How to react to a ransomware attack

November 30, 2018 | 58 views

Cyber criminals use ransomware to take control of your data or systems. They offer to release them if you pay them a ransom. The National Crime Agency (NCA) strongly advises you not to pay. Many victims never get their data back and known ‘payers’ are often targeted again. Read the National Crime Agency’s guidance. Tell us. Under our rules you need to tell the FCA as soon as you know of ‘material’ cyber incidents which affect your firm. This is covered under Principle 11 and relevant provisions in SUP 15.3 of the FCA Handbook.

Spotlight

Bitium

Bitium is a provider of cloud-based identity and access management solutions, including single sign-on, password management, and analytics for small, medium and enterprise businesses. Founded in 2012, the company aims to give growing companies the ability to manage access to all of their web-based applications -- including Google Apps and Office 365, as well as social networks and CRM, collaboration and marketing tools -- in one place without hindering employee adoption of these applications. Organizations such as GroupM, Fullscreen, Movember and Demand Media use Bitium for an easy-to-use solution that delivers increased flexibility and security.

OTHER ARTICLES
ENTERPRISE SECURITY

Active Directory Recovery and Its Impact on ROI

Article | August 2, 2022

Active Directory manages users, apps, and resources and handles user authorization and authentication. Cyberattacks are on the rise throughout every sector, disrupting consumer goods and services, organizations, and endangering public safety. Businesses that haven't been attacked can have trouble justifying a cyber-first business recovery strategy. However, as more cyberattacks make headlines and the cost of ransom payments and cyber insurance grows, corporate leaders must prioritize building a proven cyber-first business recovery strategy. The first step is to safeguard the Active Directory (AD), which is most businesses’ primary identity database globally. Active Directory is the primary access point for cybercriminals: 90% of the cyberattacks Mandiant reported, include Active Directory as the first attack vector or the gateway to elevated access. Most attacks in recent years, including SolarWinds, included compromised credentials. Cyberattack victims soon realize that every minute matters during a breach. Failure to effectively restore Active Directory would lead to a second assault using the same strategies as the first. The issue is not whether a company can afford a rapid, cyber-first Active Directory approach. The question is how Active Directory can help businesses safeguard their data and also boost their ROI. What Benefits Does Active Directory Hold for Businesses? There are several ways in which Active Directory can help businesses: Centralized Data Repository In a multi-master database, Active Directory holds the identification information of apps, users, and resources. The Active Directory database stores data as objects and has a capacity of 2 billion objects. Users can use this identification data to access resources from anywhere on the network. Administrators can handle corporate application authentication and permission from a centralized place. Identity would be copied across numerous systems without directory services, making it impossible for administrators to oversee operations. Minimized Data Replication Multiple domain controllers are necessary for complicated business needs like branch offices. Sub-domain controllers are aware of changes made to the Active Directory database if identities are controlled from a centralized approach. With a centralized domain controller, Active Directory can delegate duties across the business, as well as tools and utilities for adding, removing, and modifying active identities and objects. It employs a synchronization method to guarantee that data is consistent across all domain controllers. As a result, it enables making company-wide adjustments with a few mouse clicks. Security Auditing Capabilities Regular audits assist you in understanding new security dangers. Active Directory enables the collection and auditing of identity infrastructure events like authentication, directory service changes, and access violations. It also facilitates the collection of data from a centralized place for the purpose of debugging authentication and authorization difficulties that users can encounter. Network Security Active Directory improves security across an organization. Higher-level management authorities can delegate authorization for resources and apps to other administrators or users through delegation. Active Directory items are linked in a hierarchical manner. Permissions are inherited by an object in the AD tree from its parent objects. These features guarantee that users are uniquely and securely recognized. Administrators can build and update permissions from a single database, decreasing the possibility of inaccurate or outdated configuration. Calculating Your Active Directory Recovery ROI Although every IT manager or administrator understands that an effective Active Directory recovery plan is a critical component of any business-developed standard, assessing the practical ROI (return on investment) of an optimized Active Directory recovery plan is frustratingly complex. Here are important ways: Operational Losses It's probable that a significant portion of your operations depend on Active Directory to authenticate users as the foundation for delivering access to apps, systems, and data. How much money or productivity will your company lose for every hour Active Directory is down? How many hours, days, or weeks would it require before the company reaches a point of no return and is unable to recover financially? Remember the City of Baltimore's ransomware attack? Their operational recovery took several months and cost more than $18 million. Lack of Plan That Includes AD If your company is mature enough, it has a BC/DR strategy to restore business activities after an outage. Most disaster plans account for the loss of infrastructure or location. Few organizations have a strategy for recovering operations following a hack, particularly ransomware. How you restore Active Directory depends on what hackers changed in Active Directory. How far back must you go to get a known secure Active Directory version? What Active Directory-dependent systems, services, and apps won't work if Active Directory is recovered to an earlier state? Do you have a recent malware-free backup to restore? Without a strategy or understanding of what changed in Active Directory before recovery, your company will spend immeasurable time correcting all the issues. Recovery Might Not Be an Answer If all the modifications performed by the bad dudes during an assault are, say, adding an account to the Domain Admins group, then restoring Active Directory to a few days ago or last month would not be the best solution. Instead, perhaps a less expensive approach would be to monitor changes in Active Directory and have the option to either prevent changes to "protected" accounts (such as the Domain Admins group) or immediately return a change to a sanctioned configuration. Closing Lines In other words, the ROI of Active Directory recovery is significantly more dependent on your present capacity to return to a known-productive and known-secure state post-attack than it is on an online ROI calculation that ignores the various factors involved in a ransomware attack. By running through certain situations and considering your present recovery capabilities, you will uncover expenses that can be avoided by implementing a suitable Active Directory recovery solution—one that is intended to guard against, prevent, and recover from malicious modifications to Active Directory. QNA How to restore the Active Directory? Restart the server From the boot menu, press F8 to access advanced settings Scroll down to the Directory Services Restore Mode option Press the Enter key to restart the computer in safe mode. It will not launch the directory services How can I restore a failed domain controller? Restoring a Domain Controller in non-authoritarian mode In the GUI, choose the Restore wizard Find the required DC From the recovery menu, choose Restore Entire VM Then, choose a recovery point Select whether the restoration should take place in the original location or a new one Complete the steps necessary to complete the procedure. For Active Directory, what is "Recovery Manager"? The Recovery Manager for Active Directory allows you to automate backups and easily compare a backup to the present value of Active Directory to identify changes and restore data immediately.

