MTTD and MTTR: Two Metrics to Improve Your Cybersecurity

Threatpost | January 28, 2020

For any organization to protect itself from cyberattacks and data breaches, it’s critical to discover and respond to cyber threats as quickly as possible. Shutting the window of vulnerabilities promptly makes the difference between a mild compromise and a catastrophic data breach. Understanding your ability to do so gives your organization a powerful way to determine holes in your defenses and areas where your team needs to improve. While there are dozens of metrics available to determine success, here are two key cybersecurity performance indicators every organization should monitor.

Spotlight

Each year businesses lose millions of pounds to cyber criminals. On a daily basis, company websites are breached, compromising personal data and costing thousands. Therefore, it is important to know where the weakest link in cyber security lies and how to prevent attacks in the future. Knowing where vulnerabilities are is the first step to securing systems and avoiding breaches, this can save businesses a significant amount of time and money. Below is an infographic outlining where businesses are the most vulnerable and how to guard against future attacks. Beneath the infographic are some suggested steps to take to protect your business.

Spotlight

Each year businesses lose millions of pounds to cyber criminals. On a daily basis, company websites are breached, compromising personal data and costing thousands. Therefore, it is important to know where the weakest link in cyber security lies and how to prevent attacks in the future. Knowing where vulnerabilities are is the first step to securing systems and avoiding breaches, this can save businesses a significant amount of time and money. Below is an infographic outlining where businesses are the most vulnerable and how to guard against future attacks. Beneath the infographic are some suggested steps to take to protect your business.

Related News

DATA SECURITY

Evolution Equity Partners Expands Focused Investment Platform for Cybersecurity

prnewswire | December 23, 2020

In 2020, Evolution activated a $250m Fund after fully investing a $125m Fund in 2019 and increased AUM to over $675m. The firm completed 8 investments this year including: Quantexa – London based market leader in financial crime detection and real time AML/KYC. $56m Series C Round led by Evolution. Unbound Technologies – New York City/Tel Aviv based market leader in secure multi-party computation and cryptographic keys. $20m Series B Round led by Evolution. Awake Security – Palo Alto based leading network security platform. $36m Series C Led by Evolution. (Stealth Company) – London based Quantum cybersecurity company. Early-stage financing led by Evolution. Existing portfolio companies raised follow on rounds of financing in 2020 including: DefinedCrowd – Seattle based AI/ML data platform leader. Panaseer – London based continuous control monitoring cybersecurity leader. Onapsis - Boston based application cybersecurity leader. Logpoint – Copenhagen based security incident and event management (SIEM) leader. CounterCraft – London based cyber deception and threat intelligence platform. Evolution cybersecurity portfolio companies growth news: Security Scorecard – Security Scorecard Accelerates on Pathway to 20 million Rated Companies Truefort – Winner of 2020 Red Herring Top 100 North America Award DFLabs – IncMan SOAR SaaS Cloud Platform Drives Growth Richard Seewald, Founder & Managing Partner at Evolution, stated: "In 2020 Evolution continued to add talent and assets to a team of leading cybersecurity investors and company builders while partnering with trailblazing software companies expanding in global markets. As we look to 2021, there are a unique set of conditions that set the stage for cybersecurity entrepreneurs to make meaningful impact protecting critical infrastructure in cyberspace. Evolution is privileged to be partnering with these great companies." Awards Among many notable accolades awarded in 2020 to Evolution and our portfolio, we are pleased to be working with some of the fasted growing cybersecurity and enterprise software companies in the world. Platform Expansion Evolution launched a London office to compliment Palo Alto, New York City and Zurich and added professionals to expand the platform of expertise that serves portfolio companies. The firm has 15 investment professionals including two recent hires: Ollie Bone, Associate – Prior to joining Evolution, Ollie led venture scouting for global corporates in defense, manufacturing and consulting. He ran an accelerator program for cybersecurity scaleups building a UK and global support network for founders where he worked with leading cybersecurity companies. Eduardo Martinez, Associate – Eduardo is an associate at Evolution Equity Partners focused on sourcing and monitoring investment opportunities across the technology sector. He is in charge of portfolio management and reporting, performing valuation analysis and due diligence of investments.

Read More

DATA SECURITY

WafCharm on Microsoft Azure Launches Cyber Security Cloud

businesswire | December 01, 2020

Cyber Security Cloud, Inc. (CSC) is pleased to announce the availability of WafCharm on Microsoft Azure. Already available to over one million Amazon AWS users around the world, this launch provides Azure users with AI operation of Web Application Firewall (WAF) rules, expanding WafCharm’s availability to 60% of the world’s cloud users. Microsoft Azure users now have access to the same WafCharm benefits for securing their web applications in the cloud as do their Amazon AWS counterparts. By making WafCharm available on two of the industry’s top cloud platforms, businesses benefit by being able to select the cloud service that best fits their needs while enjoying the ease-of-use WafCharm offers. “WafCharm automates WAF rules using machine learning and big data without requiring security experts to customize the system,” CSC’s CTO, Yoji Watanabe, stated. “With CSC’s expertise in the cloud-WAF industry, Azure users can optimize their cloud functionality and focus resources on their businesses instead of constantly fine-tuning WAF rules to the latest security threats.” WafCharm automatically customizes WAF rules based on their applications and system, and continuously adjusts and manages them. Users can now focus on business operations with fewer security worries as WafCharm takes care of: building, testing and tuning rules; researching vulnerabilities, and creating new rules. “Deploying and operating WAF without a purpose-built tool like WafCharm is a time- and resource-intensive operation. And companies with limited resources are not able to respond immediately when problems happen,” said Yosuke Matsuura, Infrastructure Team Leader of CAST PLATFORM at Hachidori, Inc., developer of chatbot and shift and attendance tools. “With CSC’s WafCharm, we've been able to maximize WAF's security features in a hassle-free way. I highly recommend it to anyone deploying WAF.”

Read More

SOFTWARE SECURITY

Trend Micro Detected Nearly 13 Million Malware Events Targeting Linux-based Cloud Environments

Trend Micro Incorporated | August 24, 2021

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today released new research on the state of Linux security in the first half of 2021. The report gives valuable insight into how Linux operating systems are being targeted as organizations increase their digital footprint in the cloud and the pervasive threats that make up the Linux threat landscape. As of 2017, 90% of public clouds workloads ran on Linux. According to GartnerÒ, "Rising interest in cloud-native architectures is prompting questions about the future need for server virtualization in the data center. The most common driver is Linux-OS-based virtualization, which is the basis for containers.1" Linux allows organizations to make the most of their cloud-based environments and power their digital transformation strategies. Many of today's most cutting-edge IoT devices and cloud-based applications and technology run on some flavor of Linux, making it a critical area of modern technology to secure. "In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority," says John Breen, Global Head of Cybersecurity at Flowserve. "We'll continue to work closely and collaborate with Trend Micro to ensure our people and our company remain protected." "It's safe to say that Linux is here to stay, and as organizations continue to move to Linux-based cloud workloads, malicious actors will follow," said Aaron Ansari, vice president of cloud security for Trend Micro. "We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on." The report revealed that most detections arose from systems running end-of-life versions of Linux distributions, including 44% from CentOS versions 7.4 to 7.9. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months. This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.

Read More