IT Security Leaders Engage in Risky Security, Password Habits

Helathitsecurity | February 25, 2020

IT security practitioners routinely engage in risky password and authentication practices. And there’s a misalignment between expectations and reality when it comes to the implementation of usable security tools, according to a recent report from Yubico and conducted by the Ponemon Institute. Researchers surveyed 2,507 global IT and IT security leaders, as well as 563 individual users. They found that while most IT leaders have strong awareness of best practice authentication and password management, those tools and skills are often not put into action due to inconvenience or usability issues. In fact, individual users were found to have better security practices than the IT leaders. The report found that of the 35 percent of users who reported experiencing an account takeover, 76 percent changed how they managed their account passwords or protected their accounts.

Spotlight

"Get comprehensive survey findings from more than 500 cybersecurity professionals - all offering unique insights into the state of insider threats today, as well as the best solutions to keep your network protected. Find out how your peers can help you:

- Understand the five growing trends for insider threats
- Chose the right security tools and processes
- Enjoy faster recovery and remediation
- And more"

Spotlight

"Get comprehensive survey findings from more than 500 cybersecurity professionals - all offering unique insights into the state of insider threats today, as well as the best solutions to keep your network protected. Find out how your peers can help you:

- Understand the five growing trends for insider threats
- Chose the right security tools and processes
- Enjoy faster recovery and remediation
- And more"

Related News

DATA SECURITY

Data Protection Platform, Protegrity to introduce dynamic monitoring and data masking capabilities

helpnetsecurity | June 11, 2021

Version 8.1 of Protegrity, the latest version of the Protegrity Data Protection Platform, is released. This has the features such as monitoring capabilities and dynamic data masking. It provides all the customers, from a single data store, multiple data-protection methods. The company has also introduced Protegrity Cloud API and a redesigned logging architecture. Monitoring and dynamic data masking provide visibility and control for sensitive data access With this functionality, version 8.1 of the Protegrity Data Protection Platform gives a greater level of control and choice to meet the data protection they need to run their business smoothly. Monitoring capabilities provide customers standard visibility into how data is being retrieved and used across the company. Customers can utilize dynamic data masking of Protegrity for a greater level of control over their sensitive data. Unicode tokenization delivers language-preserving data security for global businesses Unicode is a standard for the consistent handling, encoding, and representing text expressed in the world's writing systems. Protegrity, with version 8.1, now brings all the benefits of its tokenization to all text encoded in the one- and two-byte Unicode standards. New cloud API and logging architecture enhance platform functionality Along with new data-protection methods, including data masking, monitoring, and Unicode tokenization, version 8.1 of Protegrity has revealed the following essential platform enhancements: • Protegrity Cloud API • Redesigned logging architecture