Read More
PLATFORM SECURITY

Cryptographic Management Trends Around the Globe

Article | July 4, 2022

Digital transformation has become a mission-critical strategy as organizations are adopting new ways of scaling their business, remaining agile to meet demand, and innovating for the future. Cryptographic management goes hand in hand with digital transformation, as organizations must evolve and future-proof their end-to-end cryptographic environments to ensure they are secure, compliant, and highly available to protect and secure their data, assets, and transactions. I spoke with members of the global Futurex team — including Mark Howland, EMEA business development; Ruchin Kumar, vice president, South Asia; and Santos Campa, vice president, LAC — for their insights and perspectives on what cryptographic management challenges organizations are facing, implementation trends, and how they are future-proofing their systems. There are common themes across industries and countries: cryptographic management is challenging, organizations are keenly interested in agility and scalability, cloud migration is happening everywhere, and the compliance checklist is ever important. 1 EMEA: Future-Proofing with Virtualization When it comes to cryptographic management, the large financial institutions and major high-street banks have significant internal knowledge, best practices and their own ways of working and methodology. Across other organizations, we see the gamut: some are looking at new ways of doing things, such as HSM virtualization and cloud HSMs, while some are struggling with the skillset to configure and manage their existing systems. Throughout Europe, getting into data centers during the pandemic was difficult, resulting in challenges with on-premises cryptographic deployments and remote management. There are progressive thinkers, many working at startups, who are future-proofing their systems and looking into load balancing, remote management, and virtualization. While others, who have always worked with on-premises cryptographic equipment, are slower to move to the cloud with questions around latency, regulations, and availability. Howland speculates about what’s ahead: “Cryptography-as-a-service and virtualization will be expected.” Virtualization and the cloud enable organizations to be fluid in their services and abilities, accounting for scalability and growth without taking up rack space and being carbon neutral. “You have to scale for your worst-case scenario. If you have virtual HSMs, you can literally spin them up and down, so you're not having to manage 20 HSMs when, for 360 days of the year, you only need five. When you then look at the costs, administrative costs, power, it makes a good business case to virtualize rather than use hardware,” states Howland. Virtualization accounts for the ebb and flow of retailers, such as handling demand for Black Friday, Cyber Monday, and the holiday season. 2 LAC: Compliance and Cloud and Beyond Overall, organizations are looking to be compliant, secure, scalable, and flexible. “For the financial HSM industry, it seems that, in most cases, everything is moving to the cloud,” says Campa. Moving to the cloud is financially motivating and empowers customers with an agile business case. Campa sees three cryptographic implementation trends across Latin America: 1. The need to implement cryptographic infrastructure as soon as possible. 2. The need to grow the current infrastructure. Organizations want to make sure that they are investing in an infrastructure that is scalable and used for the long term. 3. Security reliability and compliance In Latin America, every financial customer needs to comply with PCI. In addition to PCI, there are regional compliance requirements to adhere to; for example, Mexico requires compliance with Comisión Nacional Bancaria y de Valores (CNBV) and Asociación de Bancos de Mexico (ABM). As a result, organizations prefer to invest in technologies that will be compliant with the next compliance regulations, including PCI and the next FIPS, to future-proof their cryptographic investments. Beyond point-to-point encryption and PCI DSS support, we are seeing customers adopting tokenization, remote key loading, and contactless payments on COTS (CPoC) — and increasing features and functionality one at a time. In parallel, some customers have decided to increase the ROI of their HSM investment by using general-purpose features to comply with government and local security requirements and regulations. Futurex is hosting the Futurex Summit: Mexico City 2022, July 19-21, 2022, an opportunity for attendees to learn how to streamline their encryption infrastructures. 3 South Asia: Trends in Multi-Purpose HSM, Cloud The cryptographic infrastructure has become an important part of the overall deployment of any project in organizations, and Kumar cites the lack of a centralized strategy as the main challenge. In India, he sees silos in most organizations, with overburdened budgets and resources. Data-centric security best practices can help organizations pass various security audits and mitigate unknown risks. Another pain point is around compliance and mandates from regulators. As with many countries, cryptography is deeply embedded in the information technology laws of India to provide confidentiality and integrity to critical information like personal identifiable information (PII) and financial information. Adhering to these regulations is mandatory for each and every project within enterprises, banking, and government. “India is running quite ahead in HSM and key management. Organizations are well versed in the subject,” acknowledges Kumar. Kumar sees many organizations interested in a single unified HSM platform that can handle both general purpose and payment functionalities to reduce implementation hassles. Additionally, as is common around the world, Kumar sees an interest in cloud migration and cryptography-as-a-service in South Asia. Many organizations are keen to outsource cryptographic management to a managed service provider or a cloud service provider to bring down the CAPEX cost for the customer, outsource complex cryptography operations to experts, and address regulatory compliance issues such as data localization and key localization. As we’re seeing in the United States and around the globe post-pandemic, many organizations are looking at digital transformation strategies and future-proofing their cryptographic management investments, including cloud enablement, redundancy and agility, and hybrid deployments — all of which will help to both maintain a strong security posture while adapting and embracing new challenges and opportunities.

