DATA SECURITY

BitSight and Glass Lewis Partner to Expand Investor Understanding of Cybersecurity

BitSight | September 28, 2021

BitSight, the standard in security ratings, and Glass Lewis, the leading provider of independent global governance solutions, today announced a strategic partnership to include critical cybersecurity information – comprised of BitSight Security Ratings, data, and insights – with Glass Lewis' Proxy Paper research reports. Information on 20,000+ companies will be included in an effort to help investors better understand how cybersecurity issues may affect their investments.

Investor concerns around environmental, social, and governance issues continue to rise, leading to closer examinations of management and board effectiveness in addressing these challenges. Failure to adequately manage cyber risk can materially impact a company's revenue and financial performance. BitSight's Security Ratings and data will supply Glass Lewis clients with data-driven, evidence-based cybersecurity intelligence, which, in turn, will provide new visibility into a dimension of company performance and governance.

Investors are mostly in the dark when it comes to the cybersecurity of their investments.Providing Glass Lewis clients with BitSight ratings and data alongside its proxy research reports will deliver the insights necessary to have an enhanced understanding of the efficacy of a company's oversight of cybersecurity risks and outcomes. It's a new era in informing investors about cyber risks.

Steve Harvey, BitSight's chief executive officer.

"The BitSight Security Rating and insights will allow our clients to identify cyber risk exposure, potentially minimizing both reputational risk and long-term financial losses," said Dan Concannon, Glass Lewis Chief Commercial Officer.  "We are excited to include the industry's most respected and widely leveraged Security Rating in our Proxy Paper research reports allowing our clients to address this rapidly expanding risk."

The landscape of governance, especially as it pertains to cyber controls, is changing rapidly and institutions from the United Nations to the Securities and Exchange Commission (SEC) are increasingly focused on market transparency for global investors. Beginning in 2011 with its landmark cybersecurity guidance, the SEC has signaled that cybersecurity is a material business risk requiring consistent, adequate disclosure. The SEC created a cyber enforcement unit in 2017, updated guidance in 2018, and recently levied a series of fines at companies over inadequate disclosures of cybersecurity issues.

Over 1,300 clients, including most of the world's largest pension plans, mutual funds, and asset managers who collectively manage over $40 trillion in assets, use Glass Lewis' research and technology solutions to inform and facilitate their corporate governance activities.

About BitSight
BitSight is transforming the way that the global marketplace addresses cyber risk with cybersecurity ratings and analytics. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and improve national security. With 2,300 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings.

About Glass Lewis:
Glass Lewis is the leading provider of independent global governance solutions. We enable institutional investors and publicly listed companies to make sustainable decisions based in research and data. We cover 30,000+ meetings each year, across approximately 100 global markets. Our customers include the majority of the world's largest pension plans, mutual funds, and asset managers who collectively manage over $40 trillion in assets. Our core solutions include Proxy Paper proxy research and Viewpoint proxy vote management platform.

Spotlight

The potential costs of a data breach can shutter a small business, yet many are in denial about the severity of their exposure and necessity to apply diligence in security practices. In the current threat climate, compromised usernames and passwords are often exploited and are one of the leading factors contributing to data loss. Bolstering standard username/password authentication with twofactor authentication guards against lost or stolen passwords and in some cases is a regulatory requirement. Many employees already carry a smartphone that can support two-factor authentication, which makes this security protection practical and affordable for smaller businesses.

Spotlight

The potential costs of a data breach can shutter a small business, yet many are in denial about the severity of their exposure and necessity to apply diligence in security practices. In the current threat climate, compromised usernames and passwords are often exploited and are one of the leading factors contributing to data loss. Bolstering standard username/password authentication with twofactor authentication guards against lost or stolen passwords and in some cases is a regulatory requirement. Many employees already carry a smartphone that can support two-factor authentication, which makes this security protection practical and affordable for smaller businesses.

