As part of its annual program to recognize clients who demonstrated the highest level of network security in the previous year, Digital Defense has recently identified 2019 Client Recognition Award winners.
Although a small number of awards have been shipped out, due to the COVID-19 pandemic and resulting remote work requirements, shipments of the remaining awards will be delayed for the foreseeable future. If you have not yet been notified and/or would like to know if you were one of the 97 winners of an award for the 2019 calendar year, please contact your Client Advocate. If you were not a winner, don’t worry - the 2020 award year is underway and there is plenty of time for your organization to qualify!
About the Award
Conducted every year since 2007, the Digital Defense Client Recognition Award Program recognizes organizations that displayed the highest level of network security throughout the previous calendar year based on their Frontline.Cloud™ vulnerability and remediation data. Using Digital Defense’s proprietary Security GPA® scoring algorithm, awards are presented to recurring vulnerability management clients that had the highest Security GPA scores among their peers on their external and internal networks. The following are the criteria surrounding the award program for 2019.
Who is Eligible for an Award?
The following are eligibility requirements for the Client Recognition Award Program:
- Organizations must be a recurring Digital Defense client in good standing between January 1st and December 31st of the award year
- Clients must have been contracted for and conducted recurring full internal and external vulnerability scanning on at least a quarterly basis for the entire award year
- Clients must have full scan data for all four quarters of the award year
- The client network must be a ‘traditional’ network, comprised of a variety of typical device types observed on a typical network, such as servers, workstations, printers, etc.
- The client Active View™ must contain an average of at least 50 live devices throughout the year
- The client Active View must contain at least one live external device during each quarterly scoring cycle
- A client must not be intentionally or unintentionally abusing built in features of the Frontline.Cloud system, such as marking valid vulnerabilities as ‘false positive’, excluding a large number of hosts and/or ports from scanning or hiding hosts within Active View that may artificially inflate their Security GPA
- In cases where this is detected, the client may be disqualified or have its quarterly Security GPA recalculated based on the final full vulnerability scan of each quarter or historical Active View data, which will include any ‘hidden’ hosts and/or vulnerabilities
- As necessary, the Digital Defense EVP of Operations will independently assess any additional factors not identified above within a client’s scanning program in order to ensure common sense, consistency, and fairness are applied in confirming eligibility and identifying winning organizations within the Client Recognition Award Program
How are the Awards Determined?
Once eligible clients are identified, award winners are determined by their Digital Defense Security GPA®. Security GPA is an easy to understand security metric that is compiled from a combination of individual host grades based on results of recurring vulnerability assessments and penetration testing (if applicable), and standardized system criticality ratings. Security GPA scores are pulled for all clients on a quarterly basis throughout the award year and are based upon vulnerabilities discovered only via non-authenticated methods. This allows our clients who are more proactive in running recurring authenticated scans (thereby finding more vulnerabilities and causing a lower Security GPA) to have an apples-to-apples Security GPA comparison against clients who choose not to run authenticated scans.
The quarterly Security GPA scores are then averaged using a weighting system based on the recency of the Security GPA scores, with the more recent scores weighing heavier into the final average. Once the ‘annualized’ Security GPA is determined for the internal and external networks, small adjustments/bonuses are applied based on the following criteria:
- Network Size (+0.01 per 100 hosts internally / +0.01 per 10 hosts externally – up to +0.10 points for each network location score)
- Penetration Testing (must be conducted by Digital Defense) (+0.10 for internal and external penetration testing – up to +0.10 points for each network location score)
- Managed Services (+0.0125 per quarter in which contracted, applied both internally and externally)
- Contracted Frequency of Scanning (+0.0125 internally and externally per quarter for on-demand and monthly scanning)
- Authenticated Scanning (+0.025 internally during each quarter that a network-wide authenticated vulnerability scan(s) was executed)
After the above adjustments/bonuses are applied to the ’annualized’ Security GPA, clients must have at least a 3.50 Security GPA on their internal and external networks to qualify for an award. Once qualifying clients have been identified, the internal and external Security GPA scores are averaged and this score is used to rank the qualifiers to determine the awards.
What are the Award Categories?
The following are the defined awards as part of the Client Recognition Award Program:
- Best Overall Network Security Program – A trophy is awarded to the client with the highest composite Security GPA (the average of internal and external annualized Security GPAs after bonus/adjustment added) of all Digital Defense clients within its category. The three categories for this award are:
- Large Network (1000+ live hosts)
- Midsize Network (250-999 live hosts)
- Small Network (50-249 live hosts)
The DDI Chief Executive Officer or his designee travels to the client’s location, at no cost to the client, for a trophy presentation at a function of the client’s choosing.
- Excellence in Network Security Award - Awarded to clients who have an annualized Security GPA of 3.50 or higher on their internal and external networks and the average of those Security GPAs places them within the 98th percentile of all of Digital Defense’s recurring vulnerability scanning clients, regardless of their network size category. These clients are awarded a plaque and receive a congratulatory letter from the Digital Defense President & CEO. These awards are typically shipped via FedEx or U.S. Mail, although they are awarded in person in some instances.
- Honorable Mention – Clients with at least a 3.50 composite Security GPA internally and externally but do not place within the 98th percentile will receive an Honorable Mention certificate and a congratulatory letter from the Digital Defense President & CEO.