Read More
PLATFORM SECURITY

Security-as-a-Service (SECaaS): A Cost-Effective Way of Cybersecurity

Article | July 29, 2022

Cybersecurity threats are growing by the day. Many businesses are unintentionally exposed to hackers and should investigate the possibilities of Security as a Service (SECaaS). While investing in a firewall, anti-virus software, physical office security, an intruder alarm, and CCTV could be insufficient. Unfortunately, in today's ever-changing digital world, this is not enough to keep today's cyber criminals at bay. Malware, ransomware, phishing, viruses, denial of service, distributed denial of service, man-in-the-middle, and brute force attacks are all examples of cybercrime. These are just a few of the methods cybercriminals utilize to attempt to undermine your network security. One of the simplest solutions to securing your system and network is to use security as a service, or SECaas. Why Should Businesses Deploy SECaaS? Depending on your company's demands, your SECaaS provider can build a customized security solution that protects your data, keeps your internal systems safe, and provides you with peace of mind at an affordable price. Cost Saving One of the most significant advantages of a Security-as-a-Service model is that it saves a company money. A cloud-delivered service is often provided in subscription levels with many upgrade possibilities, allowing businesses to pay for just what they need when they want it. It also eliminates the requirement for specialist skills. Updated Security Tools When you use SECaaS, you get access to the most up-to-date security technologies and resources. To be successful, anti-virus and other security solutions must be kept up-to-date with the most recent updates and virus definitions. These upgrades are handled for you on every server, PC, and mobile device by implementing SECaaS across your business. Greater Agility and Better Provisioning One of the most appealing aspects of as-a-service solutions is that your consumers can have rapid access to these products. SECaaS solutions can be scaled up or down as needed, and they are available on-demand where and when you need them. That means no more uncertainties about deployment or upgrades since everything is handled for you by your SECaaS supplier and accessible through a web-enabled dashboard. Make Resources Available When security provisions are maintained outside, your IT employees can concentrate on what matters most to your firm. SECaaS frees up resources, provides comprehensive visibility through management dashboards, and offers you the assurance that your IT security is being handled effectively by an outsourced security team. If you choose, you can delegate management of security procedures to your IT staff, who will handle all policy and system updates through a web interface. Consistent Security As new technology emerges, the provider's databases and protection software will be constantly updated and enhanced. Moreover, it will help in continually monitoring the network for threats using our innovative AI technology to offer round-the-clock security. A fully human-powered team cannot detect every danger, but AI augments human capabilities to give better protection. What Can SECaaS Safeguard Against? It's essential to know what Security-as-a-Service can defend against but also WHERE it will protect you. Your data is now everywhere; on laptops, mobile phones, tablets, local servers, edge servers, cloud services, and each platform has to be protected. SECaaS protects local network devices, edge services, cloud services, WiFi, mobile phones, and tablets. Some of the viruses from which SECaaS protects you are: Malware Ransomware Phishing Virus Denial of service (DoS) Distributed denial-of-service (DDoS) Man-in-the-middle Brute force attacks Closing Lines SECaaS has become the preferred company security approach due to its advantages. SECaaS decreases hardware costs, outsources and streamlines security administration, and eliminates the need for costly security professionals. Since many businesses are embracing cloud technology but are unsure about security, they require their service providers to handle it. SECaaS providers can solve cloud security challenges, including data breaches, DDoS assaults, and phishing.

Read More
SOFTWARE SECURITY

Secure your organization’s critical data and increase your bottom line through Vertex’s Managed Security Operations Centre (SOC) Services

Article | June 6, 2022

