As a leading broadband service provider in Hong Kong, Hong Kong Broadband Network (HKBN) recognizes cybersecurity as a fundamental pillar and a key thrust of their Environmental, Social, and Governance (ESG) initiatives.

To proactively identify critical cybersecurity vulnerabilities and issues across all their internet-facing assets, HKBN implemented SecurityScorecard’s cyber risk managed service. This move significantly bolstered their cybersecurity posture and instilled confidence in both customers and internal stakeholders.

A Pressing Need for Enhanced Visibility

In the face of a global surge in cyberattacks, HKBN sought a trusted cybersecurity ratings agency to offer continuous security assessments and transparent ratings. “Customer inquiries about the strength of our cybersecurity defenses were a constant concern, especially since we provide cybersecurity services as part of our comprehensive range of one-stop solutions,” explains Wilson Tang, Co-Owner and Chief Information Security Officer at HKBN.

Wilson Tang, HKBN

“They needed assurance that their ICT partner prioritized a robust security posture.”

SecurityScorecard emerged as the perfect solution, providing comprehensive reports that granted HKBN unprecedented visibility into their overall security posture, and valuable insights into their security strengths and weaknesses. These reports can be readily shared with customers and stakeholders upon request, fostering trust and confidence in HKBN’s commitment to cybersecurity.

Beyond the platform’s core functionalities, HKBN was also impressed by the availability of in-country after-sales support, the option to test the platform and generate test reports, and the agency’s global reputation as an independent assessment source. These factors played a significant role in HKBN’s decision to choose SecurityScorecard, as they ensured ongoing support and the ability to validate the platform’s value before full implementation.

From Strength to Superiority: A Scorecard for Success

A year ago, HKBN’s cybersecurity score fell short of its own high standards. However, by leveraging SecurityScorecard’s actionable insights and their own prompt remediation efforts, HKBN has witnessed a dramatic improvement. Today, their score hovers near perfect levels, a testament to their commitment to cybersecurity excellence. This significant improvement has instilled confidence in their customers regarding HKBN’s security practices. Furthermore, senior management is assured that HKBN’s cyber defenses are among the industry’s most robust, as the rankings are benchmarked against industry peers.

SecurityScorecard emerged as the perfect solution, providing comprehensive reports that granted HKBN unprecedented visibility into their overall security posture, and valuable insights into their security strengths and weaknesses.

Tang says, “It is important to note that SecurityScorecard detects threats in real-time, complementing the deeper dives provided by periodic penetration testing.”

From Reactive to Proactive

According to Tang, one of SecurityScorecard’s most valuable features is the provision of actionable insights. “This eliminates the need for time-consuming analysis and empowers us to address security vulnerabilities promptly,” he explains.

Traditional reactive vulnerability management approaches are becoming inadequate in today’s rapidly evolving cyber threat landscape. “SecurityScorecard provides reports and insights on vulnerabilities, security gaps, and potential risks in real time,” says Tang.

Image by freepik” width=”300″ height=”200″>

“The actionable insights empower us to shift from reactive responses to proactive remediation measures, allowing HKBN to stay ahead of the curve.”

Reduced Manpower Burden: Automating Threat Prioritization

The sheer volume of security alerts and updates overwhelms manual processes, increasing the risk of human error. No IT team can realistically sift through this constant barrage of threats to ensure continuous security and compliance. SecurityScorecard tackles this challenge by prioritizing these risks in its reports, allowing HKBN’s IT team to focus on the most critical issues. “This focus helps us optimize our patch cadence, bringing it closer to industry best practices for patch management,” says Tang.

Unveiling Hidden Vulnerabilities: A Case in Point

SecurityScorecard’s ability to identify previously unknown vulnerabilities is another noteworthy advantage. “Just nine months ago, we discovered new assets that we were entirely unaware of,” explains Tang. “Thankfully, SecurityScorecard was able to identify and address the vulnerabilities associated with those assets before they could be exploited.”

Cybersecurity as a Core Component of ESG

At HKBN, cybersecurity and ESG performance are intrinsically linked. In January 2023, the company received an upgrade to its ESG rating, achieving the highest possible AAA rating from the globally recognized MSCI (Morgan Stanley Capital International) ESG Ratings. This prestigious recognition places HKBN amongst the world’s best organizations, including the top 9% of telecommunication operators globally.

“Maintaining a strong cybersecurity posture is essential to sustaining our leadership in ESG performance,” says Tang. “Beyond ratings, there is a company-wide awareness of the importance of cybersecurity, and SecurityScorecard has been instrumental in fostering this cultural shift.”