PLATFORM SECURITY

Credence Security Signs Partnership Agreement with Infosec Ventures to Deliver Human-Centric Security Solutions to the Middle East

Credence Security | August 25, 2021

Credence Security, a leading regional specialized value-added distributor for cybersecurity, forensics, governance, risk and compliance solutions, today announced that it has signed a partnership agreement with Infosec Ventures' HumanFirewall, a leader in human cyber risk mitigation and management.

Under the agreement, Credence Security will be responsible for promoting and delivering Infosec Ventures' HumanFirewall® platform across its robust channel network in the Middle East. Infosec Ventures' offerings are available entirely on-premises or in a local cloud, in line with compliance and data sovereignty regulations, specifically for mission critical organizations in the government as well as large enterprises.

Hackers are increasingly preying on the human element of cybersecurity, as a primary attack vector. According to the Verizon 2021 Data Breach & Incident Report (DBIR), over 85% of data breaches involved human error.  In the Middle East, a 2020 study by the Ponemon Institute and IBM Security, revealed that the average cost of a data breach per company in the region is $6.53 million, which is higher than the global average of $3.86 million per incident. The report also identified human error among the most common root causes of data breaches in the UAE and Saudi Arabia. Additionally, similar industry studies have indicated that more than 90% of successful cyber-attacks begin with an email. These figures highlight a significant need for solutions that will not only safeguard business-critical systems but will also transform employees into an organization's best cybersecurity asset.

HumanFirewall® transforms employees from an organization's weakest link into their strongest line of defence. It is a world-first security awareness and training platform that also works when real attacks strike. It augments with technology what humans lack in attention. It gamifies the learning experience via phishing simulations, builds individual risk-profiles, rewards real-time reporting, remediates incidents instantly, orchestrates auto-blacklisting enterprise wide via easy to deploy one-click integration with Microsoft 365 (O365), Google Workspace (formerly GSuite) and Exchange. The solution is trusted by top corporations in 142 countries.

"We selected Credence Security as our regional value-added distributor based on our shared ethos of being a channel-centric business. Besides their proven market expertise and extensive channel network, Credence Security has a strong understanding of our needs and vision as a leading vendor in the region. Also, like us, they are passionate about cybersecurity. We are confident that by partnering with a premier distributor such as Credence Security, we can further accelerate our already strong local presence and fast-track our growth."

Garreth Scott, Managing Director, Credence Security, said, "People's desire to quickly process information with minimal effort has created a unique vulnerability in the digital age, making them the weak links in the cyber chain. We firmly believe that HumanFirewall's innovative cybersecurity tools, backed by its exceptional team of industry experts, address a compelling demand for a modern approach to securing the human element. We are looking forward to bringing their ground-breaking solutions to our partners and customers across the Middle East region."

ABOUT CREDENCE SECURITY:
Established in 1999, Credence Security, a PAN-EMEA speciality Value-added Distributor, is a leader in Cybersecurity, Forensics, Governance, Risk and Compliance. With headquarters in Dubai and regional offices in Johannesburg, London, Nairobi, and Hyderabad. We are a pure-play provider of security and forensics solutions, to both public and private sector enterprises across Europe, Middle East, Africa and India, through a select network of specialist resellers.

ABOUT HUMANFIREWALL
HumanFirewall transforms employees from an organisation's weakest link into their strongest line of defence. It is a world-first security awareness and training platform that also works when real attacks strike. It augments with technology what humans lack in attention. It gamifies the learning experience via phishing simulations, builds individual risk profiles, rewards real-time reporting, remediates incidents instantly, orchestrates auto-blacklisting enterprise-wide via easy to deploy one-click integration with O365, GSuite and Exchange. Trusted by top corporations in 142 countries.

Spotlight

Email is a constant. Email is everywhere. Billions of messages are sent each month, and countless hundreds are received every week, often every day by your end users. And each of these missives could be a vector of attack, a container of malware, or a way to destroy your company’s very business.

Spotlight

Email is a constant. Email is everywhere. Billions of messages are sent each month, and countless hundreds are received every week, often every day by your end users. And each of these missives could be a vector of attack, a container of malware, or a way to destroy your company’s very business.