Over the last two years, cybersecurity has seen a tectonic upheaval as digital transformation efforts have been accelerated, the workforce has become more diverse, and threats have continued to evolve. Security teams are under looming pressure to neutralize more threats with the same number of resources as firms across industries face new cybersecurity concerns. Many security teams are stretched too thin to identify genuine threats quickly due to the never-ending deluge of warnings and vast volumes of log data to comb through daily. As a result, businesses must make updating their Security Operations Centers (SOC) a top priority. Modernizing the SOC plan involves directing resources into boosting security maturity and cybersecurity, with the goal of lowering the organization’s total risk. The best plan must be scalable enough to handle the changing and broad spectrum of security risks while also being adapted to the company’s specific requirements. As a consequence, threat detection and response across the whole environment has improved, as has visibility and team silos. Although each company’s route to SOC transformation is unique, there are a few critical aspects that all businesses should keep in mind when getting started. Let us look at a few of those in detail. Aligning Security Measures with Business Objectives. Beginning the process by aligning security priorities with corporate objectives. This stage is critical because it stops businesses from simply relying on technology. Budget, industry-specific rules and reporting requirements, and the company’s general risk tolerance are all factors to consider while developing these objectives. Considering this isn’t a one-and-done procedure, the Chief Information Security Officer (CISO) must maintain direct contact with the CEO and other top management officials to guarantee ongoing alignment. CISOs must be realistic about the biggest possible dangers to the firm when engaging with leadership about what is needed for SOC modernization and why, without resorting to negative tactics like spreading fear of threats. Team Vertex can help you align your corporate objectives with necessary security measures required to setup an SOC so your firm is prepared in the event of a cyber threat. Establishing a Security Readiness Standard Following the establishment of essential business goals with executive participation, the next stage in improving the overall security measure is to examine the SOC’s strengths and weaknesses. Security operations should be viewed as a crucial business function by companies. The operational efficacy of the SOC must be measured, just like any other critical business component, by examining which key performance indicators (KPIs) and service-level agreements (SLAs) are being satisfied. This standard offers a clear image of the most critical use cases as well as any gaps in the cybersecurity strategy that need to be addressed. It might be difficult to figure out how to make this list at first. However, security teams will have a clearer view of where opportunities to develop their operations exist if they measure against metrics like mean time to detect (MTTD) and mean time to respond (MTTR) to cyber-attacks. Team Vertex’s proficient team of analysts can help you analyze and identify the potential gaps in the system and examine the above-mentioned KPIs and SLAs. Incorporating a Cybersecurity Framework Now it is time to map an operating framework to connect your strategy with particular tactics, techniques, and procedures after you have clearly determined the most important gaps and set timescales and personnel needs. By employing these constantly developing libraries of threat actor tactics, security teams may pinpoint the business’s largest possible threats and assess their protection priorities carefully. Another paradigm to consider is zero trust. Rather than focusing on the corporate perimeter, it stresses an identity-centric paradigm that focuses on safeguarding resources (such as data, identities, and services) regardless of where they are located. Strengthen your defense by beefing up your SOC. The SOC is at the heart of a company’s offensive and defensive strategies against possible attackers. Organizations that do not have the capability to allocate a function or form an in-house team to handle SOC must resort to third party outsourced solutions. Vertex can be that third-party SOC solutions provider by providing an outsourced security operations center, or managed SOC. This permits your security logs to be aggregated into a separate location where our experienced team can examine them and identify the activities necessary to maintain your organization’s security infrastructure and remediate any incidents. Penetration testing, gap analysis, and better compliance are also available. Although no single solution can cure all your security issues, having all of the necessary components in place will help your firm weather the next digital storm, regardless of its source.

