industry news Wednesday 19 Jan 2022 @ 10:15 IriusRisk and Methods partner to deliver automated threat modeling for public sector software
Partnership will drive hybrid cloud transformation in software by enabling security as a continuous service
19th January 2022: Automated threat modelling company IriusRisk has partnered with Methods, the leading public sector digital transformation consultant to deliver embedded threat modeling to improve the security of public sector services. The partnership has already seen two out of the five top public sector bodies incorporating IriusRisk threat modeling capabilities into their service offerings.
The partnership allows Methods to offer threat modeling and DevOps for UK government and public sector applications. Continuous threat modeling of applications and Cloud Services means that security is upheld as a continuous service, vastly reducing the risk of software vulnerabilities that could be exploited. This includes architectural design, analysis and threat modeling consulting service capabilities based around the IriusRisk Threat Modeling Platform. With IriusRisk, public sector organisations are also able to investigate and quantify inherent legacy risks in existing software through automated threat modelling, driving and informing remedial security programs to update key public sector services.
Methods will also use IriusRisk as a basis for education and awareness programmes on cyber security threats, assisting public sector organisations in building their own threat modeling capabilities - including tools, training and ongoing access to key threat intelligence.
Methods will be making their threat modeling 'portfolio' available via the Crown Commercial Service - Tech Services 3 framework - enabling UK public sector organisations to procure through the approved government frameworks - thereby qualifying IriusRisk as a UK Government approved supplier.
Commenting on the partnership CEO and co-founder of IriusRisk Stephen De Vries said:
“We are delighted to be partnering with Methods, who are a leader in public sector digital transformation. The public sector is acutely vulnerable to security risks and this partnership with Methods will mean that these organisations are able to feel confident not only in the security of their software products from the offset, but throughout their life cycles. We are excited to see our threat modelling services rolled out throughout the public sector, allowing threat modelling to become embedded in software design from the earliest stages”
Gareth Jones, Chief Information Security Officer at Methods said:
“Threat modeling has become an increasingly important part of our S-SDLC process as it is recognised as one of the most effective approaches to reduce cyberattacks and costly redevelopment. Our approach is tailored to each customer, supported by national and international standards that address systemic risks. The evolution of threat modelling has moved from being a manual time-consuming process to adopting automated tools which speeds up secure application development and release software faster.”
“Using IriusRisk helps enable the implementation of security into software design, without requiring DevOps engineers to completely re-train as security professionals. In practice, threat modeling has the potential to change the relationship between developers and security professionals and create the ultimate goal of DevSecOps, a truly cross-functional team.”
IriusRisk is the industry's leading threat modeling and secure design solution in Application Security. With enterprise clients including Fortune 500 banks, payments, and technology providers, it empowers security and development teams to ensure applications have security built-in from the start - using its powerful threat modeling platform.
Whether teams are implementing threat modeling from scratch, or scaling-up their existing operations, the IriusRisk approach results in improved speed-to-market, collaboration across security and development teams, and the avoidance of costly security flaws.
Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. We are passionate about the work we do and transforming services for citizens. We apply our skills in innovation and collaboration from across the Methods Group, to deliver end-to-end business and technical solutions that are people-centered, safe, and designed for the future.