Secure your organization’s critical data and increase your bottom line through Vertex’s Managed Security Operations Centre (SOC) Services

June 6, 2022 | 134 views

Secure your organization’s critical data and increase
Over the last two years, cybersecurity has seen a tectonic upheaval as digital transformation efforts have been accelerated, the workforce has become more diverse, and threats have continued to evolve. Security teams are under looming pressure to neutralize more threats with the same number of resources as firms across industries face new cybersecurity concerns.

Many security teams are stretched too thin to identify genuine threats quickly due to the never-ending deluge of warnings and vast volumes of log data to comb through daily. As a result, businesses must make updating their Security Operations Centers (SOC) a top priority.

Modernizing the SOC plan involves directing resources into boosting security maturity and cybersecurity, with the goal of lowering the organization’s total risk. The best plan must be scalable enough to handle the changing and broad spectrum of security risks while also being adapted to the company’s specific requirements. As a consequence, threat detection and response across the whole environment has improved, as has visibility and team silos.

Although each company’s route to SOC transformation is unique, there are a few critical aspects that all businesses should keep in mind when getting started. Let us look at a few of those in detail.

Aligning Security Measures with Business Objectives.

Beginning the process by aligning security priorities with corporate objectives. This stage is critical because it stops businesses from simply relying on technology. Budget, industry-specific rules and reporting requirements, and the company’s general risk tolerance are all factors to consider while developing these objectives.

Considering this isn’t a one-and-done procedure, the Chief Information Security Officer (CISO) must maintain direct contact with the CEO and other top management officials to guarantee ongoing alignment. CISOs must be realistic about the biggest possible dangers to the firm when engaging with leadership about what is needed for SOC modernization and why, without resorting to negative tactics like spreading fear of threats.

Team Vertex can help you align your corporate objectives with necessary security measures required to setup an SOC so your firm is prepared in the event of a cyber threat.

Establishing a Security Readiness Standard

Following the establishment of essential business goals with executive participation, the next stage in improving the overall security measure is to examine the SOC’s strengths and weaknesses. Security operations should be viewed as a crucial business function by companies. The operational efficacy of the SOC must be measured, just like any other critical business component, by examining which key performance indicators (KPIs) and service-level agreements (SLAs) are being satisfied.

This standard offers a clear image of the most critical use cases as well as any gaps in the cybersecurity strategy that need to be addressed. It might be difficult to figure out how to make this list at first. However, security teams will have a clearer view of where opportunities to develop their operations exist if they measure against metrics like mean time to detect (MTTD) and mean time to respond (MTTR) to cyber-attacks.

Team Vertex’s proficient team of analysts can help you analyze and identify the potential gaps in the system and examine the above-mentioned KPIs and SLAs.

Incorporating a Cybersecurity Framework

Now it is time to map an operating framework to connect your strategy with particular tactics, techniques, and procedures after you have clearly determined the most important gaps and set timescales and personnel needs. By employing these constantly developing libraries of threat actor tactics, security teams may pinpoint the business’s largest possible threats and assess their protection priorities carefully.

Another paradigm to consider is zero trust. Rather than focusing on the corporate perimeter, it stresses an identity-centric paradigm that focuses on safeguarding resources (such as data, identities, and services) regardless of where they are located.

Strengthen your defense by beefing up your SOC.

The SOC is at the heart of a company’s offensive and defensive strategies against possible attackers. Organizations that do not have the capability to allocate a function or form an in-house team to handle SOC must resort to third party outsourced solutions. Vertex can be that third-party SOC solutions provider by providing an outsourced security operations center, or managed SOC.

This permits your security logs to be aggregated into a separate location where our experienced team can examine them and identify the activities necessary to maintain your organization’s security infrastructure and remediate any incidents. Penetration testing, gap analysis, and better compliance are also available. Although no single solution can cure all your security issues, having all of the necessary components in place will help your firm weather the next digital storm, regardless of its source.

Spotlight

Vodafone

We’ve come a long way since making the first ever mobile call on the 1st January 1985. Today, more than 403 million customers around the world choose us to look after their communications needs. In 25 years, a small mobile operator in Newbury has grown into a global business and the seventh most valuable brand in the world. We now operate in more than 30 countries and partner with networks in over 50 more.