Read More

DATA SECURITY

Stellar Cyber's Open XDR strengthens security operations for Barracuda users

Stellar Cyber | November 10, 2021

Stellar Cyber, the innovators of Open XDR and the leading next-gen security operations platform, announced today that it has integrated its industry-leading security platform with Barracuda CloudGen Firewall, Barracuda Web Application Firewall, and Barracuda Total Email Protection, bringing enhanced visibility, automated incident correlation, threat hunting, and remediation to managed security service provider (MSSP) customers and prospects. "Our customers know that Barracuda delivers best-of-class email, network, and web application security solutions. When it comes to defending against today's sophisticated cyber threats like ransomware and data breaches, they are looking for full visibility and automation," said Fleming Shi, CTO at Barracuda Networks. "We already offer Barracuda SKOUT Managed XDR optimized for our MSP customers. This new integration with Stellar Cyber gives our enterprise customers a holistic view of their infrastructure and the capabilities to coordinate incident response to attacks in real time." The Stellar Cyber platform incorporates the XDR Kill Chain and AI-driven correlation of detections and alerts into automatically generated incidents in an easy-to-use dashboard with visibility across the entire attack surface, so analysts know exactly what and how to investigate. In addition, Stellar Cyber's built-in multi-tenant features make it easier than ever for Barracuda's MSSP partners to provide SOC-as-a-service offerings to their end-user clients. "The Stellar Cyber Open XDR platform brings additional value to existing Barracuda product investments by ingesting their logs, enriching the captured data, analyzing that data for threats, and then automatically remediating attacks through the firewall as well as other systems," said Zeus Kerravala, principal analyst at ZK Research. "It's great to see this level of integration to protect customers." "By integrating our Open XDR AI-powered cybersecurity platform with Barracuda's popular solutions, we deliver a new level of visibility and SOC capabilities, such as correlated threat analysis, threat hunting, and automated remediation, to Barracuda customers,Our purpose-built platform collects and ingests data from all existing security tools and presents a single dashboard that clearly identifies and prioritizes security threats, all the way from individual alerts to sophisticated incidents or attack stories, in a way that maximizes efficiency in SOC operations." Paul Jespersen, Senior Vice President of Global Business Development at Stellar Cyber Using ransomware protection as an example, customer benefits of the integration include: Barracuda Total Email Protection signals and alerts will be available in Stellar Cyber to provide visibility into phishing and brand-hijacking attacks designed to harvest credentials. In an event where a phishing link is clicked, Barracuda CloudGen Firewall stops the traffic to the attacker's site and flags the target for all other attempts. Network and application infrastructure are constantly bombarded with intrusion and access attempts, especially with stolen credentials. Provided with signals from Barracuda CloudGen Firewall and Barracuda Web Application Firewall, these attempts will be immediately flagged and prevented. Barracuda is working on deeper and broader integrations with Open XDR platforms like Stellar Cyber. Barracuda customers will be able to stop ransomware more efficiently and get ahead of attackers using credential theft and account takeover in email security and prevent further penetration. At Barracuda we strive to make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them – in ways they may not even know they are at risk — so they can focus on taking their business to the next level. For more information, visit barracuda.com. Barracuda Networks, Barracuda, and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the US and other countries. SKOUT Cybersecurity and the SKOUT logo are registered trademarks of SKOUT Cybersecurity Holdings, Inc. and its affiliates in the US and other countries. About Stellar Cyber Stellar Cyber's Open XDR platform delivers Everything Detection and Response by ingesting data from all tools, automatically correlating alerts into incidents across the entire attack surface, delivering fewer and higher-fidelity incidents, and responding to threats automatically through AI and machine learning. Our XDR Kill Chain™, fully compatible with the MITRE ATT&CK framework, is designed to characterize every aspect of modern attacks while remaining intuitive to understand. This reduces enterprise risk through early and precise identification and remediation of all attack activities while slashing costs, retaining investments in existing tools and accelerating analyst productivity. Typically, our platform delivers an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

DATA SECURITY

Skybox Security Announces Rapid Global Expansion

Skybox Security | July 30, 2021

A global leader in security posture management, Skybox Security, today announced accelerated global expansion to meet increasing market demand for its Security Posture Management Platform. It includes its Vulnerability Management solution. Skybox Security increased new subscription customers by 86% in the first half of 2021, driven by customer demand to improve security efficacy and reduce exposure risk across hybrid cloud and critical infrastructure. In addition, the company achieved 30% growth in key industries during the same timeframe, including healthcare, government, financial services, and manufacturing. Skybox Security's has global presents throughout Europe, and Africa (EMEA), the Middle East, as well as the Asia Pacific and Japan (APJ) regions, comes on the heels of high-profile cyberattacks that put the spotlight on why a data-driven, risk-based approach to Vulnerability Management is mission-critical. As a result, Skybox Security is experiencing tremendous demand and justifiable growth in EMEA, with deal sizes increasing 33% and average annual contract value growing 64% over the first half of 2021. The company will remain to make essential investments into expanding its EMEA and APJ operations. Skybox Security has cemented itself as the Security Posture Management partner of choice for solution providers globally. Over the first six months of 2021, Skybox grew channel sales across EMEA, North America, and APJ by 35%. About Skybox Security Most of the largest global security-conscious enterprises rely on Skybox for the insights and assurance required to stay ahead of dynamically changing attack surfaces. At Skybox, they don't just serve up data and information. Skybox provides the intelligence and context to make informed decisions, taking the guesswork out of securely enabling enterprises at scale and speed. Our unified security posture management platform delivers complete analytics, visibility, and automation to quickly map, prioritize, and remediate vulnerabilities across your organization. The vendor-agnostic platform intelligently optimizes security actions, policies, and change processes across all corporate and cloud environments.

Read More