Cyware | June 28, 2021
Cyware, the well-known and the only Virtual Cyber Fusion Platform provider of the industry, has announced their strategic partnership with A-ISAC (Aviation Information and Analysis Center) to make them and its members timely respond to threat intelligence. This partnership will enable members of A-ISAC to run end-to-end security automation, incident response programs, and threat hunting more efficiently leveraging Cyware’s Cyber Fusion platform.
A-ISAC, the global consortium for cybersecurity information, shares cybersecurity information across the aviation sector. It was founded by seven global aviation companies in 2014. It was established itself for the global aviation community as the trusted point of coordination related cyber threats.
In the aviation industry, A-ISAC can get help from Cyware for collecting and sharing alerts on the changing threat intelligence and landscape around specific attacks. With Threat Intelligence Exchange (CTIX) and Situation Awareness Platform (CSAP) of Cyware, members of A-ISAC can automatically share threat intelligence such as malware alerts, indicators of compromise (IOCs), security incidents, phishing, vulnerability advisories, and spear phishing attacks among its global aviation community.
Cyware is a company that helps enterprise cybersecurity teams for building various platform-agnostic virtual cyber fusion centers. Security operations are transformed by Cyware is using the only Virtual Cyber Fusion Center Platform of cybersecurity industry with next-generation security orchestration, automation, and response (SOAR) technology. It help organizations increase accuracy and speed.
About the Aviation ISAC
The Aviation ISAC, a worldwide, non-profit membership association, was created to help the timely exchange of susceptibilities, best practices, and threat intelligence to decrease operational hazards and offer the resources for reliable sharing and qualified exchange. It has members on five continents. Vision of ISAC is an efficient, safe, secure, and resilient international air transportation system.
CYFIRMA | June 25, 2021
CYFIRMA, a threat discovery and cyber-intelligence platform company, funded by Goldman Sachs, Zodius Capital and Z3Partners, today announced that Zuellig Pharma, a leading healthcare services provider in Asia, has selected DeCYFIR, a cloud-based, AI-powered cybersecurity platform, to gain further visibility into its external threat landscape to uncover hacking campaigns and avert cyberattacks.
In the last 18 months, the COVID-19 pandemic has seen the global healthcare industry falling victim to cybercriminals taking advantage of the chaos. According to CYFIRMA researchers, cyberattacks on healthcare more than doubled in 2020. COVID-19 response efforts, including vaccine research and supply chain were the largest focus of these targeted campaigns.
With CYFIRMA's DeCYFIR platform, Zuellig Pharma has bolstered its cyber defence ammunition to accurately uncover cyberattacks at the early planning stage and take remedial actions to close vulnerabilities before hackers can compromise the network. The platform enables further visibility into the external threat landscape by monitoring the dark web, hacker forums and various closed communities to look for threat indicators that would signal cybercriminals planning to exploit security weaknesses that could lead to business disruption.
Vectra AI | August 06, 2021
Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.
As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found:
64% of DevOps respondents are deploying new workload services weekly or even more frequently
78% of organizations are running AWS across multiple regions (40% in at least three)
71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.)
The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include:
30% of organizations surveyed have no formal sign-off before pushing to production
40% of respondents say they do not have a DevSecOps workflow
71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers.
Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure.
"Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness."
Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS.
To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report or read our companion blog.
Vectra is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office 365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem.