DATA SECURITY

New CyberCube Scenarios Aid the Cyber Planning of Lloyd's Syndicates

businesswire | January 21, 2021

CyberCube has refreshed its information driven insightful programming to flawlessly empower guarantors to evaluate misfortunes to situations that Lloyd's has given to partners for the forthcoming March information assortment cutoff time.

These situations are utilized to answer to Lloyd's on how their arrangement of business would be influenced by major digital occasions.

CyberCube has presented the three situations for practical digital fiascos as a component of its Portfolio Manager item, which is utilized by hazard transporters.

The three situations, which CyberCube planned related to Lloyd's Underwriting group, Lloyd's market specialists and Guy Carpenter, are:

- a cloud blackout

- a force or foundation blackout

- a significant malware assault

The Lloyd's Market Association's Cyber Risk Strategy Group has additionally been vigorously engaged with building up the situations in the course of recent months.

By dissecting how their arrangement of protection chances are influenced by these situations, the Lloyd's market can survey each coordinate's monetary flexibility and that of the market in general. The situations additionally uncover the most cutting-edge danger scene and related digital dangers that cause critical gatherings of misfortunes.

The three digital situations, which will in future be remembered for Lloyd's formal Realistic Disaster Scenario (RDS) structure, will assume a significant part in organizations' business arranging measures. They mark the market's most complex digital examination exercise to date.
Pascal Millaire, CyberCube’s CEO, said: “Lloyd’s syndicates have long been leaders in the global cyber insurance market and so it is no surprise that the Lloyd’s market is also taking a leadership role amongst regulators in thoughtfully measuring cyber exposure accumulation. We’re thrilled to be able to help Lloyd’s syndicates with this exercise using our platform.”

Kirsten Mitchell-Wallace, Lloyd’s Head of Portfolio Risk Management, said: “The Lloyd’s market is a global leader in cyber insurance so understanding and controlling exposure to this class of business is critical. Cyber is a rapidly evolving risk that demands scrutiny at both syndicate and market level: the use of scenarios helps Lloyd’s to achieve this.”

Siobhan O’Brien, Managing Director and Head of Guy Carpenter’s International Cyber Centre of Excellence, commented: “This is a very important piece of work for the broader RDS framework. The findings of the study will prove valuable not only for Lloyd’s syndicates but also for the wider insurance industry in helping to address some of the most challenging aspects of cyber risk that impact multiple lines of insurance.”

CyberCube's Portfolio Manager is a digital danger fiasco model that permits guarantors to see how their book of business would be influenced by a progression of digital dangers. The model has not been closed down by Lloyd's yet is broadly utilized on the lookout.

Deviations should be accounted for to Lloyd's and any inquiries with respect to the assortment time frame (January 8 to March 31) ought to be tended to in the main example to Lloyd's.

About CyberCube

CyberCube delivers the world’s leading cyber risk analytics for the insurance industry. With best-in-class data access and advanced multi-disciplinary analytics, the company’s cloud-based platform helps insurance organizations make better decisions when placing insurance, underwriting cyber risk and managing cyber risk aggregation. CyberCube’s enterprise intelligence layer provides insights on millions of companies globally and includes modelling on thousands of points of technology failure.

The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company exclusively focused on the insurance industry, with access to an unparalleled ecosystem of data partners and backing from ForgePoint Capital, HSCM Bermuda, MTech Capital and individuals from Stone Point Capital.

Spotlight

America's Small Businesses Must Take Online Security More Seriously by National Cyber Security Alliance and Symantec. 55% say that the loss of internet access for 48 straight hours during a regular business week would be disruptive to their business - 38% say it would be extremely disruptive. 73% of US small businesses say that a safe and trusted internet is critical to their success. At the end of 2011, only 18% of cyber attacks were aimed at small businesses. Today, that number has risen to 36%.

Spotlight

America's Small Businesses Must Take Online Security More Seriously by National Cyber Security Alliance and Symantec. 55% say that the loss of internet access for 48 straight hours during a regular business week would be disruptive to their business - 38% say it would be extremely disruptive. 73% of US small businesses say that a safe and trusted internet is critical to their success. At the end of 2011, only 18% of cyber attacks were aimed at small businesses. Today, that number has risen to 36%.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Datadog Announces Integration with Amazon Security Lake

Datadog | November 30, 2022

Datadog, Inc., the monitoring and security platform for cloud applications, today announced a new integration with Amazon Security Lake. The integration, announced during AWS re:Invent, makes it easy for Amazon Security Lake users to send cloud security logs to Datadog in a standard format. Building data pipelines in order to aggregate and route security logs to various security analytics solutions can be a cumbersome and time-consuming process. For Amazon Security Lake customers, Datadog's integration provides an easy way to send security logs to Datadog with minimal configuration required. Once security logs are ingested into Datadog, customers can analyze and identify threats through out-of-the-box detection rules or by writing custom security rules. They can also do deeper investigations using Datadog's log management tools. "Amazon Security Lake makes it easier for teams to manage their cloud security data and analyze it with partner solutions of their choice," said Rod Wallace, General Manager for Amazon Security Lake. "Datadog's integration with Amazon Security Lake will allow customers to collect their security logs to improve their cybersecurity posture and send them to Datadog for analysis leveraging an open source schema." "Security threat detection and investigation is dependent on an effective logging strategy that ensures critical logs are being properly analyzed. However, managing dozens of log integrations from cloud-hosted accounts and entities can be cumbersome and lead to gaps in visibility. "Amazon Security Lake and Datadog are working together to provide an easy way to set up and manage important log integrations for Datadog Cloud SIEM, giving customers deep visibility into their most critical infrastructure." Pierre Betouin, SVP of Security Products at Datadog About Datadog Datadog is the monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Top-notch Compliance and Security With New Vonage Salesforce Shield Security for Contact Centers

