DATA SECURITY

Cowbell Cyber Unites Cybersecurity Giants and Cyber Insurance Industry with Launch of Cowbell Rx

Cowbell Cyber | September 21, 2021

Cowbell Cyber, the industry's first AI-powered cyber insurance provider for small to medium enterprises (SMEs), today announced the launch of its cyber risk exchange marketplace, Cowbell Rx. Cowbell Rx closes insurability gaps by providing cyber insurance applicants with resources to meet eligibility requirements while also enabling active policyholders to continuously improve their organization's risk profile. This comprehensive list of partners is the first of its kind in the cyber insurance industry.

Cyberattacks continue to proliferate and damage business operations, with predictions that new attacks will happen every 2 seconds by 2031. However, cybersecurity and cyber insurance have traditionally operated in silos with insufficient coordination, resulting in a misalignment between cyber threats faced by an organization and the security measures to prevent them. Because of this, cyber insurers are tightening up insurability requirements for policyholders to obtain coverage or to renew existing cyber policies.

Cowbell Rx is the first marketplace provided by a cyber insurer to help businesses gain access to recommended partners that offer solutions to organizations in order to meet the minimal criteria to get cyber insurance coverage.

"Cybersecurity and cyber insurance must work in harmony to build an organization's cyber resilience. We are working with more than 20 of cybersecurity's biggest leaders to make this happen," said Isabelle Dumont, vice president of market engagement at Cowbell Cyber. "Cowbell Rx is a key component of Cowbell's closed-loop risk management initiative to continuously improve an organization's risk profile. Together with our partners, we are bringing streamlined access to today's top cybersecurity services and solutions straight to current and future policyholders."

"Cowbell is an innovator in the field of cyber insurance and we share their passion for data-driven risk assessment," said Eric Skinner, vice president of Market Strategy at Trend Micro. "We're pleased to be part of Cowbell's new marketplace. By bringing together Cowbell policyholders with cybersecurity experts like Trend Micro, we can all work together to ensure our mutual customers stay resilient in a world of constantly changing cyber threats."

"True cyber risk management is the combination of cyber insurance and effective cybersecurity operations," said Odin Olson, vice president of Alliances at Arctic Wolf. "Cowbell Rx is an excellent way to expose Cowbell's policyholders to some of the best cybersecurity service providers in the industry."

About Cowbell Cyber
Cowbell Cyber is dedicated to providing standalone, admitted individualized, and easy-to-understand cyber insurance for small and mid-size enterprises. In its unique AI-based approach to risk selection and pricing, Cowbell's continuous underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Cowbell Insurance Agency is currently licensed in 50 U.S. states and the District of Columbia.

Spotlight

Pendant des décennies, les architectures en étoile ont étendu le réseau d’entreprise aux utilisateurs et aux sites distants, y compris les filiales. Cependant, alors que de plus en plus d’employés travaillent à distance et que d’innombrables applications migrent vers le cloud, cette approche dépassée n’apporte que des difficulté

Spotlight

Pendant des décennies, les architectures en étoile ont étendu le réseau d’entreprise aux utilisateurs et aux sites distants, y compris les filiales. Cependant, alors que de plus en plus d’employés travaillent à distance et que d’innombrables applications migrent vers le cloud, cette approche dépassée n’apporte que des difficulté

Related News

PLATFORM SECURITY,SOFTWARE SECURITY

Phosphorus Launches New xIoT Security Capabilities to Discover and Disable Risky Devices Prohibited by the U.S. Government

