DATA SECURITY

Balbix Allows CISOs to Quantify their Cybersecurity Posture Risk in Dollars

Balbix | August 04, 2021

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the launch of its Automated Cyber Risk Quantification (CRQ) solution. Balbix's new offering allows organizations to produce a single, comprehensive view of their cyber risk in dollars (or other currencies) so they can prioritize and fix security vulnerabilities faster and reduce breach risk by 95% or more. For example, to protect itself against ransomware attacks, an organization could use Balbix to identify the assets that would be most costly if held to ransom and quickly act to reduce these risks.

Automated cyber risk quantification

Calculating breach risk in monetary terms provides a common language that organizations - from security engineers and IT admins to the CISO, CFO and CIO - can use to prioritize projects and spending, and track the effectiveness of their overall cybersecurity program. However, most organizations have struggled with measuring cyber risk due to their reliance on complicated manual processes and dozens of isolated IT, security and business tools.

The Balbix Automated CRQ solution uses machine learning and automation to quantify both the likelihood and the impact of a potential breach, and remove complex and error-prone tasks. As a result, organizations can:

Build a unified cybersecurity asset management program
Prioritize enterprise vulnerabilities
Quantify cyber risk in monetary terms
Customize security analytics and board-level reporting
"Balbix is an industry-leading platform that consolidates cyber risks into a single reportable model," said Rhonda Gass, Chief Information Officer at Stanley Black & Decker. "This technology is enabling us to scorecard our risk remediation performance and gain continuous visibility into open security issues."

"The Infosec industry has struggled for a long time to quantify the security posture of their organizations in clear cyber risk terms denominated in Dollars (or Euros, Pounds, Yen, etc.),'' said Jon Oltsik, Senior Principal Analyst and Fellow at ESG. "As a result, the right decisions don't get made, leaving the enterprise vulnerable to attack and compromise. Balbix's innovative offering has the promise of changing this equation."

Seamless data collection

Balbix also released new streaming and snapshot connectors. Streaming connectors are agentless and connect via API to the data source and pull in data on a specified schedule and thus are easy to deploy and manage. Snapshot connectors are used to ingest data using .csv or other formats. Organizations can use these connectors to ingest data from dozens of data sources including vulnerability assessment tools, CMDB, EDR, firewalls, SIEM, MDM systems, AppSec systems, OT/IoT management systems, Active Directory, DNS/DHCP and cloud infrastructure APIs. Moreover, the connectors are highly scalable. For example, Balbix typically ingests several 100s of terabytes per day from customers with environments containing 250,000 assets.

"We are very pleased to introduce our new cyber risk quantification offering," said Gaurav Banga, Founder and CEO of Balbix. "Cybersecurity tools generate mountains of data. Traditionally, infosec teams have had to sift through massive vulnerability scans, attack simulation reports and app vulnerability results to prioritize issues that should be addressed first. Then they had to explain their actions to non-cyber stakeholders in business risk terms. This has been an impossible job. The new Balbix Automated CRQ solution makes easy work of this task by automating much of the workflow."

About Balbix

Balbix provides the world's leading platform for cybersecurity posture automation. Using Balbix, organizations can discover, prioritize and mitigate unseen risks and vulnerabilities at high velocity. With seamless data collection and petabyte-scale analysis capabilities, Balbix is deployed and operational within hours, and helps to decrease breach risk immediately. Balbix counts many global 1000 companies among its rapidly growing customer base and was named a "Cool Vendor" by Gartner in 2018.

Spotlight

How do fraudsters go about stealing identities, and how can you stop them? ID verification company Jumio spoke to convicted ex-fraudsters, professional criminologists, law enforcement practitioners and fraud managers to uncover some of the most commonly used exploits. This white paper presents what they heard first-hand about how convicted fraudsters steal identities.

Spotlight

How do fraudsters go about stealing identities, and how can you stop them? ID verification company Jumio spoke to convicted ex-fraudsters, professional criminologists, law enforcement practitioners and fraud managers to uncover some of the most commonly used exploits. This white paper presents what they heard first-hand about how convicted fraudsters steal identities.

Related News

DATA SECURITY

Barracuda Has Completedits Acquisition of SKOUT Cybersecurity

Barracuda | July 14, 2021

A leading provider of cloud-enabled security solutions and trusted partner, Barracuda Networks, Inc., has announced its completion of the acquisition of SKOUT Cybersecurity. SKOUT Cybersecurity is a leader in cyber-as-a-service software, a provider of an extended detection and response (XDR) platform and service and for Managed Service Providers (MSPs), based in Melville, NY. Acquisition highlights:  • SKOUT's XDR platform links with serious security infrastructures such as firewall, email, identity, access, and a 24x7 SOC that aids the uncovering of and replies to cyberattacks. • Enlarges Barracuda's solutions for MSPs, offering an XDR platform for practical real-time nonstop security monitoring with response services for succeeded networks, endpoints, and cloud. • Allows clients to address threats more competently with supplementary threat analysis, threat detection, and response capabilities. • By mixing with existing security substructure, SKOUT deals investment security for MSPs, making it more remarkable to handle cyberattacks in varied customer settings. • Removes clients' staffing and training for 24x7 service instead ofusing SKOUT's security specialists to handle the SOC process. It offers MSPs choice and tractability when building out their cybersecurity practice and features an influential mixture of solutions, enablement tools, and human security know-how. About Barracuda Barracuda strive to make the world a safer place. More than 200,000 organizations worldwide trust Barracuda to protect them.Barracuda Networks, Barracuda, and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the US and other countries.

Read More

DATA SECURITY

CyberSN acquires Leader Matt Donato of cybersecurity staff to expand reach into the Southeast & Mid-Atlantic region

prnewswire | November 17, 2020

CyberSN, an innovation engaged ability securing firm in the U.S. zeroed in only on cybersecurity experts has reported its extension in the Southeast and Mid-Atlantic areas with the employing of Matt Donato and Drew Crisan in Charlotte, NC. Matt Donato joins CyberSN as its Managing Director South Region liable for all action from Washington DC to Florida. Preceding CyberSN Matt was one of the Founders of a Charlotte, NC based cybersecurity staffing firm. "I am so eager to join the CyberSN family and consolidate my affection for cybersecurity with the staggering assets at CyberSN. I am anticipating extending the CyberSN brand in this locale," said Donato. Drew Crisan additionally joins CyberSN as its Cybersecurity Recruiting Manager for the East and South Regions. CyberSN Founder and CEO Deidre Diamond said of the extension, "we are seeing an expanded interest for our administrations, particularly our Resume Service, called Talent Scout, where we accomplish a large portion of the work and our customers do half, for a large portion of the cost. This development with solid pioneers like Matt and Drew implies we can more readily support this area." North Carolina is a developing business sector with a 128% development in tech work postings in 2019 and an extended requirement for 3,960 extra data security examiners by 2024. These positions are progressively open to out-of-territory up-and-comers, which will permit neighborhood organizations to use the CyberSN public organization of employment searchers. As indicated by NCTECH's positions rundown, "the Charlotte locale added 39,413 tech occupations a year ago," which was instrumental in CyberSNs' choice to add assets to this district, said Diamond. "We are multiplying down broadly in all business sectors. Our resume administration, dispatched recently, has demonstrated to be truly attractive. With more administration hands on the wheel, we can support substantially more of the network we love," said Diamond. About CyberSN Founded in 2014, CyberSN is solely focused on the cybersecurity talent industry serving as a trusted brand across the U.S. Recognized by their unique care and dedication to the cyber community, diversity and inclusion initiatives, and KnowMoreTM, their cybersecurity job posting and talent matching platform.

Read More

DATA SECURITY

Honeywell Cybersecurity Research Reports Significant Increase In USB Threats That Can Cause Costly Business Disruptions

Honeywell | June 22, 2021

According to a report released today by Honeywell (Nasdaq: HON), USB-based threats that can severely impact business operations increased significantly during a disruptive year when the usage of removable media and network connectivity also grew. Data from the 2021 Honeywell Industrial USB Threat Report indicates that 37% of threats were specifically designed to utilize removable media, which almost doubled from 19% in the 2020 report. The research also highlights that 79% of cyber threats originating from USB devices or removable media could lead to a critical business disruption in the operational technology (OT) environment. At the same time, there was a 30% increase in the use of USB devices in production facilities last year, highlighting the growing dependence on removable media. The report was based on aggregated cybersecurity threat data from hundreds of industrial facilities globally during a 12-month period. Along with USB attacks, research shows a growing number of cyber threats including remote access, Trojans and content-based malware have the potential to cause severe disruption to industrial infrastructure. "USB-borne malware was a serious and expanding business risk in 2020, with clear indications that removable media has become part of the playbook used by attackers, including those that employ ransomware," said Eric Knapp, engineering fellow and director of cybersecurity research for Honeywell Connected Enterprise. "Because USB-borne cyber intrusions have become so effective, organizations must adopt a formal program that addresses removable media and protects against intrusions to avoid potentially costly downtime." Many industrial and OT systems are air-gapped or cut off from the internet to protect them from attacks. Intruders are using removable media and USB devices as an initial attack vector to penetrate networks and open them up to major attacks. Knapp says hackers are loading more advanced malware on plug-in devices to directly harm their intended targets through sophisticated coding that can create backdoors to establish remote access. Hackers with remote access can then command and control the targeted systems.

Read More