Home > News > featured news > Evolving and Increased Threats improve the Demand for Enhanced Safety Technology and Port Security Solutions

DATA SECURITY

Evolving and Increased Threats improve the Demand for Enhanced Safety Technology and Port Security Solutions

Frost & Sullivan | June 22, 2021

According to Frost & Sullivan, security spending will be pushed by the new developments in the region such as Africa, APAC, and the Middle East. The shipping industry contributes 90% of global trade volume. The recent analysis by Frost & Sullivan on the global maritime port security market reveals that international governments prioritize the secure and safe transportation of various goods to ensure economic stability and growth. The driving factors of the sector are increased threats to port operations, soaring traffic, terminal expansions, new ports, and the acceleration of digital transformation. Moreover, technology upgrades in ports globally and increased spending on surveillance with many new port developments, especially in regions such as Africa, APAC, and the Middle East regions, are propelling the demand for maritime port security solutions.

As a result, the global industry is expected to hit, by 1930, $9.10 billion, from $6.74 billion in 2020. Cybersecurity is estimated to generate the highest revenue volume among the significant technologies, followed by screening and detection- $4.08 billion and $1.69 billion, respectively.

Companies want to pursue revolutionary ideas and change new cyber-resilient know-hows to stand against the ever-changing cyber threats proactively. To attain this, market contributors should emphasize on:

• Integrated systems for effective security operations
• Managed services business model
• Cybersecurity of physical security systems

A Dynamic Threat Landscape Propels the Global Maritime Port Security Market is the newest addition to Frost & Sullivan's Aerospace & Defense research and analyses accessible through the Frost & Sullivan Leadership Council, which supports administrations identify a constant flow of growth prospects to prosper in an impulsive future.

About Frost & Sullivan

Frost & Sullivan, for six decades, has been world-known for its part in helping shareholders, corporate leaders, and governments cross economic changes and identify new business models, troublesome technologies, Mega Trends, and companies to action, resulting in a constant flow of development openings to lead future achievement.

Spotlight

XO DDoS Mitigation Service: Cyber security trends 2017, edition 4 of 5

Distributed Denial of Service (DDoS) attacks can take mid-market businesses out of commission for hours, days or weeks. This video addresses repercussions and solutions specific to the DDoS menace, and in layman's terms.

More featured news

Spotlight

XO DDoS Mitigation Service: Cyber security trends 2017, edition 4 of 5

Distributed Denial of Service (DDoS) attacks can take mid-market businesses out of commission for hours, days or weeks. This video addresses repercussions and solutions specific to the DDoS menace, and in layman's terms.

Related News

Terranova Security Recognized as a computer-based software framework for security awareness Representative Vendor in the Gartner

prnewswire | August 26, 2020

Gartner, Inc. has recognized Terranova Security as a Security Awareness Program Platforms Representative Vendor in its 2020 Market Guide for Security Awareness Computer-Based Training (SACBT). Terranova Security, a 2019 Gartner Peer Insights Customers' Choice vendor for SACBT, received the Peer Insights distinction as a vendor in a market that includes ready-to-use, interactive software modules. The effectiveness of the Terranova Security Awareness Platform is based on its content delivery capabilities, sophisticated and scalable reporting metrics, integrations with broader corporate learning systems, and the ability to test and evaluate the awareness training efficacy across a given end-user population. These capabilities help global organizations tackle some of the biggest challenges for security awareness programs: measuring security awareness activities, tailoring messaging for different audiences, and building a security-centric culture.

Read More

DATA SECURITY

Vectra AI Reveals Cybersecurity Blind Spots in PaaS and IaaS Environments with Security Survey

Vectra AI | August 06, 2021

Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations. As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found: 64% of DevOps respondents are deploying new workload services weekly or even more frequently 78% of organizations are running AWS across multiple regions (40% in at least three) 71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.) The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include: 30% of organizations surveyed have no formal sign-off before pushing to production 40% of respondents say they do not have a DevSecOps workflow 71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers. Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure. "Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness." Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS. To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report or read our companion blog. About Vectra Vectra is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office 365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem.