Related News

END POINT PROTECTION

SentinelOne and Mimecast have teamed up to provide better end-to-end threat protection for corporate devices and email

SentinelOne | February 07, 2022

SentinelOne, an independent cybersecurity platform firm, announced a new integrated solution with Mimecast to increase end-to-end threat prevention, speed incident response, and reduce security team delays. SentinelOne and Mimecast allow security teams to take advantage of cooperative defenses and quickly respond to attacks across email and endpoints using XDR automation for a holistic approach to incident response. Security operations teams are stretched to the limit investigating and remediating each incident as tactics change, threat actors' sophistication grows, and new vulnerabilities are discovered regularly. Email continues to be one of the most widely used attack channels. According to Mimecast's State of Email Security report for 2021, risks have increased by 64% during the pandemic, and 70% of businesses expect to be impacted by an email-borne attack. As a result, organizations are looking for integrated defenses to safeguard email and improve incident response capabilities while reducing complexity, minimizing risk, and relieving pressure on an already overworked security team. “Email inboxes are often a prime vector for attacking the enterprise. Mimecast detects new threats through our multi-layered inspection capabilities, helping security operations teams who are still spending too much time on the manual collection, normalization, and prioritization of data,” said Julian Martin, VP Ecosystem & Alliances, Mimecast. “Our integration with SentinelOne solves for this challenge, improving and accelerating the incident response capabilities we offer our customers. As the cyber threat landscape continues to expand, detecting and responding to these threats in real-time is crucial for an organization’s security infrastructure,It’s important to leverage trusted security platforms like those offered by SentinelOne and Mimecast to help identify and mitigate the risk of cyberattacks.” Ahmed Shah, Senior Vice President of Strategic Alliances, Optiv The integrated solution from SentinelOne and Mimecast strengthens and accelerates incident response capabilities across all security layers, including email, endpoints, and the cloud. For example, when a threat is detected in SentinelOne, the integration takes automatic measures like suspending a particular user's email, blocking that user's email, or quarantining the email account. “The speed and sophistication with which adversaries are attacking organizations has become staggering, and too often SOC teams are burdened with investigating security issues as opposed to solving them,” said Yonni Shelmerdine, VP Product Management, SentinelOne. “The integrated solution enables our customers to accelerate incident response and contain threats faster by automatically quarantining affected users in Mimecast. This ultimately reduces complexity, minimizes risk, and decreases the demands on SOC teams.” With XDR automation, Mimecast and SentinelOne's combined solution provides never-before-seen holistic protection across client email and endpoints, dramatically increasing end-to-end threat detection and incident response.

