Understand your risks, get ahead of threats.

Gain a 360° view of your security posture and protect against threats with Celcom Cyber Risk Rating. With actionable, data-driven ratings, you can strengthen the security ecosystem of your organisation and your vendors, mitigate cyber risks, eliminate vulnerabilities, and meet compliance standards across different industries. Sign up now to get a FREE 3-month summary report.

What is Cyber Risk Rating?

A Cyber Risk Rating service that offers a holistic, outside-in view of an organisation’s security performance. Cyber Risk Rating empowers you to take proactive measures and eliminate vulnerabilities, strengthening your organisation’s security posture.

cyber-risk-rating-storytelling-1
cyber-risk-rating-storytelling-2

How does it work?

Cyber Risk Rating consistently monitors and assesses your security ecosystem. It uses advanced analytics that rate your security posture across ten groups of risk factors, including Network, Endpoint and Application Security, DNS Health, Patching Cadence and more.

Why it makes business sense

USP Icons
Faster, smarter executive-level decisions

Get detailed, insightful and easy-to-read security and compliance reporting for easier decision-making among board members.

USP Icons
Stakeholder Confidence And Standardisation

Instil confidence and standardisation among management and board members with consistent monitoring and ratings.

USP Icons
Expert Support

One-on-one Q&A, cyber risk remediation support, security issues advisory and awareness training for management and employees.

Why it makes business sense

USP Icons

Faster, smarter executive-level decisions

Get detailed, insightful and easy-to-read security and compliance reporting for easier decision-making among board members.

USP Icons

Stakeholder Confidence And Standardisation

Instil confidence and standardisation among management and board members with consistent monitoring and ratings.

USP Icons

Expert Support

One-on-one Q&A, cyber risk remediation support, security issues advisory and awareness training for management and employees.

cyber-risk-rating-benefit-banner

Strengthen your security posture with us

Leave your details below and we will be in touch soon.
Celcom Business Enquiry Form

Want to know more?

View our FAQ and T&Cs below.

  1. What is Celcom Cyber Risk Rating?

    Cyber Risk Rating is an essential Security Rating standard with a granular view of your security ecosystem’s performance to identify assets exposed on the Internet, security threats and possible attack methods. Cyber Risk Rating:

    • dynamically collects positive and negative signals from the Internet (including the Dark Web) with sensors across applications, network, endpoint security and patching cadence
    • predicts risks using analytics from an advanced machine learning algorithm
    • finds attributes and continuously calculates security ratings based on your vulnerability level, issues and threat indicators.


    A good security rating improves corporate credibility among customers, partners and provides assurance to your organisation’s Board Of Directors via valuable insights and reporting. It is also able to identify third-party vendors’ risk portfolios and security rating and address their risk of cyber attacks.

    Celcom Cyber Risk Rating is powered by SecurityScorecard.


  2. How does Celcom Cyber Risk Rating work?

    Celcom Cyber Risk Rating uses a combination of data points collected organically or purchased from public and private sources and then applies proprietary algorithms to articulate an organisation's security effectiveness as a quantifiable score.


  3. What is Cyber Risk Rating’s scanning process?

    Cyber Risk Rating utilises multiple, non-intrusive security data collection methods that are publicly available. At a higher level, these fall into two technical categories:

    • Passive Surveying Capabilities

      Cyber Risk Rating utilises a network of hundreds of passive sensors that are distributed strategically across the Internet. These sensors introduce a wealth of security intelligence that is used to determine specific threat related findings. The sensors include honeypots and DNS sinkholes that enable Cyber Risk Rating to automate the identification of millions of malware infections that are active at any given time. These findings also allow our security engineers to capture important security findings, reverse engineer malware, identify the command and control domains the malware will register, and tune our network of DNS sinkholes to those domains. Combined, these capabilities provide unrivaled visibility into potential threats to the digital footprint of company represented monthly report.

    • Active Scanning Capabilities

      Cyber Risk Rating utilises multiple publicly sourced active scanning technologies. These scanning capabilities introduce a broad range of security intelligence that is used to assess the security ratings across multiple risk factor areas. Also, Cyber Risk Rating uses other scanning techniques including Google Dorking, Github Dorking, DNS records, SSL certificates, header grabs, and hacker community scanning to identify a wide range of attacks, misconfigurations, and exposed vulnerabilities.


  4. What does a security rating mean?

    Cyber Risk Rating security ratings are easy-to-understand ratings depicted on an A-F scale. They analyse the cyber health of an organisation across ten groups of risk factors. Cyber Risk Rating's statistically robust framework documents the fact that a company with an F-rating is 7.7 times more likely to suffer a consequential breach versus an A-rated company. Certain risk factors, such as application security and patching cadence, are even more indicative of the likelihood of a breach.

    cyber-risk-rating-faq

     


  5. What are the features of Celcom Cyber Risk Rating services?
    • Main Scope of Services
      • Daily Continuous Monitoring (Per Domain)
      • Alerts and notifications on elevated
      • Monitoring for 12 months
      • Free Trial for 3 months with 1 Summary Report
      • Add-On Plan for 3rd Parties (competitors, vendors, partners, suppliers) Cyber Risk Rating monitoring
    • Scheduled Risk Rating Reports
      • Monthly Cyber Risk Rating Summary Report
      • Monthly & Quarterly Cyber Risk Rating Issue(s) Report
      • Monthly Risk Rating Detailed Report
      • On-Demand based Cyber Risk Rating Detailed Report (max 6 times per annum)
    • Advanced Value-Added Services
      • Management or User Cyber Security Awareness Training (4 times per annum)
      • Cyber Risk History Insight (1 time)
      • Cyber Risk Remediation Advisory
      • Unlimited 1-1 Cyber Security Expert Support Q&A
      • Annually Automated External Vulnerability Assessment (Black Box of up to 3 IPs annually)

  6. What are the benefits of Celcom Cyber Risk Rating for customers?

    Cyber Risk Rating enables businesses to continuously monitor and assess their cybersecurity posture and strength of their cyber-defence to protect online assets from hackers.

    An organisation with a good security rating provides assurance and confidence to their customers and ecosystem partners. Poor security ratings indicate that an organisation's data is at risk by highlighting critical gaps in security.

    Just as credit ratings provide insights into organisational financial stability, cybersecurity ratings provide insight into the cybersecurity health and practices of an organisation.

    The benefits for organisations are:
    • Continuous Monitoring. Continuous “outside-in” risk rating and monitoring of the organisation cyber security postures
    • Visibility into Vendor Risk. Advanced analytics to give security teams visibility into areas of risk in the vendor ecosystem and risk portfolios
    • Executive-Level Reporting. Comprehensive Cyber Risk Rating reporting and visibility of the risk posture and ratings to the Board of the Directors.
    • Instill Confidence in Your Prospects and Customers. Continuous monitoring and a good security rating will improve your reputation and increase the confidence of customers and business partners globally.
    • Return on Security Investments. Reports show historical performance and continuous improvement, demonstrate the returns in security investment, and help your organization benchmark cybersecurity performance against industry peers and competitors.

  7. How does Cyber Risk Rating help you reduce your risk?

    Cyber Risk Rating helps you assess your own cyber security posture and that of your business partners and other companies of interest. Your organisation can quickly assess the external security posture of organisations of interest across 10 key risk factors from monthly reports,. You can learn of specific issues uncovered by Cyber Risk Rating that impact your security posture and that of companies in your ecosystem.


  8. Can the public access my organisation’s Cyber Risk Rating on the Internet?
    • The public cannot view the Cyber Risk Rating via the Internet, but organisations rated A can publicly disclose their ratings on the SecurityScorecard website.

