DATA SECURITY

ActZero to Partner with Zeguro to Give Holistic Cyber Risk Management and Response for all Businesses

ActZero | June 10, 2021

ActZero, a cybersecurity startup, has decided to partner with Zeguro, a cyber-insurance provider, to create a complete cyber risk management solution for mid-size and small-size businesses.

As ransomware is becoming the norm and bad actors come against SMBs that are less-well-resourced, businesses seek far better solutions for security and insurance. To keep business premiums low and business secure, cyber insurance providers have long been advocated for clients to leverage response and detection capabilities that will reduce various risks of cyber threats in operations. This relationship will enable multiple organizations to know about management strategies of risks across both paths. The intelligent managed detection and response (MDR) service of ActZero provides protection, response, and monitoring 24/7 support.

Earlier times, advanced cybersecurity technologies were accessed by corporates only as it was considered a luxury. SMBs can effectively prevent intrusions and manage threats with ActZero. Innovation in machine learning and artificial intelligence and a novel combination of threat-hunting expertise of the platform will assist SMBs for it. ActZero has the capabilities that strengthen its clients to elucidate and toughen their security, strengthen their defense competencies, and significantly decrease risk over time.

The mission of Zeguro is to simplify cyber insurance through effortlessly achievable and comprehensible cyber quotes that can obtain in a few minutes. Customers of ActZero can take benefit of its relationship with Zeguro to inexpensively accomplish coverage for loss of revenue from payment fraud, breaches, regulatory fines, ransomware, and more.

About ActZero

ActZero enables companies to become secure utilizing fewer internal resources.  They combine threat hunting expertise with emerging AI and ML technology to identify more vulnerability more quickly, proactively recommend and prioritize actions to seal gaps, rapidly contain and remediate threats and ultimately harden their customers' cybersecurity posture. They illuminate a different path forward for IT and security professionals that don't involve building one's own SOC.

About Zeguro

Zeguro provides holistic risk management to organizations of all sizes through its integrated cybersecurity and cyber insurance solutions.  These solutions include insurance premiums tailored to the sector, size, and profile of a company and a suite of Cyber Safety tools for risk mitigation and compliance.

Spotlight

Bit9 conducted its third-annual survey on server security. In the past year, the inability to detect or stop advanced attacks has remained a constant challenge for enterprises. This survey was designed to analyze these challenges from respondents who are responsible for their organization's security posture.

Spotlight

Bit9 conducted its third-annual survey on server security. In the past year, the inability to detect or stop advanced attacks has remained a constant challenge for enterprises. This survey was designed to analyze these challenges from respondents who are responsible for their organization's security posture.

