'Successful tech companies are able to cultivate leaders not only at the top of the business, but at all levels of the business,' says Reed Taussig.

AI-driven identity verification solutions
 
Reed Taussig is an accomplished chief executive officer, advisor and board member of companies specializing in anti-fraud software and enterprise application software. He is the CEO of AuthenticID, a Kirkland-based document verification and anti-fraud firm. In addition, he is an active participant on the boards of ClearData, Arkose Laboratories, and Darwinium.
Discover his story, thoughts on people management and insights on identity-based frauds in this exclusive interview.

Successful companies are able to cultivate leaders.

Media 7: Hi Reed, thank you for your time. Please tell us about your long and inspiring professional journey. You've started a lot of businesses and have generated significant returns for your investors.
Reed Taussig: Thank you for that. I've had my share of successes. I've also had my share of failures. I've been in the computer business for a long time starting in 1977 selling mainframe computers and check processing systems for the boroughs out of college and then moved on through the minicomputer business, data general, and into the software business with Unify, a database company, OpenText Gupta, a pioneer for PC Client Server software, and then ultimately into enterprise application software. So I ran seven companies in total as CEO and I am systematically able to fail at retirement. I think that probably sums up my career pretty well.

M7:  As someone with extensive experience in director, president, and vice president-level positions, how do you view the importance of leadership in effectively managing interpersonal relationships?
RT: Well, management is the art of getting people to do what they need to do, and that's all about leadership. You know, we need to move the company forward and in this direction and, as a person, you may not agree with that. So, leadership is all about people management. And successful companies are able to cultivate leaders not only at the top of the business, but at all levels of the business.

Leadership doesn't have to reside exclusively within the C-suites of a company; it should really reside at every level of the company and it should be recognized, nurtured and rewarded.

M7: Tell us what different kinds of frauds AutheticID is equipped to prevent?
RT: AuthenticID is a document verification business. Largely, document verification is used for new account origination. So if you walk into a phone store and you want to sign up for a new phone plan or buy a phone, they will ask you for some form of government-issued identification…typically, a driver's license. What we will do through our application is authenticate whether or not that driver's license is a real license or is it synthetic or altered in some way to determine in this particular case, is Reed Taussig really Reed Taussig?
We work in that regard for different types of companies across the telecom space, government, financial services, as well as other kinds of industries where identification and authentication of government documents is required either by law or regulation, or the government or the company, and our customer feels the need to do so.

Read more: 'Innovative, strategic marketing that’s well-executed yields substantial ROI,' believes Ann-Strackhouse Miller


Each new invention and development has its positive and negative impact on the employee population and society, and AI is no different.

M7: Considering your active involvement in the boards of ClearData, Arkose Labs, and Darwinium, can you share your insights on the current trends shaping the anti-fraud software sector?
RT: Arkose and Darwinium are both anti-fraud companies. Clear Data is a regulation and compliance company. The fraud space continues, so AuthenticID is in the anti-fraud fraud space, Darwinium as well as Arkose Labs, we all address different aspects of that industry.
In the case of Arkose, they're looking at botnets, automated high-frequency attacks; Darwinium is looking at the entire life cycle for account takeover, card-not-present transactions; and AuthenticID, as I mentioned, does document authentication. The online fraud problem continues to grow, regardless of how many resources have been thrown at it. I've been involved in the anti-fraud security business since 2004, so, it’s been almost 20 years now.
The tactics have grown, the amount of money that is at risk has grown. You see it every day in the papers that some major company got hacked and lost credentials for 25,000 people or whatever the case might be, or got hacked either through ransomware or illegal transfer of funds and things like that. And really, the losses are measured not in millions or even billions, but hundreds of billions of dollars every single year.

If you look at the number of companies that have been invested in by venture capital and private equity to fight fraud, it's in the thousands, and that industry continues to grow. It's one of the few places right now in the start-up world that continues to attract capital just because it has become an arms race between the fraudsters. Many of them are well-organized; think of them as corporate entities. It's not some single guy sitting in a basement trying to use stolen credit cards. I mean, that does happen, obviously, but it's also an organized crime in a very sophisticated, very well-funded way. And in many cases, they’re government-sponsored kinds of activities. So it's an interesting industry.

