NormShield: Assessing Cybersecurity Risks in 60 Seconds

Mohamoud Jibrell, Co-Founder & CEO
In today’s complex business environment, a trusted supplier— with access to organizational network and confidential data—often turns out to be the weakest cybersecurity link for an organization. What if, in 60 seconds, the company could generate a cyber risk scorecard for any of their supplier and ascertain the cyber risk factors? Virginia-headquartered NormShield enables enterprises to assess and monitor their cyber risk posture as well as that of their partners by performing non-intrusive cyber risk assessments and converting the data into an actionable scorecard. “By employing NormShield’s pioneering Cyber Risk Scorecard, organizations can effortlessly discover what hackers already know about them and their third-party partners,” says Mohamoud Jibrell, Co-founder and CEO of NormShield. “Our unique benchmarking capabilities allow companies to compare their cyber risk posture with industry peers.”

When hackers identify their targets, they initially conduct cyber reconnaissance to map the Internet footprint, collect login credentials, and identify critical data. To succeed in their mission, they leverage open source intelligence resources, such as Internet-wide scanners, deep and dark web, social networks, leaked database dumps, and more. NormShield uses the same open source intelligence tools and techniques to gather data in a non-intrusive way and classifies it into security categories. Advanced algorithms perform contextualization and analysis that converts data into risk intelligence and generate easy-to-understand scorecards and dashboards.

NormShield’s Rapid Cyber Risk Scorecard provides intuitive and easy-to-understand dashboards for executives and detailed technical data and mitigation strategies for frontline engineers. In contrast with legacy tools like MS Excel sheets, the modern approach provides executives with entire supply chain risk monitoring capability. Moreover, it provides letter-grades by risk category—which includes website security, DNS security, and application security, among others—with rich underlying data on ways to mitigate each risk in the order of priority.

Rapid Cyber Risk Scorecard also offers cyber insurance companies the ability to assess the potential customers’ IT risks and allows global companies to monitor their supply chain effectively. The solution performs these risk assessments with high accuracy in about 60 seconds. For instance, procurement departments can instantly run a cyber risk assessment of their suppliers to determine vulnerabilities before onboarding them.

By employing NormShield’s pioneering Cyber Risk Scorecard, organizations can effortlessly discover what hackers already know about them and their third-party partners

Similarly, a cyber insurance company, before underwriting and pricing a new policy, can assess the potential risks facing their customers and validate their compliance with regulatory requirements.

What’s more, NormShield has a Comprehensive Cyber Risk Scorecard that provides a more detailed analysis of the company or its supplier’s cyber risk posture. The firm’s customers use the comprehensive scorecards to monitor their own external cyber risk and to assess suppliers that hold PII or confidential information.

NormShield’s scorecards are designed on the shared responsibility model through which the security team of a company, their supply chain partners, as well as third parties can jointly manage and control the shared cyber ecosystem.

As a case in point, NormShield recently helped a global retail holding company to identify the loopholes in its security architecture. By conducting cyber risk assessment, NormShield found that some of their franchisees had significantly weak cybersecurity standards than that of the holding company. The client had little or no control over their franchisees which were connected to the holding company’s payment and procurement system until NormShield stepped in. By leveraging NormShield’s Comprehensive Cyber Risk Scorecard, the client made all their franchisees comply with the current industry security standards.

Focused on tackling the evolving threats, NormShield aims to disrupt the cybersecurity industry with its highly creative team and long-term collaboration with clients. The company will soon introduce a more intrusive assessment feature in its scorecard that actively scans a company’s security prowess.

NormShield News

NormShield Secures $7.5 Million in Series A Funding

BOSTON - NormShield, the cyber risk rating company, announced today the closing of $7.5 million in Series A funding led by Moore Strategic Ventures, LLC (MSV). The financing round also includes participation from existing investors, Glasswing Ventures and Data Point Capital. Since its inception in 2016, NormShield has secured a combined total of $11.1 million in financing.

NormShield is using the funding to expand its go-to-market capabilities and accelerate the development of its technology platform, which is already used by 145 customers in the global financial, healthcare, retail, and technology sectors. The platform fills a fundamental security gap by making it easy for businesses to non-invasively quantify and monitor cyber risk across thousands of third parties, suppliers and partners. NormShield closes this gap with defensible, clear-cut data and minimal false positives.

"The risk of a cyber breach caused by a third party is the single largest blind spot for organizations today. NormShield provides a non-invasive, efficient and cost-effective solution to this problem," said James McIntyre, Senior Managing Director and COO of Moore Strategic Ventures. "The financial scoring provides CISOs with the hard dollar impact to the organization, helping them to 'speak the language' of more financially minded colleagues. We are confident that NormShield's innovative and transparent technology, along with its customer-first approach, will help companies address a critical pain point in the constantly evolving battle against cyber threats."

"We are excited to partner with MSV as we continue to innovate and grow the business," says NormShield CEO, Paul Paget. "Financial investors with broad portfolios need a tool that can help them understand the risk these companies face through third party relationships. MSV can help NormShield as it looks to grow within this vertical."

According to Gartner, "There is an increased focus on the risks associated with the complex ecosystems that are an integral part of digital businesses. It is no longer just about internal security posture, but also the posture of the supply chain, regulators, customers and future business partners."

NormShield markets its system and services directly and via its partner network. Partners expand the ability for NormShield to reach new audiences worldwide that can benefit from valuable security insights and easy-to-understand solutions.


Vienna, VA

Mohamoud Jibrell, Co-Founder & CEO

NormShield monitors enterprises’ external cyber risk posture and performs non-intrusive cyber risk assessments of its suppliers, subsidiaries, and target acquisitions. Using easy-to-understand scorecards, including our 60-second Rapid Cyber Risk Scorecard, the company provides standards-based letter grades on various risk categories, along with data on how to mitigate each risk in priority order. These scorecards are utilized by clients to measure the total shared security ecosystem with its partners and suppliers, and even monitor security improvements made by partners in real-time. NormShield’s customers range across financial services, manufacturing, retail, healthcare, and technology receive quality intelligence delivered as-a-service, enabling them to evaluate third-party risk and take prioritized preventive measures