Award Winners
The following tabs display sanitized lists (identified only by market vertical) of the award winners for 2019:
Award Group | Group Rank | Overall Rank | Market Vertical | Composite Security GPA |
Winner Large Network Category (1000+ Devices) | 1 | 2 | Credit Union | 4.1460 |
Excellence in Network Security Award (Top 2% Overall) |
2 | 5 | Credit Union | 4.0510 |
3 | 9 | Credit Union | 4.0440 | |
4 | 14 | Credit Union | 3.9990 | |
5 | 15 | Utilities | 3.9910 | |
6 | 19 | Credit Union | 3.9865 | |
7 | 20 | Credit Union | 3.9815 | |
8 | 21 | Credit Union | 3.9430 | |
9 | 22 | Credit Union | 3.9335 | |
10 | 26 | Credit Union | 3.9255 | |
11 | 27 | Legal Services | 3.9200 | |
12 | 28(t) | Credit Union | 3.9170 | |
13 | 31 | Financial Services | 3.9025 | |
14 | 32 | Education | 3.8980 | |
15 | 33 | Retail | 3.8975 | |
16 | 34 | Credit Union | 3.8885 | |
17 | 35(t) | Credit Union | 3.8850 | |
Honorable Mention | 18 | 37 | Credit Union | 3.8795 |
19 | 38 | Bank | 3.8765 | |
20 | 43 | Credit Union | 3.8430 | |
21 | 47 | Bank | 3.8165 | |
22 | 50 | Information Technology | 3.8040 | |
23 | 59 | Information Technology | 3.7565 | |
24 | 62 | Credit Union | 3.7395 | |
25 | 63(t) | Credit Union | 3.7375 | |
26 | 65 | Legal Services | 3.7295 | |
27 | 78 | Financial Services | 3.6670 | |
28 | 80 | Credit Union | 3.6595 | |
29 | 82 | Credit Union | 3.6205 | |
30 | 83 | Credit Union | 3.6120 | |
31 | 84 | Legal Services | 3.6100 | |
32 | 85 | Credit Union | 3.6075 | |
33 | 93 | Healthcare | 3.5565 | |
34 | 97 | Bank | 3.5280 |
Award Group | Group Rank | Overall Rank | Market Vertical | Composite Security GPA |
Winner Medium Network Category (250-999 Devices) | 1 | 1 | Bank | 4.1770 |
Excellence in Network Security Award (Top 2% Overall) |
2 | 3 | Information Services | 4.1310 |
3 | 7 | Credit Union | 4.0455 | |
4 | 10 | Bank | 4.0355 | |
5 | 11 | Credit Union | 4.0330 | |
6 | 12 | Bank | 4.0210 | |
7 | 16(t) | Credit Union | 3.9875 | |
8 | 23 | Insurance | 3.9325 | |
9 | 25 | Bank | 3.9310 | |
10 | 30 | Healthcare | 3.9035 | |
11 | 35(t) | Credit Union | 3.8850 | |
Honorable Mention | 12 | 39 | Credit Union | 3.8750 |
13(t) | 40(t) | Bank | 3.8705 | |
13(t) | 40(t) | Energy Services | 3.8705 | |
15 | 44 | Credit Union | 3.8400 | |
16 | 46 | Credit Union | 3.8190 | |
17 | 48 | Bank | 3.8155 | |
18 | 51 | Credit Union | 3.7985 | |
19 | 54 | Credit Union | 3.7790 | |
20 | 55 | Credit Union | 3.7750 | |
21 | 56 | Legal Services | 3.7725 | |
22 | 60 | Leisure | 3.7540 | |
23 | 61 | Credit Union | 3.7460 | |
24 | 63(t) | Credit Union | 3.7375 | |
25 | 66 | Bank | 3.7290 | |
26 | 67 | Credit Union | 3.7255 | |
27 | 70 | Financial Services | 3.7135 | |
28 | 71 | Information Services | 3.6965 | |
29 | 72 | Retail | 3.6895 | |
30 | 73 | Credit Union | 3.6855 | |
31 | 74 | Credit Union | 3.6830 | |
32 | 75 | Legal Services | 3.6775 | |
33 | 79 | Credit Union | 3.6630 | |
34 | 81 | Bank | 3.6535 | |
35 | 86 | Credit Union | 3.6055 | |
36 | 87 | Credit Union | 3.5990 | |
37 | 88 | Credit Union | 3.5980 | |
38 | 89 | Utilities | 3.5975 | |
39 | 91 | Credit Union | 3.5940 | |
40 | 92 | Insurance | 3.5685 | |
41 | 94 | Credit Union | 3.5545 | |
42 | 95 | Financial Services | 3.5525 | |
43 | 96 | Services | 3.5360 |
Award Group | Group Rank | Overall Rank | Market Vertical | Composite Security GPA |
Winner Small Network Category (50-249 Devices) | 1 | 4 | Financial Services | 4.0980 |
Excellence in Network Security Award (Top 2% Overall) |
2 | 6 | Credit Union | 4.0460 |
3 | 8 | Credit Union | 4.0445 | |
4 | 13 | Credit Union | 4.0125 | |
5(t) | 16(t) | Credit Union | 3.9875 | |
5(t) | 16(t) | Bank | 3.9875 | |
7 | 24 | Credit Union | 3.9315 | |
8 | 28(t) | Credit Union | 3.9170 | |
Honorable Mention | 9 | 42 | Credit Union | 3.8490 |
10 | 45 | Credit Union | 3.8345 | |
11 | 49 | Credit Union | 3.8130 | |
12 | 52 | Credit Union | 3.7860 | |
13 | 53 | Bank | 3.7805 | |
14 | 57 | Credit Union | 3.7715 | |
15 | 58 | Financial Services | 3.7700 | |
16 | 68 | Credit Union | 3.7160 | |
17 | 69 | Credit Union | 3.7150 | |
18 | 76 | Information Technology | 3.6680 | |
19 | 77 | Education | 3.6675 | |
20 | 90 | Credit Union | 3.5945 |
Where Can I Get More Information?
For more information on the Digital Defense Client Recognition Program and/or to find out if your qualified in 2019, please contact your Client Advocate at 888-273-1412, Option #2, or email: [email protected].