Read More

Spotlight

Bitium

Bitium is a provider of cloud-based identity and access management solutions, including single sign-on, password management, and analytics for small, medium and enterprise businesses. Founded in 2012, the company aims to give growing companies the ability to manage access to all of their web-based applications -- including Google Apps and Office 365, as well as social networks and CRM, collaboration and marketing tools -- in one place without hindering employee adoption of these applications. Organizations such as GroupM, Fullscreen, Movember and Demand Media use Bitium for an easy-to-use solution that delivers increased flexibility and security.

Related News

DATA SECURITY,ENTERPRISE IDENTITY,NETWORK THREAT DETECTION

Radiant Logic Named Winner of 1st Annual Cybersecurity Impact Award

Radiant Logic | August 18, 2022

Radiant Logic, the Identity Data Fabric company, announced today that it has been named the winner of the 2022 Cybersecurity Impact Award for “Best Enterprise Security Solution for Employee and Nth Party Access” from Aite-Novarica Group, a global advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to the Financial Services industry. In its first year, the Cybersecurity Impact Awards program identifies the organizations and vendors pioneering new and disruptive cybersecurity tools and services. Award recipients and their innovations are bringing the financial services industry one step closer to stopping illicit cyber activity. “Our Cybersecurity Impact Awards help CISOs looking for highly innovative solutions that deliver transformative value to the institution,” said John Horn, Cybersecurity Practice Director at Aite-Novarica Group. “Seven judges worked through a rigorous scoring process to select Radiant Logic for this award. Radiant’s unique approach allows CISOs to leverage identity silos across the business, and recreate Identity as a powerful enabler for the workforce, third parties, and customers.” The award winners were selected based on various factors, including innovation, market need, and impact on customer experience and operational efficiency. All entries were considered by a panel of industry expert judges. “We’re thrilled to receive this award in such a competitive category. “RadiantOne has been known over the last twenty years as the technical enabler for solving enterprise-grade security and business challenges; with this award, we’re pleased to be recognized as a strategic investment in the security infrastructure.” Joe Sander, CEO of Radiant Logic After years of inorganic growth, piecemeal identity solutions, and a loss of control due to unplanned remote work, identity sprawl is a reality for most modern enterprises. This sprawl leads to tremendous technical debt, increased risk posture, reduced productivity, and poor decision-making capabilities. RadiantOne’s ability to unify identity data across disparate sources creates an authoritative identity data pipeline, improving security, efficiency, and ease-of-use across the organization. About Radiant Logic Radiant Logic, the enterprise Identity Data Fabric company, helps organizations combat complexity and improve security by making identity data easy to use, manage, and protect. The RadiantOne Platform turns identity data into a strategic asset, enabling organizations to improve decision making, accelerate innovation, and minimize risk. About Aite-Novarica Group Aite-Novarica Group is an advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to hundreds of banks, insurers, payments providers, and investment firms—as well as the technology and service providers that support them. Comprising former senior technology, strategy, and operations executives as well as experienced researchers and consultants, our experts provide actionable advice to our client base, leveraging deep insights developed via our extensive network of clients and other industry contacts.

Read More

DATA SECURITY,NETWORK THREAT DETECTION,PLATFORM SECURITY

NetSPI Launches Partner Program to Broaden Delivery of Offensive Security Services

NetSPI | August 18, 2022

NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the launch of the NetSPI Partner Program which empowers its global channel and technology partners to deliver offensive security services during a time when it's needed most. Partners within the program can offer end users NetSPI's proven vulnerability management technologies and human-delivered offensive security services, allowing both the partner and NetSPI to expand product and service offerings, further develop customer relationships, and enter new markets. Additionally, last month NetSPI joined the AWS Marketplace, simplifying the procurement process for enterprise organizations with existing AWS relationships by allowing them to purchase NetSPI's offerings directly via the marketplace. The program is led by NetSPI's Vice President of Business Development and Strategic Alliances, Lauren Gimmillaro. Gimmillaro has a track record of launching four successful partner programs, consisting of working with channel, referral, reseller, and technology partners. "As today's global attack surface evolves and cybercriminals become more sophisticated in nature, it's critical to provide end users with the tools, services, and skill sets they need to take an offensive approach to security," said Gimmillaro. "Centered around our customer-first approach, the NetSPI Partner Program will allow our team to extend our world-class pentesting capabilities to a variety of diverse and trusted partners, strengthening organizations' cyber security efforts across the globe." The NetSPI Partner Program encompasses the following partnership types: Channel Partners: NetSPI provides its full suite of security services and products through a global channel network of referral and reseller partners. To meet partners' requirements, the programs include a tier-based model consisting of referral fees, preferred client pricing, and reseller discounts. Technology Partners: Security and third-party software companies help build meaningful integrations with NetSPI to improve overall customer experiences. For both, NetSPI offers technical and sales support to help partners achieve their business and go-to-market goals. "Through the NetSPI Partner Program, SecureLink has been able to provide enterprises in the Middle East and Africa region access to NetSPI's continuous and scalable suite of offensive security solutions. "With NetSPI, we are proud to offer unmatched sophistication, methodology, and value to our global customer base." Manish Pardeshi, director of cybersecurity practices at SecureLink "Apiiro is proud to be part of the NetSPI Partner Program. The partnership has provided our customers with next-gen, context aware pentesting capabilities and NetSPI customers with our ability to detect and fix critical risks in cloud-native applications," said John Leon, vice president of business development at Apiiro. "Being a member of the NetSPI Partner Program allows us to achieve our sales goals while providing mutual customers with industry leading services and expertise." About NetSPI NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world's five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ penetration testing and vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over 1 million assets to find 4 million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Tanium Expands Collaboration with Microsoft as It Joins the Microsoft Intelligent Security Association (MISA)

Tanium | August 17, 2022

Tanium, the industry’s first provider of converged endpoint management (XEM), today announced that it has been nominated to join the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers (MSSPs) that have integrated their solutions with Microsoft security technology to help customers better defend themselves against increasingly sophisticated cyber threats. “I believe that Microsoft and Tanium's partnership is going to transform the future of IT security and operations for my organization,” said Mark Wantling, CIO at the University of Salford. “By combining Tanium's real-time visibility and control with Microsoft's advanced threat intelligence, orchestration, and analytics services, I can quickly and easily identify and address vulnerabilities, remediate threats, and manage my estate across a multitude of platforms — and I don't need dozens of point solutions to do it.” As hybrid work and other digital transformations expand organizations’ IT assets and attack surfaces, customers benefit by consolidating security platforms to more seamlessly deliver security, performance, and automation, without needless complexity and alert fatigue. “I am excited to see that Tanium and Microsoft are working together,” said Andy Lawrence, cyber security improvements manager, Willis Towers Watson. “Combining Tanium’s real-time data and control with Microsoft’s services will allow my team to more effectively manage and secure my entire IT estate.” Tanium was nominated for MISA membership in part as a result of an integration with Microsoft Sentinel, soon to be available via the Sentinel Content Hub. Currently, Tanium is available in the Microsoft Commercial Marketplace, an online store providing applications and services for use on Azure. Customers can purchase and provision Tanium directly from the marketplace and apply the purchase to their Microsoft Azure Consumption Commitments (MACC). Every day, Tanium customers around the world take advantage of the Azure cloud platform, including streamlined deployment and provisioning, to accelerate their security strategies. “The largest and most sophisticated organizations trust Tanium to manage and secure their digital estates. “Combining Microsoft's security solutions with Tanium's real-time data, distribution, and control not only enables effective automation and resilient security, but it also creates accelerated savings for customers converging multiple point solutions into fewer, more comprehensive, and robust solutions.” Rob Jenks, senior vice president of corporate strategy at Tanium Together, Tanium’s integrations with Microsoft’s technology deliver the capabilities customers need to manage and secure IT estate from cloud to the edge, including active threat hunting, faster remediation, real-time patching, and the automated delivery of detailed real-time data. “Members of the Microsoft Intelligent Security Association – like Tanium – integrate their security solutions with Microsoft’s technology to gain more signal, increase visibility and better protect against threats. By extending Microsoft’s security capabilities across the ecosystem, we help our shared customers to succeed.” – Maria Thomson, Microsoft Intelligent Security Association Lead. About Tanium Tanium, the industry’s only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune’s list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,NETWORK THREAT DETECTION

