DATA SECURITY

BitSight and Marsh McLennan Collaborate to Bolster Organizations' Cybersecurity Performance

BitSight | November 24, 2021

Exclusive Networks, a global trusted cybersecurity specialist for digital infrastructure, today announced its worldwide distribution agreement with Infinipoint, a provider of a pioneering Device-Identity-as-a-Service (DIaaS) security solution that uniquely enables the critical device pillar of the zero-trust cybersecurity approach. Focusing on mid-market aligned partners – initially in Europe covering France, Germany, and the UK with a view to extending across global territories from early 2022 – Exclusive will be supporting Infinipoint growth targets both through net new opportunities and by capitalising on technology integrations (i.e., SASE, MFA, ZTNA, etc.) and alliances from within its vendor portfolio.

Commenting on the announcement, Andy Travers, EVP Worldwide sales & Marketing at Exclusive Networks said, "Of the seven pillars propping up the concept of zero-trust architecture (ZTA), partners have struggled most to position a strong story around zero-trust for device access because specialist solutions simply haven't existed. That's all changed with Infinipoint and DIaaS. Enterprises know that implementing the zero-trust for devices piece right is essential – and with Infinipoint we're breaking down that barrier. It's a great solution and fits perfectly into our cyber ecosystem. DIaaS also naturally supports a multitude of consumption models which makes it readymade for scaling out globally via our X-OD on-demand platform."

Launched in July this year, DIaaS has been gaining significant market traction. Exclusive will build on this demand to accelerate and scale globally through its specialist go-to-market services and ecosystem of over 18,000 channel partners.

Ariel Kriger, Global VP, Sales & Business Development at Infinipoint said, "Infinipoint is pioneering the Device-Identity-as-a-Service security category and is the first and only solution to provide Single Sign-On (SSO) authorisation integrated with risk-based policies and self-service one-click remediation for non-compliant and vulnerable devices.

"Exclusive Networks was the natural choice to support our market acceleration, possessing

the necessary specialist cyber expertise and global scale to enthuse, educate and serve pent-up partner demand for this gap in the zero-trust market. Extending a zero-trust security posture to devices remains an essential and urgent requirement for every work-from-anywhere workforce. And to do it properly you have to do it by design, with adaptive access controls acting on device context, continuously checking device posture not just at the point of access – all the while not burdening the IT department or negatively impacting end user productivity. None of this is easy to do, but we've done it and now partners, and their customers can reap the benefit."

About Exclusive Networks
Exclusive Networks is a global trusted cybersecurity specialist for digital infrastructure helping to drive the transition to a totally trusted digital future for all people and organisations. Our distinctive approach to distribution gives partners more opportunity and more customer relevance. Our specialism is their strength – equipping them to capitalise on rapidly evolving technologies and transformative business models.

The Exclusive Networks story is a global one with a services-first ideology at its core, harnessing innovation and disruption to deliver partner value. With offices in 40 countries and the ability to service customers in over 150 countries across five continents, Exclusive Networks has a unique 'local sale, global scale' model, combining the extreme focus and value of local independents with the scale and service delivery of a single worldwide distribution powerhouse.

About Infinipoint
Infinipoint is a pioneer in the Device-Identity-as-as-Service security category to extend a true zero-trust security posture to devices. Infinipoint is the only solution that provides Single Sign-On (SSO) authorization integrated with risk-based policies and one-click remediation for non-compliant and vulnerable devices. This reduces risk by protecting access to an organization's data and services while transforming devices to support a world-class security posture. Infinipoint is able to do all this in a productive way that maintains business continuity with no disruption to the workforce.

Spotlight

"Today's targeted attacks use a combination of social engineering, malware, and backdoor activities. With the success of these targeted attacks, many seem more concerned with debating whether they are ""advanced"" or not from a technical perspective, instead of focusing on the attack methods and steps to improve network defenses.

Careful monitoring and investigation can help security researchers learn from the mistakes attackers make, allowing us to get a glimpse into malicious operations. In fact, we can track campaigns over time by relying on a combination of technical and contextual indicators."

Spotlight

"Today's targeted attacks use a combination of social engineering, malware, and backdoor activities. With the success of these targeted attacks, many seem more concerned with debating whether they are ""advanced"" or not from a technical perspective, instead of focusing on the attack methods and steps to improve network defenses.

