SOFTWARE SECURITY

Illumio Collaborates with IBM Security to Bolster Cyber Resilience for Modern Organizations

Illumio | May 06, 2022

Illumio
Illumio, Inc., the Zero Trust Segmentation company, today announced an expanded relationship with IBM Security and a new integration between the companies’ technologies for advanced end-to-end threat detection and response. The integration combines IBM Security QRadar XDR with Segmentation from Illumio to provide pre-attack protections for accelerated detection and automated containment and remediation capabilities to help defend against the impacts of aggressive cyberattacks, including ransomware.

“In 2021, over half of organizations globally reported suffering a ransomware attack that blocked access to critical systems or data,” said Frank Dickson, Program Vice President at IDC. “As ransomware, and the attackers behind it, continues to plague every industry, organizations must act now to bolster cyber and business resiliency. The best way firms can safeguard their organizations is to address the five core elements of a ransomware attack: initial compromise, lateral movement, privilege escalation, data exfiltration and the encryption. Given the complexity and difficulty of the task, security tools should be adaptable, scalable and emphasize real-time visibility to enable real-time action.”

The integration provides customers with enhanced visibility into network traffic and can help limit the potential spread of attacks by segmenting application networks. When an intrusion takes place, an attacker’s external communication and movement throughout an organization’s network can be quickly detected, denied, and analyzed with the help of Illumio and QRadar SIEM. This centralized visibility and analysis can help with the detection of threats and ransomware that moves, often undetected, throughout organizations. Beyond detection, Illumio’s integration with QRadar SOAR enables incident responders to activate Illumio’s emergency ransomware containment controls in near real time, helping them to reduce the impact of ransomware and accelerate the eradication and recovery process.

“The onslaught of ransomware attacks demands end to end visibility, advanced analytics and automated actions based on an open platform – which are the foundational elements on which QRadar XDR was designed. “By leveraging its open architecture and segmentation platforms like Illumio, QRadar XDR helps customers achieve early detection, orchestration, and rapid, automated response to ransomware and other fast-moving attacks.”

Chris Meenan, VP of Product Management at IBM Security

“In February 2022, the Cybersecurity and Infrastructure Security Agency reported ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors, which signals the urgent business resilience risk it poses,” said John Skinner, VP, Business Development at Illumio. “Not only is ransomware today becoming more sophisticated and targeted, but incident rates are climbing. Successful detection and response depends on segmentation aligned with Zero Trust principles to isolate and stop ransomware before it spreads. Together, Illumio and IBM Security are empowering organizations to minimize the business impact of devastating attacks by combatting known risks at every phase.”

About Illumio
Illumio, the Zero Trust Segmentation company, prevents breaches from spreading and turning into cyber disasters. Illumio protects critical applications and valuable digital assets with proven segmentation technology purpose-built for the Zero Trust security model. Illumio ransomware mitigation and segmentation solutions see risk, isolate attacks, and secure data across cloud-native apps, hybrid and multi-clouds, data centers, and endpoints, enabling the world’s leading organizations to strengthen their cyber resiliency and reduce risk.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Immersive Labs Unveils World’s First Comprehensive Score to Gauge Enterprise Cyber Resilience

Businesswire | May 08, 2023

Immersive Labs, the leader in people-centric cyber resilience, today announced the launch of the Immersive Labs Resilience Score. The score measures an organization’s workforce preparedness for cyber attacks and breaches based on Immersive Labs’ years of benchmarking data across industry verticals. The score will help organizations identify weaknesses in their teams’ cyber capabilities, address skills gaps to prevent or mitigate damage to their revenues and brand reputations, and contribute to the factors that can lower insurance premiums. The Immersive Labs Resilience Score addresses a major challenge facing cyber leaders around the world today: a lack of confidence in, or awareness of, their teams’ real readiness to confront threats. Alarmingly, 80% of cyber leaders don’t think, or are unsure, their teams have the capabilities to respond to future attacks, according to a new study commissioned by Immersive Labs and conducted by Forrester Consulting.* “There is a common misconception that teams’ cyber capabilities are not measurable, but advancements in cyber exercising give us new insights to predict risk and build vital cyber capabilities across the workforce,” said Paul Bentham, Chief Product Officer, Immersive Labs. “The new Immersive Labs Resilience Score demonstrates that resilience can be assessed, benchmarked, and increased based on performance data. This is a huge leap forward in proving cyber capabilities compared to outdated, legacy cybersecurity training.” How the Immersive Labs Resilience Score Works The Immersive Labs platform provides realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities across the entire workforce, from executive decision makers to cyber defense, application security, IT, cloud teams and more. Now, when organizations use the platform to upskill their people, they will be able to view their overall resilience score against industry benchmarks and best practices, and see progress over time. The Resilience Score is calculated based on several factors, including: Executive and Crisis Management teams can effectively manage a complex crisis stemming from a cyber incident with consistent decision making and high levels of confidence Cyber teams can work together to solve complex red-team and blue-team scenarios using real-world environments Cyber teams are assigned to job roles and can prove their ability to carry out tasks in-line with new CVEs and capabilities Developers are able to prove their ability to code securely and systematically reduce vulnerabilities in the SDLC Cloud engineers are able to identify and fix common misconfigurations in real cloud environments End users are confident in end user security outcomes including how to report an incident and spot business email compromise The organization has proper security framework coverage, including MITRE ATT&CK Teams and individuals are mapped to job skills and are proving their technical abilities and that their skills are being kept up to date The Immersive Labs Resilience Score will be available to all customers beginning in late Q2 2023. To learn more about this new capability, please visit: https://www.immersivelabs.com/the-score/ *Forrester Opportunity SnapShot: “Cyber Leaders Need a More Effective Approach to Building and Proving Resilience” – A custom study commissioned by Immersive Labs, March 2023 About Immersive Labs Immersive Labs is the leader in people-centric cyber resilience. We help organizations continuously assess, build, and prove their cyber workforce resilience for teams across the entire organization, from front-line cybersecurity and development teams to Board-level executives. We provide realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities and decision-making against the latest threats. Organizations can now prove their cyber resilience by measuring their readiness compared to industry benchmarks, building team capabilities, and demonstrating risk reduction and compliance with data-backed evidence. Immersive Labs is trusted by the world’s largest organizations and governments, including Citi, Pfizer, Humana, HSBC, the UK Ministry of Defence, and the NHS England. We are backed by Goldman Sachs Asset Management, Summit Partners, Insight Partners, Citi Ventures, Ten Eleven Ventures, and Menlo Ventures.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

DoControl SaaS Security Platform Now Offered Through GuidePoint Security

prnewswire | April 21, 2023

DoControl, the no-code Software as a Service (SaaS) security company, is proud to announce its partnership with GuidePoint Security, a leading cybersecurity solutions provider, which aims to provide a comprehensive cloud security solution to protect customers' data and applications in a rapidly evolving digital landscape. DoControl's innovative SaaS security platform allows businesses to monitor and control their cloud data with unparalleled accuracy and granularity. The platform is designed to meet each customer's unique requirements, providing customized, comprehensive, and scalable SaaS security solutions. With this partnership, GuidePoint Security customers will be able to manage their SaaS security risks more efficiently and effectively through better visibility into and control over their data. Citing DoControl's recently released study, "The SaaS Security Threat Landscape Report," John Chester, DoControl's VP of Sales, notes, "The average employee from companies of all sizes have shared, inadvertently or not, 2,246 company assets outside their organizations. Much of this is confidential or proprietary data. DoControl provides visibility into exactly who has access to data, and where it has gone." Justin Iwanasin, Director, New and Emerging Vendors at GuidePoint Security, says, "As organizations are rapidly moving to the cloud, the need to secure business applications for SaaS applications is ever present. It is important that customers are looking at ways to secure the data with a SaaS data security program and implement solutions that can help them understand that risk." To learn more about DoControl, visit the website or request a demo. DoControl will also be onsite at the upcoming RSA Conference in San Francisco from April 24–27, please schedule a time to chat with us, or visit our booth #4139 in Moscone South. About DoControl Founded in 2020 and headquartered in New York, DoControl is an automated data access controls platform for SaaS applications, improving security and operational efficiency with ease for enterprises. DoControl is backed by investors Insight Partners, StageOne Ventures, Cardumen Capital, RTP Global and global cybersecurity leader CrowdStrike's early-stage investment fund, the CrowdStrike Falcon Fund. The company's leadership team combines product, engineering and sales experience across cybersecurity, enterprise and SaaS innovators. For more information, please visit www.docontrol.io. Follow us on Twitter and LinkedIn. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint's unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