Vonage | December 12, 2022

Contents 1. Enhanced Security with Vonage Contact Center with Salesforce 2. Salesforce Security Shield for Compliance and Security 3. Optimize Your Customer Engagement Having all your customer engagement data on a single platform is all about integrating all the communication channels the way you need them. It is important for contact centers to enhance trust, transparency, and governance for agents while they access information. It controls and improves the customer experience while meeting security requirements on a single, integrated platform. 1. Enhanced Cloud Security with Vonage Contact Center with Salesforce The Salesforce CTI integration is one of the most effective cloud-based contact center integrations, supporting a dynamic omni-channel experience. Vonage’s state-of-the-art contact center cloud-native solutions are built for flexibility, privacy, and reliability. It helps you get actionable data insights that let your conversations flow. 2. Salesforce Security Shield for Compliance and Security Salesforce integration with Vonage is the best in the market and enables features exclusively for contact centers, including optimizing team performance, contact center and customer experience. It uses full AES 256-bit encryption to protect sensitive data across all Salesforce apps. With the addition of Salesforce Shield, Vonage is ensuring that organizations worldwide can better serve their customers while meeting compliance or governance requirements – all from a single, secure platform. Sanjay Macwan, CIO & Chief Information Security Officer at Vonage 3. Optimize Your Customer Engagement Secure cloud communications via Vonage Contact Center (VCC) integration with Service Cloud Voice (SCV) assist your business in meeting the most recent cloud security compliances, regulations, and policies . Such communication not only provides a business and the customer with confidence but also ensures the entire chain of communication remains interconnected and seamless. This helps contact centers deliver a quality customer experience on time.

Read More

DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY

Veza Announces Open Authorization API to Extend Identity-First Security Across the Enterprise Data Landscape

Veza | December 02, 2022

Veza today announced that its Open Authorization API (OAA) is now public on GitHub for community collaboration, extending the reach of identity-first security across the enterprise. Developers can now create and share connectors to extend the Veza Authorization Graph to all sensitive data, wherever it lives, including cloud providers, SaaS apps, and custom-built internal apps, accelerating their company’s path to zero trust security. Security professionals espouse the principle of ‘Least Privilege’ to secure enterprise data, but the rush to a multi-cloud, multi-app environment has exploded the complexity and layers of interconnection for which access must be understood, monitored, and constantly remediated to achieve and maintain least privilege. Recent attacks on Okta and Twilio demonstrate that companies are allowing overly-broad access to data via constructs of groups, roles, policies, and system specific permissions. Veza connects the dots of effective permissions across cloud providers, SaaS apps and identity platforms, making it easy to visualize who can view or delete sensitive data. OAA allows organizations and the broader community to create their own integrations with Veza, extending visibility to any resource, including SaaS apps like GitLab and Jira as well as custom-built internal apps. “The vast majority of cybersecurity failures are rooted in issues with the gap that exists between identity, access to data, and permissions,” said Tarun Thakur, co-founder and CEO, Veza. “Since our founding, we have been committed to protecting our customers from threats like ransomware, privilege abuse, and data breaches. With Veza Open Authorization API, we are extending our identity-first security approach broadly in the market and arming organizations with the tools they need to remediate undesirable and unnecessary data access at a granular level, and meet the requirements of access governance for enterprise systems, both on-premises and in the cloud." With Veza's Open Authorization API, customers can translate and visualize authorization metadata from any SaaS app, custom and in-house applications. Users can explore identity-to-data relationships through the Authorization Graph, monitor for least privilege misconfigurations and violations, and conduct comprehensive entitlement reviews for all of their sensitive data. “We specifically chose Veza because their Open Authorization API allowed us to connect to our custom internal applications. We follow the principle of least privilege, but with so many systems to review, we valued Veza’s unique ability to give us a comprehensive view quickly. They made it faster and easier for our team to review all permissions with confidence.” -Riaz Lakhani, CISO of Barracuda Networks. As an open-source project on GitHub, Veza’s Open Authorization API allows customers and partners to learn from, and build upon, each other’s work to create a control plane that reaches all data. By bringing OAA SDK and connectors available on GitHub Community, Veza empowers customers to ingest authorization metadata previously isolated in internal systems and SaaS applications. The OAA community has already created integrations for critical SaaS apps including GitHub, GitLab, Bitbucket, Jira, Zendesk, Slack, Coupa Software, Pagerduty, and Looker. These integrations are available now to all Veza customers. “Veza solves the problem of aligning identities to data,” said Craig Rosen, Chief Security & Trust Officer at ASAPP. “Veza’s Open Authorization Platform helped us extend that visibility to all the apps and data that matter most to us, like GitHub and Jira. Now it is easy for our security professionals to understand (and remediate) who has access to our important intellectual property.” About Veza Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to visualize, remediate, and control who can and should take what action on what data. We empower customers to take an identity-first approach to secure data by addressing critical business needs of streamlining identity and access governance, implementing data lake security, managing cloud entitlements, and modernizing privileged access. Our Authorization Graph connects identities to data across enterprise systems, enabling analysis, monitoring, and certification of end-to-end access. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza to secure their enterprise data. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures.

Read More