Richard Hibbert

Integrated risk management and cybersecurity provider, SureCloud, has recently secured a multi-million venture debt facility from growth lending specialists, BOOST&Co. News of the funding comes just as SureCloud moves on its plans for growth in the UK, as well as its plans for expansion into the US. The funding from BOOST&Co, a fast-growing alternative lender that invests in high-growth SMEs, also acts as a vote of confidence in the new direction SureCloud is forging which is expected to change the industry landscape significantly. Cloud-Based solutions SureCloud has been operating for more than 15 years, supporting the governance, risk, and compliance (‘GRC’) market and cyber and risk advisory services of major corporate firms. The company operates across multiple sectors, including banking, manufacturing, and government, implementing flexible, cloud-based solutions that focus on user experience, data aggregation, and artificial intelligence that helps clients de-mystify risk, compliance, and cybersecurity. Now, with the support of the funding from BOOST&Co, SureCloud is seeking to build on its recent success and plot a new path forward that will shape the industry in 2021 and beyond. Certified cybersecurity capabilities SureCloud has already demonstrated 40% growth per year for the last five years" “SureCloud has already demonstrated 40% growth per year for the last five years, but as the firm has begun to scale, it has had to invest heavily in its own growth,” says Ryan Sorby, principal at BOOST&Co and head of the lender’s Manchester office. “The team is expecting to double the size of its US operations during the next couple of years, as well as scale its UK client base, but they need growth funds to support this and our investment provides exactly that.” SureCloud has also been recognized in three of Gartner’s Magic Quadrants and identified as a challenger within the consulting firm’s 2020 IT Risk Management and IT Vendor Risk Management quadrant reports. This accolade, alongside CREST-certified cybersecurity capabilities and ISO-compliant solutions, demonstrates the caliber of the business, as well as the growth trajectory that BOOST&Co is confident to support. Risk management landscape “In SureCloud we recognize a robust business with an exceptional offering, demonstrating significant growth metrics,” Sorby continues. “The firm is operating in an attractive sector, with an impressive customer list, so we’re excited to be a part of its journey.” SureCloud CEO, Richard Hibbert, said of the investment: “We’re thrilled that BOOST&Co are with us on this journey. We’re confident that SureCloud will have a game-changing impact on the cybersecurity, compliance, and risk management landscape in the coming years, and this funding will help support our exciting plans for growth and expansion. It’s always been our goal to not just serve clients, but innovate and develop on their behalf, shaping the GRC industry as we go, and this investment will help us continue to do just that.”

SureCloud, the provider of Cybersecurity and Risk Advisory services, and cloud-based, Governance, Risk, and Compliance software, announces the launch of its new tech-enabled service - ‘Max’. Organizations often struggle to balance their need for expert cybersecurity services with time and financial constraints. With a rapidly evolving threat landscape, accurately budgeting for a year of cybersecurity costs is becoming ever more challenging. Extensive consulting team In addition to this, the COVID-19 pandemic has resulted in large portions of the workforce being furloughed (in the UK) or, unfortunately, being made redundant, which in some cases has left IT teams without expertise in critical areas such as cybersecurity. Max is focused on outcomes and has 200 years’ worth of cybersecurity expertise SureCloud’s new, tech-enabled Max service provides organizations with a solution to these challenges by granting them access to the perfect cybersecurity department, made up of experts in all domains, ready to be called upon in an instant. Max is focused on outcomes and has 200 years’ worth of cybersecurity expertise, harnessing the skills of an extensive consulting team, each member with more than 10 years of hands-on experience. Robotic process automation Max is skilled in all aspects of cybersecurity, from strategy and operational execution to reporting, and enables organizations to run their cybersecurity functions in a highly efficient, cost effective way. Organizations can engage Max on a starting salary subscription, which offers a low cost, entry-level way to access a vast amount of expertise only the pioneer organizations could hope to afford. Being tech-enabled, Max is turbo-boosted through the power of robotic process automation (RPA), which automates and optimizes the traditional manual processes associated with delivering a service. Smart decision making Max is also supported in smart decision making by artificial intelligence (AI). These technology-components empower SureCloud’s consultants to concentrate their time on the human decision-making aspect of cybersecurity to help reduce risk, as well as deliver a better customer experience. SureCloud’s ‘Max does Cybersecurity’ is available as a subscription model across 3 levels of service In addition to in-person consulting engagements, Max can also be accessed as a chatbot via SureCloud’s central, cloud-based Gartner recognized platform, where customers can request assistance or ask cybersecurity related questions. SureCloud’s ‘Max does Cybersecurity’ is available as a subscription model across 3 levels of service, building on each other, and offering different levels of expert consultant-led outcomes and cloud-based software applications. Accredited cybersecurity consultants Commenting on the launch, Richard Hibbert, SureCloud CEO, said: “With Max, SureCloud is addressing the operational fracture between software and services, by combining the power of technology with our existing expert advisors. We have been market-leading cybersecurity service specialists for over 14 years, and this offering is the natural next step, giving organizations round the clock access to our accredited cybersecurity consultants, as and when they need them.” “By harnessing AI and RPA across our platform, we have essentially created living applications that evolve to both support our consultants, and give our customers the outcomes they need." Max does Cybersecurity is Max’s first service. In the near future, Max will also be extended to include additional service-lines, including, Max does Continuous Security Testing, Max does Compliance (including PCI) and Max does Third-Party Risk Management.

