Data Breaches Are the New Normal. Encryption Should Be, Too

SDxCentral | May 14, 2019

Customers didn’t ask a lot of questions about security and encryption when David Petersen started working at O.C. Tanner seven years ago. The company develops cloud-based tools to help other companies design employee recognition and rewards programs. Petersen is director of infrastructure and systems at the 93-year-old firm, which started out making class rings and pins. The company’s changed a lot as it nears its centennial, and the security landscape has shifted significantly in the time that Peterson’s been with O.C. Tanner. “Clients have become more conscious of security and more aware of the threats, and they ask us for those protections including encryption,” Petersen said, adding that his customers’ sophistication around encryption technologies has also increased. “It used to be just: do you encrypt data? Check the box, yes or no. Not it’s what standard are you using? Are you using FIPS [Federal Information Processing Standard]-certified devices? The general trend is people are becoming more conscious and aware, and they have a real understanding of encryption.

Spotlight

Technology is very much integrated with today’s life; therefore the need for securing electronic data, protecting privacy of individuals and guarding systems against unauthorised access and also deploying technology to minimise loss of life and property in times of disaster, and to ensure citizen safety and security has become essential and challenging.

Spotlight

Technology is very much integrated with today’s life; therefore the need for securing electronic data, protecting privacy of individuals and guarding systems against unauthorised access and also deploying technology to minimise loss of life and property in times of disaster, and to ensure citizen safety and security has become essential and challenging.

Related News

SOFTWARE SECURITY

Bugcrowd Launches Reseller Partnership with SocialProof Security

Bugcrowd | June 27, 2022

Bugcrowd, the market leader in crowdsourced cybersecurity, announced today a strategic reseller collaboration with SocialProof Security, advancing the organization's objective to keep clients ahead of growing cyber threats. As part of the cooperation, Bugcrowd will resell SocialProof Security's services, including social engineering prevention training, protocol and practitioner seminars, and penetration testing. In addition to reselling social engineering services, Bugcrowd continues to innovate and invest in its award-winning Security Knowledge Platform, which provides the most comprehensive suite of security solutions such as bug bounty, vulnerability disclosure programs, attack surface management, and pen testing as a service. Bugcrowd, for example, allows consumers to buy pen tests from a single supplier for any sort of use case, from basic assurance of simple web apps and networks to continuous testing of cloud services and APIs, and now, social engineering. Due to their friendly hacker approach to boosting customer defenses against human-based assaults, SocialProof Security and CEO Rachel Tobac, the market leader in social engineering prevention services, have gained prominence. Twitter, PayPal, Uber, Prudential Insurance, Cisco Systems, WhatsApp, NATO, and the US Air Force are among the noteworthy clients of SocialProof Security. "We are excited to work with Bugcrowd on this reseller partnership as we move forward with our aligned mission to arm organizations with a proactive means to reduce social engineering risk through education, identity verification protocol improvements, technical tools, and measuring those updates with social engineering penetration testing. The majority of cyber attacks now start with some element of social engineering—manipulating people to take actions that could harm organizations. This partnership illustrates the priority Bugcrowd places on actionable and measurable social engineering risk mitigation in a well-rounded security program," said Tobac. "Even with current elevated threat levels, many organizations are surprisingly unprepared for the threats from social engineering attacks, as we repeatedly find low awareness across organizations, outdated or inconsistent identity verification, and limited practitioner skill sets. Fortunately, taking a multidimensional approach that combines prevention training and tools, human-based protocol updates, and pen testing can dramatically reduce the risk of social engineering attacks. We look forward to bringing this innovative solution to market as a part of our services." Ashish Gupta, CEO of Bugcrowd SocialProof specializes in defending against social engineering attacks, in which attackers deceive workers in order to get personally identifiable information (PII), passwords, and unauthorized access to accounts, money, or other sensitive information. Common attack vectors like phishing, impersonation, and pretexting can be used to carry out such manipulation. In fact, respondents to ISACA's 2021 State of Cybersecurity Survey rated social engineering as the #1 cyber threat.

