ENTERPRISE SECURITY

Coalfire announces HITRUST Accelerator with AWS Security Assurances Services (AWS SAS)

Coalfire | October 19, 2021

Coalfire, a leading cybersecurity firm, announced HITRUST Accelerator, a new program that allows customers to achieve HITRUST CSF Validation up to 50% faster when compared with conventional methods. This program combines deep technical knowledge of AWS Security Assurance Services, LLC (AWS SAS) with Coalfire, a HITRUST External Assessor Organization, to streamline the entirety of the HITRUST Validation lifecycle.

Organizations who attempt to prepare for HITRUST certification internally without the help of an experienced external assessor may have timelines in excess of 2 years  to achieve HITRUST Certification. The HITRUST Accelerator program uses a three-step process that provides end-to-end support of an organization's preparation, remediation, and HITRUST Validation. This integrated approach enables Coalfire and AWS SAS to quickly identify compliance gaps, assist with technical remediation, simplify document creation, and expedite the Validated Assessment. By accelerating HITRUST Validation, customers will be able to offer significant assurances over their security and privacy controls, which enables them to focus on innovation and driving adoption.

Coalfire and AWS SAS share an obsession in creating innovative solutions that maximize customer success,"  "This passion and collaboration resulted in a program that helps our mutual customers prepare, remediate, and validate against the HITRUST CSF. By taking industry leaders in cloud security and HITRUST, we aim to revolutionize the way that organizations approach and maintain compliance. This has been a long time coming and we are absolutely thrilled to be launching this program with the AWS SAS team.

Jeff Rector, Global Engagement at Coalfire

The customer journey is accelerated via three tailored workstreams that are designed to:

Prepare the customer for HITRUST Validation by thoroughly defining the technical systems and boundary, conducting a thorough gap assessment, and developing fully customized policies and procedures designed to be HITRUST compliant.
Reduce remediation efforts and time to 12 WEEKS in most instances, using automated compliance-as-code packages, 30 days of expert AWS technical guidance and security engineering services, and hands-on AWS support configuring AWS services., and to fast-track the collection of evidence ahead of the Validated Assessment to minimize burden and audit fatigue on compliance teams.
Validate the environment with confidence, including end-to-end support during HITRUST QA, Corrective Action Plan creation, and report finalization.

About Coalfire
Leading technology infrastructure providers, SaaS companies, and enterprises – including the top-five cloud service providers and eight of the top-10 SaaS organizations – rely on Coalfire to strengthen their security posture and secure their digital transformations. As one of the largest firms dedicated to cybersecurity, Coalfire delivers a comprehensive suite of advisory and managed services, spanning cyber strategy and risk, cloud security, threat and vulnerability management, application security, privacy, and compliance management. A proven leader in cybersecurity for the past 20 years, Coalfire combines extensive cloud expertise, advanced technology, and innovative approaches that fuel success.

Spotlight

What will 2023 look like? Our experts have gathered the top trends and predictions for 2023 that you should consider when mapping out your cybersecurity strategy. Farah Rigal, Deputy Head of Global cybersecurity
services at Atos, shares her insights on how she expects the cybersecurity market to evolve, from new attack patterns, attacks' costs and resilience, supply chain security, compliance, importance of the human factor to CISO's posture.

Spotlight

What will 2023 look like? Our experts have gathered the top trends and predictions for 2023 that you should consider when mapping out your cybersecurity strategy. Farah Rigal, Deputy Head of Global cybersecurity
services at Atos, shares her insights on how she expects the cybersecurity market to evolve, from new attack patterns, attacks' costs and resilience, supply chain security, compliance, importance of the human factor to CISO's posture.