SureCloud, the provider of cloud-based, Governance, Risk and Compliance (GRC) solutions, has been recognized by Gartner as a Challenger in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management (VRM) Tools, for completeness of vision and ability to execute. SureCloud’s position on the ability to execute axis improved since the previous year’s Magic Quadrant for IT VRM Tools, where it was recognized for the first time as a Niche Player. The 2020 Gartner Magic Quadrant report evaluates IT Vendor Risk Management solution providers, recognized by Gartner as offering comprehensive solutions, and categorizes them into four categories: Niche Players, Visionaries, Challengers, and Leaders. Risk management processes The Quadrant provides a view on how well IT VRM providers are executing their stated visions and performing against Gartner's market view based on customer feedback and solution demonstrations. According to Gartner, “The IT Vendor Risk Management use case focuses on the process of ensuring that the use of third-party service providers and IT suppliers does not create an unacceptable potential for business disruption or a negative impact on business performance.” Vendor Risk Management solutions enable organizations to accurately ascertain the security and compliance risks associated with their IT third-parties, creating a centralized register of these parties, and integrating this with wider risk management processes. Vendor risk management I am proud to see that SureCloud’s vendor risk management product is a comprehensive solution" Richard Hibbert, CEO and Co-Founder of SureCloud, said: “We are delighted that SureCloud has been recognized as a Challenger. From our view, this underlines our strategy to continuously innovate and develop our GRC solutions. In particular, I am proud to see that SureCloud’s vendor risk management product is a comprehensive solution that offers a central view of an organization’s vendor assurance program." SureCloud has also been recognized this year as a Challenger in Gartner’s August 2020 Magic Quadrant for IT Risk Management, which they believe validates the platform’s ability to deliver a complete GRC program by encompassing IT Risk, Compliance and Vendor Risk processes. Highly sensitive data Vendor risk management is a crucial part of any organization’s cybersecurity and risk program, with the number of third parties having access to highly sensitive data and therefore offering a simple route new risks and threats to be introduced to the organization. Demonstrating that each third party’s approach to security and risk management meets your internal standards and regulatory obligations is vital to ensure you are managing vendor risk effectively. SureCloud’s Vendor Risk Management solution is designed to offer a simple out of the box framework for organizations to assess and review all their IT third party vendors for potential risks - in one scalable, flexible and highly configurable software-as-a-service (SaaS) solution. SureCloud’s Third-Party Risk Management software solution provides: A centralized register of all third-party IT vendors, giving a comprehensive view of risk. End user-configurable and dynamically generated risk-assessment for each third party, ensuring that the questions they are asked are ones that apply to them. Full integration with regulatory compliance data and wider IT risk management Automated third-party notifications and simple to use reporting.

