Latest news with #GuidePointSecurity
Business Wire
7 days ago
- Business
- Business Wire
GuidePoint Security Launches New Cyber Risk Quantification Service To Help Organizations Make Smarter Security Investments
RESTON, Va.--(BUSINESS WIRE)-- GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today the launch of its Cyber Risk Quantification (CRQ) service—a proprietary assessment designed to help organizations identify, prioritize and reduce cyber risk using financial impact modeling. By quantifying cyber risk in financial terms—not colors or abstract scores—CRQ empowers teams to shift from reactive defense to proactive risk management. As cyber threats grow more complex and security budgets face greater scrutiny, GuidePoint's CRQ service replaces guesswork with clear, data-backed insights that show exactly how cyber risks translate into potential financial loss. By quantifying cyber risk in financial terms—not colors or abstract scores—CRQ empowers teams to shift from reactive defense to proactive risk management. 'Security leaders often struggle to convey risk in a way that resonates with boards and executives. Many organizations still rely on vague heat maps or subjective, qualitative scoring to gauge cyber risk—methods that simply don't cut it anymore,' said Ben Moreland, Director, Cyber Risk Practice at GuidePoint Security. 'By quantifying cyber risk in financial terms, CRQ gives security and business leaders a shared, data-driven view of risk—so they can prioritize smarter, justify spending and reduce exposure with confidence.' Built on the trusted FAIR TM (Factor Analysis of Information Risk) framework, GuidePoint's CRQ combines deep practitioner expertise with AI and automation to simplify complex, traditionally manual risk modeling. The result is faster, more accurate and repeatable assessments that can scale across complex environments. GuidePoint Security's new CRQ offering includes: Financial Risk Modeling: Quantified cyber risk to identify which threats carry the highest potential loss and why–enabling smarter budget allocation and cyber risk buy-down. Board-Ready Insights: Standardized, repeatable outputs that translate technical risks into business impact, supporting aligned decision-making across executive, risk and security teams. Risk-Based Prioritization: A holistic view to focus mitigation efforts on the most financially significant threats, reducing residual and operational risk. Budget Optimization: Detailed financial metrics to help align cybersecurity investments with organizational priorities and support more informed resource allocation. Insurance Support: Defensible loss projections and scenario models that help your legal and broker teams negotiate better coverage terms. Third-Party Risk Integration: Include third-party risk in enterprise-wide assessments for a complete view of organizational exposure. Audit-Ready Documentation: Quantitative reporting that supports regulatory, compliance and audit requirements with transparency. GuidePoint's CRQ service is made to scale across organizations of all industries, sectors and sizes, and integrates seamlessly with existing risk management frameworks. Whether organizations are just beginning to explore cyber risk quantification or seeking to refine existing programs, CRQ delivers a defensible, business-aligned approach that supports long-term resilience. 'With CRQ, we're helping organizations measure and manage risk,' added Moreland. 'It's about giving teams the clarity and confidence to act decisively—before an incident happens.' For more information on the new Cyber Risk Quantification Service: Visit our website Download our data sheet Read our blog for more cybersecurity risk insights About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint's unmatched expertise has enabled 40% of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at
Business Wire
10-07-2025
- Business
- Business Wire
Ransomware Groups Multiply as Attack Surface Rapidly Expands, GuidePoint Security Finds
RESTON, Va.--(BUSINESS WIRE)-- GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today the release of its quarterly Ransomware & Cyber Threat Report from the GuidePoint Research and Intelligence Team (GRIT). Affiliates are regrouping under existing or emerging banners, and many are standing up their own operations using recycled tools. Covering the second quarter of 2025, the new GRIT Q2 2025 Ransomware & Cyber Threat Report offers exclusive in-depth analysis of the evolving Ransomware as a Service (RaaS) ecosystem, threat actor behaviors and emerging cybercrime trends—including a 45% year-over-year increase in the number of active ransomware groups. 'While law enforcement's disruption of dominant groups like LockBit, AlphV and BreachForums has dealt significant blows to cybercriminal networks, the sharp year-over-year rise in active ransomware groups makes it clear that a significant threat remains,' said Justin Timothy, Principal Threat Intelligence Analyst at GuidePoint Security. 