New tactics are used every day. And amazingly enough, you can get on the dark web. You don't even have to write these programs anymore. You can actually buy software packages that are designed to commit fraud against victims, I mean, that’s the same as a word processing package or a payroll package. So it has become an institutional problem on both sides, where institutions on both sides compete against each other, in our case, to stop the fraud, in their case, to create the fraud.

M7: How do the solutions and services offered by your company benefit various industries? Could you please explain?
RT: In the case of AuthenticID, we benefit our customers by determining whether or not the credentials that are being used to identify a driver's license or a passport are authentic and that they haven't been altered. They're not somebody else's driver's license or a synthetic ID on which I put, you know, my picture or those kinds of things.
And so really, what we're doing is, risk-based authentication to determine whether Reed is Reed, to stop that fraud. That's true across all of these anti-fraud companies. They are addressing some aspects of a transaction to ensure that it's not fraudulent. In the case of Arkose Labs for example, in terms of dealing with high-frequency attacks, really what that comes down to is account takeover. It's called credential stuffing, where you create millions of credentials pairs and shoot them at a website to figure out if one of them is correct and that opens the door for you. Once that door is open, the fraudster can access your account.
So that's a big business in itself. Card-not-present fraud, which Darwinium deals with, as well as account takeover. A much more high-level issue is, again, risk-based authentication where I'm looking at all of the aspects of that user. Where are they? What devices are they using? Do they have a history? What else do I know about them? For example, somebody logs on to a system, and you can determine that this person has 35 email addresses and 25 devices that have been used. That person is probably a fraudster. Likewise, if you look at a document, that is what AuthenticID does, or if you can prove that an ID has been altered in some way, shape or form. It's not an authentic document. You can pretty much conclude then that the person who's presenting that document isn't trying to do a legitimate transaction.
So that's how we benefit our customers. We provide them with accurate information on a very timely basis. You know, seconds, milliseconds, which will allow them to decide whether they should accept or reject that transaction.

M7: Data privacy has always been a sensitive topic. How do fraud-detection companies ensure the confidentiality of various types of profiles while detecting and preventing fraud?
RT: That's a good question and it is a topic of discussion for every company trying to prevent fraud or protect themselves against fraud, as well as every company selling services or products to those companies to stop the fraud. There are global regulations now – GDPR, California Data Privacy, Australia Data Sovereignty, India has many privacy laws, so the list goes on.
Typically, what's happening is anti-fraud companies like AuthenticID, Darwinium, Arkose, we either tokenize the data– so  your name, address, telephone number, or social security number, whatever it is– we tokenize that so that it is not readable in a human form by humans at all or we use the data for a millisecond or two and then delete it, and it's gone. Then, of course, there's the whole issue of even more sensitive biometrics. But if you think about it, there have been some very clever solutions put in place by particularly Apple, for example, with Face ID. Face ID recognizes your face, but the only place that data is stored is actually on your device, your phone, and you've provided permission to Apple to store that information on your phone; it's under your control. If you want, you can delete it then.

Other exciting aspects of data privacy have become very difficult to deal with; for example, under GDPR and the State of California, both have the ‘Right to be Forgotten’. So I can contact a company, let's say it's Walmart or someplace I'm doing business with and say, whatever information you have about me, I want you to erase, and legally they have to do that.
The problem with that, of course, is that if you're a fraudster, they figure out that you're a fraudster and they deny a transaction, so you get back in touch with them and say, well, I want all this information about me to be deleted at this point in time. So there are a lot of competing agendas here that have become very hard to navigate if you're both an enterprise business trying to protect yourself from fraud or a company, like, AuthenticID, who is selling services and products to those companies to protect them against fraud.

The Europeans with GDPR, in particular, have extended their reach, so that even if you're in the United States, if you are a European citizen resident, the person doesn't have to be a citizen, he/she can be an American living in Europe. An American living in France logs on to book a hotel or a flight reservation in the United States and provides PII (personally identifiable information), on which you have to provide your name, address, credit card number and that information in some way is compromised even though that information is compromised outside of the EU, and in this case, in the United States, that US company becomes liable for that.