Phosphorus | December 13, 2022

Phosphorus, the leading provider of proactive and full-scope security for the extended Internet of Things (xIoT), today announced new security features that will enable organizations to discover and monitor their networks for the presence of xIoT devices that the U.S. government deems a significant security risk. The new features also include the capability to remotely disable and remove the devices from the network. Phosphorus’s security update follows the FCC’s ban on the sale or importation of devices made by several Chinese manufacturers that it considers to pose “an unacceptable risk to national security of the United States or the security or safety of United States persons.” The Covered List includes video surveillance and telecommunications equipment produced by Huawei Technologies, ZTE Corporation, Hytera Communications, Hangzhou Hikvision Digital Technology, and Dahua Technology (and their subsidiaries and affiliates). “The Phosphorus xIoT Security Platform is the industry’s only solution that can discover the presence of these prohibited devices and remotely render them inert at scale. “These unique capabilities will empower enterprises and government organizations across the U.S. to discover, disable, and remove banned or potentially dangerous devices from their enterprise environments.” John Vecchi, Chief Marketing Officer at Phosphorus Advanced Discovery Capability A recent study by Phosphorus’s global research division, Phosphorus Labs, found that organizations consistently struggle to identify all of their xIoT devices – this means many companies may not realize they have banned devices lurking inside their networks. According to its research, 80% of enterprise security teams can’t identify the majority of their xIoT devices and customer estimates of xIoT inventories are consistently off by 40-60%. Phosphorus’s Enterprise xIoT Security Platform has unique capabilities for discovering xIoT assets, and it is the only technology platform able to communicate with these devices (ranging from security cameras to PLCs) in their native languages. This enables a high degree of accuracy, granularity, and speed when discovering and analyzing these devices to create comprehensive inventories of xIoT assets that include device type, brand, model, firmware version, credential status, default/enabled protocols, certificate status, and more. Disabling and Isolating High-Risk Devices Phosphorus empowers organizations by giving them direct control over every single device in their wide-ranging xIoT deployments. Through the platform’s Hardening and Remediation capabilities, organizations can update and rotate a device’s credentials, manage firmware, disable remote services, turn off unnecessary connectivity features, check for valid certificates, and reboot the device. For organizations that have detected banned xIoT technologies in their networks, specific device-level actions such as changing passwords, disabling services and reducing connectivity will be critical for limiting the potential risks of these devices prior to their removal from the network. World’s First and Only Proactive xIoT Security Platform Phosphorus’s Enterprise xIoT Security Platform is the industry’s only consolidated xIoT security offering, delivering state-of-the-art Attack Surface Management, Hardening and Remediation, and Detection and Response across the full range of IoT, OT, and Network-connected devices – spanning both new and legacy devices. For the first time in industry history, teams in IT, Facilities, and Security are able to collaborate on a single platform to safely discover, assess, remediate, and monitor their xIoT devices. Phosphorus is now the solution of choice for enterprises to secure devices that were previously unknown or overlooked, beginning with fundamental xIoT security hygiene. The company’s Enterprise xIoT Security Platform is currently deployed in Fortune 100, Fortune 500, and government networks. ABOUT PHOSPHORUS Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our Enterprise xIoT Security Platform delivers Attack Surface Management, Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, and Network device vulnerabilities—including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Qumulo Helps Customers Avoid the Complexity of Protecting Unstructured Data with its Comprehensive Approach to Data Security