'Unfortunately, the quarterly slowdown in publicly reported ransomware incidents appears to stem from more temporary headwinds, such as seasonality, fragmentation and strategic regrouping within the RaaS ecosystem. As groups like Qilin, Akira and Play continue to gain ground, defenders must remain vigilant and prepare for what's next.' The Q2 2025 Ransomware & Cyber Threat Report also investigates Iranian cyber threat activity, the growing momentum of the RaaS group DragonForce and law enforcement's impact on Lumma Stealer, a prolific information-stealing malware favored by cyber criminals. Key findings include: A 45% year-over-year increase in active ransomware groups, climbing from 45 in Q2 2024 to 71 in Q2 2025. Ransomware victim numbers remain elevated year-over-year (+43%), but a 23% decline in Q2 2025 hints at changing attacker patterns beyond seasonal norms. An 85% increase in activity from Qilin, the most active threat group of this quarter. 52% of observed ransomware victims in Q2 2025 were based in The United States, followed by Singapore (23%) and Canada (5%). The manufacturing, technology and legal industries were most heavily impacted by ransomware. Notably, the healthcare sector dropped out of the top five most targeted industries for the first time since Q2 2022. 'We're seeing a reshuffling within the ransomware ecosystem,' Timothy added. 'Disruption of major RaaS players hasn't reduced overall threat capacity so much as redistributed it. Affiliates are regrouping under existing or emerging banners, and many are standing up their own operations using recycled tools. As we head into the second half of the year, security teams should expect familiar tactics under new names.' The Ransomware & Cyber Threat Report is based on data obtained from publicly available resources, including threat groups themselves, as well as threat analyst insights into the ransomware threat landscape. For more information: About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint's unmatched expertise has enabled 40% of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at
CBS News
24-06-2025
- Business
- CBS News
Bay Area technology experts comment on possibility of cyberattacks following U.S. strikes on Iran
A day after President Trump announced the U.S. struck nuclear facilities in Iran, the Department of Homeland Security warned about the potential for low-level cybersecurity attacks. And even though the US has announced a ceasefire between Israel and Iran, Paul Keener, a strategist for a cyber consulting firm called GuidePoint Security headquartered in Virginia, said the potential attackers don't even have to be Iranian. "That is one of Iran's typical methods, because they use hacktivist groups. And so, the hacktivist groups are people who are ideologically aligned," said Keener. "And so, it creates the appearance of something bigger and more responsive than it might actually be. And so, yeah, is it likely that this will happen? I think so. If they can focus and do that, I would anticipate that." Prof. Ahmed Banafa is a technology expert at San Jose State. He said Iran has engaged in cyber attacks in the past and usually focuses on the kind of infrastructure that can disrupt everyday life. "The war, including what we are seeing here, is actually not just only in the skies or the battlefield itself. It's also on the server rooms and the algorithms and the data centers and the R and D of the companies," Banafa told CBS News Bay Area. "That's going to be more effective than anything else because it creates a lot of damage to a country." "You know, companies like PG&E for example, so they can paralyze the grid," he said. "Number two, they can go after the financial companies, like Stripe and PayPal, which is going to create a lot of panic if people are using those systems. They can go after the research that we have seen, R and D, in many of those companies, especially with artificial intelligence now. Silicon Valley is leading the world there." And it doesn't take sophisticated weaponry to do that. Just having someone open the wrong email or click on the wrong link can allow a hacker to infiltrate a system and potentially bring an operation to a halt. The Department of Homeland Security issued an alert on Sunday saying, "Low-level cyber-attacks against US networks by pro-Iranian hacktivists are likely, and cyber actors affiliated with the Iranian government may conduct attacks against US networks." Stanford professor Allen Weiner said he thinks some fears may be overblown. The former State Department attorney specializes in international conflict resolution, and he said he thinks Iran is more concerned about keeping its own people under control, especially now that Hezbollah has been crippled and Assad's regime in Syria has collapsed. "And so, what that means now," said Weiner, "is that a lot of the allies that Iran had that would have been in a position to put pressure on Israel have been dramatically weakened, leaving Iran itself very exposed." He said Iran's rulers are generally unpopular with the Iranian people, so much of the regime's actions are designed to show strength as a way of keeping their own people in line, and that even before the announced ceasefire, Iran's retaliation had been largely for show. Weiner said, though they could threaten cyber attacks, he believes they may be looking for a way out of the conflict. "I think the Iranians have been signaling that they want to de-escalate," he said, "realizing that they're completely outmatched militarily by the Israelis. And the minute you add the United States to the mix, I think they recognize that a shooting war will go very badly for them."