It's difficult to enforce something like that. But nevertheless, the whole issue around PII has become very contentious in some ways, and they're only being strengthened, not weakened. So it does provide advantages to fraudsters, there's no question about it. When you go to the airport and board an aircraft, you have to show some level of identification. In some cases, when traveling globally you provide biometric information, which is probably the most sensitive of all information, so to get on that airplane, you have to provide that level of detail. But, on the internet, the trend is to move away from collecting extensive PII data.

So, I could go on for a long time on the whole issue of data privacy. As CEO of AuthenticID and being on the board of these anti-fraud companies, it’s a priority. If you're involved in any kind of commerce whatsoever, the whole issue of data privacy is front and center in terms of managing risk and compliance as well as just getting your job done.

Read more: 'Enterprises that don't leverage AI and ML will likely be at a disadvantage,' believes Miquido's Jerzy Biernacki


Billions and billions of dollars are spent in buying equipment, buying software and employing people to stop fraud.

M7: What are the best practices for Knowledge-Based Authentication processes?
RT: It starts with people. Many instances of fraud are created due to phishing attacks or simply being unaware of an attack in process. On the dark web,, I was, for example, a victim myself of identity takeover where somebody acquired my credentials.  My driver's license number, my Social Security number, and my address were acquired on the dark Web, and they ended up leasing a Mercedes-Benz in my name. So it could happen to anybody, even if you are very aware of what's going on. As CEO of AuthenticID or any fraud company, you're always a target from the fraudsters who try to fool you into something.

There are so many examples, and I'm sure you get them yourself, where you get emails that say, "We're sorry, but your account has been temporarily suspended because of illegal entry, please log in and provide your credentials.” Well, that's never going to happen in most cases; I mean, if you log into Google from a new device, they'll send you an email and say, we noticed this login from this device, which we have not seen before. If this was you, fine, no responses are required, but if not, please call us or contact us or change your username and password or those kinds of things.

I probably get 10 phishing emails every day on my various email accounts. So you just have to be super aware of this, because it does start with people in terms of managing these kinds of systems. Secondly, of course, there are a lot of tools out there at different levels, whether it's network security, database security, data loss protection products, fraud risk-based authentication products, identity verification products, etc.

Most large enterprises will employ a dozen different solutions at different layers and levels of the company to try to protect themselves. So it's a big business. Billions and billions of dollars are spent in terms of buying equipment, buying software and employing people to stop fraud. But ultimately, what it really comes down to is a sense of awareness and caution on the part of the user, whether it's a home user or employee wherever you are, to make sure that who is asking you for information is legitimate, so you're not being phished in any way when someone tries that you give up any information that you shouldn't be.

M7: In your opinion, what are the most significant benefits that users across all sectors of the economy can anticipate receiving from artificial intelligence systems in the years ahead?
RT: That's a multi-dimensional question. I read yesterday that AI will put 300,000 jobs at risk. And that's probably true. If you're looking at low-level copywriting, for example, and other things, along those lines that computers, you know, can execute at that level. Undoubtedly, there will be dislocation in the marketplace. As was the case when building an automobile at the beginning of the 20th century was a manual process; cars were assembled by hand. Today they're assembled by robots largely. So the number of people involved in that is far less. But what it does also allow you to do is create new products.

AI will do this as well. It will enable you to develop new, impossible products and services that were unimaginable before the introduction of AI. And the investigations in medicine or every level of knowledge I believe will benefit from AI; at least, we don't end up in a science fiction situation where the computers go rogue on us. I don't think that'll happen, but we're looking at significant structural changes in the marketplace in the workforce, just as robots displaced people in the manufacturing space and the Internet.  Email, for example, has reduced the amount of postal mail. With cell phones, payphones have been replaced. There are no such things in the United States. I don't know about India, but you need help finding a payphone in the United States. They don't exist because everybody has a cell phone. So, each new invention and development has its positive and negative impact on the employee population and society, and AI is no different. So, it's going to have a significant effect.