Radiant Logic Named Winner of 1st Annual Cybersecurity Impact Award

Radiant Logic | August 18, 2022

Radiant Logic, the Identity Data Fabric company, announced today that it has been named the winner of the 2022 Cybersecurity Impact Award for “Best Enterprise Security Solution for Employee and Nth Party Access” from Aite-Novarica Group, a global advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to the Financial Services industry. In its first year, the Cybersecurity Impact Awards program identifies the organizations and vendors pioneering new and disruptive cybersecurity tools and services. Award recipients and their innovations are bringing the financial services industry one step closer to stopping illicit cyber activity. “Our Cybersecurity Impact Awards help CISOs looking for highly innovative solutions that deliver transformative value to the institution,” said John Horn, Cybersecurity Practice Director at Aite-Novarica Group. “Seven judges worked through a rigorous scoring process to select Radiant Logic for this award. Radiant’s unique approach allows CISOs to leverage identity silos across the business, and recreate Identity as a powerful enabler for the workforce, third parties, and customers.” The award winners were selected based on various factors, including innovation, market need, and impact on customer experience and operational efficiency. All entries were considered by a panel of industry expert judges. “We’re thrilled to receive this award in such a competitive category. “RadiantOne has been known over the last twenty years as the technical enabler for solving enterprise-grade security and business challenges; with this award, we’re pleased to be recognized as a strategic investment in the security infrastructure.” Joe Sander, CEO of Radiant Logic After years of inorganic growth, piecemeal identity solutions, and a loss of control due to unplanned remote work, identity sprawl is a reality for most modern enterprises. This sprawl leads to tremendous technical debt, increased risk posture, reduced productivity, and poor decision-making capabilities. RadiantOne’s ability to unify identity data across disparate sources creates an authoritative identity data pipeline, improving security, efficiency, and ease-of-use across the organization. About Radiant Logic Radiant Logic, the enterprise Identity Data Fabric company, helps organizations combat complexity and improve security by making identity data easy to use, manage, and protect. The RadiantOne Platform turns identity data into a strategic asset, enabling organizations to improve decision making, accelerate innovation, and minimize risk. About Aite-Novarica Group Aite-Novarica Group is an advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to hundreds of banks, insurers, payments providers, and investment firms—as well as the technology and service providers that support them. Comprising former senior technology, strategy, and operations executives as well as experienced researchers and consultants, our experts provide actionable advice to our client base, leveraging deep insights developed via our extensive network of clients and other industry contacts.

Read More

DATA SECURITY,NETWORK THREAT DETECTION,PLATFORM SECURITY

NetSPI Launches Partner Program to Broaden Delivery of Offensive Security Services