OTHER ARTICLES
SOFTWARE SECURITY

Cryptographic Management Trends Around the Globe

Article | November 3, 2020

Digital transformation has become a mission-critical strategy as organizations are adopting new ways of scaling their business, remaining agile to meet demand, and innovating for the future. Cryptographic management goes hand in hand with digital transformation, as organizations must evolve and future-proof their end-to-end cryptographic environments to ensure they are secure, compliant, and highly available to protect and secure their data, assets, and transactions. I spoke with members of the global Futurex team — including Mark Howland, EMEA business development; Ruchin Kumar, vice president, South Asia; and Santos Campa, vice president, LAC — for their insights and perspectives on what cryptographic management challenges organizations are facing, implementation trends, and how they are future-proofing their systems. There are common themes across industries and countries: cryptographic management is challenging, organizations are keenly interested in agility and scalability, cloud migration is happening everywhere, and the compliance checklist is ever important. 1 EMEA: Future-Proofing with Virtualization When it comes to cryptographic management, the large financial institutions and major high-street banks have significant internal knowledge, best practices and their own ways of working and methodology. Across other organizations, we see the gamut: some are looking at new ways of doing things, such as HSM virtualization and cloud HSMs, while some are struggling with the skillset to configure and manage their existing systems. Throughout Europe, getting into data centers during the pandemic was difficult, resulting in challenges with on-premises cryptographic deployments and remote management. There are progressive thinkers, many working at startups, who are future-proofing their systems and looking into load balancing, remote management, and virtualization. While others, who have always worked with on-premises cryptographic equipment, are slower to move to the cloud with questions around latency, regulations, and availability. Howland speculates about what’s ahead: “Cryptography-as-a-service and virtualization will be expected.” Virtualization and the cloud enable organizations to be fluid in their services and abilities, accounting for scalability and growth without taking up rack space and being carbon neutral. “You have to scale for your worst-case scenario. If you have virtual HSMs, you can literally spin them up and down, so you're not having to manage 20 HSMs when, for 360 days of the year, you only need five. When you then look at the costs, administrative costs, power, it makes a good business case to virtualize rather than use hardware,” states Howland. Virtualization accounts for the ebb and flow of retailers, such as handling demand for Black Friday, Cyber Monday, and the holiday season. 2 LAC: Compliance and Cloud and Beyond Overall, organizations are looking to be compliant, secure, scalable, and flexible. “For the financial HSM industry, it seems that, in most cases, everything is moving to the cloud,” says Campa. Moving to the cloud is financially motivating and empowers customers with an agile business case. Campa sees three cryptographic implementation trends across Latin America: 1. The need to implement cryptographic infrastructure as soon as possible. 2. The need to grow the current infrastructure. Organizations want to make sure that they are investing in an infrastructure that is scalable and used for the long term. 3. Security reliability and compliance In Latin America, every financial customer needs to comply with PCI. In addition to PCI, there are regional compliance requirements to adhere to; for example, Mexico requires compliance with Comisión Nacional Bancaria y de Valores (CNBV) and Asociación de Bancos de Mexico (ABM). As a result, organizations prefer to invest in technologies that will be compliant with the next compliance regulations, including PCI and the next FIPS, to future-proof their cryptographic investments. Beyond point-to-point encryption and PCI DSS support, we are seeing customers adopting tokenization, remote key loading, and contactless payments on COTS (CPoC) — and increasing features and functionality one at a time. In parallel, some customers have decided to increase the ROI of their HSM investment by using general-purpose features to comply with government and local security requirements and regulations. Futurex is hosting the Futurex Summit: Mexico City 2022, July 19-21, 2022, an opportunity for attendees to learn how to streamline their encryption infrastructures. 3 South Asia: Trends in Multi-Purpose HSM, Cloud The cryptographic infrastructure has become an important part of the overall deployment of any project in organizations, and Kumar cites the lack of a centralized strategy as the main challenge. In India, he sees silos in most organizations, with overburdened budgets and resources. Data-centric security best practices can help organizations pass various security audits and mitigate unknown risks. Another pain point is around compliance and mandates from regulators. As with many countries, cryptography is deeply embedded in the information technology laws of India to provide confidentiality and integrity to critical information like personal identifiable information (PII) and financial information. Adhering to these regulations is mandatory for each and every project within enterprises, banking, and government. “India is running quite ahead in HSM and key management. Organizations are well versed in the subject,” acknowledges Kumar. Kumar sees many organizations interested in a single unified HSM platform that can handle both general purpose and payment functionalities to reduce implementation hassles. Additionally, as is common around the world, Kumar sees an interest in cloud migration and cryptography-as-a-service in South Asia. Many organizations are keen to outsource cryptographic management to a managed service provider or a cloud service provider to bring down the CAPEX cost for the customer, outsource complex cryptography operations to experts, and address regulatory compliance issues such as data localization and key localization. As we’re seeing in the United States and around the globe post-pandemic, many organizations are looking at digital transformation strategies and future-proofing their cryptographic management investments, including cloud enablement, redundancy and agility, and hybrid deployments — all of which will help to both maintain a strong security posture while adapting and embracing new challenges and opportunities.