    • Organisations are encouraged to publish the “scores” on the their own organisation webpage to improve customer confidence of the organisation’s security level.


  9. How can I improve or upgrade my organisation’s score?

    Customers can contact Celcom for consulting services to improve and resolve security vulnerabilities in order to improve their rating.


  10. How do I start using this service?

    Customers will receive a welcome email for confirmation upon account activation, followed by monthly and quarterly reports.


  11. Is Celcom Cyber Risk Rating available for trial?

    Celcom Cyber Risk Rating offers a 3-month trial. Customers can opt to terminate their subscription within the 3-month period. Customers may contact Celcom Customer Service, Account Manager or Channel Partner for termination of Trial service. If no termination request is received, it is considered the Customer agrees to proceed on an annual subscription basis and will be billed with an annual charge after the end of the trial period.


  12. Is there a minimum number of user licence subscriptions required?

    No, the service is charged based on the number of fully qualified domain names or website domains. The minimum is one domain. Customers may subscribe for additional domain names with “Add-On Domain Plan”.


  13. Can I subscribe if have more than 1 domain?

    Yes, you can subscribe to “Add-on Domain Plan” anytime.


  14. How long does it take to activate the services?

    Service activation requires a maximum of 5 working days.


  15. Is there any upfront payment required for this service?

    It is an annual charge in advance for the annual subscription.


  16. Is there any software installation required prior to using this service?

    No software installation is required.


  17. How do I reset my password?

    This service will only issue reports, no password is required.


  18. When do I have to make payment?

    Subscription to this service will be charged annually at the beginning of the subscription period.


  19. How do I terminate the service?

    Customers may contact Celcom Account Manager / SMB Dealers for subscription termination.

  1. Celcom Cyber Risk Rating solutions consist of main and add-on modules offered on a subscription basis to meet the needs and requirements of a business.

  2. Customers who subscribe to the services shall enjoy the scope of service offered under the Package as stated in the Service Agreement Form (hereinafter referred to as “SAF”).

  3. Celcom reserves the right to change the prices at any time during the contract tenure.

  4. Contract tenures for all packages will be for a period of 12 months. 

  5. Invoices are issued annually.

  6. The prices for Celcom Cyber Risk Rating solutions are based on the modular subscription and the scope of services stated in the SAF.

  7. The Package Value (hereinafter referred to as “PV”) shall be charged based on a full year. 

  8. In the event of early termination, there is no refund if the payment has been made and the Customer shall be subjected to a Termination Fee based on the remaining months of the contract tenure. 

  9. The minimum subscription period for Celcom Cyber Risk Rating solutions is 12 months from the date of activation of the service of the Package (herein defined as “Period of Agreement”). Celcom shall impose an early termination fee for the remaining months out of the Period of Agreement (herein defined as “Termination Fee”). 

  10. Should there be any payment default, the service will be suspended by Celcom and reconnection will happen only after all outstanding payments are cleared. Subscription of the package shall be fully terminated upon failure to settle the outstanding payment(s) after 3 months.

  11. The prices will be subject to a 6% Sales & Service Tax (SST) subscribed by the Customer.

  12. Either Party may at any time terminate the subscription to Celcom Cyber Risk Rating solutions by giving the other Party 30 days prior written notice. Celcom shall not be liable for any compensation and damages towards the Customer in the event Celcom exercises its right to terminate for convenience. However, termination by the Customer prior to the expiry of the Period of Agreement will always be subjected to a Termination Fee as prescribed herein.

  13. The Customer agrees that Celcom’s entire liability in contract, tort (including negligence or breach of statutory duty) or otherwise to the Customer (except for death or personal injury caused by Celcom’s negligence) under this Agreement shall not at any time exceed the sum specified in the SAF (“Limit of Liability”).

  14. Celcom will not be responsible or liable for any claims by the Customer or any third party arising from the act, omission or negligence by the Customer or by the Service Provider.