Related News

SOFTWARE SECURITY

The latest Capcom multinational to be hit by cyber-attack disruption

silicon | November 09, 2020

Occupant Evil and Street Fighter creator Capcom hit by assault that upsets inside frameworks, while scientists state Ragnar Locker ransomware bunch is to be faulted Japanese game creator Capcom has been hit by a security break that has disturbed its inner frameworks. Industry watchers said the assault may likewise have prompted the burglary of touchy corporate information, with Capcom apparently having been focused by the Ragnar Locker ransomware gathering. Capcom creates a portion of the gaming business' most popular titles, including Resident Evil and Street Fighter. The organization said it got mindful of the assault on Monday, 2 November, when it started encountering disturbance to interior frameworks including email and record workers. Disruption “Beginning in the early morning hours of November 2, 2020 some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers,” the company said in an official statement. It said it had confirmed the disruption was due to “unauthorised access carried out by a third party”. Capcom said it handicapped parts of its organization to stop the assault's advancement. Toward the week's end the organization said it was proceeding to encounter email and web structure correspondences issues because of the assault's impacts on its workers. Capcom additionally said it was incidentally unfit to react to archive demands. The organization said there was no sign "as of now" that client data had been taken, and said internet ongoing interaction was not influenced. The game creator added that it is doing an examination with law requirement, while taking measures to reestablish its frameworks. Ragnar Locker A few security scientists said the assault was crafted by the Ragnar Locker ransomware pack. In a payment note distributed by Bleeping Computer, the pack professed to have taken 1TB of decoded inward information from workers in Canada, Japan and the US, and said it would delivery or sell the information if Capcom didn't pay a payment. The payoff note was apparently joined by screen captures of documents including representative end arrangements, Japanese international IDs, bank and temporary worker explanations and Active Directory clients. The note connected to a 24MB chronicle with additional archives including NDAs, pay bookkeeping pages, corporate interchanges and sovereignty reports. The information in the report was taken from a ransomware test recouped by analyst Pancak3, who affirmed the contribution of Ragnar Locker by means of Twitter. As indicated by Pancak3, the pack professes to have encoded 2,000 gadgets on Capcom's organizations and is requesting $11 million (£8.3m) in Bitcoin to unscramble them. Information robbery In the payoff note, Ragnar Locker claims it will erase the taken information on installment of a payment. Nonetheless, law implementation specialists prompt associations not to pay such payments as there is no assurance the hoodlums will hold to their promise. This year Ragnar Locker has completed significant hacks on Portuguese energy monster Energias de Portugal (EDP), requesting a $10.9m payment, and French coordinations organization CMA CGM, which prompted critical disturbance of the organization's activities. Analysts have noticed an expanding pattern toward joining ransomware assaults with the burglary of delicate corporate records. In April the DoppelPaymer posse delivered archives taken from contractual workers to SpaceX, Tesla, Boeing, Lockheed-Martin and the US Navy after their objectives wouldn't pay ransoms.

Read More

DATA SECURITY

Endpoint Security of Lookout Mobile is Now StateRAMP Authorized

Lookout | March 04, 2022

Lookout, Inc., a provider of comprehensive endpoint-to-cloud security, announced today that its Lookout Mobile Endpoint Security solution had been granted StateRAMP Authorization. The Lookout solution has passed 325 security checks, indicating that it can handle sensitive, unclassified data and protect critical government networks. It gives state and local governments complete access over their entire fleet of iOS, Android, and ChromeOS endpoints, allowing them to secure agency data in real-time by detecting and responding to phishing, app, device, and network threats. Lookout is the premier provider of mobile endpoint security to the government and the first mobile security vendor to be approved by StateRAMP. In April 2020, Lookout Mobile Endpoint Security received FedRAMP approval. StateRAMP is a nonprofit organization founded by state and local government leaders, industry professionals, and private firms to offer a standard for government entities to manage cybersecurity risks from third-party suppliers. These security standards are based on NIST Special Publication 800-53, a widely accepted catalog of security and privacy controls for information systems and organizations from the National Institute of Standards and Technology (NIST). Attackers seek to breach agency networks in droves, fueled by the global epidemic and the trend to mass telework. According to a new SolarWinds and Market Connections survey of 400 decision-makers from federal, state, and municipal agencies and the education sector, endpoint security software is an important tool in managing risk. The Office of Management and Budget (OMB) M-22-01 mandates that federal agencies integrate mobile devices in their endpoint detection and response, continuous monitoring, and proactive threat hunting strategies, setting a high bar for state and local governments to meet. "In the current environment of remote work and digital transformation of government services, state and local organizations are operating with an increasing number of mobile devices that are expanding their cyber attack surface, These organizations need tools that can detect and respond to threats on iOS, Android and ChromeOS devices to secure data accessed from anywhere." Tony D'Angelo, vice president, U.S. public sector, Lookout The Lookout Security Graph, which analyses telemetry data from more than 200 million devices and 150 million apps and continually ingests and analyses millions of URLs every day, is at the heart of Lookout Mobile Endpoint Security. Lookout Mobile Endpoint Security uses machine intelligence to help state and local governments detect and respond to phishing, application, device, and network attacks while maintaining user privacy. In addition, lookout can automatically detect and respond to threats that have never been seen before, thanks to machine intelligence. Following receiving FedRAMP Joint Advisory Board (JAB) Provisional Authorization to Operate for Lookout Mobile Endpoint Security in May 2020 and Secure Access Service Edge (SASE) in February 2022, the company was added to the StateRAMP AVL. StateRAMP's compliance verification is modeled after FedRAMP, and it necessitates the submission of an independent third-party audit to the StateRAMP Program Management Office (PMO) for approval.

Read More

HostForWeb Announces Tips For How to Talk to Younger Children About Cybersecurity

yahoo | September 20, 2020

HostForWeb, a premier internet hosting provider providing reliable, scalable solutions for customers of all sizes and services, today announced a series of important measures that parents need to take to teach young children about cybersecurity. "Cyber predators, cyberbullying, and identity theft. They are all dangers facing children online every day," said HostForWeb, CEO Max Emelianov. "With children spending more of their daytime hours per day on the computer, especially in this new era of remote learning, parents need to be especially vigilant about protecting them from online dangers."

Read More