DATA SECURITY

Modus Collaborates with AgileBlue to Introduce Modus Data Protector™, for Managed Breach Protection from Cybersecurity Threats

AgileBlue | April 30, 2021

Security threats grow rapidly, and proper investigation and response necessitate the use of people who are familiar with endpoints, networks, cloud systems, and other technologies. Many businesses need a professional SOC manager, an accomplished Security Analyst, a Threat Researcher, a Security Architect, a Security Analyst, a Cloud Security Architect, and so on. This ensures that you need a team that is always improving to have the best skills as you need them. Unfortunately, there is a critical lack of specialized cybersecurity expertise in the overall talent industry, and there are not enough qualified resources to fulfill the need.

Cybersecurity is complicated, and different technologies will often be needed to work together. Maintaining technical expertise to implement, update, and customize each component, as well as educating the staff on new versions and features, is needed. You must manage these distributor relationships, licenses, and training operations if you operate your SOC. Having coverage 24 hours a day, seven days a week is no longer discretionary. It's a must! Allowing an enemy to sow seeds for hours, days, or weeks makes it infinitely more difficult to control and eliminate risks. The adversary is aware that they only have a finite amount of time to do as much harm as possible, as in the case of ransomware, or to set back doors, as in the case of data exfiltration.

You have the best chance of recovery if you can investigate and answer within minutes, so having a solution that is available 24 hours a day, seven days a week is essential.

If money isn't a problem and you have the resources devoted to building out a 24x7 Security Operations Center, it could make sense to go in that direction. If you are limited on any of those fronts, Modus suggests that SOCaaS is a safer option. In summary, Modus Data ProtectorTM SOCaaS will allow you to:

• Leverage security insights from other organizations

• Have predictable spending – no need for surprise budget requests

• Handle alerts more efficiently and with more predictable results

• Have the agility and keep pace with your ever-changing organization’s IT demands

• Enjoy a 24 x 7 x 365 promise to you that includes human-based responses, asset discovery, vulnerability assessment, intrusion detection, behavior monitoring, log management, and cloud-based SIEM

About AgileBlue

AgileBlue is a software firm that offers a cutting-edge SOC-as-a-Service for 24X7 network monitoring, cloud security, data protection, and enforcement. AgileBlue's team of cybersecurity and technical experts created a new SOC-as-a-Service technology that safeguards the company's sensitive network infrastructure, cloud, and confidential data. AgileBlue, founded by Joe Marquette and Tony Pietrocola, is a premier 24X7 Autonomous CyberSOC. AgileBlue Leadership also advises executives and boards of directors on cyber threats, creating a cyber policy, and providing cyber risk management as a service.

About Modus

Modus Discovery, Inc is a relationship-driven data analytics firm founded by experienced founders and industry veterans. As corporate owners, CIOs/CTOs, general counsel, and cybersecurity professionals, we've been in your shoes. They understand the difficulties you are experiencing because they have faced them earlier. This empathy is what motivates them to provide you with the most successful solutions and to make each information governance or eDiscovery partnership a stunning success. Modus puts individuals, systems, and technologies together to assist clients with compliance and eDiscovery problems. The Modus team has gained subject matter expertise through decades of hands-on experience in their respective fields, resulting in informed and empowered advisors ready to make timely choices that support their clients and their needs.

Spotlight

At Adobe®, we take the security of your digital experience and assets seriously. Security practices are integrated into our internal software development processes, operations, and tools. Our cross-functional incident response teams are proactive and nimble in preventing, detecting, and responding to incidents. Furthermore, our collaborative work with partners, leading researchers, and other industry organizations helps us stay updated with the latest threats, vulnerabilities, and security best practices; thereby enabling us to continually build security into the products and services we offer and regularly incorporate advanced security techniques into our product and service offerings.

Spotlight

At Adobe®, we take the security of your digital experience and assets seriously. Security practices are integrated into our internal software development processes, operations, and tools. Our cross-functional incident response teams are proactive and nimble in preventing, detecting, and responding to incidents. Furthermore, our collaborative work with partners, leading researchers, and other industry organizations helps us stay updated with the latest threats, vulnerabilities, and security best practices; thereby enabling us to continually build security into the products and services we offer and regularly incorporate advanced security techniques into our product and service offerings.