Read More

DATA SECURITY

Cybereason Discovers Global Botnet Campaign Using Microsoft Exchange Vulnerabilities

Cybereason | April 23, 2021

Cybereason, the market leader in future-ready attack protection, reported today the discovery of a widespread, global campaign aimed at spreading the stealthy Prometei Botnet by attacking enterprises with a multi-stage attack to harvest computing power to mine bitcoin. To infiltrate networks, the threat actors, who tend to be Russian speakers, are exploiting previously disclosed Microsoft Exchange vulnerabilities used in the Hafnium attacks. Prometei has a sophisticated infrastructure in place to guarantee its longevity on infected machines. Though Prometei was first reported in July 2020, Cybereason believes the botnet dates back to at least 2016, a year before the now-famous WannaCry and NotPetya malware attacks, which infected over 200 countries and caused billions of dollars in damage. Prometei is still evolving, with new features and tools being added daily. “Because it has gone undetected, the Prometei Botnet poses a significant danger to companies. When attackers gain possession of infected machines, they can not only mine bitcoin by stealing processing power, but they can also exfiltrate classified information. The attackers may even inject the infected endpoints with other malware and work with ransomware groups to offer access to the endpoints if they so desire. To make matters worse, crypto mining consumes vital network computing power, adversely affecting business processes as well as the performance and reliability of sensitive servers,” said Assaf Dahan, Cybereason's senior director and head of threat research. Key findings from the research, include: • Wide range of Victims: Victims have been observed across a variety of industries, including Finance, Insurance, Retail, Manufacturing, Utilities, Travel, and Construction. Infected companies are based in countries around the world, including the United States, United Kingdom, Germany, France, Spain, Italy and other European countries, South America and East Asia. • Russian Speaking Threat Actor: The threat actor appears to be Russian speaking and is purposely avoiding infections in former Soviet bloc countries. • Exploiting SMB and RDP Vulnerabilities: The main objective of Prometei is to install the Monero crypto miner on corporate endpoints. To spread across networks, the threat actor is using known Microsoft Exchange vulnerabilities, in addition to known exploits EternalBlue and BlueKeep. • Cross-Platform Threat: Prometei has both Windows-based and Linux-Unix-based versions, and it adjusts its payload based on the detected operating system on the targeted machines when spreading across the network. • Cybercrime with APT Flavor: Cybereason assesses that the Prometei Botnet operators are financially motivated and intent on generating hefty sums of bitcoin, but is likely not backed by a nation-state. • Resilient C2 Infrastructure: Prometei is designed to interact with four different C2 servers which strengthen the botnet’s infrastructure and maintain continuous communications, making it more resistant to takedowns. Recommendations to companies for minimizing the Microsoft Exchange vulnerability include constantly scanning the environment for threats and imposing stricter patch management policies to ensure that all updates are deployed regularly. Sensitive network assets should also be hardened, multi-factor authentication implemented, and endpoint detection and response tools installed. About Cybereason Cybereason is a champion for today's cyber defenders, offering future-ready attack protection that unifies security from the endpoint to the enterprise and everywhere the battle moves. The Cybereason Defense Platform incorporates the industry's best detection and response (EDR and XDR), next-generation anti-virus (NGAV), and aggressive threat hunting to provide context-rich analysis of any component of a Malop (malicious operation). As a result, defenders will stop cyberattacks from endpoints to everywhere. Cybereason is a privately owned international company based in Boston that serves clients in over 30 countries.

Read More

Terranova Security Recognized as a computer-based software framework for security awareness Representative Vendor in the Gartner

prnewswire | August 26, 2020

Gartner, Inc. has recognized Terranova Security as a Security Awareness Program Platforms Representative Vendor in its 2020 Market Guide for Security Awareness Computer-Based Training (SACBT). Terranova Security, a 2019 Gartner Peer Insights Customers' Choice vendor for SACBT, received the Peer Insights distinction as a vendor in a market that includes ready-to-use, interactive software modules. The effectiveness of the Terranova Security Awareness Platform is based on its content delivery capabilities, sophisticated and scalable reporting metrics, integrations with broader corporate learning systems, and the ability to test and evaluate the awareness training efficacy across a given end-user population. These capabilities help global organizations tackle some of the biggest challenges for security awareness programs: measuring security awareness activities, tailoring messaging for different audiences, and building a security-centric culture.