Careful monitoring and investigation can help security researchers learn from the mistakes attackers make, allowing us to get a glimpse into malicious operations. In fact, we can track campaigns over time by relying on a combination of technical and contextual indicators."

Related News

ENTERPRISE SECURITY

SecurityScorecard Partners with Tenable to Deliver Complete Cyber Risk Monitoring

SecurityScorecard | August 23, 2021

SecurityScorecard, the global leader in security ratings, today announces a partnership with Tenable the Cyber Exposure company, to deliver a comprehensive view into an organization's risk posture by marrying Tenable's unmatched visibility and depth of analytics into enterprise environments with external cyber monitoring powered by SecurityScorecard. As a result of this partnership, CISOs, IT leaders and security teams are able to review their SecurityScorecard rating, assess their external cybersecurity health, and understand their risk posture directly within the Tenable Lumin dashboard. "Understanding your up-to-date risk posture has become a necessity in a world that's increasingly more complex, dynamic and transient," said Ray Komar, vice president of technical alliances, Tenable. "We're excited to partner with SecurityScorecard to give customers complete visibility into the risks that exist inside and outside their environment, and guidance for how to most effectively reduce that risk, all in a single platform." Point-in-time or periodic cybersecurity testing procedures have become antiquated. Today's cyber risks change by the minute and companies need a solution that keeps pace with the dynamic nature of cybersecurity by continuously monitoring for exposures and measuring the security posture and cyber resilience across the organization. "Organizations must be proactive to address cyber breaches, and security ratings are the foundation to measuring and understanding security resilience in real time," says Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. "Together, SecurityScorecard and Tenable are advancing a new standard for continuous monitoring by blending external and internal risk assessments, which provide organizations with a holistic view into the risks that exist in their environments." The integration pairs Tenable Lumin's advanced analytics capabilities for assessing risk alongside real-time visibility of external vulnerabilities from SecurityScorecard. This arms Tenable Lumin customers with the intelligence to develop external risk management and threat detection playbooks through real-time updates, allowing organizations to effectively identify and respond to threats and risks. SecurityScorecard continuously monitors millions of entities globally, and uses non-intrusive proprietary methods to assess their security posture across ten risk categories to instantly deliver an easy-to-understand "A" through "F" rating; including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. On a daily basis, these ratings are updated based on objective, publicly-available data that, similar to credit ratings, provides an "outside-in" view of an entity's security posture. About SecurityScorecard Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with tens of millions of companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 18,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More

DATA SECURITY

NPCore forms global partnership with Viet Cyber Security towards expansion into SE Asian IT security market

NPCore | November 26, 2021

NPCore, a joint venture member of Born2Global Centre, has its sights set on a greater share of the IT security market in Southeast Asia, recently joining forces with Vietnamese IT security service provider Viet Cyber Security. Together, the two companies set up NPCore Vietnam Joint Stock Company, a joint venture which will see them coordinate efforts in the IT security industry. NPCore is an AI-based new variant malware (APT) response solution provider offering optimal security solutions. NPCore has provided cyber security solutions and since 2021, it has participated in a project for supporting overseas expansion of D.N.A (Data, Network, AI) convergence products led by Born2Global Centre. The joint enterprise will see the two partners collaborate in technology and, more importantly, concerted sales and marketing activities in the Southeast Asian IT security market. The goal is to lay the foundation for a stable supply of IT security services in local markets to obtain market trust and continue expanding the business at an increasing pace. NPCore has confirmed that it is ready to aggressively engage Viet Cyber Security's local networks and customers towards expanding its market presence. NPCore's solution (Zombie Zero) can defend against any path through which malicious code can flow from the network to the endpoint. It currently holds 12 patents as well as the International Common Criteria (CC) certification for its proprietary security technologies and has more than 100 global references. "The local joint enterprise was established in Vietnam as it is a market with active investment taking place in national security, corporate IT security, and other fields. It will be a local platform for entry into the Southeast Asian markets Vietnam included and will put us on the map as an IT security service provider in the region." NPCore CEO Han Seung-cheol Furthermore, the joint venture between NPCore and Viet Cyber Security was established as part of the Born2Global Centre's partnership program. Through its support of DNA-convergence products and services, Born2Global Centre serves as a launchpad for innovative startups to enter global markets. Born2Global Centre provides startups with different levels of consulting services, from partnership exploration & creation to business establishment, operations, joint R&D projects, and market expansion.

