PLATFORM SECURITY

Credence Security Signs Partnership Agreement with Infosec Ventures to Deliver Human-Centric Security Solutions to the Middle East

Credence Security | August 25, 2021

Credence Security, a leading regional specialized value-added distributor for cybersecurity, forensics, governance, risk and compliance solutions, today announced that it has signed a partnership agreement with Infosec Ventures' HumanFirewall, a leader in human cyber risk mitigation and management.

Under the agreement, Credence Security will be responsible for promoting and delivering Infosec Ventures' HumanFirewall® platform across its robust channel network in the Middle East. Infosec Ventures' offerings are available entirely on-premises or in a local cloud, in line with compliance and data sovereignty regulations, specifically for mission critical organizations in the government as well as large enterprises.

Hackers are increasingly preying on the human element of cybersecurity, as a primary attack vector. According to the Verizon 2021 Data Breach & Incident Report (DBIR), over 85% of data breaches involved human error.  In the Middle East, a 2020 study by the Ponemon Institute and IBM Security, revealed that the average cost of a data breach per company in the region is $6.53 million, which is higher than the global average of $3.86 million per incident. The report also identified human error among the most common root causes of data breaches in the UAE and Saudi Arabia. Additionally, similar industry studies have indicated that more than 90% of successful cyber-attacks begin with an email. These figures highlight a significant need for solutions that will not only safeguard business-critical systems but will also transform employees into an organization's best cybersecurity asset.

HumanFirewall® transforms employees from an organization's weakest link into their strongest line of defence. It is a world-first security awareness and training platform that also works when real attacks strike. It augments with technology what humans lack in attention. It gamifies the learning experience via phishing simulations, builds individual risk-profiles, rewards real-time reporting, remediates incidents instantly, orchestrates auto-blacklisting enterprise wide via easy to deploy one-click integration with Microsoft 365 (O365), Google Workspace (formerly GSuite) and Exchange. The solution is trusted by top corporations in 142 countries.

"We selected Credence Security as our regional value-added distributor based on our shared ethos of being a channel-centric business. Besides their proven market expertise and extensive channel network, Credence Security has a strong understanding of our needs and vision as a leading vendor in the region. Also, like us, they are passionate about cybersecurity. We are confident that by partnering with a premier distributor such as Credence Security, we can further accelerate our already strong local presence and fast-track our growth."

Garreth Scott, Managing Director, Credence Security, said, "People's desire to quickly process information with minimal effort has created a unique vulnerability in the digital age, making them the weak links in the cyber chain. We firmly believe that HumanFirewall's innovative cybersecurity tools, backed by its exceptional team of industry experts, address a compelling demand for a modern approach to securing the human element. We are looking forward to bringing their ground-breaking solutions to our partners and customers across the Middle East region."

ABOUT CREDENCE SECURITY:
Established in 1999, Credence Security, a PAN-EMEA speciality Value-added Distributor, is a leader in Cybersecurity, Forensics, Governance, Risk and Compliance. With headquarters in Dubai and regional offices in Johannesburg, London, Nairobi, and Hyderabad. We are a pure-play provider of security and forensics solutions, to both public and private sector enterprises across Europe, Middle East, Africa and India, through a select network of specialist resellers.

ABOUT HUMANFIREWALL
HumanFirewall transforms employees from an organisation's weakest link into their strongest line of defence. It is a world-first security awareness and training platform that also works when real attacks strike. It augments with technology what humans lack in attention. It gamifies the learning experience via phishing simulations, builds individual risk profiles, rewards real-time reporting, remediates incidents instantly, orchestrates auto-blacklisting enterprise-wide via easy to deploy one-click integration with O365, GSuite and Exchange. Trusted by top corporations in 142 countries.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Related News

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SimSpace Expands Partnership with Cymulate to Bolster Customers' Cybersecurity Capabilities

Prnewswire | May 17, 2023

SimSpace, the industry leader in military-grade cyber ranges is today announcing the expansion of their ecosystem. The SimSpace Cyber Force Platform will now help Cymulate customers evaluate and validate their security stack with SimSpace's cyber ranges. According to Cybersecurity Ventures, the total cost of cybercrime in 2023 is expected to hit $8tr and $10.5tr in 2025. Defending against the nation state tactics, techniques and procedures now targeting businesses will be on the mind of every board member and CISO this year. Adopting continuous security improvements will be the key that unlocks cybersecurity resilience, a major theme in Gartner's 2023 cybersecurity predictions. How organizations manage their cyber risk will dictate their security posture and financial optimization in the coming year. SimSpace's Cyber Force platform enables listed companies and critical national infrastructure organizations around the world to test their networks in the highest-fidelity simulated environments commercially available. SimSpace's cyber range will enhance Cymulate customers' ability to perform market-leading team assessments, live-fire exercises and vulnerability exposure. Carolyn Crandall, Chief Security Advocate at Cymulate believes the partnership will reinforce testing and training capabilities for leading businesses: "Our priority is to strengthen the cyber resilience and exposure assessment of our mutual customers, and SimSpace's cyber range will be an integral component in achieving this. Businesses around the world trust Cymulate's breach-and-attack platform to validate their critical processes. With SimSpace's high-fidelity emulation, Cymulate customers can further benefit from the integrated live-fire training and real-world testing capabilities they provide." William "Hutch" Hutchison, co-founder and CEO of SimSpace Inc sees the partnership as an opportunity for growth: "We are excited to develop our partnership with Cymulate to provide world-class cyber readiness training for our mutual partners." "As our customers continue to face unprecedented cybersecurity challenges, this partnership will allow them to continuously develop and improve their defensive abilities. SimSpace's Cyber Force Platform was born out of a need for the highest level of threat detection which has developed into a business necessity in 2023. As bad actors elevate the complexity and frequency of attack paths today, SimSpace's cyber range provides government-grade protection for platforms such as Cymulate to achieve unparalleled cyber preparedness." About Cymulate The Cymulate platform provides threat exposure assessment, Breach and Attack Simulation (BAS), and Continuous Automated Red Teaming (CART) for delivering real-time visibility to vulnerabilities, understanding the efficacy of security controls, and automated testing. The Cymulate platform continuously assesses, optimizes, and rationalizes the state of security controls, while creating baselines for proving security efficacy across the full cyber kill chain and for continuous improvement. About SimSpace SimSpace is the global leader in military-grade cyber ranges, founded by experts from U.S. Cyber Command and MIT's Lincoln Laboratory to respond to a new era of unprecedented cyber threat. The company's Cyber Force Platform enables the most sophisticated enterprises, governments, and critical national infrastructure organizations to find intelligence-driven answers to the most vexing security, governance, training, and cyber readiness questions. SimSpace provides high-fidelity cyber security simulations, training, and safe live-fire exercises previously only available to the U.S. Cyber Command and the world's most advanced intelligence agencies. Now, Fortune 2000 financial, retail, insurance, and other commercial markets can access nation-state level security capabilities to protect their critical assets, with an average reduction in cyber operational costs of 30% and a 40% reduction in breaches.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Tenable Enhances Tenable OT Security to Provide the Broadest Coverage

Tenable | March 13, 2023

Tenable®, the Exposure Management company, announced unveiling new features within Tenable OT Security, delivering greater protection for operational technology (OT), industrial control systems and critical infrastructure, regardless of deployment size or environment configuration. The new feature keeps the CISO's organization front and center, making it easier to protect and maintain governance of the whole attack surface using the same tools and processes throughout their infrastructure, whether IT, OT, IoT, the cloud, or other platforms. Tenable is ideally positioned to assist its customers in meeting their security needs by offering an all-encompassing solution for securing mixed environments. This latest update enhances Tenable OT Security's vulnerability detection capabilities with an improvement to the OT active scanner and a tighter integration with Tenable's Nessus, the market-leading vulnerability scanning solution. Tenable OT Security now provides companies with unparalleled scanning capabilities by leveraging the technology relied upon by over 40,000 security teams worldwide. Key new capabilities include: Increased Asset Discovery and Visibility Advanced Vulnerability and Threat Detection Enhanced Dashboards and Reporting Amir Hirsh, General Manager of OT Security, Tenable, said, "We consistently hear from CISOs that they have been tasked with security for mixed environments that include both OT and IT technologies, but they don't have the requisite visibility to secure either well. The new capabilities added to Tenable OT Security provide our customers with full visibility, security and control of all their environments and assets, in one consolidated view." He added, "Now, our customers can leverage the full strength of Tenable OT active scanning, tightly integrated with embedded Nessus scans for IT assets, to create a clear view of all assets, their vulnerabilities, risk score, attack path analysis and more." (Source – Globe Newswire) This most recent upgrade also includes product localization abilities for Japanese, Chinese, French, and German, reducing training and support expenses for businesses operating in non-English speaking regions. About Tenable Headquartered in Columbia, MD, Tenable® is a leading company for Exposure Management. Tenable is relied upon by about 43,000 enterprises worldwide to comprehend and mitigate cyber risk. As the originator of Nessus®, Tenable leveraged its experience in vulnerabilities to provide the world's first platform capable of identifying and securing any digital asset on any computer platform. Over sixty percent of the Fortune 500, forty percent of the Global 2000, and significant government bodies are prospective clients of Tenable.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cyera Introduces Data Detection and Response and Unified Data Explorer for SaaS, IaaS and PaaS Revolutionizing Security Operations

Prnewswire | April 25, 2023

Cyera, the data security company, today unveiled revolutionary new operational capabilities in its AI-powered data security platform. The company's industry-first Unified Data Explorer provides an intuitive and easy way for security teams to understand where they manage data across their cloud landscape, and pinpoint sensitive data exposures to reduce their attack surface. To address real-time data exfiltration and sensitive exposures Cyera is announcing unified Data Detection and Response (DDR) to extend their Data Security Posture Management (DSPM) capability. Security practitioners can quickly and easily take action to remediate security exposures, and stop sensitive data exfiltration in real time. "Cyera impressed us with the ease with which we were able to understand exactly what data we are managing, where that data is stored, and how it is accessed," said Anthony Cunha, CISO at Mercury Financial. "Their platform allowed us to minimize the sensitive data we manage, improve our security posture, and assure compliance." Cyera's Unified Data Explorer allows security practitioners to deep dive into their company's data. This builds upon the deep context Cyera develops on data, and includes critical insights into security exposures, how specific data classes are distributed across cloud environments and regions, who can access the data, and the security controls that are in place. For example, the Unified Data Explorer highlights where a specific combination of data becomes identifiable. This occurs when data that is typically non-sensitive becomes highly sensitive due to its proximity to personal identifiers protected by privacy or compliance statutes. The Unified Data Explorer also enables security teams to understand who has access to a particular type of sensitive data to govern access and avoid misuse. For example, highlighting which users have access to PCI, HIPAA, or NYDFS protected data across cloud providers and environments, and remediating overly permissive access or a lack of encryption or tokenization that could lead to a breach. The solution also enables security teams to ensure that a company's employees are not abusing generative AI capabilities like ChatGPT. By dynamically developing this level of detail, Cyera pinpoints and remediates data security exposures, including misconfigurations, distribution, access issues and more. With multi cloud DDR, Cyera now identifies data exfiltration and exposures as they occur. This adds operational security capabilities to power incident response across SaaS, IaaS, and PaaS environments. Multi cloud DDR detects and remediates data exposure, configuration changes, non-sanctioned data access, and data exfiltration events as they happen across cloud platforms. For example, if a sensitive data store is made public, Cyera detects the configuration change and remediates the exposure. If a threat actor attempts to migrate data outside of the customer's cloud account or SaaS application, Cyera detects the exfiltration and immediately raises an alert. This includes the full context of the data, its sensitivity, the user, and the relevant privacy or regulatory framework violation so incident responders can take swift, decisive action to limit the impact of the breach. "In order to secure data, organizations must have a dynamic, detailed understanding of what it represents no matter where it is managed," said Yotam Segev, Cyera's CEO and co-founder. "Cyera is working with hundreds of security teams to build a unified data security platform to secure data across a multi cloud landscape. I am confident that our ability to support proactive, real-time, and incident response data security needs will be game changing for customers." To learn more about Cyera and to schedule a demo, visit https://www.cyera.io/demo or send a request to info@cyera.io. About Cyera Cyera is the data security company that gives businesses context and control over their most valuable asset: data. Cyera instantly provides companies visibility over all of their sensitive data, context over the risk it represents and their security exposure, and automated remediation to reduce the attack surface and ensure operational resilience. Backed by leading investors including Sequoia, Accel, and Cyberstarts, Cyera is redefining the way companies do cloud data security. To learn more, visit www.cyera.io.

Read More