SureCloud, a provider of cloud-based, Gartner recognized Integrated Risk Management solutions and cybersecurity services, has announced the launch of its free Supply Chain Tool. The new complimentary  solution enables businesses to gain a holistic view of their critical suppliers  and understand areas of risk in the supply chain, whilst allowing a user to provide insights into the supply chain research. The new application allows businesses to document their key assets and processes, assess their critical suppliers against a pre-defined question set. Then aggregate and report findings through flexible dashboards, helping organization to assess the impact on their supply chain.   Rapid deployment of solution Effective supply chain management is particularly important at this time of global crisis. The effects of the coronavirus pandemic have transformed the way suppliers are managed and relied upon and created uncertainty for third-party risk programs. SureCloud’s new tool aims to support organizations  in  assessing  their supply chain risks during the COVID-19 outbreak and beyond.   The complimentary Supply Chain Solution has a simple user interface with prebuilt content that enables rapid deployment of the solution. The tool offers a supply chain assessment, reports, and dashboards designed by industry experts within SureCloud’s Risk Advisory Practice. These components give businesses a time advantage as assessments can be sent directly to crucial suppliers from the SureCloud platform. Risk Advisory Practice Most organizations understand the importance of third-party risk management by now" This, in turn, helps measure potential supplier risks and determine impacts one's supply chain.  The application also offers built-in support including a library of training videos, a support desk, and advice from industry experts using SureCloud’s Risk Advisory Practice, ensuring smooth user adoption and realization of value.  Richard Hibbert, CEO and Co-Founder at SureCloud, said, “Most organizations understand the importance of third-party risk management by now, but fourth party risk and beyond remains too often shrouded in mystery. But if your third party is working with third parties, and most are, from individual consultants up to major technology providers, then those individuals or organizations are also part of your risk posture." Supply chain audit solutions "This is why it is so important to think of your organization’s security and risk posture as part of a chain, in which you are only ever as robust as the weakest link.” He continued, “Supply chain audits need to take in a broad spectrum of information. It’s not just about the obvious what cybersecurity tools do they have in place, who is responsible for which process, what the contingency plans are but also ‘softer’ information like where their offices are based and who their customers are. Supply chain audit solutions need to be able to collect all this data as efficiently as possible, which means that cloud-based solutions are often most appropriate." Supply Chain Assessment Tool The result is a snapshot view of the health, or risk, of the supply chain at any time" "Third and fourth parties and beyond can respond to digital questionnaires with the information collated and aggregated automatically. The result is a snapshot view of the health, or risk, of the supply chain at any time.” “SureCloud is dedicated to making risk management and cybersecurity as streamlined and straightforward as possible, so we are delighted to announce the launch of our Supply Chain Assessment Tool. We know it will help organizations gain a better understanding of their complete supply chain, particularly in light of current circumstances disrupting normal operations.”  Assess supply chain risks By using the SureCloud Platform to assess supply chain risks, clients provide valuable global insights into the current state of the supply chain, which supports other organizations with their resilience strategy. SureCloud can utilize the results to measure and report on global trends relating to the impact and readiness of supply chains, before sharing this analysis for learning.  Actions that a user can take with SureCloud’s Free Supply Chain Assessment Tool:  Document key processes and assets Document the user's business vendors Directly assess the user's supply chain Define and manage issues and exceptions Report results via intuitive dashboards

SureCloud, the provider of cloud-based, Integrated Risk Management solutions and Cybersecurity and Risk Advisory services, has appointed Paul Zeila as Vice-President of GRC Sales for EMEA. He will be instrumental in driving business growth and developing service lines, as well as having overall responsibility for SureCloud’s suite of GRC products. Paul brings nearly 20 years of experience working in the GRC space with global organizations such as IBM, ACL, SAP and most recently, Deloitte. Paul has an in-depth understanding of Enterprise Risk, Governance Risk and Compliance, and has an excellent track record of sales and creating go-to-market strategies for clients. Cloud-based solution As part of his remit at SureCloud, Paul will be responsible for managing his team based primarily out of the London office, with plans to create new regional offices and grow the sales teams across the UK in the near future. Commenting on his appointment, Zeila said: “SureCloud’s cloud-based solution is intuitive and easy to use, and it represents how people interact with software these days. A lot of the legacy tools don’t have the capabilities of SureCloud’s solutions, which really sets us apart from the competition. I see a huge opportunity and potential to help bring SureCloud’s fantastic products to market, and I can’t wait to get started.” Richard Hibbert, SureCloud CEO, added: “Paul shows great enthusiasm for our sector and really understands the market. We have no doubt he’ll be instrumental in helping us continually drive our business forward in line with our ambitious goals.”