AnChain.AI Integrates with Stellar to Bring Enhanced Security and Compliance to Developers

Prnewswire | May 09, 2023

AnChain.AI, a leading Web3 digital asset security, and risk monitoring firm, today announced its integration with Stellar, the pioneering decentralized open-source blockchain network for cross-border payments and asset issuance. This integration paves the way for Stellar's thriving developer community to leverage AnChain.AI's AI-powered Web3 risk management and security solutions to enhance their security posture as they drive innovation. As digital assets and cross-border payments continue to rise, the need for fraud prevention solutions has become increasingly apparent. AnChain.AI's CISO Investigation platform provides an additional layer of trust to institutions developing on Stellar. By utilizing AnChain.AI's Open Blockchain Ecosystem Intelligence (OpenBEI), Stellar developers can prioritize security and customer safety from the earliest phases of building. "As the Web3 ecosystem continues to expand, it's becoming increasingly clear that security is not a luxury, but a necessity," said Dr. Victor Fang, CEO & Co-founder of AnChain.AI. "We are committed to providing cutting-edge security and risk monitoring solutions that enable Web3 platforms to operate with confidence. We're excited to build a more secure and sustainable Web3 future on Stellar." AnChain.AI utilizes AI digital asset risk assessment and early detection of suspicious activity. AnChain.AI's technology solutions underpin the regulatory efforts of leading government agencies, financial institutions, and enterprises worldwide, including the United States Securities and Exchange Commission (SEC). Through this integration, AnChain.AI continues demonstrating its commitment to a more secure blockchain ecosystem, ensuring that all participants in the Stellar community can confidently engage. "Having AnChain.AI integrate with Stellar is a breath of fresh air for the thriving community of Stellar projects," said Mark Heynen, Vice President of Partnerships at Stellar Development Foundation. "These types of solutions help equip developers and enterprises with the necessary tools to prioritize security and compliance from the get-go. This integration lays a sturdy foundation for Stellar ecosystem innovators to create more secure cross-border payment and asset issuance solutions." This integration represents a significant step towards increasing community awareness of the risks associated with rapidly evolving Web3 technology, particularly as regulatory scrutiny in the digital asset space intensifies. By solidifying a shared commitment to sustainable and secure development, this integration lays the foundation for the next-generation Web3 innovation on the Stellar network. Join the growing number of enterprises, financial institutions, government agencies, and users and developers who trust AnChain.AI for their Web3 and digital asset security needs. If you're a user or developer on Stellar looking to enhance your security and compliance posture, get started today. About AnChain.AI AnChain.AI (HQ in San Francisco) is an award-winning AI-powered cybersecurity company enhancing Web3 security, risk, and compliance strategies. AnChain.AI was founded in 2018 by cybersecurity and enterprise cloud veterans. Backed by both Silicon Valley and Wall Street VCs, and selected in the Berkeley Blockchain Xcelerator, we are trusted by 100+ customers from over 10+ countries in sectors: VASPs, financial institutions, and government, including the U.S. SEC (Securities and Exchange Commission). AnChain.AI Web3 Security Suite protects over $50 billion Web3 crypto assets. RSA Innovation Sandbox Finalist 2023. CNBC Top Startups Award 2022.

Read More