NetSPI | August 18, 2022

NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the launch of the NetSPI Partner Program which empowers its global channel and technology partners to deliver offensive security services during a time when it's needed most. Partners within the program can offer end users NetSPI's proven vulnerability management technologies and human-delivered offensive security services, allowing both the partner and NetSPI to expand product and service offerings, further develop customer relationships, and enter new markets. Additionally, last month NetSPI joined the AWS Marketplace, simplifying the procurement process for enterprise organizations with existing AWS relationships by allowing them to purchase NetSPI's offerings directly via the marketplace. The program is led by NetSPI's Vice President of Business Development and Strategic Alliances, Lauren Gimmillaro. Gimmillaro has a track record of launching four successful partner programs, consisting of working with channel, referral, reseller, and technology partners. "As today's global attack surface evolves and cybercriminals become more sophisticated in nature, it's critical to provide end users with the tools, services, and skill sets they need to take an offensive approach to security," said Gimmillaro. "Centered around our customer-first approach, the NetSPI Partner Program will allow our team to extend our world-class pentesting capabilities to a variety of diverse and trusted partners, strengthening organizations' cyber security efforts across the globe." The NetSPI Partner Program encompasses the following partnership types: Channel Partners: NetSPI provides its full suite of security services and products through a global channel network of referral and reseller partners. To meet partners' requirements, the programs include a tier-based model consisting of referral fees, preferred client pricing, and reseller discounts. Technology Partners: Security and third-party software companies help build meaningful integrations with NetSPI to improve overall customer experiences. For both, NetSPI offers technical and sales support to help partners achieve their business and go-to-market goals. "Through the NetSPI Partner Program, SecureLink has been able to provide enterprises in the Middle East and Africa region access to NetSPI's continuous and scalable suite of offensive security solutions. "With NetSPI, we are proud to offer unmatched sophistication, methodology, and value to our global customer base." Manish Pardeshi, director of cybersecurity practices at SecureLink "Apiiro is proud to be part of the NetSPI Partner Program. The partnership has provided our customers with next-gen, context aware pentesting capabilities and NetSPI customers with our ability to detect and fix critical risks in cloud-native applications," said John Leon, vice president of business development at Apiiro. "Being a member of the NetSPI Partner Program allows us to achieve our sales goals while providing mutual customers with industry leading services and expertise." About NetSPI NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world's five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ penetration testing and vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over 1 million assets to find 4 million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Tanium Expands Collaboration with Microsoft as It Joins the Microsoft Intelligent Security Association (MISA)

Tanium | August 17, 2022

Tanium, the industry’s first provider of converged endpoint management (XEM), today announced that it has been nominated to join the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers (MSSPs) that have integrated their solutions with Microsoft security technology to help customers better defend themselves against increasingly sophisticated cyber threats. “I believe that Microsoft and Tanium's partnership is going to transform the future of IT security and operations for my organization,” said Mark Wantling, CIO at the University of Salford. “By combining Tanium's real-time visibility and control with Microsoft's advanced threat intelligence, orchestration, and analytics services, I can quickly and easily identify and address vulnerabilities, remediate threats, and manage my estate across a multitude of platforms — and I don't need dozens of point solutions to do it.” As hybrid work and other digital transformations expand organizations’ IT assets and attack surfaces, customers benefit by consolidating security platforms to more seamlessly deliver security, performance, and automation, without needless complexity and alert fatigue. “I am excited to see that Tanium and Microsoft are working together,” said Andy Lawrence, cyber security improvements manager, Willis Towers Watson. “Combining Tanium’s real-time data and control with Microsoft’s services will allow my team to more effectively manage and secure my entire IT estate.” Tanium was nominated for MISA membership in part as a result of an integration with Microsoft Sentinel, soon to be available via the Sentinel Content Hub. Currently, Tanium is available in the Microsoft Commercial Marketplace, an online store providing applications and services for use on Azure. Customers can purchase and provision Tanium directly from the marketplace and apply the purchase to their Microsoft Azure Consumption Commitments (MACC). Every day, Tanium customers around the world take advantage of the Azure cloud platform, including streamlined deployment and provisioning, to accelerate their security strategies. “The largest and most sophisticated organizations trust Tanium to manage and secure their digital estates. “Combining Microsoft's security solutions with Tanium's real-time data, distribution, and control not only enables effective automation and resilient security, but it also creates accelerated savings for customers converging multiple point solutions into fewer, more comprehensive, and robust solutions.” Rob Jenks, senior vice president of corporate strategy at Tanium Together, Tanium’s integrations with Microsoft’s technology deliver the capabilities customers need to manage and secure IT estate from cloud to the edge, including active threat hunting, faster remediation, real-time patching, and the automated delivery of detailed real-time data. “Members of the Microsoft Intelligent Security Association – like Tanium – integrate their security solutions with Microsoft’s technology to gain more signal, increase visibility and better protect against threats. By extending Microsoft’s security capabilities across the ecosystem, we help our shared customers to succeed.” – Maria Thomson, Microsoft Intelligent Security Association Lead. About Tanium Tanium, the industry’s only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune’s list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere.

Read More

Events