Digital Growth Exposes Firms to Complexity and Threats

Infosecurity Magazine | January 30, 2019

Digital Growth Exposes Firms to Complexity and Threats
Digital transformation is exposing organizations to greater IT complexity and cyber-risk, according to new global research from Thales eSecurity. The security vendor polled 1200 execs with responsibility for IT and data security in nine countries around the world to compile its 2019 Thales Data Threat Report. It found that over a third (39%) class themselves as belonging to one of the two most advanced digital transformation categories defined by report author IDC. This means they’re either “aggressively disrupting” markets or embedding digital into the enterprise to become more agile. Nearly all (97%) admitted they will use sensitive data in these emerging technologies. This is a major risk, given that traditional corporate network perimeters are a thing of the past as more fluid cloud and mobile technologies dominate. It’s also a concern given that these new digital platforms can add greater complexity, according to the vendor. For example, 40% of firms polled are using multiple cloud platforms across SaaS, PaaS and IaaS models.

Spotlight

Maintaining compliance with data privacy and security regulations—GDPR, CCPA, HIPAA, PSD2, PCI-DSS, GLBA, SOX, NERC-CIP and more—is top of mind for CIOs in 2019. The issues of privacy and security compliance affect ALL enterprise industries today. Security and privacy audits can be disruptive and expensive. HID IAM solutions enable organizations to efficiently balance privacy with security audit compliance. Legacy approaches to security assumed that everyone inside the network could be trusted. With the introduction of cloud computing, this approach is no longer valid. A new standard, called “Zero Trust,” is being championed by industry analysts. Zero Trust means the opposite of treating everything in the network as inherently trusted. Simply put, it means ‘trust no one, trust nothing’ until identity is proven. The Zero Trust model moves identity to the center of cybersecurity.

Related News

DATA SECURITY

Living Security Hosts a Panel of Industry Experts to Discuss Emerging Threats

Living Security | May 27, 2021

Living Security, a pioneer in Human Risk Management and a cybersecurity awareness training leader, is proud to host this year's Breaking Security Awareness Conference 2021, which will be held virtually on Thursday, June 24, 2021. The free event will educate business, IT, and security leaders on the most recent threats emerging in our increasingly digital world, as well as explain how effective training can protect employees both at work and at home. The conference will include a panel of industry thought leaders who will discuss topics such as: • Human risk management • Social engineering • DEI in cybersecurity • Enterprise security awareness • Remote working security • Ransomware Among the speakers this year are executives from Amplitude, Cisco, CISO Series, Forrester, LARES, National CyberSecurity Alliance (NCSA), Netflix, Social Engineer, and Yass Partners. About Living Security The objective of Living Security, which was founded in 2017, is to help prevent cybersecurity breaches by providing a human risk management platform that does more than just meet compliance requirements. It has a real effect on behavior. Living Security believes that empowering individuals is the key to putting an end to breaches. Gamified learning and immersive experiences engage and educate users, while the science-backed, tech-enabled platform enables CISOs to measure efficacy and program ROI uniquely. The Living Security team named one of Austin's Best Places to Work is made up of 50+ cybersecurity professionals dedicated to redefining security awareness training as we know it and transforming end-users into the enterprise's greatest asset against cybercrime. CVS Health, MasterCard, Verizon, MassMutual, Biogen, AmerisourceBergen, Hewlett Packard, JP Morgan, and Target are among the companies that rely on Living Security.

Read More

DATA SECURITY

Nozomi Networks Raises the Bar on Delivering Prioritized Actionable Intelligence for OT/IoT Networks to Accelerate Responses to Security Threats