Read More
SOFTWARE SECURITY

Security-as-a-Service (SECaaS): A Cost-Effective Way of Cybersecurity

Article | December 15, 2021

Cybersecurity threats are growing by the day. Many businesses are unintentionally exposed to hackers and should investigate the possibilities of Security as a Service (SECaaS). While investing in a firewall, anti-virus software, physical office security, an intruder alarm, and CCTV could be insufficient. Unfortunately, in today's ever-changing digital world, this is not enough to keep today's cyber criminals at bay. Malware, ransomware, phishing, viruses, denial of service, distributed denial of service, man-in-the-middle, and brute force attacks are all examples of cybercrime. These are just a few of the methods cybercriminals utilize to attempt to undermine your network security. One of the simplest solutions to securing your system and network is to use security as a service, or SECaas. Why Should Businesses Deploy SECaaS? Depending on your company's demands, your SECaaS provider can build a customized security solution that protects your data, keeps your internal systems safe, and provides you with peace of mind at an affordable price. Cost Saving One of the most significant advantages of a Security-as-a-Service model is that it saves a company money. A cloud-delivered service is often provided in subscription levels with many upgrade possibilities, allowing businesses to pay for just what they need when they want it. It also eliminates the requirement for specialist skills. Updated Security Tools When you use SECaaS, you get access to the most up-to-date security technologies and resources. To be successful, anti-virus and other security solutions must be kept up-to-date with the most recent updates and virus definitions. These upgrades are handled for you on every server, PC, and mobile device by implementing SECaaS across your business. Greater Agility and Better Provisioning One of the most appealing aspects of as-a-service solutions is that your consumers can have rapid access to these products. SECaaS solutions can be scaled up or down as needed, and they are available on-demand where and when you need them. That means no more uncertainties about deployment or upgrades since everything is handled for you by your SECaaS supplier and accessible through a web-enabled dashboard. Make Resources Available When security provisions are maintained outside, your IT employees can concentrate on what matters most to your firm. SECaaS frees up resources, provides comprehensive visibility through management dashboards, and offers you the assurance that your IT security is being handled effectively by an outsourced security team. If you choose, you can delegate management of security procedures to your IT staff, who will handle all policy and system updates through a web interface. Consistent Security As new technology emerges, the provider's databases and protection software will be constantly updated and enhanced. Moreover, it will help in continually monitoring the network for threats using our innovative AI technology to offer round-the-clock security. A fully human-powered team cannot detect every danger, but AI augments human capabilities to give better protection. What Can SECaaS Safeguard Against? It's essential to know what Security-as-a-Service can defend against but also WHERE it will protect you. Your data is now everywhere; on laptops, mobile phones, tablets, local servers, edge servers, cloud services, and each platform has to be protected. SECaaS protects local network devices, edge services, cloud services, WiFi, mobile phones, and tablets. Some of the viruses from which SECaaS protects you are: Malware Ransomware Phishing Virus Denial of service (DoS) Distributed denial-of-service (DDoS) Man-in-the-middle Brute force attacks Closing Lines SECaaS has become the preferred company security approach due to its advantages. SECaaS decreases hardware costs, outsources and streamlines security administration, and eliminates the need for costly security professionals. Since many businesses are embracing cloud technology but are unsure about security, they require their service providers to handle it. SECaaS providers can solve cloud security challenges, including data breaches, DDoS assaults, and phishing.

