Executive Overconfidence is a security risk that Netsparker Research finds

prnewswire | October 13, 2020

Netsparker, the leading enterprise dynamic application security testing (DAST) solution, teamed up with Dimensional Research to understand the maturity and effectiveness of web application security in organizations worldwide. Security professionals from 382 organizations across the globe responded to the survey, with roles spanning development, DevOps, and C-suite. Netsparker analyzed the findings and today released a report, "New Vulnerability Found: Executive Overconfidence."

Spotlight

Small businesses often assume they are safe from cyber attacks because they are too small to be of interest to hackers. Many small businesses also mistakenly assume they have taken adequate measures to protect themselves. This infographic highlights the risks faced by small businesses from hackers as well as gives a few tips to help safeguard against attacks.

Spotlight

Small businesses often assume they are safe from cyber attacks because they are too small to be of interest to hackers. Many small businesses also mistakenly assume they have taken adequate measures to protect themselves. This infographic highlights the risks faced by small businesses from hackers as well as gives a few tips to help safeguard against attacks.

Related News

DATA SECURITY

Endpoint Security of Lookout Mobile is Now StateRAMP Authorized

Lookout | March 04, 2022

Lookout, Inc., a provider of comprehensive endpoint-to-cloud security, announced today that its Lookout Mobile Endpoint Security solution had been granted StateRAMP Authorization. The Lookout solution has passed 325 security checks, indicating that it can handle sensitive, unclassified data and protect critical government networks. It gives state and local governments complete access over their entire fleet of iOS, Android, and ChromeOS endpoints, allowing them to secure agency data in real-time by detecting and responding to phishing, app, device, and network threats. Lookout is the premier provider of mobile endpoint security to the government and the first mobile security vendor to be approved by StateRAMP. In April 2020, Lookout Mobile Endpoint Security received FedRAMP approval. StateRAMP is a nonprofit organization founded by state and local government leaders, industry professionals, and private firms to offer a standard for government entities to manage cybersecurity risks from third-party suppliers. These security standards are based on NIST Special Publication 800-53, a widely accepted catalog of security and privacy controls for information systems and organizations from the National Institute of Standards and Technology (NIST). Attackers seek to breach agency networks in droves, fueled by the global epidemic and the trend to mass telework. According to a new SolarWinds and Market Connections survey of 400 decision-makers from federal, state, and municipal agencies and the education sector, endpoint security software is an important tool in managing risk. The Office of Management and Budget (OMB) M-22-01 mandates that federal agencies integrate mobile devices in their endpoint detection and response, continuous monitoring, and proactive threat hunting strategies, setting a high bar for state and local governments to meet. "In the current environment of remote work and digital transformation of government services, state and local organizations are operating with an increasing number of mobile devices that are expanding their cyber attack surface, These organizations need tools that can detect and respond to threats on iOS, Android and ChromeOS devices to secure data accessed from anywhere." Tony D'Angelo, vice president, U.S. public sector, Lookout The Lookout Security Graph, which analyses telemetry data from more than 200 million devices and 150 million apps and continually ingests and analyses millions of URLs every day, is at the heart of Lookout Mobile Endpoint Security. Lookout Mobile Endpoint Security uses machine intelligence to help state and local governments detect and respond to phishing, application, device, and network attacks while maintaining user privacy. In addition, lookout can automatically detect and respond to threats that have never been seen before, thanks to machine intelligence. Following receiving FedRAMP Joint Advisory Board (JAB) Provisional Authorization to Operate for Lookout Mobile Endpoint Security in May 2020 and Secure Access Service Edge (SASE) in February 2022, the company was added to the StateRAMP AVL. StateRAMP's compliance verification is modeled after FedRAMP, and it necessitates the submission of an independent third-party audit to the StateRAMP Program Management Office (PMO) for approval.

Read More

DATA SECURITY

Credence Security, a Leading Cybersecurity and Digital Forensics Value-Added Distributor, has Launched a New Partner Portal

CREDENCE SECURITY | June 03, 2021

The demand for leading cybersecurity and digital forensics solutions is higher than ever. For over 20 years, Credence Security, a PAN-EMEA specialty distributor, has led in these areas along with governance, risk, and compliance, based in Dubai and regional presence in Johannesburg, London, Nairobi, New Delhi, and Saudi Arabia. Credence Security provides cybersecurity and digital forensics solutions to both public and private sector enterprises through a select network of specialist resellers. In exciting news from the company, in response to its continued rapid growth, Credence Security recently announced the launch of its new Credence Security Partner Portal, which will enable easier deal registration, better tracking of opportunities, and SPIFF programs, access to sales and marketing materials, and much more. This is expected to be a precious tool for the company's resellers. "Our channel partners are one of our most important relationships," commented Philip Cherian, Regional Channel Director. "We paid attention to our partner feedback and enhanced our Channel Partner Program and Partner Experience Portal, doubling down on our commitment to helping them succeed by continuing to invest in our Channel, tools, and infrastructure to support our partners across the region and make it even easier for them to do business with our vendors and us." Credence Security is built on the foundation of 4 focus pillars – Continuous Adaptive Risk and Trust Assessment, Data Protection and Governance, Digital Forensics and Incident Response and Identity, Payments, and Data Security. "The value delivered in all of these areas is something that continues to grow, both as technology advances, but also from the company making every effort to understand the challenges partners and clients face so they can be more effectively addressed," commented Moe Bux, Regional Sales Director. "This strategy has been a key component in Credence Security's success and continued value-added growth." The Credence Security Partner Portal launch arrives on the back of a record-breaking year for the channel team, which saw its best year across the channel in respect of: • Channel team growth • Overall revenue growth generated by our specialist resellers • Partner growth in both geographical as well as vertical expansion ABOUT CREDENCE SECURITY Established in 1999, Credence Security, a PAN-EMEA specialty distributor, is cybersecurity, forensics, governance, risk, and compliance. Unlike most other distributors, we take a consultative "value-add" solution approach; we collaborate with our partners and their customers to understand their needs, both from a technology and business perspective, and then work very closely with our partners to deliver tailor-made solutions. Working closely with globally recognized, award-winning vendors including AccessData, ESET, Entrust, Magnet Forensics, ZeroFox, and Trustwave, Credence Security provides best-in-class, Cybersecurity and Forensics technologies and solutions to protect organizations against advanced persistent threats, malicious adversaries, and internal malpractice.

Read More

DATA SECURITY

CompTIA ISAO Adds Real-time Cybersecurity Threat Analysis and Intelligence Resources from Sophos

CompTIA | August 05, 2021

Advanced cybersecurity threat analysis and intelligence capabilities are now available from the CompTIA Information Sharing and Analysis Organization (ISAO) through an expanded collaboration with global next-generation cybersecurity leader Sophos and it industry-leading and highly acclaimed threat research lab, SophosLabs. The announcement of the new cyber capabilities was made today by CompTIA, the nonprofit association for the information technology (IT) industry and workforce. CompTIA ISAO members can directly submit suspicious URLs and files through the ISAO's Cyber Forum to SophosLabs Intelix™ for rapid analysis to determine if they are known or zero-day cybersecurity threats. SophosLabs Intelix combines petabytes of threat intelligence derived from decades of SophosLabs threat research with Sophos AI tools and techniques, bringing a powerful new source of threat intelligence to the CompTIA ISAO and its managed services provider (MSP), vendor, distributor, and associate members. "SophosLabs research illustrates how adversaries are constantly changing their tactics, techniques and procedures (TTPs) to breach targets, move laterally and carry out ransomware and other attacks," said Simon Reed, senior vice president, SophosLabs. "The only way to effectively fight modern cybercrime is if we do it together. That's why Sophos is committed to sharing actionable threat intelligence with the CompTIA community. This new integration gives member organizations advanced abilities to quickly investigate suspicious URLs and files to determine their risk and to understand what happens if they are opened or executed. Powered by machine learning, SophosLabs Intelix predictively convicts never-before-seen threats, and is constantly improving based on the collective input of community intelligence." "This is a real differentiator for our members, who can access a powerful analysis resource to identify, classify and prevent threats, further protecting themselves and more importantly, their customers," said MJ Shoer, senior vice president and executive director of the CompTIA ISAO. The new integration expands Sophos' support of the CompTIA ISAO. As a Silver Industry Partner, Sophos has been contributing detailed threat analysis from SophosLabs Uncut to the CompTIA ISAO. "This is a significant addition to the resources available to our members," Shoer added. "It is the latest example of the support that industry partners such as Sophos have for the CompTIA ISAO, and the commitment we all have to make the industry more secure." The CompTIA ISAO is a community of nearly 1,200 member companies that share best practices, cyber threat intelligence, educational content and more to help address ever-evolving cyber threats. Working closely with public and private cybersecurity agencies and organizations, the CompTIA ISAO is helping its members understand the threat landscape, defend against current and future attacks and raise cybersecurity awareness throughout the global tech industry. About CompTIA The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world's economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce. About Sophos Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today's most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K.

Read More