M7: Could you please discuss any new ideas and developments that AuthenticID has in the pipeline for the coming years?
RT: Well, there are a lot of things that we are doing within the product and the product set, including the use of AI and machine learning to do a better job. And when I say a better job, there are different aspects of that.

We have a new release coming out – a new release of our product will provide at least 30% improvement in terms of document recognition. There are such things like false positives and false negatives. Sometimes we can't recognize a document particularly well because we’ve never seen it before, so we're not sure what it's supposed to look like. We're coming up with a number of improvements along those lines using AI.

The other issue, of course, is speed. Customers want a very fast turnaround. Say if you're in an online transaction. If you end up with, let's say, a 10-second delay because some vendor, it takes 10 seconds to read a document, the chances of that customer abandoning that transaction is very high. If all of a sudden everything stops for 10 seconds, and you see a sign “please, wait while we process,” a customer may ask ‘what's this?’ So there’s a large amount of abandonment as a result of that. Thus, faster and better document recognition are the things that we're looking at.

We're also toying with the idea of moving the company into other verticals. Largely right now, we're in financial services, we work with the government, we work with cable companies, and people like that. We're looking at new verticals to expand into potentially and geographically as well.

ABOUT AUTHENTICID

AuthenticID is a Washington-based company that offers AI-driven solutions for real-world identity verification. Its cutting-edge solution quickly, securely and accurately verifies identities, enabling businesses to conduct transactions confidently, strengthen underwriting, and reduce fraud-related losses. AuthenticID's AI technology uses fused machine learning algorithms and state-of-the-art computer vision to identify fake IDs, photo mismatches, and suspicious activity associated with names or faces. With an accuracy rate of over 99%, AuthenticID is a leader in identity verification quality. Its solution streamlines customer onboarding procedures, leading to double-digit increases in conversion rates with no increase in marketing spend.To know more about AuthenticID please visit; https://www.authenticid.com/

More C-Suite on deck

‘In the industry, we've observed fragmentation, especially among larger organizations,’ says Chris Fisher

Media 7 | October 16, 2023

Chris Fisher is a seasoned marketing professional who specializes in digital marketing and demand generation to fuel business growth. I integrate product messaging and innovative strategies with data-driven marketing to achieve quantifiable outcomes. Read on to know his thoughts about safeguarding the layers of Cyber-security.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

‘In the industry, we've observed fragmentation, especially among larger organizations,’ says Chris Fisher

Media 7 | October 16, 2023

Chris Fisher is a seasoned marketing professional who specializes in digital marketing and demand generation to fuel business growth. I integrate product messaging and innovative strategies with data-driven marketing to achieve quantifiable outcomes. Read on to know his thoughts about safeguarding the layers of Cyber-security.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

Related News

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Software Security

Deepwatch Announces New Forensic-Focused Operations Service To Enhance Cyber Resilience

Deepwatch | January 09, 2024

Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience. Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting. According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.” Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include: Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization. Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads. Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle. Reporting and Reviews - Deepwatch provides customers with reports, including: Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations. Summary presentations on the solution engagement status, including but not limited to hunting reports. Up to two executive reviews of the solution and observables per year. Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria. Annual intelligence reports on incident lessons learned and predictions. Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report. Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities. “As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.” About Deepwatch Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Software Security

Deepwatch Announces New Forensic-Focused Operations Service To Enhance Cyber Resilience

Deepwatch | January 09, 2024

Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience. Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting. According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.” Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include: Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization. Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads. Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle. Reporting and Reviews - Deepwatch provides customers with reports, including: Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations. Summary presentations on the solution engagement status, including but not limited to hunting reports. Up to two executive reviews of the solution and observables per year. Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria. Annual intelligence reports on incident lessons learned and predictions. Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report. Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities. “As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.” About Deepwatch Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.

Read More

Spotlight

AuthenticID

AuthenticID

AuthenticID’s disruptive and cutting-edge, AI-driven solution quickly, accurately, and securely reproduces real-world identity verification so that companies can be assured of who they are conducting business with, strengthen underwriting, reduce the losses associated with fraud, and streamline oner...

Events

Resources