Read More
SOFTWARE SECURITY

5G: New Possibilities, New Threats

Article | July 6, 2022

5G is the next generation of mobile networks, and its introduction marks the beginning of a new era in the world of networking and cybersecurity. The fifth generation of mobile networks is not only faster than all the previous ‘Gs’ that were launched but also offers new and exciting opportunities for businesses. It is expected to be a game-changer for the business world because of its capabilities to expand business offerings and connect to the IoT. Let's delve into the insights about the new possibilities 5G technology brings for businesses. New Technology: Possibilities 5G Technology Brings In for Businesses Among the most significant benefits of 5G technology is the potential for employees to achieve more in less time, which increases revenue and reduces costs. The tremendous jump in connectivity provided by 5G will generate considerable opportunity for a wide range of industries from healthcare to retail to fintech. According to a study by IHS Markit, the global economy will be worth $13.2 trillion by 2035. This will create 22.3 million jobs in the 5G global value chain alone. Increased IoT Capabilities IoT devices are notoriously vulnerable due to their ease of use and connection. In 2020, Forescout Research found 33 IoT vulnerabilities affecting four open-source TCP/IP stacks (FNET, uIP, Nut/Net, and PicoTCP). According to Forescount, these stacks power millions of devices worldwide. The enormous development of IoT systems has been fueled by consumer devices, business network appliances, and industrial IoT (IIoT) devices. 5G will improve various IoT functionalities and provide critical upgrades to entire networks without pausing functionality, freezing operations or overloading servers. Bridging the Skills Gap Because of advancements in video and remote technologies, 5G will also tremendously benefit small businesses by enhancing hiring processes and assisting business owners in hiring suitable talent to contribute to their business development and help their businesses grow. 5G breaks down barriers to hiring by letting companies find, interview, narrow down, and hire the best people worldwide. Cost Savings 5G is expected to enhance the battery life of devices such as laptops by up to ten times. As a result, companies will see cost savings by lowering the quantity of hardware and IT infrastructure required. This represents a move away from a hardware-driven economy and into an economy that is majorly anchored on software and systems. Savings on decreased administration and other operations can permeate the organization and eventually contribute to the bottom line. New Threats: 5G Cybersecurity Risks Like every technology born, even 5G networks face various threats. Some are passed down from previous generations and legacy standards, while others are new threats associated with the software-defined networking technology owing to 5G. Below are some of the 5G security issues that businesses can tackle with the help of additional cybersecurity measures. Inherited & Emerging Vulnerabilities Compared to earlier generations of wireless networks, 5G is designed to be more secure. For backward compatibility, 5G must still be able to communicate with older standards. In the absence of a security-minded approach, this compatibility requirement assures that the flaws discovered in the outdated SS7 and Diameter protocols utilized by 2G and 4G networks can still haunt a new 5G-based network architecture. Growing Supply Chain Concerns As a result of government intervention in the development of telecom equipment, 5G security risks have been politicized. The use of 5G infrastructure equipment sold by Chinese vendors like ZTE and Huawei is banned in various countries, including the United Kingdom, India, and the United States. These regulations were put in place because of fears that Chinese governmental control over these 5G equipment vendors could undermine the design and data security of 5G equipment offered by these companies. Decentralized security In 5G networks, traditional security checkpoints like hub-and-spoke hardware-based routers have been replaced by cloud of software-defined digital routers that can't be looked at or managed. With more routing points and devices, as well as quicker speeds that favor smash-and-grab attackers, security teams must depend on automated monitoring and create innovative methods to address the rising security vulnerabilities. More IoT Devices Not all manufacturers are emphasizing cybersecurity, as seen with many low-end smart devices. 5G means more effectiveness and possibilities for the Internet of Things (IoT). As the number of connected devices grows, so does the number of prospective areas of attack. Devices such as a fish tank thermometer and a smart TV are examples of devices that might weaken the network. Network breaches and hacking could become more frequent because of the absence of security standards for IoT devices. Overcoming 5G Security Challenges Even if the new 5G technology doesn't fundamentally impact the measures that businesses must take to secure their assets, it does reduce the margin for error and raise the stakes in the event of a failure. Many strategies for dealing with existing network security issues apply equally well to 5G security threats. Strengthen Existing Cybersecurity Measures As we know, most security threats to 5G technology originate from previous generations. Businesses should continue to use existing security techniques to combat such attacks. Businesses must strengthen their existing security equipment to make those strategies more effective. Also, it is essential to educate users in order to minimize human errors that can compromise data and network security. Regular Infrastructure Audit When it comes to data exfiltration, a bad actor's dream is a company's blind spots. You'll need to audit your company's personnel infrastructure. You should also keep an eye on 4G-related vulnerabilities that could continue to harm older devices and networks. Deploy AI & ML for Protection Security providers are embedding AI and machine learning (ML) into their products and services to combat more complex cyberattacks. Experts believe that AI and machine learning systems can grow with the threat matrix, learning to detect and eliminate threats before they breach critical systems and put lives and sensitive data at risk. This will greatly help secure the network and safeguard the data stored in the cloud. IoT Management Solutions As 5G devices become available on mobile device management software, it is essential to control them to ensure device security. To secure the devices that will use 5G technology, you must look for a device management system that can evolve with the demands of your business. Look for a system that focuses on IoT management particularly. Tech Manufacturers Should Develop Secured Products 5G will double the number of connected devices while increasing speed and bandwidth. Unfortunately, many IoT devices are fundamentally insecure, making them obvious targets for hackers. Each insecure IoT device on a company's network offers an additional possible attack route. To prevent IoT devices from being vulnerable targets for cybercriminals, manufacturers must make them more secure. Also, the IoT Cybersecurity Act, which applies to government contractors, was passed by the US Congress. However, regulation of industry suppliers is still not good enough. Key Elements for 5G Cybersecurity for Businesses Conclusion 5G technology will be embraced despite all the challenges since it promises to provide businesses with a powerful new tool capable of driving faster, broader IoT deployments and a competitive advantage in the market. One harsh reality of the digital age is that risks will always exist. In line with the birth of every new technology, new threats are also born, and in the same manner, even solutions emerge. Businesses can overcome all challenges and eliminate all 5G security threats by implementing proper measures. 5G, IoT, AI, and ML are all part of the global tech revolution; leverage these technologies today to position yourself as a leader of tomorrow. FAQ What is the frequency of 5G? Verizon's millimeter wavelength (mmWave)-based 5G Ultra Wideband runs at frequencies between 28 and 39GHz. This is far higher than the frequency used by 4G networks, which ranges between 700 and 2500 MHz. What are the fundamental technologies that makeup 5G? OFDM (Orthogonal frequency-division multiplexing) is a way of modulating a digital signal over several channels to decrease interference. 5G employs the 5G NR air interface in conjunction with OFDM principles. 5G also makes use of higher bandwidth technologies like sub-6 GHz and mmWave. Why does a businessperson need 5G training? Faster connections mean more efficient business operations for your organization. Employees can anticipate that 5G will improve internal and external communications, allowing for better flexibility and time efficiency. Employees should also expect less restriction on where they can work, open doors during office hours, the ability to work from home, and a much better balance between work and life.

