CyNation is a ‘unique combination’ of regtech and cyber security, said Finn McClain, VP Sales and GM for Benelux in our interview. The company provides GRC and cyber security tools for large companies and SMEs.
Opening business in May 2015, CyNation is based in London and has a Benelux office in The Hague Security Delta. Set up with collaboration between the city of The Hague and TNO, a research organisation, The Hague Security Delta is the leading cyber security cluster in Europe.
What does CyNation do?
CyNation offers four products. For compliance automation, CyReg GDPR is a GDPR assessment and reporting tool for SMEs. There’s a free starter version and three paid levels. The tool provides reports on GDPR compliance status including gap analysis and action plans. The May 25 GDPR launch date means that the current focus is the GDPR compliance module. This product is a cloud based automated tool for GDPR compliance.
The CyReg GDPR product first establishes if the company is caught by the regulation. A rapid readiness assessment and then a gap assessment are conducted. The GDPR action plan is then complemented with ongoing compliance monitoring and management. Benefits of this product include:
- Actionable insight and recommendations
- Instant reporting
- Help and guidance along the way
Growing the ecosystem
CyNation wants to cooperate with other companies and learn from others. This is where Holland FinTech fits in with CyNation perfectly, said Finn. As well as finding new customers, CyNation really wants to cooperate with more companies and encourage partnerships.
In the financial services industry, one of CyNation’s customers is Addiko Bank. Based in Vienna, Addiko Bank uses Security Scorecard, a cyber supply chain risk management tool. CyNation is currently talking to several Dutch banks going through the process of proof of concept of the platform. In addition, CyNation works with a variety of companies with complex supply chains. These companies can benefit greatly from CyNation’s risk management and compliance tools to manage their supply chain risk.
Supply Chain Risk Management
The company also focuses on supply chain risk management with its product Security Scorecard. The GDPR imposes a requirement on companies to understand their supply chain risk. Companies must ensure their ‘data processors,’ members of the supply chain which handle customer data, are compliant and secure. This increases the load on smaller companies using smaller CRM platforms. Large CRM platforms such as Salesforce or Google have ensured compliance.
More than 70% of all cyber attacks occur through third parties. It is very important to be able to monitor on a continuous basis data security in the entire supply chain, says Finn McClain. CyNation is working with one of the largest Dutch multinationals based in Rotterdam for a proof of concept of their cyber risk management solution Security Scorecard. For data security and GDPR compliance in the supply chain it is important to know who are key suppliers, especially when some companies can have upwards of 10 000 suppliers. Data security and GDPR compliance go hand in hand.
Industry trends: the connected supply chain
Data security now must extend to a supplier’s suppliers. This means 4th and 5th level connections. Finn sees a trend where companies are requiring their suppliers to prove security and compliance down the supply chain. Companies are becoming more interconnected; in the supply chain and also digitally regarding data. With increasing value, data is more sought after and security needs to be stronger. As many have said, ‘Data is the new oil.’
Cloud technologies and platforms are making data more dispersed. Almost every company uses services such as Amazon Web Services, Google Cloud or Microsoft Azure. ‘Understanding your data and where it resides is extremely important,’ said Finn, ‘because you are your data.’
CyNation’s European march
CyNation has ambitious growth plans for 2018. Starting in the UK and now in Benelux, CyNation has its eye next on Germany, then Scandinavia and then the Southern European countries. The Benelux team is working with NIBC Bank for a March 26 event in The Hague that will discuss third party risk and data security compliance.
By Grace Appleford, Research Analyst for Holland FinTech.