Read More

DATA SECURITY

Tammy Moskites, a Veteran CISO, has been Appointed to AppViewX's Advisory Board

AppViewX | May 04, 2021

AppViewX, the leader in next-gen machine identity management via automation and application delivery automation, today announced the appointment of Tammy Moskites, CEO and founding father of CyAlliance®, as Executive Board Advisor. Tammy joins the AppViewX planning board to supply strategic cybersecurity guidance to customers and across go-to-market channels to drive awareness, growth, and customer success. With over 30 years of technology experience, security acumen and leadership Tammy may be a result-driven and passionate executive who helped create the Machine Identity Management market category and enterprise requirements to raised govern keys and certificates. As a distinguished career CISO, Tammy actively guides peer CISOs and security architects worldwide to assist defend their organizations from cyber attacks, unplanned outages, and failed audits. Tammy has previously held executive security and technology leadership roles at Accenture, Venafi, Time Warner Cable, and residential Depot. "We're delighted to possess Tammy Moskites to join AppViewX as an Executive Board Advisor," said Gregory Webb, AppViewX CEO. As cryptographic keys and certificates became the critical infrastructure for DevOps, SecOps, and NetOps, the importance of Machine Identity Management to an organization's overall security posture and digital transformation has become a top priority. As a highly experienced and influential executive, Tammy will add significant value to our team. Her experience as a successful career CISO is invaluable to us as we still accelerate growth and supply the foremost comprehensive, next-gen machine identity management solution for global enterprises." Tammy may be a highly recognized cyber and ladies in technology social influencer. Amongst the various things she is involved in, she may be a Ventture Advisor to YL Ventures, a Distinguished Fellow with the Ponemon Institute, and volunteers her time with many technology organizations. She is an internationally recognized keynote/speaker, not only on security and governance but also on career building, women in technology, and leadership mentoring. She is currently an executive company board advisor to Blue Lava, Raxis, RiskIQ, and SecureAuth and a seed investor at Grip Security. "I was an early voice, champion, and adopter of what's now, Machine Identity Management, which dates back nearly 10 years," said Tammy Moskites, Executive Board Advisor at AppViewX. "As a career CISO, I even have always had a passion and expressed the need to manage your keys and certificates and shared that zeal worldwide. I even have certainly been excited to observe the expansion and maturity during this cybersecurity space as an entire. I feel that AppViewX is maturing Machine Identity Management and also within the areas of IoT Key/Certificate Lifecycle Automation, PKI Management/PKIaaS, and Application Delivery Automation. I'm truly impressed by their dedication, focus, and most significantly, their passion for 'doing the proper things right' – which has allowed them to require Machine Identity and Automation to a subsequent level! I'm super excited to be an Executive Board Advisor at AppViewX and appearance forward to their partnership with CyAlliance® and welcome them to our Cy'Alliance' portfolio of partners!" According to Gartner's Top Security and Risk Management Trends for 2021, Machine identity Management may be a top trend for 2021. "Machine identity management aims to determine and manage trust within the identity of a machine interacting with other entities, like devices, applications, cloud services, or gateways. Increased numbers of nonhuman entities are now present in organizations, which suggests managing machine identities has become an important part of the safety strategy." About AppViewX AppViewX is revolutionizing the way NetOps and DevSecOps teams deliver Machine Identity Management and Application Delivery Automation solutions services to Enterprise IT. The AppViewX Platform may be a modular software application that permits the automation and orchestration of network infrastructure using an intuitive, context-aware, visual workflow. It quickly and simply translates business requirements into automation workflows that improve agility, enforces compliance, eliminate errors, and reduce cost. AppViewX customers are among the world's most demanding Fortune 1000 organizations in financial services and banking, healthcare, oil and gas, manufacturing, and high tech.

Read More

DATA SECURITY

Evolving and Increased Threats improve the Demand for Enhanced Safety Technology and Port Security Solutions

Frost & Sullivan | June 22, 2021

According to Frost & Sullivan, security spending will be pushed by the new developments in the region such as Africa, APAC, and the Middle East. The shipping industry contributes 90% of global trade volume. The recent analysis by Frost & Sullivan on the global maritime port security market reveals that international governments prioritize the secure and safe transportation of various goods to ensure economic stability and growth. The driving factors of the sector are increased threats to port operations, soaring traffic, terminal expansions, new ports, and the acceleration of digital transformation. Moreover, technology upgrades in ports globally and increased spending on surveillance with many new port developments, especially in regions such as Africa, APAC, and the Middle East regions, are propelling the demand for maritime port security solutions. As a result, the global industry is expected to hit, by 1930, $9.10 billion, from $6.74 billion in 2020. Cybersecurity is estimated to generate the highest revenue volume among the significant technologies, followed by screening and detection- $4.08 billion and $1.69 billion, respectively. Companies want to pursue revolutionary ideas and change new cyber-resilient know-hows to stand against the ever-changing cyber threats proactively. To attain this, market contributors should emphasize on: • Integrated systems for effective security operations • Managed services business model • Cybersecurity of physical security systems A Dynamic Threat Landscape Propels the Global Maritime Port Security Market is the newest addition to Frost & Sullivan's Aerospace & Defense research and analyses accessible through the Frost & Sullivan Leadership Council, which supports administrations identify a constant flow of growth prospects to prosper in an impulsive future. About Frost & Sullivan Frost & Sullivan, for six decades, has been world-known for its part in helping shareholders, corporate leaders, and governments cross economic changes and identify new business models, troublesome technologies, Mega Trends, and companies to action, resulting in a constant flow of development openings to lead future achievement.

Read More