Diligent teams with Cloudflare, Qualys to deliver cyber risk tool
Diligent has announced a partnership with Cloudflare and Qualys to provide a new cyber risk reporting solution designed for boards and both executive and security leaders.
The Cyber Risk Report, now available on the Diligent One Platform, integrates Cloudflare's real-time threat intelligence and Qualys' cyber risk surface insights with Diligent's cyber risk dashboard. The solution is intended to provide a holistic, real-time view of the most pressing cyber threats facing organisations and to support strategic decision-making among board members and executives.
Brian Stafford, President and Chief Executive Officer of Diligent, said: "In today's complex cyber landscape, boards and executives are demanding faster access to insights. The new Cyber Risk Report provides a holistic view of an organisation's risk posture, mitigating the chance of vulnerabilities to high impact threats. Combined with Diligent's AI-powered risk and governance solutions, this report arms CISOs with the tools for proactive risk management and strong cybersecurity governance."
Diligent's recent 2025 What Directors Think report revealed that while 61% of directors acknowledge the strategic risks from cyber threats, nearly 30% of boards still do not receive regular security updates. The report underscores the challenges that security teams face, including an overload of data, constant emergence of software vulnerabilities, and new risks associated with AI tools.
The new Cyber Risk Report aims to bridge this gap by merging internal controls data, third-party threat intelligence, and business context into a single, executive-focused resource. Its real-time integrations with Cloudflare and Qualys are designed to remove the need for manual reporting cycles and reliance on spreadsheets, streamlining processes such as control testing, evidence collection, and issue remediation through automation.
Grant Bourzikas, Chief Security Officer at Cloudflare, commented: "Severe repercussions of recent attacks, and new threats posed by emerging technologies have moved cyber to the forefront of business leaders' concerns. And while the reckoning that cyber is at the crux of enabling business has finally come, communicating risk clearly, in business terms, is still a major challenge for CISOs. The Cyber Risk Report - underpinned by Cloudflare's telemetry, based on our global network that's one of the largest in the world - will enable security leaders to pinpoint exact relevant issues, overlay them with comprehensive context and ultimately provide clarity to the board on the overall state of your organisation's resilience."
The development of the Cyber Risk Report included feedback from more than 50 chief information security officers and board members. The report offers features such as built-in trend analysis, peer comparisons, and intuitive dashboards, designed to help CISOs prioritise vulnerabilities according to their business impact and convey actionable recommendations to boards. The collaboration allows integration of technologies from both Cloudflare and Qualys into the Diligent One Platform and is intended to provide a basis for future cyber security solutions.
Rich Seiersen, Chief Risk Tech Officer of Qualys, said: "CISOs don't need more dashboards; they need a smarter, business-focused strategy. At Qualys, we help our customers be more effective at measuring, communicating and eliminating their cyber risk with the Risk Operations Center (ROC). Together with Diligent and Cloudflare, we're redefining how cyber risk is communicated to the board, translating technical data into the financial language of business - dollars and cents. At the same time, we're empowering CISOs with clear, actionable insights to manage their risk surface, drive down risk, boost efficiency and elevate security as a true business enabler."