SureCloud, the provider of cloud-based, Integrated Risk Management solutions, has been placed on Gartner’s Magic Quadrant for IT Vendor Risk Management Tools for the first time after being recognized on Gartner’s Magic Quadrant for Integrated Risk Management Solutions back in July 2019. The quadrant names 16 key solution vendors identified by Gartner as offering vendor risk management (VRM) solutions. VRM solutions enable organizations to accurately ascertain the security and compliance risks associated with their IT third-parties, creating a centralized register of these parties and integrating this with wider risk management processes. Highly configurable software-As-A-Service We think it underlines our ability to offer a truly comprehensive third-party risk management solution" Richard Hibbert, CEO and Co-Founder at SureCloud, said: “We are delighted that SureCloud has been included in the Magic Quadrant for IT Vendor Risk Management Tools; we think it underlines our ability to offer a truly comprehensive third-party risk management solution.” “Our flexible, scalable and highly configurable software-as-a-service (SaaS) delivery model, combined with managed service options, is proving particularly attractive to organizations looking to build a robust, central view of their vendor assurance program.” Security and risk management Third-party risk management is a vital part of any organization’s cybersecurity posture, with many third parties having access to highly sensitive data and offering criminals a potential route into their organizations. Demonstrating a clear awareness of each third party’s approach to security and risk management is also an increasingly significant element of privacy regulations such as the GDPR. In response, SureCloud’s Vendor Risk Management solution is designed to offer a smooth and scalable means for organizations to assess and review all their IT third party vendors for potential risks. IT risk management processes The SureCloud Vendor Risk Management solution offers: A centralized register of all third-party IT vendors, giving a holistic view of risk A dynamically generated risk-assessment for each third party, ensuring they are only asked questions which apply to them Automated third party notifications and response reporting. Full integration with wider IT risk management processes and data privacy programs.

SureCloud, the provider of cloud-based, integrated risk management solutions and cyber security services, has announced the launch of its new Risk Advisory practice. SureCloud Risk Advisory SureCloud Risk Advisory will deliver a range of integrated cyber, risk and advisory services, uniquely underpinned by its cloud-based platform. This means organizations will have a central point of access to a range of risk assessment, base lining, information assurance and governance services and associated management information, all delivered as-a-service in the cloud. This launch demonstrates SureCloud’s evolution to provide clear, holistic visibility of the entire risk and security posture. It is also as a response to organizations’ growing demands for real-time practical, flexible and pragmatic support through professional services automation. SureCloud’s Risk Advisory services will help align organizational needs with industry best practice Cyber security and risk expertise SureCloud’s Risk Advisory services will help align organizational needs with industry best practice, as well as helping to advise on how to prioritize the areas which are most crucial in achieving their business objectives. The new team offers a flexible approach to the consumption of cyber security and risk expertise, with SureCloud working as either an extension of the organization’s security team or as an independent security expert. The new practice will be headed up by Ben Jepson with Craig Moores having responsibility for the delivery function and service development. Both recently joined SureCloud from global cyber security and risk mitigation specialist NCC Group, bringing many years of cyber and risk experience combined with a high level of commercial acumen. Enhancing enterprise security Richard Hibbert, SureCloud CEO, said “SureCloud Risk Advisory is our proactive response to the evolving enterprise risk landscape and customer demand for professional services delivered through supporting technology”. He adds, “With cyber security threats growing more sophisticated every day, and organizations increasingly – and rightly – demanding real-time, highly flexible and holistic support in assessing and responding to those threats, the time was right to leverage our existing platform and offer advisory services in a way that is easily digestible in the same way we do for our security testing clients today. The appointment of Ben and Craig to lead the new division brings impeccable leadership and consultancy experience into the mix. We’re all very excited to take SureCloud Risk Advisory forward.”

SureCloud, globally renowned provider of cloud-based, integrated risk management solutions and cyber security services, has further enhanced its senior management team with the twin appointments of Ben Jepson as Vice-President and Craig Moores as Practice Director, of SureCloud’s new Risk Advisory division. Jepson will have overall responsibility and Moores will be accountable for the delivery capability within the new practice. Both join from global cyber security specialist NCC Group and will bring their experience in international business development, cyber security and risk consultancy to establish and grow SureCloud’s new Risk Advisory practice. Uniquely, the practice will deliver its services through the award-winning SureCloud platform, enabling deeper relationships with clients as opposed to one-off project engagements. Risk-based cyber security services Risk-based cyber security services covers assessments, remediation services, and advisory-as-a service solutions Risk-based cyber security services covering assessments, remediation services, board-level advisory and advisory-as-a service solutions will form the core offerings, designed to help organizations manage their cyber security and risk to ensure it aligns with their business objectives. Previously Director of the Risk Management and Governance (RMG) division at global cyber security specialist NCC Group, Jepson brings 20 years of senior experience in corporate risk mitigation and cyber security, and an impressive track record in leading international teams and building world-leading, highly profitable professional services functions. Cyber security and information risk management expert Moores will ultimately be responsible for the delivery function and service portfolio within the new practice. He was part of the senior delivery team at NCC Group, responsible for leading and delivering complex cyber security solutions aligned to strategic business objectives, and brings broad cyber security experience including strong technical software development and project management. Moores has particular strengths in information risk management, PCI DSS, strategic planning and business auditing, and is also certified CISSP, Lead Auditor and PCI DSS QSA. Security and risk management Commenting on his appointment, Jepson said, “SureCloud is entering an exciting period of its development, which is precisely why I wanted to join. By bringing cyber and risk together in a holistic Risk Advisory practice, all uniquely underpinned by the SureCloud platform, we’re offering a genuinely comprehensive approach to risk management.” Moores added “Risk management is embedded in SureCloud’s culture, and it’s fantastic that I’ll be leading the delivery team in the Risk Advisory arm of the business to help build on its current strong position. I’m looking forward to advising organizations on how they can make informed, educated decisions to help mitigate risk so that they can unleash their full potential.” Cloud-based security platform The new Risk Advisory function within SureCloud really sets us apart in the market" Richard Hibbert, SureCloud CEO, said “The new Risk Advisory function within SureCloud really sets us apart in the market and is a direct response to customer demand for professional service automation. Our cloud-based platform has built a fantastic reputation for being agile, intuitive and dynamic, and by delivering Risk Advisory services in the same way, we offer organizations everything needed to assess and baseline their environments against industry best practice.” “Both Ben and Craig bring outstanding skills and experience to the table, with strong business acumen. They are experts in their field, and we are extremely confident that they’ll help us build on the success we’ve already achieved, and that they will be invaluable members of our team.” GRC software and risk advisory SureCloud is a provider of Gartner recognized GRC software and cyber & risk advisory services. Whether buying products or services, organizations benefit from automated workflows and insight from the award-winning SureCloud platform. All of SureCloud’s service offerings are fully compatible with the GRC suite of products, enabling a seamless integration of information.

