Inside Cybersecurity

April 21, 2024

Daily News

CyberRatings.org, security industry association form partnership on certification program

By Charlie Mitchell / August 2, 2023

The cyber product assessment nonprofit CyberRatings.org and technology and security industry group MEF have announced a security certification partnership around cloud-based products, focusing on software defined wide area networks, secure service edge threat protection, and zero trust network access.

“CyberRatings and MEF are launching a new Secure Access Service Edge (SASE) Certification Program for MEF technology and service provider members worldwide,” the groups said in an Aug. 1 release.

“MEF’s members are in the best position to address cyber risks at scale. MEF’s new SASE certification program will focus on providing the market with confidence into SASE product and service capabilities, which is in alignment” with the Biden administration’s national cyber strategy, said MEF president Nan Chen. “We are delighted to be working with the CyberRatings team who have had a long history in testing security products.”

Vikram Phatak, CEO of CyberRatings.org, said, “Enterprises of all sizes are rapidly moving to cloud delivered security such as SSE and ZTNA due to their ability to scale. This MEF-CyberRatings certification is designed to answer the question ‘how do I know it works?’ We are happy to be working with MEF and its members in taking this important step toward securing our digital ecosystem.”

The groups said in the release, “Designed to increase market confidence in cybersecurity solutions, this pioneering new SASE certification program delivers assurance of security product effectiveness by providing a report card and rating for vendors’ and service providers’ SASE offerings. The report card data and rating will be included in MEF’s certification registry.”

Certifications for SD-WAN, SSE and ZTNA “will comprise the SASE certification package and are based upon CyberRatings’ methodologies and test programs, and compliance to MEF standards,” according to CyberRatings.org and MEF.

According to the groups, “A Beta program will kick off in August with testing and certification of SD-WAN, followed by SSE Threat Protection and ZTNA. Once the Beta program is completed later this year, certification will be available to the MEF membership at large in Q1 2024.”

The release says, “There is a significant change in which enterprises use cloud-based solutions owned and maintained by third-party service providers instead of purchasing and maintaining their own network security devices and software.”

The groups note, “These cloud offerings such as SSE and ZTNA are based on new paradigms that offer scalability, flexibility, cost-efficiency, and innovation. They also help organizations support remote work, cloud migration, and digital transformation initiatives in ways non-cloud delivered technologies cannot.”

MEF describes itself as “a global industry association of network, cloud, security, and technology providers working together to accelerate enterprise digital transformation through a better-together ecosystem.”

Board members include “senior executives from AT&T Business, Colt Technology Services, Comcast Business, Ericsson, Liberty Latin America, Lumen, Microsoft, PCCW Global, Orange Business, Sparkle and Verizon Business Group.”

“MEF (rhymes with ‘ref’, as in ‘reference’); despite popular belief, ‘MEF’ is not an acronym,” the group explains.

CyberRatings.org provides “independent, objective ratings of security product efficacy.” Phatak was cofounder and CEO of NSS Labs, which closed in the fall of 2020. -- Charlie Mitchell (cmitchell@iwpnews.com)