Trillion protects Spanish Public Administration against threat of credentials misuse.

Spain’s National Cryptological Centre deploys Trillion solution to provide a central view of threats across the public administration, and protect hundreds of thousands of users.


15 November 2022 – London, UK – Crossword Cybersecurity Plc (AIM:CCS, “Crossword”, the “Company” or the “Group”), the cybersecurity solutions company focused on cyber strategy and risk, has today announced the completion of a project to expand the scope of its services with CCN-CERT, the Information Security Incident Response Team (CERT) of the National Cryptologic Centre in Spain (CCN), which is accountable to the Spanish National Intelligence Centre. CCN-CERT has expanded its use of Crossword’s cloud-based breached account mining platform, Trillion, to protect its entire public administration, including its education sector. Trillion is Crossword’s breached account mining platform, which continuously tracks, correlates and analyses billions of stolen usernames and passwords.


Back in 2020, during the height of the Covid-19 outbreak, CCN-CERT needed to act immediately to further enhance the security position of its national health infrastructure. The head of the cybersecurity department at CCN contacted the Trillion operations team after its global offer of support to help protect digital identities within health services. In a matter of hours, the team at CCN was given access to Trillion, every health organisation across Spain was configured in the platform and breached credentials data was being fed back into the CERT.


Protecting a whole public administration

After a period of successful operation across the health sector, CCN-CERT decided that a wider scope for Trillion would provide even greater visibility of digital identities, such as account usernames and passwords, that may have been leaked from third parties and shared for exploitation by criminals.


Crossword collaborated with the CERT to implement new features which would enable it to extend the use of Trillion to local Government departments and organisations, while still maintaining a central, national view within the CERT. At this scale, it was critical that Trillion was able to deliver the data both locally and nationally when it mattered.


Trillion, with the new features, was rolled out over the following weeks. CCN-CERT invited hundreds of local authorities, municipalities, town halls and central government departments to come on board using simple automated signups, which took a matter of minutes to complete.


Trillion is now monitoring hundreds of organisations, thousands of domains and reporting leaked data on hundreds of thousands of public workers across Spain.

Jon Inns, Product Director for Arc and Trillion, comments: “Protecting large, distributed organisations, such as the public sector, where many individual entities exist is one of the more challenging aspects of cyber security at scale. Working with CCN-CERT, we have used Trillion to create a strong layer of multi-tenanted visibility to help defend against credential misuse, while ensuring that it’s easy for organisations to participate and benefit, from universities to hospitals. Trillion gives a central view of threats and lowers the risk of public services being exploited through credentials based attacks.

“Crossword considers CCN-CERT a true business partner, and we learn as much from their feedback on our products as they do from our data. By listening closely to clients’ needs we are continuously enhancing Trillion to support the cybersecurity needs of organisations operating at the top of their game.”


Continuous protection against leaked credentials

Trillion is designed to support organisations of every size, from small businesses to large enterprises, Managed Service Providers and National CERTs, with continuous tracking, correlation and analysis of billions of stolen usernames and passwords.


It is proven to operate at scale for any organisation concerned about the potential impact of stolen credentials from third party data breaches, and provides the following benefits:


  • Massive scale: Monitoring for credentials belonging to dozens or hundreds of domains can be initialised in minutes

  • Multi-tenancy: Trillion’s architecture enables provisioning at a local level with parent or supervisor-like drilldowns for CERT teams

  • APIs: Trillion has rich APIs enabling CERT teams to integrate with existing systems to reduce analyst time

  • Privacy: Trillion enables your teams to work with the data in a safe environment without compromising the trust of your users and peers.

  • Clarity: Trillion enriches data with assessments of accuracy and impact, saving valuable analysis cycles

  • Instant on: Automated user enrolment and in-application configuration means you can start protecting even the largest environments, fast!


You can learn more about how Trillion protects users across the globe from the threats of breached account information by visiting: https://www.crosswordcybersecurity.com/trillion


- Ends -



Contacts

Crossword Cybersecurity plc – Tel: +44 (0) 333 090 2587

Email: info@crosswordcybersecurity.com

Tom Ilube, Chief Executive Officer

Mary Dowd, Chief Financial Officer


Grant Thornton (Nominated Adviser) – Tel: +44 (0) 20 7383 5100

Colin Aaronson / Jamie Barklem / Daphne Zhang / Ciara Donnelly


Hybridan LLP (Broker) – Tel: +44 (0)203 764 2341

Claire Louise Noyce


For media enquiries contact:

General:

Duncan Gurney, GingerPR

duncan@gingerpr.co.uk – Tel: +44 (0)1932 485 300


Financial PR:

David Hothersall, Kinlan Communications

davidh@kinlan.net – Tel: +44 (0) 207 638 3435


About Crossword Cybersecurity plc

Crossword offers a range of cyber security solutions to help companies understand and reduce cyber security risk. We do this through a combination of people and technology, in the form of SaaS and software products, consulting, and managed services. Crossword’s areas of emphasis are cyber security strategy and risk, supply chain cyber, threat detection and response, and digital identity and the aim is to build up a portfolio of cyber security products and services with recurring revenue models in these four areas. We work closely with UK universities and our products and services are often powered by academic research-driven insights. In the area of cybersecurity strategy and risk our consulting services include cyber maturity assessments, industry certifications, and virtual chief information security officer (vCISO) managed services.


Crossword’s end-to-end supply chain cyber standard operating model (SCC SOM) is supported by our best-selling SaaS platform, Rizikon Assurance, along with cost-effective cyber audits, security testing services and complete managed services for supply chain cyber risk management. Threat detection and response services include our Nightingale AI-based network monitoring, Nixer to protect against application layer DDoS attacks, our Trillion and Arc breached credentials tracking platforms, and incident response. Crossword’s work in digital identity is based on the World Wide Web Consortium W3C verifiable credentials standard and our current solution, Identiproof, enables secure digital verification of individuals to prevent fraud.


Crossword serves medium and large clients including FTSE 100, FTSE 250 and S&P listed companies in various sectors, such as defence, insurance, investment and retail banks, private equity, education, technology, and manufacturing and has offices in the UK, Poland, and Oman. Crossword is traded on the AIM market of the London Stock Exchange.


Visit Crossword at https://www.crosswordcybersecurity.com/