Related News

PLATFORM SECURITY

Zscaler Achieves Zero Trust Security-as-a-Service FedRAMP High Authorization

Zscaler | August 02, 2022

Zscaler, Inc., the leader in cloud security, today announced that Zscaler Internet Access™ (ZIA™) achieved Federal Risk and Authorization Management Program (FedRAMP) High Authority to Operate from the FedRAMP Joint Authorization Board (JAB). This federal government certification enables ZIA to meet civilian agencies’ high security requirements, as well as those of the Department of Defense (DoD) and other intelligence organizations. ZIA is currently the only Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution that has achieved FedRAMP’s highest authorization. FedRAMP High authorization indicates to federal decision-makers that ZIA and ZPA have undergone rigorous audits of critical security controls to protect the government’s most sensitive unclassified data in remote cloud computing environments. The company’s Zscaler Private Access™ (ZPA™), the other key component of the Zscaler Zero Trust Exchange platform, is also JAB High authorized, and along with ZIA, comprise the JAB High authorized Zscaler Zero Trust Exchange™ for federal customers. The certification confirms that ZIA can securely connect government users to external applications, including SaaS applications and internet destinations, regardless of device, location, or network, providing superior cyber and data protection for mission-critical government information. With both ZIA and ZPA now JAB-High authorized, agencies can resolve ongoing user experience and cost challenges associated with securing the explosive use of cloud-based applications. These challenges include continued poor user experience through VPNs, security risks from users who bypass VPNs leading to a lack of visibility and protection, and increased network usage costs associated with backhauling the growing volume of internet traffic flowing through the government's TIC. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE) – a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the Moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including zero trust, as well as met TIC 3.0 use cases. "This FedRAMP High authorization elevates Zscaler and our support of the US government as currently the only cloud security company with two FedRAMP High JAB authorizations in the market," said Drew Schnabel, Vice President of Federal at Zscaler. Federal agencies, DoD commands, and federal contractors can now take full advantage of the Zero Trust Exchange at the JAB High or Moderate level. Customers can align their security posture with their workload requirements and meet Executive Order 14028 zero trust goals at all levels available under the FedRAMP program. “Delivering zero trust and SASE through FedRAMP authorized platforms at the highest impact levels is crucial for the security of our nation's future. “Zscaler committed to our customers that we would deliver a comprehensive zero trust and SASE platform at the High and Moderate baseline levels. Today, we are proud to announce we have met that commitment. The Zscaler team continues to follow the guidance of Executive Order 14028, CISA’s TIC 3.0 and zero trust use cases, DOD/DISA’s National Defense Authorization Act, and our customers and partners. We are delivering FedRAMP High authorized cloud platforms, while helping agencies modernize and transform their legacy cybersecurity environments to cloud-based SASE and zero trust solutions.” Stephen Kovac, Chief Compliance Officer at Zscaler “FedRAMP High is a must-have for many federal agency deployments,” said Zeus Kerravala, Founder and Principal Analyst at ZK Research. “We see more and more CISOs and CIOs across state and local government, education, and the private sector recognizing the value of a third-party validated security assessment.” The Zero Trust Exchange is a cloud-native security platform that securely connects any user, device, and application, regardless of location. Following the principle of least-privileged access, the platform establishes trust through user identity and context – including location, device, application, and content – and then creates secure, direct connections based on policy enforcement. The platform supports IT federal mission transformation by reducing costs, eliminating the internet attack surface, and preventing lateral movement of threats while providing an excellent user experience. The Zscaler Zero Trust Exchange is powered by the world’s largest security cloud, with more than 10 years of operational excellence enabling the processing of more than 240 billion daily transactions and stopping over seven billion threats and policy violations per day for the largest, most demanding organizations around the globe. Today’s news builds on recent announcements including: Zscaler Private Access Achieves DoD Impact Level 5 (IL5) Zscaler is chosen to run a pilot program in support of Executive Order 14028 by the National Institute of Standards and Technology (NIST) Zscaler is First Zero Trust Remote Access Cloud Service to Achieve FedRAMP-High JAB Authorization ZIA™ receives Authorization to Operate (ATO) at the Moderate Impact level Zscaler is a Leader in the 2022 Gartner Magic Quadrant for Security Service Edge (SSE), following up 10 consecutive years as a Leader in the Gartner Magic Quadrant for Secure Web Gateway About FedRAMP FedRAMP is a government-wide program with input from numerous departments, agencies, and government groups. The program’s primary decision-making body is the Joint Authorization Board (JAB), comprised of the CIOs from DOD, DHS, and GSA. In addition to the JAB, other organizations such as OMB, the Federal CIO Council, NIST, DHS, and the FedRAMP Program Management Office (PMO) also play key roles in effectively running FedRAMP. Using a “do once, use many times” framework, the program ensures information systems/services used government-wide have adequate information security; eliminates duplication of effort and reduces risk management costs; and enables rapid and cost-effective procurement of information systems/services for federal agencies. About Zscaler Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Xage Recognized in 2022 Gartner® Innovation Insight for Cyber-Physical Systems Protection Platforms