Read More
SOFTWARE SECURITY

Machine Learning-Powered Cybersecurity: A Guardian of the Future

Article | May 18, 2022

Today, as more and more businesses are undergoing digital transformation, the risk of cybersecurity is also rising. Cyber risk has evolved as one of the significant threats for businesses over time. Businesses are struggling to safeguard themselves from a growing number of cyber threats. Because of cybercrime, businesses lost approximately $1,797,945 per minute in 2021, according to Tessian. Machine learning (ML) and artificial intelligence (AI) tools offer huge potential to help businesses and other entities deal with a wide range of current cybersecurity challenges. AI and ML enable real-time learning and analysis of potential cyber threats. They also use algorithms to make behavioral models, which they then use to predict cyberattacks whenever new data becomes available. Let’s have a look at the reasons why ML-based cybersecurity has become more crucial than ever. Why Has Machine Learning Become so Important in Cybersecurity? There are several reasons why ML-based machine learning has grown to prominence. Cybersecurity systems can use AI and ML to analyze attack patterns and learn from them in order to prevent them and respond to their changing behavior. It can support cybersecurity professionals in becoming more proactive in terms of preventing risks and dealing with current attacks in real-time. In short, good data and machine learning can make cybersecurity easier, more proactive, cheaper, and much more effective. How can Machine Learning help businesses improve their cybersecurity? AI and machine learning are providing significant advantages to organizations that implement them in their cybersecurity programs. According to a report from the Capgemini Research Institute, 61% of businesses think AI will be needed to find critical threats, and 69% think AI will be needed to deal with cyberattacks. AI and ML can quickly analyze huge quantities of data, making it far faster than manually detecting threats. AI and ML minimize cyber threat detection and response effort, making them cost-effective. The Capgemini report found a 12% average cost reduction. Cyber analysts are alerted aboutattacks and categorize the kinds, which helps them determine the correct response. As more data is analyzed and the technologies learn from past patterns, AI and machine learning improve cybersecurity over time. AI and ML are used by many businesses to rank network threats and figure out which parts have been attacked the most. Businesses use AI to identify malicious activity automatically. AI and machine learning are also being used to detect suspicious user behavior. Many businesses prevent financial fraud by predicting unusual consumer behavior utilizing machine learning. AI and machine learning can also help businesses predict potential cyberattacks. Companies Bolster their Cyber Security Systems through ML Concluding Lines If used correctly, machine learning can improve cybersecurity. Machine learning's dramatic and lasting influence is real. Integrating AI and ML to improve cybersecurity is crucial, but organizations should remember that these technologies are only as effective as the analysts who control and use them.

Read More

Spotlight

Vodafone

We’ve come a long way since making the first ever mobile call on the 1st January 1985. Today, more than 403 million customers around the world choose us to look after their communications needs. In 25 years, a small mobile operator in Newbury has grown into a global business and the seventh most valuable brand in the world. We now operate in more than 30 countries and partner with networks in over 50 more.

Related News

DATA SECURITY

ShardSecure® To Present at Black Hat Cybersecurity Conference

ShardSecure | August 09, 2022

ShardSecure, inventor of the innovative MicroshardTM technology that mitigates data security and privacy risks in the cloud, will be exhibiting at Black Hat 2022, the leading information security event, from August 6 to 11 in Las Vegas, Nevada. While at Black Hat, ShardSecure will showcase their patented microsharding solution at Booth #30 in the Business Hall's Innovation City. During the conference, ShardSecure will demonstrate how microsharding renders sensitive data unintelligible in the wrong hands, offering crucial protection in multi-cloud and hybrid-cloud environments. ShardSecure Lead Developer Anthony Whitehead will present "Microsharding, an Alternative to Encryption for Data at Rest" from 2:25 to 2:45 p.m. PT on August 10 in the Business Hall, Theater C. Additionally, VP of Marketing Marc Blackmer will be interviewed on microsharding and encryption by Chuck Harold of SecurityGuyTV at 9:20 a.m. PT on August 11. "We're looking forward to making new connections and sharing how we can help organizations strengthen their data resilience, maintain business continuity, and mitigate the impact of ransomware," said Marc Blackmer. "Black Hat is an excellent opportunity for ShardSecure to participate in key industry conversations, strengthen our brand, and grow our networking opportunities." Microshard technology works to desensitize sensitive data by digitally shredding it into tiny microshards. Those microshards are then mixed with poison data and distributed to multiple customer-owned storage locations of the customer's choosing. Its self-healing data also reverses unauthorized data deletion and tampering — including ransomware — for data at rest. Through its ability to reconstruct data impacted by storage service outages, ShardSecure also helps protect against the effects of data loss and allows business operations to continue unaffected during an outage. "We're pleased to be sharing Microshard technology with a wide audience of thought leaders and vendors at Black Hat. "Combined with several new partnerships and our recent availability in Azure Marketplace, Black Hat is allowing us to reach more organizations with our innovative data security and data resilience solution. We look forward to continuing the discussion about how we can help organizations maintain control of their sensitive data in the cloud while protecting it from outages and attacks." Bob Lam, CEO and Co-Founder of ShardSecure About Black Hat Now in its 25th year, Black Hat USA is a leading cybersecurity event. With trainings, briefings, and virtual and in-person events, Black Hat 2022 will present the latest research, development, and trends in the information security industry. About ShardSecure ShardSecure is changing the nature of data security. It believes that all organizations can easily and securely enjoy the benefits of cloud adoption without surrendering control of their data. Inventors of the patented Microshard technology, ShardSecure cloud-enables sensitive data by desensitizing it in multi-cloud and hybrid-cloud environments.