Qumulo, Inc. | November 11, 2022

Qumulo, the radically simple way to manage petabyte-scale data anywhere, today announced the launch of the company’s new corporate security initiative “Simply Secure,” a multi-layered approach designed to protect data across multiple points of vulnerability. Qumulo’s “Simply Secure” initiative is meant to help organizations minimize the risk of business disruption and protect their data from theft or loss with a complete suite of security features that continue to harden over time, all-inclusive with their Qumulo® subscription, without additional cost for future releases. The unprecedented rise in cyber threats in recent years is creating dire consequences for businesses: multi-million dollar ransom payments, days or weeks in disruption of operations, and potential loss of valuable data sets. Not only that, cyber attacks which become public often leave behind permanent reputational damage. While most organizations understand and respect the risk of poor security posture, many are strapped for cycles, time, and expertise to build adequate defenses around their unstructured data. Qumulo is meeting its customers anywhere – edge, core, and in the cloud – with a holistic approach to security, making it simple for customers to protect their data from ransomware attacks, data theft, and data destruction. Qumulo not only helps customers ensure lighting-fast recovery but also helps proactively detect and prevent anomalies, so organizations and end users can simply secure their sensitive data. Customers are granted access to each new security feature every two weeks, which is available through non-disruptive software upgrades, increasing the value of Qumulo clusters over time. “Qumulo’s focus on radical simplicity means it's taken an approach to security that makes it as easy as possible for customers to protect their data everywhere it’s stored.” Kiran Bhageshpur, Chief Technology Officer at Qumulo Qumulo is constantly developing new and enhancing existing features to provide the most robust security possible. The most recent releases add five new layers to storage security for greater data protection, including: Multi-tenancy VLAN Isolation: Organizations can now use virtual local area networks (VLANs) to isolate administrative interfaces from their file system clients, such that the general network population cannot reach the interfaces. This adds an additional guarantee of network protection, while helping consolidate multiple use cases on a single cluster, resulting in potential cost savings. Single sign-on & Access Tokens: Cluster administrators can now eliminate the need for sensitive user passwords when logging into the Qumulo administrator UI or API since user credentials are prime targets for theft by cyber attackers. NFSv4.1 Kerberos Authentication & Encryption: All data is encrypted before transmitting across networks, preventing any bad actor that intercepts the data from understanding it in plain text. Federal Information Processing Standards (FIPS) 140-2 certification of Qumulo encryption: Now, customers with FIPS requirements can maintain compliance and independently verify that Qumulo’s data-at-rest encryption meets the standards set by the National Institute of Standards and Technology (NIST). Customers who don’t require FIPS certification can rest assured their data is protected by the highest standards. OpenMetrics API provides telemetry data to 3rd party monitoring and alerting systems, so organizations can proactively detect and quickly respond to anomalies at risk of disrupting operations such as an attack-in-progress. “Trust is mission critical when it comes to security,” said Kathy Ahuja, VP of Information Security at Qumulo. “That’s why we’ve built a security posture with FIPS 140-2 accreditation and enhanced encryption that provides the greatest level of protection for our cryptographic modules. Our customers know they can trust Qumulo with their data. And as cybercriminals continue to advance their own breach strategies, we’re well prepared to continue to improve our security measures to match and defeat the complexities of these attacks.” About Qumulo, Inc. Qumulo is the radically simple way to manage petabyte-scale data anywhere – edge, core or cloud – on the platform of your choice. In a world with trillions of files and objects comprising 100+ Zettabytes worldwide, companies need a solution that combines the ability to run anywhere with simplicity. This is precisely what Qumulo was founded to accomplish.

Read More

ENTERPRISE SECURITY,SOFTWARE SECURITY,IDENTITY MANAGEMENT

SailPoint Announces Acquisition of SecZetta to Provide Robust Identity Security

SailPoint | January 13, 2023

On January 12, 2023, SailPoint Technologies, Inc., a leading identity security enterprise, announced the acquisition of SecZetta, a prominent third-party identity risk solutions provider. With around half of today's firms comprising non-employees, organizations need to factor this rising group of identities into their identity security strategies. By incorporating SecZetta, SailPoint will be able to expand its capabilities to assist businesses in gaining greater visibility into all types of identities, including both employee and non-employee identities, ranging from third-party contractors to temporary workers, and all this from a single, market-leading identity security platform. This acquisition will provide businesses with the centralized approach needed as well as the required identity verification to thoroughly validate non-employee identities across their organizations. SailPoint and SecZetta have a long-established partnership, and once SecZetta's solutions get fully integrated into SailPoint's Identity Security Cloud platform, SailPoint will deliver a unified platform to its customers, providing context-rich identity information with an appropriate level of intelligence answering the "who should have access to what," "why," and "when" questions for this unique, often under-secured set of identities. The addition of SecZetta will allow SailPoint to assist businesses with identity consolidation efforts, combining and arranging workforce data across authoritative sources into a consolidated identity repository. This identity intelligence will then be made available as a packaged offering within the identity security cloud platform in order to provide a more extensive identity security that provides the critical layer of risk management and governance required across employee and non-employee identities from a single platform. About SailPoint SailPoint is a leading identity security provider for modern enterprises. Through automating the administration and control of access by using the power of machine learning and AI, it delivers just the required to the right identities and technology resources at the appropriate time, matching the velocity, scale and environmental needs of today's cloud-oriented enterprise. SailPoint's sophisticated identification platform integrates seamlessly with existing systems and workflows, offering a unified view into all identities and their access. It strives to empower the most complex enterprises globally to build a secure foundation grounded in identity security.

Read More