The partnership is expected to address the ongoing challenges faced by security teams in translating technical cyber risk data into information that is meaningful for business and board-level decision-making.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
22-05-2025
- Techday NZ
Diligent strengthens ethics tools with Vault's AI compliance tech
Diligent has acquired Vault, an AI-powered ethics and compliance solution focused on misconduct reporting and investigation management. Diligent's acquisition brings Vault's AI-first technology, which includes localised compliance features, multilingual reporting channels, and support for adherence to global regulations, into its existing governance, risk and compliance (GRC) platform. Vault enables organisations to create and manage speak-up programmes, increase detection and response rates to risks, and strengthen employee and stakeholder trust through features such as mobile apps, web platforms, and AI-powered hotlines. Through this integration, Diligent expands its capacity to provide seamless and effective compliance tools, delivering employees a secure channel to report concerns while giving organisations the data insights necessary for managing investigations and driving ethical change. Amanda Carty, General Manager, Compliance at Diligent, said, "We're thrilled to welcome the Vault team and clients to Diligent. This acquisition reinforces our deep commitment to leveraging cutting-edge AI technology to enhance transparency, integrity and ethical practices in global companies. Now, we can ensure organisations are equipped with the proper tools to proactively comply with evolving laws like the EU Whistleblowing Directive and other regulatory frameworks worldwide, further reducing their risk exposure while building a stronger culture of integrity." The integration of Vault's technology is intended to allow organisations greater end-to-end visibility into misconduct trends, aiming to create compliance programmes that are more effective and defensible. Commenting on the acquisition, Neta Meidav, Founder and CEO of Vault, said, "We're incredibly excited to join Diligent. Vault has always been pushing the boundaries in ethics technology. Now, with Diligent, our innovative platform can reach a wider audience and truly change how organisations build ethical cultures and mitigate major risks. Our new combined offering will be unmatched in the market, and we look forward to transforming how ethics is handled across organisations." This acquisition follows Diligent's purchase of Spark Compliance, a global company specialising in ethics and compliance programme design, earlier in the year. Diligent's series of acquisitions, including Vault, reflects its strategy to supply GRC professionals with AI-enabled tools intended to clarify risk and improve governance. District Capital Partners acted as the financial advisor, and Willkie Farr & Gallagher LLP served as legal advisor to Diligent in the acquisition. Raz. Dlugin & Co. served as the legal advisor to Vault.
Techday NZ
22-05-2025
- Techday NZ
Report finds low ECH use but risks from malicious actors grow
Corrata has published a report examining the impact of the Encrypted Client Hello (ECH) privacy protocol on enterprise security and the adoption of the protocol by malicious actors. The Living With ECH Report analysed billions of connections made by enterprise employee mobile devices over a three-month period to assess the practical deployment and security implications of the latest privacy technology in internet communications. ECH, an extension to the most recent version of the Transport Layer Security (TLS 1.3) standard, encrypts information exchanged between devices and Content Delivery Networks, preventing network providers from being able to identify which websites users are trying to access. According to Corrata's findings, actual usage of ECH by enterprise mobile devices remains infrequent, with less than 0.01% of TLS connections employing the protocol. Nonetheless, more than 9% of the top one million domains are ECH-enabled, demonstrating some groundwork for future adoption. The report identified a notable risk associated with ECH adoption. Corrata's analysis revealed that 17% of ECH-enabled sites are classified as risky, indicating that malicious actors are already making use of the increased anonymity provided by the protocol. The risk is particularly acute for Chrome users who have encrypted DNS enabled. Corrata stated, "ECH could degrade, not improve, privacy: Banks and other regulated entities are often required to monitor the internet traffic going into and out of their organisation. To date, these enterprises have been able to selectively decrypt traffic without looking at sensitive data like employees' health records. But with ECH blocking their filtering, enterprises would have little choice but to decrypt all internet traffic for inspection, drastically degrading employees' privacy." The analysis highlighted the significant role played by Cloudflare in enabling ECH. Cloudflare is the only major Content Delivery Network supporting ECH, and almost all of the sites that have ECH enabled use its infrastructure. The report also noted that large website owners appear reluctant to adopt the protocol due to concerns that users may face blocks from security systems in enterprises or by public authorities. While internet service providers and enterprise security teams have reduced visibility under ECH, the protocol still allows CDNs like Cloudflare to access certain data. Malicious actors are leveraging this infrastructure to support phishing attacks, Corrata said. "Over 90% of phishing detections use Cloudflare infrastructure, according to Corrata's analysis. In addition to the anonymity provided by ECH, these sites take advantage of other Cloudflare features. For example, the "captcha" page can be used to direct desktop traffic to the legitimate site while mobile traffic is sent to the fake one. Alternatively, traffic not coming from the targeted country may be redirected to the legitimate site. These are deliberate tactics to avoid detection by security providers." The report also identified several barriers to widespread adoption of ECH. While 20% of devices are configured to use encrypted DNS and DNS resolvers that support ECH, the absence of support from browsers such as Safari and operating systems like Android hampers wider implementation. The adoption of ECH requires the participation of multiple industry stakeholders, each with different priorities. Matthieu Bentot, Chief Technology Officer of Corrata, commented on the current state of adoption. "The extremely low level of ECH adoption suggests that the security community's fears that enterprise internet traffic would go dark are not yet being realised. While the potential certainly exists for ECH to become a thorn in the side of defenders, the early signs are that this is the time to prepare rather than panic." The findings from the Living With ECH Report are based on Corrata's analysis of billions of connections made by devices running the company's mobile threat detection and response solution. The data reflects traffic from both iOS and Android devices, with Corrata tracking successful ECH connections between January and March 2025 by analysing DNS queries and TLS connection metadata.