Read More

SOFTWARE SECURITY

Involta Partners With Tech Startup HacWare to Expand Enterprise Cybersecurity Awareness Services

Involta | August 08, 2022

Involta, an award-winning data center, hybrid IT, and cloud-forward consulting firm, announces today a partnership with HacWare, an AI-driven cybersecurity awareness and training SaaS (Software-as-a-Service) product that combines threat intelligence with user behavior to help lean IT teams combat today's most advanced phishing attacks. "Today, email phishing attacks remain the number one source of security breaches, causing over 90% of data breaches," states Tiffany Ricks, Founder and CEO of HacWare, Inc. "The average employee is vulnerable because they spend 1,500 hours a year using email, and many are unaware of email security best practices. Partnering with Involta gives us the opportunity to help businesses improve their email security awareness and build up their first line of defense against cyberattacks." HacWare's internal risk assessment provides real-time threat intelligence to show internal vulnerabilities. HacWare learns from the intelligence to provide personalized phishing simulations and training. The phishing technology leverages behavioral psychology best practices to improve cyber posture, saving businesses up to 40% in labor costs. "At Involta, we know the two most important things our customers can do to protect themselves from a phishing attack is awareness and education," comments Mark Cooley, Involta VP of Security and Compliance. "Making sure that your company's employees understand the prevalence and sophistication of these attacks is crucial. HacWare's security awareness technology combines open-source data and data science to show employees how to avoid scams while significantly saving on traditional security training and awareness labor costs. The automated, easy-to-use platform is the perfect addition to our robust security solution suite." Ricks' motivation comes from an entrepreneurial spirit and the desire to help people. She has led HacWare, Inc. to be widely recognized by leading publications such as The Wall Street Journal, Dark Reading, TechCrunch, Forbes and Women's Business Council. "We are thrilled to partner with Tiffany and her team at HacWare to bring her expertise and innovative solutions to our customers and prospects. "Not only is her product both superior and necessary in today's security landscape, but she is also a true role model for our industry's next generation of female leaders. As more women continue to enter into the world of security and digital infrastructure, it's critical to align with them and help bolster their positions while working alongside them to close the gender gap." Jim Buie, Involta President and CEO Involta's commitment to supporting women in tech and empowering girls to explore STEM fields includes a partnership with Girls, Inc. of Pinellas County, Florida, where they recently introduced digital infrastructure as a potential career path. About Involta Involta is an award-winning hybrid IT and cloud-forward consulting firm orchestrating digital transformation for the nation's leading enterprises. Involta's ongoing mission is rooted in partnership. Its personalized approach identifies customers' requirements while earning their trust to ultimately deliver Superior Infrastructure and Services, Operational Excellence and People Who Deliver, keeping with the Involta brand promise.

Read More

SOFTWARE SECURITY

Cybersecurity Company Lumu Raises $8M, Signs Partnership with KnowBe4, the World's Largest Integrated Platform for Security Awareness Training

