DATA SECURITY

eSentire Leverages Guidewire to Quantify and Reduce Cyber Security Risk

eSentire | October 11, 2021

eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), and Guidewire Software, Inc. today announced that eSentire is leveraging Guidewire Cyence’s market-leading, internet-scale cyber data listening and modeling capabilities to support in financially quantifying and reducing cyber risk.

Cyber threats pose one of the greatest risks to businesses today, yet it is becoming increasingly harder to identify and protect against those risks and secure insurance coverage,The combination of eSentire and Guidewire Cyence technologies and expertise fill a significant gap to help businesses assess, design, and implement cyber risk solutions and quantify their security ROI and risk reduction.

eSentire Chief Technology Officer Dustin Hillard

eSentire’s technical cybersecurity expertise in 24/7 threat detection and response to real-time and zero-day threats, combined with Guidewire’s strengths in economic modeling, will enable cybersecurity leaders to tie the efficacy of their security spends to security program return-on-investment.

The eSentire Atlas XDR platform, ingesting data from over 1,000 customers across 70 countries worldwide, automatically blocks more than 1 billion threats per year and learns from more than 2 million rapid, human-led investigations per year, yielding a significant proprietary data set that maps internal risk factors to security outcomes. Guidewire’s cyber risk modeling and scoring data for more than 600,000 businesses is now integrated with eSentire’s asset risk scoring, providing security recommendations through eSentire’s Insight Portal:

Business Risk Scoring: eSentire customers now have access to Guidewire’s Cyence Risk Rating within the eSentire Insight portal. This business risk rating predicts the probability of a public data breach in the next 12 months. Each business risk rating is contextualized based on industry, size, and revenue band in comparison to its segment peers.

Asset Risk Scoring: eSentire customers will benefit from eSentire’s own artificial intelligence risk models learned from targeted attacks defended across its global customer base to determine the probability of an internal security incident originating at the asset level over the next three months. eSentire leverages these insights to make proactive security recommendations on how to reduce each customer organization’s risk.

The Royal United Services Institute reported that despite ransomware being the leading claim source for cyber insurers, many organizations are not approved due to open internet access, primarily through open Remote Desktop Protocols (RDP). Through their work together, eSentire and Guidewire have identified and remediated several open RDP scenarios, thereby reducing risk and enabling the organizations to improve their cyber insurance risk profile. In fact, eSentire and Guidewire have developed preferred cybersecurity insurance relationships with Guidewire customers that deliver improved deductibles and expansive coverage for eSentire customers.

Hillard added, “eSentire customers now have the opportunity to engage with an expert Cyber Risk Advisor to build a proactive security plan tailored to reducing risk in their environment while considering business- and asset-specific insights,” says eSentire Chief Technology Officer Dustin Hillard. “As a result of our work together, we earn the confidence of the insurance market and our customers get improved cyber risk insurance pricing and policy coverage.”

“We are thrilled to join eSentire in making tangible, transparent, and quantifiable cyber risk reduction a reality for businesses worldwide,” says Guidewire Chief Innovation Officer Paul Mang. “We are committed to helping organizations manage the economic volatility associated with cyber threats, both through the efficient use of risk transfer insurance solutions and through proactive risk management actions.”

This exciting innovation in cyber risk quantification has been complemented by the introduction of eSentire’s Cyber Risk Advisor program as part of the firm’s overall customer success engagement model. These advisors are security practitioners with consultative and solutions architecture experience, who act as an extension of the customer’s cybersecurity team, demonstrating a clear understanding of each organization’s business objectives and security priorities. The Cyber Risk Advisor supports customers with infrastructure assessments, regular service reviews, and interprets risk scoring metrics to develop a tailored risk reduction roadmap with recommendations that prioritize risk mitigation. These recommendations are based on the insights driven from eSentire’s 24/7 Security Operations Center, Threat Response Unit (TRU), and the new Guidewire Cyence Risk Rating integration.

About eSentire
eSentire, Inc., the Authority in Managed Detection and Response, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analytics & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response Services. For more information, visit www.esentire.com and follow @esentire.

About Guidewire Software
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 450 insurers, from new ventures to the largest and most complex in the world, run on Guidewire.