Techday NZ
22-05-2025
- Techday NZ
Cloudflare, Microsoft & police disrupt global malware service
Cloudflare, in partnership with Microsoft and international law enforcement, has helped dismantle the infrastructure supporting LummaC2, an information-stealing malware service regarded as a significant threat to users and organisations worldwide. This collaborative effort targeted key elements of the Lumma Stealer operation, resulting in the seizure, takedown and blocking of malicious domains, as well as disruption to digital marketplaces used by criminals to distribute and monetise stolen data. Cloudflare also banned a number of accounts used in the deployment and configuration of these domains, aiming to weaken the underlying ecosystem relied on by cybercriminals. Lumma Stealer, also known as LummaC2, operates as a subscription-based service that enables threat actors to access a central administrative panel through which they can acquire customised malware builds and retrieve data stolen from victims. Stolen information includes credentials, cryptocurrency wallets, cookies and various forms of sensitive data, which can subsequently facilitate identity theft, financial fraud and intrusions into both consumer and enterprise environments. Blake Darché, Head of Cloudforce One at Cloudflare, said: "Lumma goes into your web browser and harvests every single piece of information on your computer that could be used to access either dollars or accounts – with the victim profile being everyone, anywhere at any time. The threat actors behind the malware target hundreds of victims daily, grabbing anything they can get their hands on. This disruption worked to fully setback their operations by days, taking down a significant number of domain names, and ultimately blocking their ability to make money by committing cybercrime. While this effort threw a sizable wrench into the largest global infostealers infrastructure, like any threat actor, those behind Lumma will shift tactics and reemerge to bring their campaign back online." First observed on Russian-language crime forums in early 2023, Lumma Stealer's operations have increasingly shifted to Telegram, where cybercriminals buy access and share data using cryptocurrency. Logs of stolen credentials, known as "logs", are indexed and made available through Lumma's own marketplace or resold via other criminal networks. The spread of Lumma Stealer is primarily achieved through social engineering campaigns. These include deceptive pop-ups — part of a method called ClickFix — which trick users into executing malicious scripts, as well as by bundling payloads in cracked versions of legitimate software and distributing them via pay-per-install networks. The malware's developers invest in bypassing detection from antivirus solutions, increasing the risk to affected users and organisations. Cloudflare's disruption operations involved placing a Turnstile-enabled interstitial warning page on domains associated with Lumma's command and control servers as well as its marketplace. In addition to impeding access, Cloudflare collaborated with leading industry partners, including Microsoft, multiple registry authorities, the FBI, the U.S. Department of Justice, Europol's European Cybercrime Center, and Japan's Cybercrime Control Center. This was intended to ensure that the criminals could not simply migrate their infrastructure or regain control via alternative registrars. The tactics used by Lumma's operators relied on abusing infrastructure belonging to providers like Cloudflare, often to obscure the origin IP addresses of servers used to store stolen data. Cloudflare's Trust and Safety team repeatedly suspended malicious accounts and flagged illicit domains, escalating countermeasures after the malware was observed bypassing its initial warning pages. Mitigation advice for users and organisations includes restricting the execution of unknown scripts, limiting the saving of passwords in browsers, and employing reputable endpoint protection tools capable of detecting credential theft. Regular software updates, DNS filtering and user education around the risks of malvertising and fake software installers are also highlighted as part of a comprehensive defence strategy. By disrupting Lumma Stealer's infrastructure and limiting access to its command and control services, the operation has imposed significant operational and financial constraints on both the core operators and the wider criminal clientele. The disruption aims to undermine the infostealer-as-a-service model that has contributed to increased instances of cyber-enabled fraud, enterprise security breaches, and ransomware incidents.