Related News

PLATFORM SECURITY,SOFTWARE SECURITY

Phosphorus Launches New xIoT Security Capabilities to Discover and Disable Risky Devices Prohibited by the U.S. Government

Phosphorus | December 13, 2022

Phosphorus, the leading provider of proactive and full-scope security for the extended Internet of Things (xIoT), today announced new security features that will enable organizations to discover and monitor their networks for the presence of xIoT devices that the U.S. government deems a significant security risk. The new features also include the capability to remotely disable and remove the devices from the network. Phosphorus’s security update follows the FCC’s ban on the sale or importation of devices made by several Chinese manufacturers that it considers to pose “an unacceptable risk to national security of the United States or the security or safety of United States persons.” The Covered List includes video surveillance and telecommunications equipment produced by Huawei Technologies, ZTE Corporation, Hytera Communications, Hangzhou Hikvision Digital Technology, and Dahua Technology (and their subsidiaries and affiliates). “The Phosphorus xIoT Security Platform is the industry’s only solution that can discover the presence of these prohibited devices and remotely render them inert at scale. “These unique capabilities will empower enterprises and government organizations across the U.S. to discover, disable, and remove banned or potentially dangerous devices from their enterprise environments.” John Vecchi, Chief Marketing Officer at Phosphorus Advanced Discovery Capability A recent study by Phosphorus’s global research division, Phosphorus Labs, found that organizations consistently struggle to identify all of their xIoT devices – this means many companies may not realize they have banned devices lurking inside their networks. According to its research, 80% of enterprise security teams can’t identify the majority of their xIoT devices and customer estimates of xIoT inventories are consistently off by 40-60%. Phosphorus’s Enterprise xIoT Security Platform has unique capabilities for discovering xIoT assets, and it is the only technology platform able to communicate with these devices (ranging from security cameras to PLCs) in their native languages. This enables a high degree of accuracy, granularity, and speed when discovering and analyzing these devices to create comprehensive inventories of xIoT assets that include device type, brand, model, firmware version, credential status, default/enabled protocols, certificate status, and more. Disabling and Isolating High-Risk Devices Phosphorus empowers organizations by giving them direct control over every single device in their wide-ranging xIoT deployments. Through the platform’s Hardening and Remediation capabilities, organizations can update and rotate a device’s credentials, manage firmware, disable remote services, turn off unnecessary connectivity features, check for valid certificates, and reboot the device. For organizations that have detected banned xIoT technologies in their networks, specific device-level actions such as changing passwords, disabling services and reducing connectivity will be critical for limiting the potential risks of these devices prior to their removal from the network. World’s First and Only Proactive xIoT Security Platform Phosphorus’s Enterprise xIoT Security Platform is the industry’s only consolidated xIoT security offering, delivering state-of-the-art Attack Surface Management, Hardening and Remediation, and Detection and Response across the full range of IoT, OT, and Network-connected devices – spanning both new and legacy devices. For the first time in industry history, teams in IT, Facilities, and Security are able to collaborate on a single platform to safely discover, assess, remediate, and monitor their xIoT devices. Phosphorus is now the solution of choice for enterprises to secure devices that were previously unknown or overlooked, beginning with fundamental xIoT security hygiene. The company’s Enterprise xIoT Security Platform is currently deployed in Fortune 100, Fortune 500, and government networks. ABOUT PHOSPHORUS Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our Enterprise xIoT Security Platform delivers Attack Surface Management, Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, and Network device vulnerabilities—including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

BlueVoyant Research Reveals Defending Digital Supply Chains Remains a Business Challenge