Related News

DATA SECURITY,ENTERPRISE IDENTITY,PLATFORM SECURITY

Wipro Launches Cybersecurity Consulting Offering in Europe

Wipro | November 28, 2022

Wipro Limited, a leading technology services and consulting company, today announced that it is launching a strategic cybersecurity consulting offering in Europe. The announcement comes on the heels of a series of acquisitions in the consulting space—Edgile, Capco, and Ampion—and is part of the firm’s vision to build a global cybersecurity consulting offering to help clients stay ahead of a dynamic threat and regulatory environment. “Escalation of cyber threats, compounded by the rapidly changing regulatory environment, is creating brand new challenges for businesses across Europe. "Our extensive experience in cybersecurity, global network of cybersecurists, combined with our expanded consulting capabilities, will help clients stay ahead of emerging threats and adapt to a changing regulatory environment with speed and agility. We are thrilled to be bringing this offering to clients in this market at this critical juncture.” Tony Buffomante, Senior Vice President & Global Head of Cybersecurity and Risk Services (CRS) at Wipro Limited The new consulting capability, offered through Wipro CRS Europe, will expand on Wipro’s existing cybersecurity services and enable clients to tap into Wipro’s full set of capabilities—from strategy and implementation to managed services. Under this new offering, Wipro consultants located in Europe will work with clients to build tailored strategies and solutions that address the unique challenges in this market. Leveraging Wipro’s extensive global network of more than 9000 cybersecurists, Wipro CRS Europe will help clients realize enhanced scale and speed in implementations. “Our recent acquisitions in the cybersecurity space, as well as our recent strategic hires in Europe, have created an opportunity for us to rethink how we serve our clients in this market,” said John Hermans, Head of Wipro CRS Europe. “This launch will bring together our entire set of cyber capabilities under a single umbrella, allowing us to deliver clients a truly end-to-end offering that leads with strategy but delivers on every single aspect of their cybersecurity needs.” The new offering will bring all Wipro’s cyber consulting capabilities under one umbrella, CyberTransformSM, and deliver them to clients alongside the company’s managed services capabilities, CyberShieldSM. CyberTransform is Wipro’s business-aligned strategy-first approach to cybersecurity transformation. It enables business growth through a business-led approach to solve security, risk, cloud, identity, and compliance challenges on a global scale. CyberTransform brings together Wipro’s suite of cybersecurity consulting capabilities and delivers clients a truly holistic, 360 approach designed to help them manage cyber threats and build resilient, future-proof businesses. CyberShield is Wipro CRS’ industry-leading suite of managed services, which defends business operations through On-Demand cyber resilience management. About Wipro Limited Wipro Limited is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 250,000 employees and business partners across 66 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Fortinet Launches Managed Cloud-Native Firewall Service to Simplify Network Security Operations, Available Now on AWS

Fortinet | November 29, 2022

Fortinet®, a global leader in broad, integrated and automated cybersecurity solutions, today announced the availability of FortiGate Cloud-Native Firewall (FortiGate CNF) on Amazon Web Services (AWS), an enterprise-grade, managed next-generation firewall service specifically designed for AWS environments. FortiGate CNF incorporates FortiGuard artificial intelligence (AI)-powered Security Services for real-time detection of and protection against malicious external and internal threats, and is underpinned by FortiOS for a consistent network security experience across AWS and on-prem environments. By shifting the management of network security infrastructure to Fortinet via FortiGate CNF, customers can focus more on their core competencies and deploying effective security policies to protect their business-critical applications and data. Natively supporting AWS and available now in AWS Marketplace, FortiGate CNF gives customers immediate access to FortiGuard AI-powered Security Services for enterprise-grade protection, including URL filtering, DNS filtering, IPS, application control and other FortiGuard security services, that organizations rely on. FortiGate CNF enables customers to realize the following benefits: Region-wide network protection at optimized costs: FortiGate CNF is designed to easily aggregate security across cloud networks, availability zones and virtual private clouds (VPCs) in a cloud region. It also natively supports AWS to help optimize cloud security spend and uses AWS Graviton instances to deliver better price performance than other offerings. Simplified network security operations with cloud-native integrations: FortiGate CNF provides a simple, intuitive user interface (UI) that minimizes the need for security expertise and makes it easy to define and deploy robust security policies including dynamic meta-data based policies on AWS. This AWS support helps security teams move at the speed and scale of applications teams, while support of AWS Gateway Load Balancer eliminates do-it-yourself automation and helps secure Amazon Virtual Private Cloud (Amazon VPC) environments while improving high availability and scaling. Additionally, support of AWS Firewall Manager simplifies security management and automates security rollout. Increased compliance with consistent enterprise-grade security across on-prem and cloud deployments: In a recent survey of more than 800 cybersecurity professionals, 78% of respondents indicated that a cloud security platform with a single dashboard could help them better protect data across their cloud footprint and strengthen their security posture. FortiGate CNF provides an intuitive dashboard to easily manage security policies across a customer’s AWS deployments. As part of the Fortinet Security Fabric platform, it also offers a single pane of glass through FortiManager to centralize policy management, increase visibility and automate policy enforcement on AWS and beyond. This capability helps teams effectively apply security controls seamlessly across hybrid cloud and on-premises deployments. Enhanced with AI-powered global threat intelligence: FortiGate CNF includes a suite of trusted FortiGuard AI-powered security services, developed and continually improved by FortiGuard Labs. Using AI/machine learning (ML) models, FortiGate CNF with FortiGuard Security Services enables a proactive security posture and remediation of known and unknown threats based on real-time threat intelligence, behavior-based detection and automated prevention. Fortinet and AWS – Better Together FortiGate CNF is the latest example of Fortinet's commitment to delivering cloud-native services to support our customers. Fortinet’s work with AWS ensures that customers’ public cloud workloads are protected by best-in-class security solutions powered by comprehensive threat intelligence. Fortinet support of key AWS services simplifies security management, facilitating full visibility across environments and providing broad protection across your workloads and applications. Throughout any stage in a customer’s migration to the cloud, Fortinet Security Fabric, the industry’s highest performing cybersecurity mesh platform, delivers security-driven networking and adaptive cloud protection for the ultimate flexibility and control needed to build in the cloud. Supporting Quotes “Fortinet was the clear choice for help when we decided to move our workloads from a data center to a public cloud environment on AWS. By leveraging Fortinet cloud security solutions to complement native AWS security groups, we were able to accelerate our cloud migration to just one month, a process that that would typically take one year. With the introduction of FortiGate CNF, Yedpay is looking forward to having the option of a managed firewall service powered by the collective cloud infrastructure expertise of Fortinet and AWS to further bolster our existing cloud security and enable us to securely grow our business.” Simon Lau, CIO & CISO, Yedpay “We know organizations are looking to further simplify and modernize security on the cloud, which is why we’re working with Fortinet to deliver adaptive cloud security solutions. With FortiGate CNF, customers can build confidently, boost agility, and take advantage of everything AWS has to offer. As a fully managed cloud-native service, FortiGate CNF provides the enterprise-level firewall services and network security that helps reduce risk and improve compliance, and optimizes customers’ security investments. We’re looking forward to continuing our work with Fortinet to help our mutual customers accelerate their cloud security goals.” Dave Ward, GM, Application Networking, AWS About Fortinet Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 595,000 customers trust Fortinet to protect their businesses.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Beyond Identity Launches Joint Integration With Zscaler to Accelerate Enterprise Zero Trust Security Strategies

