CANBERRA, November 7. Zimperium today announced it has taken the next step in supporting the Australian government, by initiating an IRAP assessment of its Mobile Threat Defence™ (MTD) solution in a sovereign Australian data centre.
This enables agencies and critical infrastructure organisations to adopt mobile threat defence capabilities seamlessly, to detect mobile breaches and protect data.
Zimperium's investment in the Australian sovereign cybersecurity industry, which directly supports the Australian government's cybersecurity initiatives, is paired with its decision to employ local AGSVA (Australian Government Security Vetting Agency) cleared specialists, invest with a sovereign cloud provider, engage PCG Cyber for IRAP security services, and leverage a Canberra-based operator.
Zimperium is not new to the market, having provided mobile threat defence capabilities for many years to multiple, high-profile government departments at both the federal and state level.
The company is the first mobile threat defence (MTD) provider to be granted an Authority to Operate (ATO) by the U.S. Department of Homeland Security and U.S. Immigration and Customs Enforcement under the Federal Risk and Authorization Management Program (FedRAMP).
The significance of this announcement is the availability of a sovereign hosted MTD service, negating the need to build, maintain, and manage silos of infrastructure at the individual agency level.
Shridhar Mittal, CEO for Zimperium said: 'The launch of sovereign hosted MTD is a game changer, facilitating significant cost savings, and rapid adoption and time to value for our government customers.
'Zimperium has also played a significant role in protecting other governments for a number of years, including the U.S. Department of Defence, where we have secured the mobile devices used by armed forces to prevent incursion by hostile state actors. We can now do the same for the Australian government and infrastructure organisations."
Zimperium MTD closes the visibility gap on mobile, providing advanced detection capabilities beyond mobile device management (MDM) to identify and prevent mobile cyberattacks.
Zimperium MTD enables organisations to understand vulnerabilities and risk exposure better, while detecting advanced on-device exploits, phishing and mobile malware in apps and network-based attacks in a mobile-centric world.
IRAP provides a foundation for independently assessing a system's security against Australian government policies and guidelines. The assessment provides assurance of Zimperium's data security controls and procedures.
IRAP is an Australian Signals Directorate initiative that provides high-quality information and communications technology security assessment services to government and industry operating under the governance and administration of the Australian Cyber Security Centre (ACSC) and leverages the Information Security Manual (ISM) for specific guidance.
Powered by Zimperium's on-device dynamic detection engine, Zimperium MTD™ proactively:
- Analyses an organisation's fleet of devices for threats, vulnerabilities, and exploits.
- Vets and scans iOS and Android mobile apps for security, privacy, and malware.
- Assesses all networks to which personnel are connecting.
- Filters out unwanted or unapproved content categories and blocks phishing attacks from any vector (e.g., SMS, WhatsApp, Messenger) – not just email.
These capabilities allow for alignment to the Information Security Manual's (ISM) 40+ mobility security controls and for a structured risk-based approach to the Australian Cyber Security Centre (ACSC) mobile compliance.
ISM - Cybersecurity framework from Australia's Government
The Information Security Manual (ISM) represents the considered advice of the Australian Cyber Security Centre (ACSC) within the Australian Signals Directorate (ASD). The ISM's objective is to outline cybersecurity mitigation strategies and controls organisations can implement, in conjunction with their risk management framework, to protect their systems and data from cyber threats.
Similar to the Essential Eight (E8) mitigation strategies for Windows-based devices, the ISM's Guidelines for Enterprise Mobility acknowledges mobile devices threats and recommends security controls.
Zimperium's current local Australian partners are all involved in the government space, and the IRAP protected status will further enhance the company's relationship with the government.