DATA SECURITY

Code42 and Okta Collaborate to speed up the Right Response During insider Risk Investigations.

Code42 | April 07, 2021

Code42, the pioneer in Insider Risk Management, today reported that its IncydrTM data risk detection and response product has been integrated with Okta Identity Cloud, the leading user identity management solution. The integration combines Code42's unique data-centric approach to insider risk with Okta's leading approach to identity and access, making it easier for security buyers to build Zero Trust data security environments. Since the integration automates access controls, provides additional user context, and automates response workflows for departing or high-risk users, security teams can execute smoother, more effective investigations.

Today's distributed and remote workforces, enabled by the advancement of collaboration technology, have generated an exponential risk of data leakage by shifting the perimeter from the network to the endpoint,” said Ananth Appathurai, senior vice president of strategic partnerships and ecosystem at Code42. “The Code42-Okta integration is a powerful way to pair access controls with best practices for insider threats to enhance security postures.”

Without proper access controls, data can be deliberately or accidentally exfiltrated. Users that exhibit potentially risky file behavior will have their permissions lowered so they no longer have access to confidential files thanks to the integration. Around the same time as permissions are restricted, a security investigation is conducted to review suspicious file movements so that effective response measures can be taken. Okta administrators and information security teams will use this mechanism to accelerate and coordinate cross-functional initiatives to reduce insider risk in their organizations.

“Identity is crucial in KNOWING who is accessing data and where they are accessing it,” said Stephen Lee, vice president, technical strategy and partnerships at Okta, Inc. “Okta's goal is to enable everyone to use any technology safely. This integration begins in that direction, enabling enterprises to use access controls as an important tool for protecting data through their distributed workforces.”

Using the Code42-Okta integration, security teams will use user identity to track high-risk users and optimize insider risk management platforms, as well as:

• Reduce the risk of insider threats by automating and applying conditional user access controls based on predefined risk tolerance.

• To identify behavior risk factors such as remote operation, off-hour file events, and attempts to hide exfiltration, provide additional useful information by provisioning role-based user attributes.

• To accelerate investigations and efficiently mitigate insider threats, streamline and simplify response workflows for departing and high-risk employees.

About Code42

Code42 is the market leader in Insider Risk Management. The Code42 Incydr solution, which is cloud-native, detects data loss, leaks, and theft quickly and speeds incident response – all without involving extensive implementations, complex policy management, or interfering with employee efficiency. Security experts will use Code42 to secure organizational data and reduce insider risks, all while fostering an open and inclusive atmosphere among employees. Code42's Insider Risk solution is FedRAMP authorized and can be configured for GDPR, HIPAA, PCI, and other regulatory frameworks. It is backed by security best practices and control requirements.

Spotlight

The threat of cyber attacks is growing as cities digitalise their services and use datasets to provide more efficient delivery to citizens. According to the Cisco/Cybersecurity Ventures 2019 Cybersecurity Almanac, governments rank among the most vulnerable sectors for the last five years, alongside healthcare, manufacturing, financial services, and transport.

Spotlight

The threat of cyber attacks is growing as cities digitalise their services and use datasets to provide more efficient delivery to citizens. According to the Cisco/Cybersecurity Ventures 2019 Cybersecurity Almanac, governments rank among the most vulnerable sectors for the last five years, alongside healthcare, manufacturing, financial services, and transport.

Related News

DATA SECURITY

BD to Advance Leadership in Cybersecurity Transparency and Preparedness

BD | June 07, 2021

A leading global medical technology company, BD (Becton, Dickinson and Company), today announced that it has become the first medical technology company authorized as a Common Vulnerability and Exposures (CVE®) Numbering Authority by the CVE Program, further demonstrating the company's leadership in health care cybersecurity. As a CVE Numbering Authority (CNA), BD is authorized to assign CVE identification numbers to newly discovered vulnerabilities in its software-enabled products. This includes using the Common Weakness Enumeration (CWE™) system to classify vulnerability types and applying the Common Vulnerability Scoring System (CVSS) to communicate vulnerability characteristics and severity. The purpose of the CVE Program is to bolster international cybersecurity defense by cataloguing publicly disclosed cybersecurity vulnerabilities. The CVE Program is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE Corporation. BD was among the first medical technology companies to develop a mature Coordinated Vulnerability Disclosure program, enabling customers to manage cybersecurity risks through awareness and guidance. In 2020, the company launched the BD Cybersecurity Trust Center, increasing transparency and collaboration with its customers, and issued its inaugural cybersecurity annual report. In becoming a CNA, BD further demonstrates its commitment to cybersecurity in medical devices, making it easier for customers to manage vulnerabilities affecting BD products. About the CVE Program The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each of the vulnerabilities in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities. About BD BD is one of the largest global medical technology companies in the world and is advancing the world of health by improving medical discovery, diagnostics and the delivery of care. BD and its 70,000 employees have a passion and commitment to help enhance the safety and efficiency of clinicians' care delivery process, enable laboratory scientists to accurately detect disease and advance researchers' capabilities to develop the next generation of diagnostics and therapeutics. By working in close collaboration with customers, BD can help enhance outcomes, lower costs, increase efficiencies, improve safety and expand access to health care.

Read More

Velocity, A Managed Services Company Names Anthony Nguyen As New CIO/CISO

prnewswire | October 16, 2020

Velocity, A Managed Services Company, announced today that Anthony Nguyen has been named chief information officer/chief information security officer. In this role, Nguyen will lead the global efforts on cybersecurity by obtaining industry certifications such as HITRUST that will enable Velocity's expansion into other markets. Velocity has been working diligently on implementing a robust strategy to approach the need for innovation and competitive advantage by partnering with new technologies, improving infrastructure operations, and increasing security. "Anthony is an extremely talented and accomplished leader. He brings a wealth of experience in leading and maturing infrastructure and network functions that is timely for Velocity's fast-paced growth and expansion," said Greg Kiley, Founder and CEO of Velocity.

Read More

RedShield appoints Cybersecurity veteran Kate Kuehn as Board Director

prnewswire | September 16, 2020

RedShield, specialists in web application shielding, has announced the appointment of industry thought-leader Kate Kuehn as a board director. Based in Chicago, Kuehn's appointment is part of RedShield's strategy to accelerate growth in the U.S; a push made possible by RedShield's USD$10M Series B funding last September. Her appointment follows that of fellow industry veteran James Carrigan Jr. to Chief Revenue Officer (CRO), who recently joined the company from Verizon. Kuehn joins RedShield from vArmour where she is currently Senior Vice President. Prior to this Kuehn was the U.S. CEO of Senseon where she focused on leading its business in the Americas. Over two decades, Kuehn has held roles including VP, CISO, and CEO at companies including BT Group plc, Verizon, and Wandera. As a leader of some of the industry's first projects in DDOS, Ethernet as a network (CPA), SaaS and IaaS - and an active thought leader in Security and Advanced Network Technologies for nearly 20 years - Kuehn brings significant gravitas to the New Zealand-born business.

Read More