Lumu | August 08, 2022

Lumu, creators of the Continuous Compromise Assessment cybersecurity model that empowers organizations to measure compromise in real time, today announced it has closed an $8 million investment round, bringing total funding to $15.5 million. Led by Panoramic Ventures, the investment will serve as growth capital for sales and marketing initiatives to further Lumu's mission of helping organizations operate cybersecurity proficiently. Other investors include KnowBe4 Ventures, Lane Bess, former Zscaler and Palo Alto Networks executive, and Tom Noonan, former CEO at Internet Security Systems and the SoftBank Group's SB Opportunity Fund. "We are excited to continue to support Lumu through this phase of hypergrowth, as organizations across all verticals are realizing the value of measuring compromise within their networks and acting on this factual data immediately," said Paul Judge, Managing Partner of Panoramic Ventures. "The innovation Lumu is bringing to the market is evident and a true game-changer for cybersecurity operations." Lumu's Continuous Compromise Assessment model enables any organization to measure and understand compromise to close the breach detection gap from months to minutes continuously and intentionally. Teams receive actionable information about who was impacted, when the incident took place and how best to respond before it escalates to a bigger problem. The company has experienced hyper-growth in 2021 and 2022 and now has more than 3,100 organizations using its technology. The Lumu platform has analyzed more than 1 trillion metadata and detected more than 345 million adversarial contacts. "With today's economy, hiring constraints and the non-stop cyber threats, companies need tools that enable an accurate understanding of, and swift response to, potential attacks. "Our platform provides context at the granular level to understand each and every incident and the specific techniques used by attackers so that cybersecurity operators can mitigate malicious incidents and overall improve their cybersecurity stack. With cybercriminals quick to take advantage of economic downturns, this funding round emphasizes just how critical of a time it is for enterprises to prioritize protection and defense mechanisms." Ricardo Villadiego, Founder and CEO of Lumu The capital will also be used to scale the company's initiative to consistently attract exceptional talent to amplify the reach of Lumu's cyber industry-leading resilience message and to build credibility with target audiences to help companies of all sizes and verticals proficiently operate cybersecurity functions. KnowBe4 is one of the key investors joining Lumu's funding round. The companies will join forces to further their missions of enabling employees and security teams to make smarter security decisions every day. Miami-based Lumu is founded and led by Ricardo Villadiego, a successful second-time founder who is part of the SB Opportunity Fund's community of visionary Black, Latinx, and Native American entrepreneurs. About Lumu Headquartered in Miami, Florida, Lumu is a cybersecurity company focused on helping enterprise organizations illuminate threats and isolate confirmed instances of compromise. Applying principles of Continuous Compromise Assessment, Lumu has built a powerful closed-loop, self-learning solution that helps security teams accelerate compromise detection, gain real-time visibility across their infrastructure, and close the breach detection gap from months to minutes.

Read More

DATA SECURITY

ShardSecure® To Present at Black Hat Cybersecurity Conference

ShardSecure | August 09, 2022

ShardSecure, inventor of the innovative MicroshardTM technology that mitigates data security and privacy risks in the cloud, will be exhibiting at Black Hat 2022, the leading information security event, from August 6 to 11 in Las Vegas, Nevada. While at Black Hat, ShardSecure will showcase their patented microsharding solution at Booth #30 in the Business Hall's Innovation City. During the conference, ShardSecure will demonstrate how microsharding renders sensitive data unintelligible in the wrong hands, offering crucial protection in multi-cloud and hybrid-cloud environments. ShardSecure Lead Developer Anthony Whitehead will present "Microsharding, an Alternative to Encryption for Data at Rest" from 2:25 to 2:45 p.m. PT on August 10 in the Business Hall, Theater C. Additionally, VP of Marketing Marc Blackmer will be interviewed on microsharding and encryption by Chuck Harold of SecurityGuyTV at 9:20 a.m. PT on August 11. "We're looking forward to making new connections and sharing how we can help organizations strengthen their data resilience, maintain business continuity, and mitigate the impact of ransomware," said Marc Blackmer. "Black Hat is an excellent opportunity for ShardSecure to participate in key industry conversations, strengthen our brand, and grow our networking opportunities." Microshard technology works to desensitize sensitive data by digitally shredding it into tiny microshards. Those microshards are then mixed with poison data and distributed to multiple customer-owned storage locations of the customer's choosing. Its self-healing data also reverses unauthorized data deletion and tampering — including ransomware — for data at rest. Through its ability to reconstruct data impacted by storage service outages, ShardSecure also helps protect against the effects of data loss and allows business operations to continue unaffected during an outage. "We're pleased to be sharing Microshard technology with a wide audience of thought leaders and vendors at Black Hat. "Combined with several new partnerships and our recent availability in Azure Marketplace, Black Hat is allowing us to reach more organizations with our innovative data security and data resilience solution. We look forward to continuing the discussion about how we can help organizations maintain control of their sensitive data in the cloud while protecting it from outages and attacks." Bob Lam, CEO and Co-Founder of ShardSecure About Black Hat Now in its 25th year, Black Hat USA is a leading cybersecurity event. With trainings, briefings, and virtual and in-person events, Black Hat 2022 will present the latest research, development, and trends in the information security industry. About ShardSecure ShardSecure is changing the nature of data security. It believes that all organizations can easily and securely enjoy the benefits of cloud adoption without surrendering control of their data. Inventors of the patented Microshard technology, ShardSecure cloud-enables sensitive data by desensitizing it in multi-cloud and hybrid-cloud environments.

Read More

SOFTWARE SECURITY

Involta Partners With Tech Startup HacWare to Expand Enterprise Cybersecurity Awareness Services

