholders
they support across the organization, ThreatConnect
becomes a single source to support their mission of
identifying and efficiently mitigating cyber risk.
“For a decade now, we’ve been focused on making the job
of security easier, to be the place where security comes to
be effective,” said Adam Vincent, Chief Executive Officer at
ThreatConnect. “We began our journey focused on making
threat intelligence actionable with our TIP solution,
providing a platform to collect, enrich and prioritize
intelligence. We evolved our capabilities to deliver an
award winning SOAR platform to market, helping
orchestrate and automate security actions with an
intelligence-led approach. But we never lost sight of the
belief we articulated in 2015 that risk mitigation should
drive all action in security. We’ve watched with interest as
the cyber risk quantification movement has taken off,
keeping an eye on evolving approaches and listening to the
experiences of our clients. The decision to acquire
Nehemiah was an easy one as they are ahead of the market
in terms of their ability to automate cyber risk
quantification. They help overcome much of the pain felt by
early CRQ adopters where manual data collection and
lengthy professional services engagements are the norm.
Their vision to harness the power of the security ecosystem
by integrating technologies and ingesting data fits perfectly
with our vision for reducing complexity. With this
acquisition, we believe ThreatConnect stands alone in
cybersecurity as the only partner that can deliver a true
decision and operational support platform for cyber risk
management.”
Nehemiah’s approach to CRQ has won the confidence of
some of the largest organizations in the world and
recognition by leading industry analyst firm, Gartner. In
May of this year, Gartner named Nehemiah Security to its
list of “Cool Vendors” in the area of Integrated Risk
Management. In 2018 Gartner recognized the growing
trend towards Cyber Risk Quantification and helped fuel
interest by adding it to its list of core pillars required for
effective Integrated Risk Management.
“ThreatConnect has a vision for security that encompasses
the most critical elements – risk, threat and response,” said
DJ Goldsworthy, Director of Security Operations and Threat
Management at Aflac. “This acquisition strengthens their
offering and increases alignment to our core strategic
objectives with one platform to assess our risk and
automate and orchestrate our response to it.”
“Organizations are seeking to quantify their cyber risk in
order to better align security to the business, drive
remediation and response activities, support investment
decisions and demonstrate return on security investment,”
said Wade Baker, Partner at Cyentia Institute and Member
of the Board of Advisors at the FAIR Institute. “The
movement behind CRQ has grown rapidly, as evidenced by
the thousands that are now FAIR Institute members. But
the pain among early adopters is pronounced and loudly
vocalized. Current approaches require too much manual
data collection, too much training and professional services
support, too much time to realize outputs which means that
assessments are often old before the ink dries.
ThreatConnect is in a tremendous position to help
overcome that pain given the breadth of their Platform,
their knowledge on technology integration and the
foundation built by Nehemiah. I, for one, am very excited
about the prospect of a stronger connection between the
cyber threat and risk management spheres.”