Noetic Cyber announced that it has been selected by OVO Energy as a solution partner to help them achieve greater visibility and insights into their current cybersecurity posture. OVO is deploying the Noetic platform to gain better context and understanding of their cyber risk.
OVO Energy is the UK’s third largest energy supplier, and has adopted a cloud first approach, enabled by implementing a culture of technical autonomy, where teams at OVO select the cloud platforms and services best suited for their specific needs.
This means OVO’s security team needs an automated way to understand their cybersecurity landscape across a diverse range of cloud platforms, SaaS applications, on-premises systems and more. The team was keen to adopt a data model that supported different business units and product teams, allowing them to maintain their current agility, but ensuring that central visibility of security control coverage and configuration was available to secure the organization, and meet their regulatory requirements as part of the UK’s critical national infrastructure.
To achieve this new kind of visibility and asset intelligence, OVO selected Noetic as their partner. The Noetic platform works across OVO’s different cloud and on-premises systems, integrating with existing security and IT management tools to ingest security data, building a multi-dimensional map of all assets in the organization and the cyber relationships between them. This asset intelligence, visualized through an innovative graph database, enables the OVO team to identify security coverage gaps, cloud service misconfigurations and violations of security controls, all prioritized based on business criticality and potential impact.
The Noetic platform uses standardized APIs to integrate with OVO’s existing tooling for EDR, vulnerability management, device control, application security, network monitoring, cloud management and more to continuously discover, inventory and manage all assets in OVO’s environment.
Gartner describes this new approach to understanding cyber relationship between assets as ‘cyber asset attack surface management’ (CAASM) and they state that it’s value to security teams is ‘to improve basic security hygiene by ensuring security controls, security posture and asset exposure are understood and remediated across the environment’.
“OVO is known as an innovator in the UK energy market in its business model and approach to technology,” said Paul Ayers, CEO and co-founder at Noetic Cyber, “Our partnership with them showcases that innovation as we’re working together to address a fundamental cybersecurity challenge in finding and securing unknown and unprotected assets.”
Initial use cases for Noetic within OVO Energy include:
- Identifying and remediating security coverage gaps across common cloud and endpoint use cases.
- Providing critical insights into patching and vulnerability management by mapping business criticality, asset exposure and exploitability to the existing vulnerability process.
- Supporting the security operations team in incident investigation with more detailed information and context on affected assets
- Working with GRC to ensure that all parts of the OVO business are building and managing controls based on a shared understanding of security data.