SureCloud, a provider of cybersecurity services and cloud-based, Integrated Risk Management solutions, appoints Jon Taylor-Goy as EMEA Sales Manager for the cybersecurity division. Jon will be instrumental in helping drive business growth, as well as establishing complimentary new service lines. Jon’s expertise spans business growth, product development, and go-to-market strategies in the areas of IT risk management and governance. Cybersecurity service offering Jon brings more than 18 years of in-depth experience in IT sales, specializing in cybersecurity, risk, and compliance. Jon worked at NCC Group for 18 years, working his way up to Head of Business Development Prior to joining SureCloud, Jon worked at NCC Group for 18 years, working his way up to Head of Business Development, Risk Management, and Governance, where he formed a key role in the business development function that saw the company grow from 100 staff in one location to more than 2,000 worldwide. “SureCloud has a compelling proposition. Its cybersecurity service offering, Pentest-as-a-Service©, and approach to ongoing customer support sets the company apart from other providers and gives enormous potential for growth,” said Jon. Ever-Evolving customer needs “I look forward to forging new customer relationships, developing strong relationships with current clients, and working with colleagues to bring new services to market that will meet ever-evolving customer needs.” Richard Hibbert, SureCloud CEO, said: “Enterprises across Europe are operating in a very challenging environment when it comes to IT security. Their networks are becoming more complex, the attacks they face are growing in number and sophistication, and their compliance obligations regarding data security are increasing. Jon’s work will bring our cybersecurity services, including SureCloud’s Pentest-as-a-Service, to a growing number of enterprises, ensuring that our offering continues to evolve and address the challenges they face.”

SureCloud, global provider of cloud-based, integrated risk management solutions, has been positioned as a Niche Player in Gartner’s Magic Quadrant for Integrated Risk Management Solutions for the first time. Integrated Risk Management Richard Hibbert, CEO and Co-Founder at SureCloud stated, “Being recognized in the 2019 Gartner Magic Quadrant for Integrated Risk Management Solutions for the first time is a proud moment for SureCloud.” Richard added, “We feel that SureCloud’s inclusion is testament to our commitment to providing our customers with the risk management solutions to fit their specific business needs without compromising agility.” Program management and assessment tracking SureCloud’s IRM solutions are designed to help organizations manage IT risk across different business functions  While organizations are facing increasing risk to their IT and non-IT operations, traditional spreadsheet-based approaches to risk management can make program management, assessment tracking, and compliance reporting challenging and onerous. In response, SureCloud’s IRM solutions are designed to help organizations manage IT risk across different business functions and demonstrate compliance with a wide range of major frameworks and standards - in one integrated Software as a Service (SaaS) platform. The SureCloud Software as a Service (SaaS) platform offers: Automation of traditionally spreadsheet-driven, manual processes  A single source to centralize individual and project team task management, workflows, dashboards, and reporting An intuitive user experience, powerful data aggregation, and pre-built intelligent forms help you simplify and cut through compliance complexity