Read More

SOFTWARE SECURITY

MERIPLEX acquires Louisiana-based MSP, Verma Systems

Meriplex | July 18, 2022

Meriplex, a nationwide leader in managed cybersecurity and IT solutions, is pleased to announce the asset acquisition of Louisiana-based managed service provider, Verma Systems. For over 31 years, Verma Systems has been a leading and trusted IT and consulting partner for businesses in Baton Rouge and across Louisiana. They provide personalized solutions to their clients allowing them to leverage IT and technology to enhance business efficiency. "Verma Systems is an excellent addition to the Meriplex organization. "With their talented team and longstanding reputation in the Louisiana market, we will be able to provide more innovative technology and service offerings to their clients and work towards our goal of being the number one MSP/MSSP in the nation." David Henley, CEO of Meriplex "For me, it has always been about the customer and our employees," said Mitch Verma, President of Verma Systems. "Joining forces with Meriplex means we have more resources at our fingertips including additional IT experts, new product lines, and the capability to offer more well-rounded technical solutions. I know the people behind Meriplex, and we share the same core values and work ethic. With their expertise, size and seasoned approach, I am confident we can provide more for our clients and our employees." As a fast-growing managed services provider, Meriplex focuses on strategically acquiring businesses in leading markets in order to establish a regional presence and acquire talent to support their increasing large organic and inorganic growth. If you are interested in learning more about our M&A process, please reach out to us here. About Meriplex Meriplex is a managed cybersecurity, IT, and SD-WAN solutions provider that enables transformation by combining secure, innovative technology with advanced expertise. As a trusted partner, we deliver business-driven solutions that provide the scalability and support needed to power growth for organizations. About Verma Systems Established in 1991, Verma Systems is a Baton Rouge IT services company specializing in business technology tailored towards the SMB market. With our highly talented and experienced team, we know how to meet business needs by incorporating the right technology solutions to help your company be successful. Our mission is focused on hard work, smart work, and superior customer service.

Read More

INFOSEC PROJECT MANAGEMENT

CyberCube Partners With Kroll to Launch Response Service

CyberCube | May 31, 2022

CyberCube, a supplier of cyber risk analytics, has developed CAERS, a new cyber incident response service for customers of the company's SaaS products. CyberCube will collaborate with Kroll, the premier supplier of data, technology, and insights linked to risk, governance, and growth, to offer CyberCube's customers information and assistance on important cyber aggregation events via the Cyber Aggregation Event Response Service (CAERS). Kroll will deliver frontline risk information derived from thousands of incident response cases handled each year. Following a large cyber disaster, the CAERS team will provide the most recent information to CyberCube's customers, while CyberCube's SaaS tools, including Broker Manager, Account Manager, and Portfolio Manager, will aid in the reaction to any developing cyber calamity. “With cyber events becoming increasingly common, the speed and accuracy with which organisations respond to them is critical. That’s why we’ve launched this response service, specifically tailored to CyberCube’s growing client base. The pressure on our clients during a major cyberattack can be extreme. With CAERS, our team—comprising data scientists, actuaries, engineers, economists and cyber security experts—will become an extension of our clients’ teams, providing the updates they need and sharing both our expertise and data.” Darren Thomson, CyberCube’s Head of Cyber Intelligence Services Benedetto Demonte, Chief Operating Officer for Kroll’s Cyber Risk practice, said: “We’re pleased to be contributing to CAERS because effective incident response depends on the most current and relevant threat intelligence available. In our most recent Threat Landscape Report, we saw a 356% growth in the number of attacks quarter-on-quarter where the infection vector was a zero-day or freshly announced software exploit. Ransomware groups have also been found to be leveraging newly announced vulnerabilities just days after release. It is only with access to frontline intelligence that firms can prioritize resources, mitigate the risk of a cyberattack and react appropriately if the worst happens.”

Read More