Business Wire
17-06-2025
- Business
- Business Wire
GuidePoint Security Named to Inc.'s Annual Best Workplaces List for Fifth Time
RESTON, Va.--(BUSINESS WIRE)-- GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, is proud to announce it has been named to Inc.'s 2025 Best Workplaces list. From its employee-led 'Pay it Forward' peer-to-peer recognition program to its mission-driven operations, GuidePoint Security has built a standout workplace culture defined by its values, employee empowerment and commitment to excellence. This annual list honors the companies that have set the standard for workplace success and company culture. This year's list, featured on is the result of comprehensive measurement and evaluation of American companies that have excelled in creating exceptional workplaces and company cultures, whether in-person or remote. 'Being named to Inc.'s Best Workplaces list for 2025—and for the fifth time overall—is a tremendous honor for GuidePoint Security,' said Michael Volk, CEO and Chairman of GuidePoint Security. 'Our continued growth starts with our people and their unmatched expertise. This recognition reflects the culture we've built together: one where innovation thrives, customers come first and every team member is empowered to grow and succeed.' Founded in 2011, GuidePoint Security helps enterprise and government organizations address their most complex cybersecurity challenges. With a team of highly certified security practitioners, the company provides expert guidance in evaluating risk, aligning and optimizing security resources and recommending best-fit technologies through a rigorous, vendor-neutral vetting process. Today, GuidePoint Security is a trusted advisor to more than 4,200 organizations—including 40% of the Fortune 500 and over 50% of U.S. cabinet-level agencies. From its employee-led 'Pay it Forward' peer-to-peer recognition program to its mission-driven operations, GuidePoint Security has built a standout workplace culture defined by its values, employee empowerment and commitment to excellence. GuidePoint provides a strong support system for its employees and delivers on its philosophy of helping the greater good through multiple give back programs, including GuidePoint Security University (GPSU) and philanthropic support of local hospitals, community non-profits, veterans organizations and more. After collecting data from thousands of submissions, Inc. selected 514 honorees this year. The award process involved a detailed employee survey conducted by Quantum Workplace, covering critical elements such as management effectiveness, perks, professional development and overall company culture. Each company's benefits were also audited to determine overall score and ranking. 'Inc.'s Best Workplaces program celebrates the exceptional organizations whose workplace cultures address their employees' welfare and needs in meaningful ways,' said Bonny Ghosh, Editorial Director at Inc. 'As companies expand and adapt to changing economic forces, maintaining such a culture is no small feat. Yet these honorees have not only achieved it—they continue to elevate the employee experience through thoughtful benefits, engagement, and a deep commitment to their teams.' To learn more about GuidePoint Security, please visit About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint's unmatched expertise has enabled 40% of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at About Inc. Inc. is the leading media brand and playbook for the entrepreneurs and business leaders shaping our future. Through its journalism, Inc. aims to inform, educate, and elevate the profile of its community: the risk-takers, the innovators, and the ultra-driven go-getters who are creating the future of business. Inc. is published by Mansueto Ventures LLC, along with fellow leading business publication Fast Company. For more information, visit About Quantum Workplace Quantum Workplace, based in Omaha, Nebraska, is an HR technology company that serves organizations through employee-engagement surveys, action-planning tools, exit surveys, peer-to-peer recognition, performance evaluations, goal tracking, and leadership assessment. For more information, visit
Yahoo
10-06-2025
- Business
- Yahoo
GuidePoint Security Launches New Incident Response Maturity Assessment to Help Organizations Strengthen Cyber Resilience
New offering provides a clear path for improved cybersecurity incident detection, containment and recovery RESTON, Va., June 10, 2025--(BUSINESS WIRE)--GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today the launch of its new Incident Response Maturity Assessment (IRMA), designed to help organizations evaluate, strengthen and mature their cybersecurity incident response capabilities. As digital threats continue to grow in complexity and frequency, many organizations are struggling to build and maintain effective incident response programs, leaving them vulnerable to cyber attacks and regulatory risk. GuidePoint's IRMA offering addresses these challenges head-on by providing a comprehensive, tailored assessment that benchmarks current incident response capabilities against industry standards, provides actionable recommendations for improvement and sets an actionable roadmap for future development. "Too often, organizations don't realize their response processes are fragmented, outdated, or insufficient until they're in the middle of a serious incident," said Mark Lance, Vice President, DFIR and Threat Intelligence at GuidePoint Security. "IRMA gives security teams a clear view of their posture, along with practical steps to build a more mature, effective and resilient response program over time." GuidePoint Security's new IRMA offering includes: Risk Evaluation: Assess your organization's inherent risk and align it with your unique incident response capabilities. Control Domain Assessment: Evaluate incident response across six critical lifecycle phases—preparation, detection, containment, eradication, recovery and post-incident activity. Maturity Evaluation: Analyze your current maturity level and define a clear, measurable path to a stronger future state. Custom Reporting: Receive a detailed report highlighting strengths, weaknesses, and actionable recommendations—prioritized to address the most pressing risks and capability gaps. Debrief and Recommendations: Participate in a post-assessment debrief to review findings and define next steps. Unlike generic security assessments, IRMA is specifically designed for incident response and uses a custom control framework built around industry standard sources like NIST and SANS. The offering also evaluates both the strategic and operational aspects of response programs for a holistic evaluation—ensuring a thorough, accurate assessment that touches on policies, tools, team readiness and real-world application. "With IRMA, we're empowering organizations to respond to incidents faster, smarter and with greater confidence," Lance added. "It's about building a more complete and resilient response program that ensures you keep pace with evolving threats and aligns with business risk." For more information on the new Incident Response Maturity Assessment: Visit our website Download our data sheet Read our blog for more incident response insights About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint's unmatched expertise has enabled 40% of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at View source version on Contacts Nicole 703-403-7066