BlueVoyant | November 14, 2022

BlueVoyant, an industry-leading cyber defense company that combines internal and external cybersecurity, today released the findings of its third annual global survey into supply chain cyber risk management. The study reveals that 98% of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain. This is up slightly from 97% of respondents last year. Digital supply chains are made of the external vendors and suppliers who have network access that could be compromised. "The survey shows that supply chain cybersecurity risk has not decreased and, in fact, more enterprises than ever have reported being negatively impacted by a cybersecurity disturbance in their supply chain," said Adam Bixler, BlueVoyant's global head of supply chain defense. "The good news is that across industries and regions, organizations are making supply chain defense a priority, but these organizations need to better monitor suppliers and work with them to remediate issues to reduce their supply chain risk." Other key survey findings include: 40% of respondents rely on the third-party vendor or supplier to ensure adequate security. In 2021, 53% of companies said they audited or reported on supplier security more than twice per year; that number has improved to 67% in 2022. These numbers include enterprises monitoring in real time. Budgets from supply chain defense are increasing, with 84% of respondents saying their budget has increased in the past 12 months. The top pain points reported are internal understanding across the enterprise that suppliers are part of their cybersecurity posture, meeting regulatory requirements, and working with suppliers to improve their security. "While supply chain defense is a challenge, there are solutions for enterprises to better defend against this risk," said James Rosenthal, BlueVoyant's CEO and co-founder. "Enterprises should continuously monitor their supply chain to be able to quickly remediate threats. As companies are being negatively impacted by supply chain disturbances, they must prioritize this risk with the appropriate budget." The study was conducted by independent research organization, Opinion Matters, and recorded the views and experiences of 2,100 chief technology officers (CTOs), chief security officers (CSOs), chief operating officers (COOs), chief information officers (CIOs), chief info security officers (CISOs), and chief procurement officers (CPOs) responsible for supply chain and cyber risk management in organizations with more than 1,000 employees across a range of industries. These include: business services, financial services, healthcare and pharmaceutical, manufacturing, utilities and energy, and defense. It covered 11 countries: U.S., Canada, Germany, Austria, Switzerland, France, the Netherlands, the United Kingdom, Australia, the Philippines, and Singapore. The 2021 research was also conducted by Opinion Matters and recorded the views and experiences of 1,200 CTOs/CSOs/COOs/CIOs/CISOs/CPOs in similar enterprises and the same industries. It covered six countries: U.S., Canada, Germany, the Netherlands, the U.K., and Singapore. Analysis of the responses from different commercial sectors revealed considerable variations in their experiences of supply chain risk: While healthcare and pharmaceutical was the third-highest vertical in terms of experiencing greater board scrutiny for supply chain risk at 42%, the sector also indicates the lowest likelihood to increase budget for external resources to bolster supply chain cybersecurity, by a margin of 7% below the next closest vertical. This sector is also the least likely of any vertical (34%) to have no way of knowing if an issue arises with a third party's environment. The energy sector was most likely to report negative impact from at least one supply chain breach in the last year (99%) but 49% are monitoring supply chain cyber risk regularly or in real time, and 44% are updating senior leadership monthly or more frequently. In addition, energy companies say they are increasing their budget for supply chain cyber risk by an average of 60%. In manufacturing, 64% of respondents say that supply chain cyber risk is on their radar and 44% say they have established an integrated enterprise risk management program. About BlueVoyant BlueVoyant combines internal and external cyber defense capabilities into an outcomes-based platform called BlueVoyant Elements™. Elements is cloud-native and continuously monitors your network, endpoints, attack surface, and supply chain plus the clear, deep, and dark web for vulnerabilities, risks, and threats; and takes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independent solutions or together as a full-spectrum cyber defense platform. BlueVoyant's approach to cyber defense revolves around three key pillars — technology, telemetry, and talent — that deliver industry-leading cybersecurity to more than 700 clients across the globe.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Living Security Announces Partnership Agreement with GuidePoint Security

Living Security | January 02, 2023

Living Security, the pioneer in human risk management, announced entering into a strategic partnership with GuidePoint Security, a renowned value-added reseller (VAR) that enables enterprises to make more informed cybersecurity decisions and reduce their risk exposure. The partnership will combine GuidePoint Security's ecosystem with Living Security's industry-leading human risk management products and security awareness training. "According to the Computer Emergency Response, cyberattacks have been ranked as the fifth most significant danger for the year 2020 and have become the standard in both the public and private sectors." Each day, the number of cybersecurity events continues to rise, and the vast majority of these problems can be traced back to human action. Using a data-driven methodology, Living Security enables security directors to identify the most vulnerable elements of their workforce in order to decrease human risk exposure, control the contribution to overall risk over time, and alter organizational behavior. About Living Security Living Security's objective is to transform human risk in order to generate a dramatic increase in human behavior, organizational security culture, and information security program efficacy. With the company's Human Risk Management platform, Living Security connects each employee with creative and pertinent context and content while simultaneously enabling management to recognize, report on, and proactively mitigate the risk posed by human behavior. Living Security is trusted by security-conscious firms such as MasterCard, MassMutual, Verizon, Biogen, Hewlett Packard, AmerisourceBergen, and Target. About GuidePoint Security GuidePoint Security offers dependable cybersecurity insights, solutions, and services that enable businesses to make risk-averse decisions. The company's specialists serve as trusted advisors by evaluating the cybersecurity posture and ecosystem in order to identify risks, maximize resources, and deploy the most appropriate solutions. GuidePoint's unparalleled knowledge has enabled a third of Fortune 500 organizations and over half of U.S. cabinet-level agencies to enhance their security posture and decrease risk.

Read More