Beyond Identity | December 09, 2022

Beyond Identity, the leading provider of phishing-resistant multi-factor authentication (MFA), has expanded its integration offerings to include cloud security leader Zscaler. The joint solution strengthens a zero trust architecture and reduces the attack surface by continuously validating the user and device and enabling secure access to applications. As threat actors’ attacks increase in scope, using freely available tools that simplify the task, legacy MFA solutions that rely on penetrable passwords and codes no longer guarantee protection throughout an active session. As such, Gartner recommends companies adjust their zero trust initiatives as “credentials and signals must be continuously reevaluated post login.” To provide enterprises with continuous identity and device inspection and verification, Beyond Identity’s integration with the Zscaler Zero Trust Exchange™ platform enables the real-time exchange of risk signals that are incorporated prior to initial user authentication and monitored continuously thereafter, increasing the security of the entire user session. Further, ongoing risk signal exchange between the solutions allows for near real-time notification and enforcement should a device fall out of compliance during an active session, and for session termination and remediation to ensure both user and device are ready for re-authentication. “Beyond Identity is committed to delivering the industry’s most secure and robust phishing-resistant authentication solution while removing the user friction that has stalled enterprise rollout of existing MFA solutions,” said Kurt Johnson, Chief Strategy Officer and Head of Corporate Development at Beyond Identity. “To achieve this objective, Beyond Identity is building an ecosystem of like-minded leaders, like Zscaler, where real-time information exchange can raise the level of application and system security and form the foundation of an enterprise’s journey to zero trust security.” ”As cyberattacks become more sophisticated and users work from everywhere, removing the silos of security solutions is key for implementing zero trust. “With Beyond Identity integrating into the Zscaler Zero Trust Exchange platform, customers have another strong option to enforce device-driven conditional access continuously, and adapt to their risk policies and application sensitivity.” Amit Raikar, VP of Tech Alliances and Business Development at Zscaler This integration empowers Beyond Identity and Zscaler customers to easily modernize their MFA strategies, minimize the risk of password-based and MFA-bypass breaches and extend the footprint of existing cybersecurity investments. By eliminating the need for a password from this process, usability and user satisfaction are ultimately improved while removing entire authentication attack vectors. “Lowering the risk of password-based breaches and secure application access are key business drivers for security leadership teams.stated Mick Coady, WWT, Global VP of Cyber Security Solutions at World Wide Technology. “The Zscaler, Beyond Identity integration enables organizations to achieve both.” About Beyond Identity Beyond Identity is revolutionizing secure digital access for workforces, contractors, customers and developers. Our Universal Passkey Architecture provides the industry’s most secure and frictionless multifactor authentication that prevents credential-based breaches, ensures device trust, and delivers secure and frictionless digital access, eliminating passwords entirely. Industry leaders like Snowflake, Unqork and Roblox rely on Beyond Identity to solve their access security challenges for their customers, employees, contractors and developers and to advance their journey toward Zero Trust Security.

Read More