New research shows that companies with good cybersecurity beat the market by up to 7%

prnewswire | October 06, 2020

BitSight, the Standard in Security Ratings, and Solactive, a German index engineering firm, today released new research demonstrating that a company's cybersecurity performance is an indicator of business performance.  Analysis shows that indices composed of well-performing BitSight-rated companies outperform their respective benchmarks by 1% to 2% annually.  For certain sectors, such as U.S. Technology, well-rated companies outperform the benchmark by 7% per year. The findings are an endorsement for today's introduction of the Solactive BitSight Cyber Risk Index, a financial index that will enable investors to invest in companies who are top cybersecurity performers as measured by BitSight.

Spotlight

If your organization has intellectual property, customer data, or critical systems that are valuable, your employees are being targeted with spear phishing emails. To help security leaders strategically manage their defensive posture, we have created a four-phase framework that spans relevant security layers from the start of an attack to its resolution.

Spotlight

If your organization has intellectual property, customer data, or critical systems that are valuable, your employees are being targeted with spear phishing emails. To help security leaders strategically manage their defensive posture, we have created a four-phase framework that spans relevant security layers from the start of an attack to its resolution.

Related News

ENTERPRISE SECURITY

Coalfire announces HITRUST Accelerator with AWS Security Assurances Services (AWS SAS)

Coalfire | October 19, 2021

Coalfire, a leading cybersecurity firm, announced HITRUST Accelerator, a new program that allows customers to achieve HITRUST CSF Validation up to 50% faster when compared with conventional methods. This program combines deep technical knowledge of AWS Security Assurance Services, LLC (AWS SAS) with Coalfire, a HITRUST External Assessor Organization, to streamline the entirety of the HITRUST Validation lifecycle. Organizations who attempt to prepare for HITRUST certification internally without the help of an experienced external assessor may have timelines in excess of 2 years to achieve HITRUST Certification. The HITRUST Accelerator program uses a three-step process that provides end-to-end support of an organization's preparation, remediation, and HITRUST Validation. This integrated approach enables Coalfire and AWS SAS to quickly identify compliance gaps, assist with technical remediation, simplify document creation, and expedite the Validated Assessment. By accelerating HITRUST Validation, customers will be able to offer significant assurances over their security and privacy controls, which enables them to focus on innovation and driving adoption. Coalfire and AWS SAS share an obsession in creating innovative solutions that maximize customer success," "This passion and collaboration resulted in a program that helps our mutual customers prepare, remediate, and validate against the HITRUST CSF. By taking industry leaders in cloud security and HITRUST, we aim to revolutionize the way that organizations approach and maintain compliance. This has been a long time coming and we are absolutely thrilled to be launching this program with the AWS SAS team. Jeff Rector, Global Engagement at Coalfire The customer journey is accelerated via three tailored workstreams that are designed to: Prepare the customer for HITRUST Validation by thoroughly defining the technical systems and boundary, conducting a thorough gap assessment, and developing fully customized policies and procedures designed to be HITRUST compliant. Reduce remediation efforts and time to 12 WEEKS in most instances, using automated compliance-as-code packages, 30 days of expert AWS technical guidance and security engineering services, and hands-on AWS support configuring AWS services., and to fast-track the collection of evidence ahead of the Validated Assessment to minimize burden and audit fatigue on compliance teams. Validate the environment with confidence, including end-to-end support during HITRUST QA, Corrective Action Plan creation, and report finalization. About Coalfire Leading technology infrastructure providers, SaaS companies, and enterprises – including the top-five cloud service providers and eight of the top-10 SaaS organizations – rely on Coalfire to strengthen their security posture and secure their digital transformations. As one of the largest firms dedicated to cybersecurity, Coalfire delivers a comprehensive suite of advisory and managed services, spanning cyber strategy and risk, cloud security, threat and vulnerability management, application security, privacy, and compliance management. A proven leader in cybersecurity for the past 20 years, Coalfire combines extensive cloud expertise, advanced technology, and innovative approaches that fuel success.

Read More

SOFTWARE SECURITY

Novel approaches to satisfy the demand for comprehensive cybersecurity are required