Involta | August 08, 2022

Involta, an award-winning data center, hybrid IT, and cloud-forward consulting firm, announces today a partnership with HacWare, an AI-driven cybersecurity awareness and training SaaS (Software-as-a-Service) product that combines threat intelligence with user behavior to help lean IT teams combat today's most advanced phishing attacks. "Today, email phishing attacks remain the number one source of security breaches, causing over 90% of data breaches," states Tiffany Ricks, Founder and CEO of HacWare, Inc. "The average employee is vulnerable because they spend 1,500 hours a year using email, and many are unaware of email security best practices. Partnering with Involta gives us the opportunity to help businesses improve their email security awareness and build up their first line of defense against cyberattacks." HacWare's internal risk assessment provides real-time threat intelligence to show internal vulnerabilities. HacWare learns from the intelligence to provide personalized phishing simulations and training. The phishing technology leverages behavioral psychology best practices to improve cyber posture, saving businesses up to 40% in labor costs. "At Involta, we know the two most important things our customers can do to protect themselves from a phishing attack is awareness and education," comments Mark Cooley, Involta VP of Security and Compliance. "Making sure that your company's employees understand the prevalence and sophistication of these attacks is crucial. HacWare's security awareness technology combines open-source data and data science to show employees how to avoid scams while significantly saving on traditional security training and awareness labor costs. The automated, easy-to-use platform is the perfect addition to our robust security solution suite." Ricks' motivation comes from an entrepreneurial spirit and the desire to help people. She has led HacWare, Inc. to be widely recognized by leading publications such as The Wall Street Journal, Dark Reading, TechCrunch, Forbes and Women's Business Council. "We are thrilled to partner with Tiffany and her team at HacWare to bring her expertise and innovative solutions to our customers and prospects. "Not only is her product both superior and necessary in today's security landscape, but she is also a true role model for our industry's next generation of female leaders. As more women continue to enter into the world of security and digital infrastructure, it's critical to align with them and help bolster their positions while working alongside them to close the gender gap." Jim Buie, Involta President and CEO Involta's commitment to supporting women in tech and empowering girls to explore STEM fields includes a partnership with Girls, Inc. of Pinellas County, Florida, where they recently introduced digital infrastructure as a potential career path. About Involta Involta is an award-winning hybrid IT and cloud-forward consulting firm orchestrating digital transformation for the nation's leading enterprises. Involta's ongoing mission is rooted in partnership. Its personalized approach identifies customers' requirements while earning their trust to ultimately deliver Superior Infrastructure and Services, Operational Excellence and People Who Deliver, keeping with the Involta brand promise.

Read More

SOFTWARE SECURITY

Cybersecurity Company Lumu Raises $8M, Signs Partnership with KnowBe4, the World's Largest Integrated Platform for Security Awareness Training

Lumu | August 08, 2022

Lumu, creators of the Continuous Compromise Assessment cybersecurity model that empowers organizations to measure compromise in real time, today announced it has closed an $8 million investment round, bringing total funding to $15.5 million. Led by Panoramic Ventures, the investment will serve as growth capital for sales and marketing initiatives to further Lumu's mission of helping organizations operate cybersecurity proficiently. Other investors include KnowBe4 Ventures, Lane Bess, former Zscaler and Palo Alto Networks executive, and Tom Noonan, former CEO at Internet Security Systems and the SoftBank Group's SB Opportunity Fund. "We are excited to continue to support Lumu through this phase of hypergrowth, as organizations across all verticals are realizing the value of measuring compromise within their networks and acting on this factual data immediately," said Paul Judge, Managing Partner of Panoramic Ventures. "The innovation Lumu is bringing to the market is evident and a true game-changer for cybersecurity operations." Lumu's Continuous Compromise Assessment model enables any organization to measure and understand compromise to close the breach detection gap from months to minutes continuously and intentionally. Teams receive actionable information about who was impacted, when the incident took place and how best to respond before it escalates to a bigger problem. The company has experienced hyper-growth in 2021 and 2022 and now has more than 3,100 organizations using its technology. The Lumu platform has analyzed more than 1 trillion metadata and detected more than 345 million adversarial contacts. "With today's economy, hiring constraints and the non-stop cyber threats, companies need tools that enable an accurate understanding of, and swift response to, potential attacks. "Our platform provides context at the granular level to understand each and every incident and the specific techniques used by attackers so that cybersecurity operators can mitigate malicious incidents and overall improve their cybersecurity stack. With cybercriminals quick to take advantage of economic downturns, this funding round emphasizes just how critical of a time it is for enterprises to prioritize protection and defense mechanisms." Ricardo Villadiego, Founder and CEO of Lumu The capital will also be used to scale the company's initiative to consistently attract exceptional talent to amplify the reach of Lumu's cyber industry-leading resilience message and to build credibility with target audiences to help companies of all sizes and verticals proficiently operate cybersecurity functions. KnowBe4 is one of the key investors joining Lumu's funding round. The companies will join forces to further their missions of enabling employees and security teams to make smarter security decisions every day. Miami-based Lumu is founded and led by Ricardo Villadiego, a successful second-time founder who is part of the SB Opportunity Fund's community of visionary Black, Latinx, and Native American entrepreneurs. About Lumu Headquartered in Miami, Florida, Lumu is a cybersecurity company focused on helping enterprise organizations illuminate threats and isolate confirmed instances of compromise. Applying principles of Continuous Compromise Assessment, Lumu has built a powerful closed-loop, self-learning solution that helps security teams accelerate compromise detection, gain real-time visibility across their infrastructure, and close the breach detection gap from months to minutes.

Read More

Events