Read More

SOFTWARE SECURITY

IPKeys Power Partners Announces New Grid Cyber Security Breakthrough

IPKeys | September 09, 2021

IPKeys Power Partners, the leading cybersecurity, cyber compliance, and smart grid technology company, announced today the release of its groundbreaking SigmaFlow Beacon platform to provide utilities, generators, and grid operators a simple, unified solution for cybersecurity monitoring and compliance requirements. The SigmaFlow Beacon platform is built specifically to help organizations align with North American Electric Reliability Corp. (NERC) compliance mandates. It provides NERC registered entities with a single solution to advance, simplify and improve existing cybersecurity and monitoring requirements. "We are pleased to provide utilities, generators and grid operators a system that ensures unification of cybersecurity monitoring and NERC-CIP compliance requirements," said Robert Nawy, CEO IPKeys. "It is long past time for the worlds of compliance and cyber defense to converge to provide cyber assurance for our power grid. The SigmaFlow Beacon unites needed capabilities of real-time cybersecurity monitoring with governance and regulation." The SigmaFlow Beacon provides one, purpose-built solution for NERC baseline management, collecting the critical cyber data in real time and seamlessly incorporating the approval process within the SigmaFlow workflow and evidence platform. SigmaFlow Beacon technology is built for rapid deployment, making it faster and easier to implement than current monitoring solutions. It will save utilities valuable time, and provide seamless Critical Infrastructure Protection, improved cybersecurity, and audit ready results. Today, NERC registered entities must use multiple vendors and systems to monitor baseline security and compliance data. These solutions are not connected to workflow, making the correlation between change management and baseline authorization next to impossible because multiple changes could be made since the facilities' last scan. "SigmaFlow Beacon is a major step towards our vision of bringing compliance and security teams together, at the same time simplifying the act of maintaining compliance while enhancing real world cybersecurity," said Louis Riendeau, IPKeys Vice President, Operations & Product Management. "Many of our clients and Governance & Regulation communities tend to get a sense of false cybersecurity validation by passing NERC compliance audits, SigmaFlow Beacon and the entire IPKeys Cyber Lab-as-a-Service platform introduces automated NERC compliance and advancement in real cybersecurity protection," said Trey Kirkpatrick, VP, NERC Implementation Services and Consulting. Benefits of a Unified Approach between Cybersecurity and Compliance Improved cybersecurity: The fewer moving parts, the fewer opportunities for errors—and the fewer cracks for hackers to get in through. With cybersecurity and compliance in sync, there is a shared knowledge between organizations. Time Savings: When a crisis strikes, immediate action is vital. With unified security and compliance, there is less risk of misunderstanding or miscommunication between organizations, less need for work to be redone, and fewer questions about completion. Seamless CIP management: Unified end-to-end management of security and compliance ensures consistent CIP management, while providing more efficient and accessible records, greater access to critical information, and reducing data errors, missed assignments or due dates. Always audit-ready: All data is stored in one secure location, and is consistent, connected, complete and primed for scrutiny. Large cybersecurity incidents like the SolarWinds breach or the Colonial Pipeline hack garner most of the attention, but hundreds of smaller attacks have impacted businesses, municipalities, and utilities across the country - and the threat is accelerating. According to Statescoop, between 2013 and 2018, 180 documented cyberattacks occurred, while 236 incidents have been reported since 2019. About IPKeys Power Partners IPKeys Power Partners' industry-leading, secure OT and IoT intelligence platform addresses the complex cybersecurity, data, and communications challenges faced by operators of mission-critical networks for customers in the energy, government, and industrial markets. The company's suite of solutions encompass cybersecurity and cyber compliance for dynamic OT/IT environments, data analytics, secure energy management, and public safety network monitoring. The company is headquartered in New Jersey and has offices in California, Louisiana, Maryland, Texas, and Virginia.

Read More