Read More

DATA SECURITY

Vectra AI Reveals Cybersecurity Blind Spots in PaaS and IaaS Environments with Security Survey

Vectra AI | August 06, 2021

Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations. As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found: 64% of DevOps respondents are deploying new workload services weekly or even more frequently 78% of organizations are running AWS across multiple regions (40% in at least three) 71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.) The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include: 30% of organizations surveyed have no formal sign-off before pushing to production 40% of respondents say they do not have a DevSecOps workflow 71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers. Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure. "Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness." Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS. To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report or read our companion blog. About Vectra Vectra is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office 365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem.

Read More

DATA SECURITY

Cybereason Discovers Global Botnet Campaign Using Microsoft Exchange Vulnerabilities

Cybereason | April 23, 2021

Cybereason, the market leader in future-ready attack protection, reported today the discovery of a widespread, global campaign aimed at spreading the stealthy Prometei Botnet by attacking enterprises with a multi-stage attack to harvest computing power to mine bitcoin. To infiltrate networks, the threat actors, who tend to be Russian speakers, are exploiting previously disclosed Microsoft Exchange vulnerabilities used in the Hafnium attacks. Prometei has a sophisticated infrastructure in place to guarantee its longevity on infected machines. Though Prometei was first reported in July 2020, Cybereason believes the botnet dates back to at least 2016, a year before the now-famous WannaCry and NotPetya malware attacks, which infected over 200 countries and caused billions of dollars in damage. Prometei is still evolving, with new features and tools being added daily. “Because it has gone undetected, the Prometei Botnet poses a significant danger to companies. When attackers gain possession of infected machines, they can not only mine bitcoin by stealing processing power, but they can also exfiltrate classified information. The attackers may even inject the infected endpoints with other malware and work with ransomware groups to offer access to the endpoints if they so desire. To make matters worse, crypto mining consumes vital network computing power, adversely affecting business processes as well as the performance and reliability of sensitive servers,” said Assaf Dahan, Cybereason's senior director and head of threat research. Key findings from the research, include: • Wide range of Victims: Victims have been observed across a variety of industries, including Finance, Insurance, Retail, Manufacturing, Utilities, Travel, and Construction. Infected companies are based in countries around the world, including the United States, United Kingdom, Germany, France, Spain, Italy and other European countries, South America and East Asia. • Russian Speaking Threat Actor: The threat actor appears to be Russian speaking and is purposely avoiding infections in former Soviet bloc countries. • Exploiting SMB and RDP Vulnerabilities: The main objective of Prometei is to install the Monero crypto miner on corporate endpoints. To spread across networks, the threat actor is using known Microsoft Exchange vulnerabilities, in addition to known exploits EternalBlue and BlueKeep. • Cross-Platform Threat: Prometei has both Windows-based and Linux-Unix-based versions, and it adjusts its payload based on the detected operating system on the targeted machines when spreading across the network. • Cybercrime with APT Flavor: Cybereason assesses that the Prometei Botnet operators are financially motivated and intent on generating hefty sums of bitcoin, but is likely not backed by a nation-state. • Resilient C2 Infrastructure: Prometei is designed to interact with four different C2 servers which strengthen the botnet’s infrastructure and maintain continuous communications, making it more resistant to takedowns. Recommendations to companies for minimizing the Microsoft Exchange vulnerability include constantly scanning the environment for threats and imposing stricter patch management policies to ensure that all updates are deployed regularly. Sensitive network assets should also be hardened, multi-factor authentication implemented, and endpoint detection and response tools installed. About Cybereason Cybereason is a champion for today's cyber defenders, offering future-ready attack protection that unifies security from the endpoint to the enterprise and everywhere the battle moves. The Cybereason Defense Platform incorporates the industry's best detection and response (EDR and XDR), next-generation anti-virus (NGAV), and aggressive threat hunting to provide context-rich analysis of any component of a Malop (malicious operation). As a result, defenders will stop cyberattacks from endpoints to everywhere. Cybereason is a privately owned international company based in Boston that serves clients in over 30 countries.

Read More

More featured news