As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record, with 1,000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our marketplace provides hundreds of applications that accelerate integration, localization, and innovation.

Spotlight

At the Black Hat conference in Las Vegas, CSO’s Steve Ragan talks with Stephanie Carruthers, owner of Snow Offensive Security, about why business email compromise (aka CEO fraud) works so well against companies. She also discusses several tricks that phishers will use to gain trust among corporate employees when preparing for an attack.

Spotlight

At the Black Hat conference in Las Vegas, CSO’s Steve Ragan talks with Stephanie Carruthers, owner of Snow Offensive Security, about why business email compromise (aka CEO fraud) works so well against companies. She also discusses several tricks that phishers will use to gain trust among corporate employees when preparing for an attack.

Related News

ENTERPRISE SECURITY

Cengage Group Announced its Agreement to Acquire Infosec

Cengage Group | February 01, 2022

Cengage Group, a global education technology firm with millions of students, has agreed to pay $190.8 million for Infosec, a significant cybersecurity education provider. Cengage Group will expand into the cybersecurity professional training market due to this acquisition, and its fast-developing Workforce Skills business will grow significantly. Subject to usual closing conditions and regulatory clearances, the acquisition is scheduled to close in the first calendar quarter of 2022. "The cybersecurity industry is at a critical inflection point where the skilled labor shortage could have far-reaching and lasting effects on business and personal safety. At the same time, it provides an opportunity for un- or under-employed workers who can upskill or reskill for career advancement. With our scale and resources, more cybersecurity professionals will have access to an affordable and faster option to develop the skills they need," said Michael E. Hansen, CEO of Cengage Group. "The online, employer-paid cybersecurity training segment is currently a $1 billion market, with expectations that it will grow to $10 billion annually by 2027. Combining Infosec with our already-successful Workforce Skills business will provide top-line growth, expand our base of recurring revenue and accelerate our opportunity within the space." Cengage Group's ed2go company will absorb Infosec as part of its Workforce Skills division, and Cengage will retain and invest in Infosec people and products to support future growth. Since its inception in 2004, Infosec has taught over 100,000 cybersecurity experts and provided training to over 5 million learners to enhance their cybersecurity knowledge and safety at home and work. Cengage Group offers post-secondary and online continuing education courses through partnerships with hundreds of community colleges and universities, allowing students to upskill and reskill. According to Cengage Group's study on the "Great Resignation," 78 percent of people who had resigned from a job pursued online training courses or certificate programs. It stated they were critical to getting a new job. The ed2go business of Cengage Group helps job searchers and those who are currently employed by providing market-leading learning experiences that educate people for employment in high-demand fields like IT. "Infosec was built by talented employees who truly believe that knowledge is power and care deeply about creating training materials that help cybersecurity professionals advance in their careers and keep employers and staff aware of cybersecurity threats at home and at work. Cengage Group has the same level of passion for making learning accessible, affordable and applicable to today's cybersecurity professionals,Building on ed2go's history in online training, Infosec will benefit from Cengage Group's scale and expertise, which means we can reach more cybersecurity professionals and employers that are looking to not only grow their careers but to keep businesses, governments, and people safe from cyber threats." Jack Koziol, CEO and Founder of Infosec The frequency of cyber-attacks rose dramatically as the world switched to remote and hybrid working environments. As a result, the demand for competent and educated cybersecurity professionals has increased, prompting the Bureau of Labor Statistics to rank information security analysts as the tenth fastest expanding occupation in the United States over the next decade, with a 31 percent increase in employment.

Read More

DATA SECURITY

Arctic Wolf Security Operations Cloud Reaches Massive Scale and a Global Footprint

Arctic Wolf | November 09, 2021

-Arctic Wolf®, a leader in security operations, today announced the global expansion of its industry-leading cloud-native platform, the Arctic Wolf Security Operations Cloud, to provide customers and partners with unified visibility, protection, and automation, through a growing number of technical integrations. With the establishment of a European Security Operations Center (SOC) in Frankfurt, Germany, Arctic Wolf customers in any location, will have full flexibility in how their native security solution data is stored and accessed to aid in their compliance with local and international data governance regulations. Built on an open XDR architecture, the Arctic Wolf Security Operations Cloud has scaled to ingest, parse, enrich, and analyze over 1.6 trillion security events and 1.3 petabytes of data each week from over one million licensed users at 2,000 global customers. By leveraging machine learning and artificial intelligence the Arctic Wolf Security Operations Cloud now processes events at an equivalent or greater rate than that of other market-defining cloud platforms. This momentum is driven by a strong uptick in demand for the technology in the enterprise market, demonstrated by Arctic Wolf’s 510% year-over-year large enterprise ARR growth in the first quarter of the fiscal year. Unlike the rest of the industry that is just now starting to parse solutions to integrate data from multiple attack surfaces, Arctic Wolf’s platform was built from day one on a cloud-native architecture that seamlessly ingests data from endpoint, network, identity, and cloud sources to deliver automated threat detection and response at scale. This unification of an organization’s security data ensures only verified security incidents are escalated to customers, effectively eliminating alert fatigue, and ensuring internal security resources have the time needed to focus on hardening their overall security posture. Powering Security Operations at a Global Scale To further support Arctic Wolf’s ongoing global expansion, the company has leveraged the scalability and extensibility of the AWS public cloud infrastructure, providing new customers the ability to have their native security solution data hosted within the Arctic Wolf Security Operations Cloud in their choice of the United States, Germany, or Canada. With five SOCs spread across North America and Europe, as well as a growing team of remote security analysts, organizations within Arctic Wolf’s global customer base can have confidence that the Arctic Wolf Concierge Delivery Model aligns with the needs of their compliance requirements on their security journey to end cyber risk. Delivering Critical Outcomes Across the Entire Security Operations Framework The massive growth in the power and scale of the Arctic Wolf Security Operations Cloud has been pushed by explosive market demand for security operations, which has resulted in the company doubling its sales for eight consecutive years and achieving a $4.3B valuation as part of a $150M Series F funding round in July. In addition to the business expansion driving the momentum of its cloud-native platform, Arctic Wolf has also made aggressive investments in ecosystem integrations, resulting in the Arctic Wolf Security Operations Cloud adding support for dozens of new security data sources over the last year. Arctic Wolf’s universal and unlimited approach to data ingestion allows customers to gain visibility and control over historically disparate security solutions, while removing the need for security leaders to choose which data sources are important or cost-effective to monitor. Supporting Quotes: “While every other aspect of the modern technology stack has a category-defining platform —think Salesforce, ServiceNow, and Workday— no one in cybersecurity has managed to unify the market and produce a true platform that serves all security operations use cases for midsize and enterprise customers,The Arctic Wolf Security Operations Cloud delivers exactly that – the unified security operations experience that owns the outcome for the customer, and our new global footprint makes it easier than ever for organizations to have full control over where their native security solution data is stored.” Nick Schneider, president and chief executive officer of Arctic Wolf “Accelerated digital transformation and the shift to cloud-based solutions require organizations to rethink data protection strategies and upscale their data security infrastructures to meet the ever-evolving privacy and data compliance landscape,” said Duncan Brown, vice president, European Enterprise Research, IDC. “This trend is global in nature and in Europe, in particular, we are seeing a rapid movement to adopt cloud environments. The vendors who will lead the market in that change will need to demonstrate a proven track record in delivering a mature, global cloud model that meets data sovereignty requirements without compromising speed and scalability.” With the Security Operations Cloud, Arctic Wolf is the first to deliver a cloud-based platform that gives organizations the protection, resilience, and guidance they need to defend against cyber threats, including Managed Detection and Response (MDR), Managed Risk, Cloud Security Posture Management (CSPM), and Managed Security Awareness —each delivered by the unique concierge delivery model. About Arctic Wolf: Arctic Wolf® is a global leader in security operations, delivering the first cloud-native security operations platform to end cyber risk. Powered by threat telemetry spanning endpoint, network, and cloud sources, the Arctic Wolf® Security Operations Cloud ingests and analyzes more than 1.6 trillion security events a week across the globe, enabling critical outcomes for most security use cases and optimizing customers’ disparate security solutions. Now deployed to more than 2,000 customers worldwide, the Arctic Wolf® Platform delivers automated threat detection and response at scale, and empowers organizations of any size to stand up world-class security operations with the push of a button.