Xage | August 20, 2022

Xage, the zero trust real-world security company, was recently cited as a Representative Vendor among CPS Protection Platforms in Gartner 2022 Innovation Insight for Cyber-Physical Systems Protection Platforms report. The company was also named in Gartner 2022 Market Guide for Operational Technology Security. “As organizations connect operational or mission-critical systems, or deploy automation and digital transformation technology, they create cyber-physical systems (CPS) that security and risk management leaders must accommodate. Enter cyber-physical systems protection platforms — new solutions for a new security reality,” said Gartner analysts Katell Thielemann. “The changing technology and threat landscape is forcing security and risk management leaders to think about security differently when it comes to CPS. A new discipline of CPS asset-centric security is evolving, anchored by a new set of CPS protection platform vendors.” Asset-centric security allows operators to move beyond the old network-centric security model – aiming to keep hackers off the network – to a modern security architecture that protects access to each asset individually regardless of who has network-level presence. In fact, Gartner predicts that through 2025, 70% of companies will deploy CPS protection platforms as the first step in their asset-centric journey. “An asset-centric approach to access management – implementing strong credentials, password rotation, multi-factor authentication (MFA) and asset-by-asset access control – is critical to protect assets from attack. “Xage has seen in our customer deployments how an asset-centric security approach enables strong zero trust protection which can be achieved without ripping and replacing existing systems and infrastructure.” Duncan Greatwood, CEO of Xage Xage helps operators protect their assets using an identity-centric, asset-centric zero trust architecture. Xage’s capabilities include identity-based access management and privilege enforcement, zero trust remote access, multi-layer multi-factor authentication (MFA), and dynamic data security that protects sensitive operational data. About Xage Xage is the first and only zero trust real-world security company. The Xage Fabric accelerates and simplifies the way enterprises secure, manage and transform digital operations across OT, IT, and cloud. Xage solutions include Identity & Access Management (IAM), remote access, and dynamic data security, all powered by the Xage Fabric. To explore how the Xage Fabric can secure and transform your organization, visit Xage.com. Xage is currently offering a free trial for secure remote access to qualified critical infrastructure operators.

Read More

PLATFORM SECURITY

SecurityScorecard Helps CISOs See, Resolve and Communicate Cyber Risks Clearly with Integration of Ratings Platform and Suite of Professional Services

SecurityScorecard | August 10, 2022

SecurityScorecard, the global leader in cybersecurity ratings, today announced the integration of its Professional Services offering with its ratings platform to provide a single point of orchestration to manage cybersecurity risks. SecurityScorecard’s Professional Services team can help any customer manage cybersecurity risk in concert with the industry’s largest and most comprehensive global, cyber risk data set, setting the industry standard for how cyber risk is quantified, measured and reduced. SecurityScorecard delivers strategic, proactive and acute-scenario services paired with its industry-leading ratings platform that together provide end-to-end cyber risk management from monitoring to remediation. “CISOs are under pressure to protect their organizations, and are now accountable to the Board of Directors, but they lack a single-point of orchestration for cybersecurity workflow and to define success. “Our services and software platform provides CISOs with peace of mind that they have the broad visibility to take action quickly, hold their vendors accountable and communicate those actions promptly.” Aleksandr Yampolskiy, co-founder and CEO, SecurityScorecard SecurityScorecard’s Professional Services team utilizes the combined data and dynamic risk intelligence from the SecurityScorecard platform together with customized data derived from dark web mining to give each customer a holistic, full-spectrum view of their risk posture that is continuously assessed and triaged. SecurityScorecard’s suite of Professional Services is supported by a team of 24/7 Digital Forensic Incident Response (DFIR) experts and include: Cyber Risk Intelligence-as-a-Service provides organizations with tailored, actionable intelligence via SecurityScorecard’s threat intelligence team. Third-Party Risk Management (TPRM) Program includes workshops and customized roadmaps to help organizations mature their programs. Tabletop Exercises help test teams’ cyber readiness against a real-world cyber incident by practicing incident response scenarios. Penetration Testing and Red Team Exercises engage covert teams of ethical hackers to identify weaknesses. Digital Forensics & Incident Response (DFIR) support helps to collect, preserve and analyze digital evidence when responding to an incident, whether that be an insider threat situation or a nation state attack. SecurityScorecard’s team of experts regularly testify in court and collaborate with law enforcement. Incident Response support is also available 24/7 and onsite during a crisis, such as a ransomware incident, to help contain attacks, identify the threat actors and safely progress to the eradication phase. SecurityScorecard’s Professional Services team also helps prevent churn across internal security and TPRM teams by giving them the expertise to maintain program integrity and business uptime, particularly for under-resourced teams, regardless of cyber or third-party risk maturity. About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More