SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Email attachment20260320 2336189 nc410h
#
Ransomware
#
Hybrid Cloud
#
Cloud Security

Ekco launches managed risk centre with Qualys tech

Fri, 20th Mar 2026
Author image
By Sofiah Nichole Salivio, News Editor

Ekco has launched a Managed Risk Operations Centre for customers in Ireland and the UK, built on Qualys technology.

The service targets organisations seeking a clearer view of cyber risk as regulatory demands increase and ransomware losses continue to weigh on security teams. It is designed to move customers away from fragmented vulnerability management towards continuous oversight of risk across their estates.

At the core of the service is Qualys Enterprise TruRisk Management, which brings together data from cloud, on-premises and hybrid environments. Ekco combines the platform with its managed security team, threat detection, monitoring and remediation support in a single service.

Many businesses already have a wide range of security tools in place but still struggle to identify which weaknesses have the greatest impact on business risk. That challenge has become more pressing as cyber resilience rises up the board agenda and regulations such as NIS2 and DORA place greater scrutiny on risk management and reporting.

Rather than ranking issues only by the number of vulnerabilities found or by generic severity ratings, the centre is designed to prioritise exposures based on exploit likelihood, the importance of the affected asset and the potential business impact. The aim is to help customers focus remediation work on the issues that matter most.

The service is aimed at both mid-sized organisations and larger enterprises. It can support internal security teams or operate as a fully managed risk function for customers that do not want to build those processes in-house.

Board pressure

Cyber risk has become a governance issue as well as a technical one, with directors increasingly expected to show that threats are understood and managed in a structured way. Insurers are also demanding stronger evidence that controls are working, adding further pressure for companies already dealing with growing volumes of security alerts.

The centre is intended to give security teams and senior executives a consolidated view of their attack surface, alongside reporting suitable for board-level use. It also includes workflows designed to link risk identification with remediation activity, a weak point for many organisations running multiple disconnected systems.

"Organisations are investing heavily in cybersecurity, yet many still lack a clear, consolidated view of risk. Boards want to understand exposure in business terms, not just technical metrics. Our Risk Operations Centre changes that conversation. By combining Ekco's managed expertise with Qualys' powerful Enterprise TruRisk Management solution, we help customers quantify cyber risk, prioritise what truly matters, and demonstrate measurable reduction over time. This is about operationalising cyber risk management, not simply generating more reports," said Steve MacNicholas, CEO, Ekco Ireland.

Qualys said the backdrop to the launch is a threat environment in which known vulnerabilities are being exploited at increasing speed. That has led some security providers to argue for more continuous assessment of exposure rather than periodic scans and patching cycles.

According to Ekco, the Qualys platform aggregates telemetry across different parts of a customer environment and applies contextual scoring based on potential business impact. The goal is to give companies a stronger basis for deciding what to fix first and how to demonstrate progress over time.

Managed model

The launch also reflects a broader shift in the cyber security market towards managed services that combine software with external operational support. For many companies, particularly in the mid-market, hiring and retaining specialist cyber staff remains difficult, while the number of tools that need to be managed continues to rise.

That has created demand for outsourced or co-managed models in areas such as detection, response, compliance and now risk operations. Ekco's latest service fits that trend by offering a managed layer over an existing technology platform rather than selling software alone.

For Qualys, the arrangement extends the reach of its risk management platform through a service provider channel. The partnership is framed around the need to tie exposure management more closely to business risk tolerance and practical remediation.

Both companies stressed that cyber risk information often sits across separate vulnerability scanners, cloud tools, endpoint products and compliance systems. Bringing that data together in a way that is useful to operational teams and executives has become one of the harder parts of security management.

"With threat actors exploiting vulnerabilities faster than ever, organisations need to shift from simply finding more exposures to operationalising cyber risk management, aligned with business risk tolerance," said Matt Middleton-Leal, RVP Northern Europe, Qualys. "Ekco's proactive mROC service will help businesses transform their overall approach to risk, empowering them to go beyond traditional vulnerability detection by combining exposure management, exploit validation, risk quantification, and automated remediation," said Middleton-Leal.

Related stories
Automotive microcontroller market set to hit USD $15.1bn
Vodafone & Google Cloud launch AI & security tools
Locai Labs deploys AI coding assistant at First Light Fusion
BlackBox Hosting partners Everpure for sovereign cloud
Infosecurity Europe adds AI summit amid cyber defence shift

Top stories

AI tools widen cyber attack threat, Flashpoint warns
AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack