Security Audit and Compliance
Lumen Technologies | September 13, 2023
Lumen Technologies announces the launch of key security enhancements to its industry-leading secure access service edge product.
The company’s SASE Solutions represents a first-of-its-kind, fully digital experience for purchasing, configuring, and overseeing enterprise SASE.
The latest features incorporated into Lumen SASE Solutions are security service edge and cloud-hosted gateways.
On September 12, 2023, Lumen Technologies, a leading provider of Secure Access Service Edge (SASE) solutions, committed to advancing human progress through technology facilitating the connection of people, data, and applications, announced the addition of key enhancements to its landmark SASE product. The addition of new features makes lumen SASE solutions even more simplified and flexible for customers.
Lumen SASE Solutions represents a pioneering, entirely digital experience for purchasing, configuring, and managing enterprise SASE. This is a significant step in Lumen's ongoing efforts to drive innovation and foster growth. Notably, the SASE product improvements launch are a direct outcome of valuable customer feedback.
The Lumen SASE approach focuses on simplification in order to deliver flexible, secure, and scalable SASE solutions to organizations of all sizes and industries.
Senior Director of SASE Product Management at Lumen, Darren Wolner, said,
There has been a rapid adoption of cloud-based services as more organizations implement hybrid work, but security is paramount to any cloud-based experience. This means savvy organizations soon realized a whole new set of requirements and challenges. We quickly enhanced the product to fit their requirements.
[Source – Cision PR Newswire]
Darren mentioned that Lumen has a strong focus on meeting customer wants and needs. He cited the latest SASE updates as a prime illustration of this commitment.
The new capabilities added to Lumen SASE Solutions include:
Security Service Edge (SSE)
SSE encompasses a suite of integrated, cloud-centric security capabilities, which feature cloud-hosted gateways. These capabilities are designed to ensure secure access to websites, facilitate the safe sharing of sensitive data, and manage user permissions for software-as-a-service (SaaS) applications. These solutions are delivered in partnership with prominent SD-WAN and security providers.
Cloud-hosted Gateways
Cloud-hosted gateways offer organizations the flexibility to adopt 'grow as they go' network and security management features as they scale without the necessity of on-premises equipment.
In addition to the global expansion of Lumen technologies, customers based in the US can now deploy premise-based SASE services to locations in EMEA and Canada.
Pete Finalle, Research Manager with IDC, stated,
The new, hybrid perimeter – encompassing the main office down to the remote workforce – has collided with multi-cloud resources. This has created numerous networking and security complexities that are difficult to solve without a customer outcomes-based approach, which few companies can provide.
[Source – Cision PR Newswire]
Finalle pointed out that Lumen has a distinctive position to deliver real business outcomes through a comprehensive, cloud-based network security stack. This stack significantly benefits from Lumen's presence in both network and cloud infrastructure. Additionally, he mentioned that the company's digital customer experience and managed approach to resolving the intricate security and networking challenges allow them to mitigate the deployment and management difficulties that frequently hinder the adoption of SASE.
Read More
Software Security
PR Newswire | October 06, 2023
IBM (NYSE: IBM) today unveiled the next evolution of its managed detection and response service offerings with new AI technologies, including the ability to automatically escalate or close up to 85% of alerts,1 helping to accelerate security response timelines for clients.
The new Threat Detection and Response Services (TDR) provide 24x7 monitoring, investigation, and automated remediation of security alerts from all relevant technologies across client's hybrid cloud environments – including existing security tools and investments, as well as cloud, on-premise, and operational technologies (OT). The managed services are delivered by IBM Consulting's global team of security analysts via IBM's advanced security services platform, which applies multiple layers of AI and contextual threat intelligence from the company's vast global security network – helping automate away the noise while quickly escalating critical threats.
Security teams today are not just outnumbered by attackers, but also by the number of vulnerabilities, alerts and security tools and systems they're tasked with managing on a day-to-day basis, said Chris McCurdy, General Manager, Worldwide IBM Consulting Cybersecurity Services. By combining advanced analytics and real-time threat intelligence with human expertise, IBM's new Threat Detection and Response Services can augment organization's security defenses with a capability that is scalable, continuously improving and strong enough for tomorrow's threats.
Intelligently Adapting Threat Defenses
The new TDR Services are underpinned by a set of AI-powered security technologies that support thousands of clients across the world, monitoring billions of potential security events per day. It leverages AI models that continuously learn from real-world client data, including security analyst responses, engineered to automatically close low priority and false positive alerts based on a client-defined confidence level. This capability also automatically escalates high risk alerts that require immediate action by security teams and provides investigation context.
IBM's TDR Services are designed to provide:
Crowdsourced detection rules, Optimized alerts. Leveraging real-time insights from IBM's threat management engagements, the new services use AI to continuously assess and auto-recommend the most effective detection rules – helping to improve alert quality, and speed response times. This capability helped reduce low-value SIEM alerts by 45% and auto escalate 79% more high-value alerts that required immediate attention2. Organizations can approve and update detection rules with just two clicks through its co-managed portal.
MITRE ATT&CK assessment. To stay prepared for ransomware and wipe-out attacks, organizations will be able to see how their environment is covering MITRE ATT&CK framework tactics, techniques, and procedures as compared to their industry and geography peers. By applying AI, the new services are designed to reconcile the multiple detection tools and policies currently in place at an organization, providing an enterprise view into how to best detect threats and assess gaps to update within an ATT&CK framework.
Seamless end-to-end integration. With its open API approach, the new services can quickly integrate with a client's enterprise-wide security assets, whether on premise or in the cloud. Organizations can continue to access their ecosystem while also having the option to connect and collaborate and define their own response playbooks through a co-managed portal. This provides a unified enterprise view, precise remediation capabilities, and consistently enforces security policies across IT & OT.
24x7 global support. Organizations will have access to more than 6,000 IBM Cybersecurity Services professionals across the globe 24/7 x 365 to help augment security programs. IBM Consulting Cybersecurity Services' vast global network serves more than 3,000 clients around the world – managing more than 2 million endpoints and 150 billion security events per day.
"Security leaders today are trying to escape the vicious cycle of staff shortages, increased threats, and rising demands from the C-Suite to mature their cyber program without breaking the bank. For many organizations the old playbook of swapping out their tools for a vendor's preferred platform does not work, as they cannot afford to write off prior SOC investments," said Craig Robinson, IDC Research VP of Security Services. "A service like IBM's Threat Detection and Response offering can provide an off-ramp to these concerns, without requiring a full rip-and-replace of their prior security investments and help shift their human capital in the SOC to more of a proactive mode."
To support continuous improvement for security operations capabilities, IBM's TDR Services, which are now available, include access to IBM's X- Force Incident Response Services along with the option to include additional proactive security services from IBM X-Force, such as penetration testing, adversary simulation or vulnerability management. X-Force will also provide guidance to help clients improve their security operations over time, based on the current threat landscape, clients' evolving IT environment, and insights gleaned from engagements with thousands of IBM Cybersecurity Services clients around the world.
Read More
Platform Security
Verizon | October 13, 2023
Verizon Business has announces hosting a special cybersecurity event on October 18, 2023, marking two decades of cybersecurity consulting services at its New Jersey Executive Business Center.
Participants will gain valuable insights into how Verizon is empowering companies to harness the potential of 5G network solutions.
Alongside the cybersecurity panel discussion, attendees can expect live demonstrations highlighting Verizon's proficiency in developing exceptionally secure solutions.
Verizon Business will host a special media event on October 18, 2023, marking two decades of cybersecurity consulting services and honoring Cybersecurity Awareness Month. The event will feature a panel discussion led by industry experts, including Chris Novak, Managing Director of Verizon Cyber Security Consulting; Sean Atkinson, Chief Information Security Officer at the Center for Internet Security; and Krista Valenzuela, Cyber Threat Outreach and Partnerships at The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC).
The panel promises an engaging dialogue encompassing critical themes such as data privacy, AI's influence on cybersecurity, the emergence of voice security, evolving security controls, and other pertinent subjects. Furthermore, the discussion will shed light on the strategies employed by local New Jersey organizations to counteract emerging cyber threats. Attendees will also gain insights into Verizon's role in empowering businesses through innovative 5G network solutions, enhancing security measures, and elevating their overall operations.
Managing Director of Verizon Cyber Security Consulting, Chris Novak, said,
Raising greater awareness about cybersecurity is the first step in assisting organizations defend against these cyber threats.
[Source – Globe Newswire]
Novak mentioned that Verizon is utilizing its network's extensive visibility to collect, report, and disseminate actionable insights. These insights can be used by customers and other businesses to tackle advanced cyber threats related to vulnerability exploitation and social engineering.
Furthermore, demonstrations highlighting Verizon's proficiency in developing highly secure solutions will be presented in addition to the cybersecurity panel. They include:
Coach-to-Coach Communications: Introducing a dependable and secure wireless network solution tailored for NFL coaches, enabling confidential communication on the field.
Cashierless Checkout: Utilizing advanced machine learning and computer vision technologies, this innovative solution facilitates autonomous stores at any location. Integrated with 5G UWB and 5G Edge, it redefines the retail experience.
Private Wireless Networks: Explore the benefits of premise-based equipment, highlighting the significance of private dedicated networks in enhancing business connectivity and security.
Cyber Threat Outreach and Partnerships, NJCCIC, Krista Valenzuela, mentioned,
One of the ways we’re harnessing the power of AI in New Jersey is in identifying suspicious and malicious websites to help the State and its critical infrastructure in better defending against these cyber threats.
[Source – Globe Newswire]
Read More