Read More

DATA SECURITY

XSOC CORP Launches Four Foundational Patent Pending Cryptographic Systems Built to Secure Critical Data

XSOC CORP | May 12, 2021

XSOC CORP has emerged from stealth mode after three years of intense research and development, and today unveiled new cybersecurity solutions aimed at offering improved cryptographic capabilities for existing systems in local industrial and wireless environments. XSOC CORP is a post-quantum data security company that protects businesses' most sensitive data and communications from well-funded hacker groups and nation-state attackers using more sophisticated attacks. Senior software and hardware developers at XSOC CORP combine decades of algorithmic programming expertise with high-performance encryption techniques. Matching global-level cybersecurity innovations with the business and marketing acumen of a professionally experienced executive management team have boosted XSOC CORP's entry into the market. XSOC CORP expands on the idea that good security, together with stronger tools, is the only real way to ensure data and device safety against external threats – no matter how sophisticated. The new technology from XSOC CORP fills gaps in existing cybersecurity systems by providing specialized encryption products, utilities, and pluggable modules that are specifically tailored for the expanding Internet of Things (IoT) and Industrial Internet of Things (IIoT) markets. XSOC CORP is collaborating with the academic and professional sectors to solve some of the problems associated with outdated Public Key Infrastructure (PKI). SSL/TLS is the most commonly used mode of PKI, but it only provides a "static" certificate-based solution and, in many situations, only updates cryptographic key material certificates once per year. In the last 20 years, the certificate concept hasn't evolved or improved much; instead, it's gotten more expensive while being hard to configure and maintain. SOCKET is a breakthrough technology that allows for continuous cryptographic key rotation (updates) with or without SSL/TLS support. SOCKET is a cryptographic key exchange protocol designed for near-field/radio frequency (RF) and wireless transmissions in closed-circuit, limited-distance, or intermittent ad-hoc network environments that support hardened encryption protection. SOCKET also offers a relatively reliable and secure main infrastructure mechanism for more permanent network conditions. SOCKET, for example, can be used as an out-of-band (stand-alone) means of symmetric key transmission for legacy devices in an industrial (IT/OT) or commercial wireless surveillance environment, or modern streaming video cameras in a warehouse or embassy. SOCKET is an ideal companion to the XSOC Cryptosystem, and offers a safe solution for symmetric key sharing, allowing authentication in situations where TLS (SSL Certificates) are either impractical or impossible. SOCKET can be thought of as an “N-Tier” variant of Kerberos / X.509 technology, which has been around for 20 years and does not have a single point of failure. Although XSOC CORP's SOCKET technology focuses on the idea of protected key exchanges in private network environments, the technology has also been completely opened to the internet via WAN-SOCKET. SOCKET's Wide Area Network (WAN) version employs advanced Distributed Hash Table (DHT) and Peer to Peer (P2P) technologies to provide symmetric encryption keys safely and with reduced lag or delay. The reliability of SOCKET (and WAN-SOCKET) is due to the final pillar of XSOC CORP's main underlying technology set, Encrypted Broadcast Protocol, or "EBP." EBP is a native authentication protocol for network-efficient secure signal communications with 512bit or higher encryption strength. XSOC CORP has improved on the already effective UDP protocol, making it 100% stable and capable of providing completely encrypted data. XSOC CORP has shown that transfer of massive volumes of data over EBP can be achieved more than twice as fast as the leading FTP client/server while also being secured by 512bit encryption in a clear head-to-head challenge against the TCP/IP protocol. About XSOC CORP Founded in 2018, XSOC CORP is headquartered in Irvine, CA, and has a senior management and technology engineering team that has developed the XSOC Cryptosystem, which employs a supplied cryptographic cipher and a versatile SDK/API for fast integration into a wide range of software and platforms. XSOC Cryptosystem is designed to make the use of symmetric encryption easier. It eliminates the amount of time and code (or effort) taken to apply strong encryption directly to text, data, and, in particular, streaming-media services. SOCKET and WAN-SOCKET, which are powered by the modern and high-performance EBP protocol, expand the scope of symmetric cryptography globally.

Read More