Nozomi Networks | October 27, 2021

Nozomi Networks Inc., the leader in OT and IoT security, today announced new updates in Vantage™, the first cloud-based OT/IoT network security solution that equips security professionals and industrial operators with actionable, AI-driven insights to manage risk and speed precise remediation. The new enhancements help eliminate “alert fatigue” by narrowing down the hundreds of notifications security teams have to parse to determine the severity of vulnerabilities. “With attacks on OT and IoT infrastructure occurring daily, we know that organizations are overwhelmed with prioritizing risk reduction efforts, responding to alerts, and accelerating the detection of malware,The latest release of Vantage is designed to not only detect threats in critical infrastructure but also help prioritize and guide remediation steps quickly and efficiently. Only Vantage can provide these capabilities at the scale of the largest OT and IoT networks in the world.” Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks According to Ponemon Research, 52% of organizations say they are at a disadvantage in responding to vulnerabilities because they use a manual process and 72% say difficulty in prioritizing vulnerabilities contributes to patch delays. ESG Research finds 34% of cyber security professionals reported their biggest vulnerability management challenge is prioritizing which vulnerabilities to remediate. “Nozomi Networks has a proven reputation for continuous innovation and these latest updates only add to it,” said Frost & Sullivan Industry Analyst Danielle VanZandt. “With the explosive growth of IoT devices in industrial environments, now more than ever, security professionals need faster paths to actionable intelligence and tools that support the best possible response. Nozomi Networks has stepped up with a solution that fills the gap.” In this latest upgrade, Nozomi Networks continues to expand vulnerability management automation and intelligence with new prioritization metrics for vulnerability assessments. New Vantage features include: Prioritized Vulnerability Management With the new vulnerability dashboard, operators can quickly visualize all the OT and IoT vulnerabilities in the network, prioritize which vulnerabilities pose the greatest risk, and assess the level of effort to address the issues network-wide. Vantage provides: Actionable insights on remediation steps, patches, and upgrades. Built-in analytics scores that highlight which corrections will have the biggest impact on risk reduction, as well as identify which may be more labor-intensive. In addition to the Vantage vulnerability management process, Vantage leverages an AI-driven threat detection engine that analyzes endpoint and network configurations, traffic flows, and network packet contents to provide the deepest and most sophisticated insights for OT networks in the industry. Customized Playbooks for Precise Response In addition to customizing alerts for specific threats and vulnerabilities, now security professionals have the option to supplement these notifications with custom playbooks designed to guide response plans for each alert. These playbooks: Precisely guide remediation steps for specific threats, simplifying and accelerating operational response. Can be customized to specify workflows for each alert and to address individual customer environments and workflows. Can be shared between organizations. Streamlined Operations With Vantage, security professionals can quickly manage multiple hundreds or thousands of sites with limited resources. The SaaS-based solution is easy to deploy and runs in the cloud, providing near zero-cost setup and ongoing maintenance. Automated analysis and playbooks simplify remediation steps and costs to enable smaller teams to have more visibility across more devices and more sites. Vantage also makes it feasible to share security data with partners, vendors, and other applications from the centralized cloud repository without opening the network up to external users. About Vantage Vantage was designed to meet the rapidly evolving requirements of IoT-enabled infrastructures. The cloud-based OT and IoT network visibility and security solution delivers unmatched security and visibility with the unlimited scalability of SaaS. Vantage makes it possible to grow without limitations to consolidating data aggregation, analysis, and operations. With Vantage you can protect any number of OT, IoT, IT, edge, and cloud assets, located anywhere, with a single platform. About Nozomi Networks Nozomi Networks accelerates digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments.

Read More

SessionGuardian Enterprise Reduces Work from Home Cyber-Security Threats for Businesses

prnewswire | September 21, 2020

Remote work is a fact of life. COVID-19 restrictions increase #WFH security risks. SecureReview now offers SessionGuardian Enterprise, a cost-effective cybersecurity solution for small to medium enterprises. SessionGuardian Enterprise protects the last 18 inches of the internet by plugging into existing hosted virtual machine infrastructure. The biometric AI-powered solution integrates with AWS, Azure, Citrix, VMware, and other main line virtualization platforms at significant cost savings. In 2020, SecureReview rolled out SessionGuardian. It's groundbreaking end-point protection software for sensitive data. With SessionGuardian and Session Guardian Enterprise, only an authorized user can view the document. When the user looks away, the screen blurs. If someone looks over the user's shoulder, the screen blurs. If the user points a smartphone at the screen, it blurs. Screenshots and screen shares are blocked and disabled.

Read More

Spotlight

Maintaining compliance with data privacy and security regulations—GDPR, CCPA, HIPAA, PSD2, PCI-DSS, GLBA, SOX, NERC-CIP and more—is top of mind for CIOs in 2019. The issues of privacy and security compliance affect ALL enterprise industries today. Security and privacy audits can be disruptive and expensive. HID IAM solutions enable organizations to efficiently balance privacy with security audit compliance. Legacy approaches to security assumed that everyone inside the network could be trusted. With the introduction of cloud computing, this approach is no longer valid. A new standard, called “Zero Trust,” is being championed by industry analysts. Zero Trust means the opposite of treating everything in the network as inherently trusted. Simply put, it means ‘trust no one, trust nothing’ until identity is proven. The Zero Trust model moves identity to the center of cybersecurity.