prnewswire | December 30, 2020

These days, a broad layer of cybersafety is frequently needed for business foundation or government organizations to secure delicate data and shopper information. Truth be told, the worldwide network protection market size generally speaking was esteemed at USD 156.5 Billion out of 2019 and is relied upon to extend at a build yearly development rate (CAGR) of 10.0% from 2020 to 2027, as per information by Grand View Research. At present, however, the most recent Russian hack, which is being known as the biggest demonstration of surveillance in U.S. history, is being investigated by specialists and network safety firms to decide the extent of the danger. As per a report by the Associated Press, the hack bargained government organizations and "basic framework" in a refined assault that was difficult to recognize and will be hard to fix, the Cybersecurity and Infrastructure Security Agency said in an unordinary notice message. The country's online protection organization additionally cautioned of a "grave" danger to government and private organizations. Plurilock Security Inc. , Qualys, Inc. , CyberArk Software Ltd, Absolute Software Corporation (NASDAQ: ABST), Fortinet, Inc. A few tech organizations, including Microsoft, have additionally remarked on the hack, with the innovation aggregate clarifying in a blogpost that "it's important that we venture back and evaluate the noteworthiness of these assaults in their full setting. This isn't 'undercover work not surprisingly,' even in the advanced age. All things being equal, it speaks to a demonstration of foolishness that made a genuine mechanical weakness for the United States and the world. In actuality, this isn't only an assault on explicit targets, yet on the trust and unwavering quality of the world's basic framework to propel one country's insight organization." Plurilock Security Inc. declared recently that the organization gave, "frictionless and persistent validation utilizing AI and conduct biometrics, is satisfied to give the accompanying corporate update to the final quarter of 2020. Industry Outlook Online protection is a critical component for associations with profound security needs, for example, medical care and monetary administrations organizations. Given the idea of late cyberattacks that focus on these associations, the requirement for cutting edge online protection arrangements will increment and as per Cyber Security Ventures, Global Cybersecurity spending is anticipated to surpass $1 Trillion USD from 2017-2021. In anticipation of the foreseen development in the online protection area, Plurilock has unveiled some critical advancements since going this year to address and benefit from this worldwide chance. Key Developments Public Listing On September 24th, 2020, the Company started exchanging on the TSX Venture Exchange under the ticker PLUR in the wake of finishing a passing exchange ("QT") with Libby K Industries, Inc. on September 17, 2020. Plurilock likewise finished a simultaneous financing with the QT, which saw the Company effectively raise $2.6 million. The simultaneous financing was driven by PI Financial and included Industrial Alliance Securities. Master Advisory Board and Advisors The Company amassed an Advisory Board comprising of innovation area specialists to give direction to Plurilock on arranging and executing key activities while quickening the development of the Company. Individuals from the Advisory Board incorporate Dr. Issa Traoré, Ph.D., Merv Chia and Mark Orsmond. Moreover, the Company named two veteran worldwide security pioneers, Gaétan Houle and Chris Pierce as guides to the Company. Mr. Houle has held different security influential positions in legitimate government offices, for example, the Canadian Federal Government, Department of National Defense and the previous Department of Foreign Affairs, presently known as Global Affairs Canada. Mr. Penetrate is a refined chief and expert who administered the global division of Booz Allen Hamilton Holding Corporation and drove the improvement of Booz Allen's worldwide business system. Organizations and Relationships Another item joint effort with personality and access the executives ("IAM") supplier Gluu, including the consideration of local Plurilock uphold in standard Gluu discharges going ahead. The administrations of Government Sales Specialists, LLC, a re-appropriated bureaucratic deals office, were held by the Company to develop its pipeline of government deals. Consummation of the primary achievement of a US$198,000 contract with the US Department of Homeland Security, for which the Company got US$70,000. A significant US monetary administrations firm granted a US$42,000 yearly repeating agreement to Plurilock to convey the Company's center verification arrangements. Confirmation and Compliance Program – The Company dispatched its new affirmation and consistence program in November 2020, connecting exceptionally respected robotized security and consistence firm Vanta Inc. to offer warning types of assistance in quest for System and Organization Controls 2 ("SOC2") standard consistence. Center Product Initiatives and Updates The Company occupied with and dispatched various item related things and activities, including: The dispatch of Plurilock's new versatile applications for iOS and Android, presently accessible for download on the Apple App Store and Google Play Store, individually. Arrival of another rendition of Plurilock's center ADAPT and DEFEND programming stage adding support for big business climate intermediary administrations, new forms for Mac OS, and upgraded worker unwavering quality. The dispatch of a re-designed client care and backing experience to advance issue mean-opportunity to-goal ("MTTR") and quicken customer help accessibility. 2021 Outlook - During 2021, the Company intends to keep zeroing in on various activities to drive its development methodology including: Vital M&A movement with an emphasis on beneficial associations with which the Company can strategically pitch existing high edge Plurilock items Natural deals development through set up channel accomplices and an immediate deals power Further interest in the organization's MFA validation innovation and IP portfolio Extra stage reconciliations that can grow deals Speculator mindfulness activities "2020 was an exciting year for the team at Plurilock as we completed a number of milestones, including a successful public listing on the TSXV in September," said Ian Paterson, CEO of Plurilock. "Despite the headwinds of the pandemic, we have seen an increase in enterprise customers looking to secure their infrastructure from cyber threats. Given the growth outlook of the sector, we believe in 2021 the team we have assembled will enable us to grow organically through direct sales to enterprise customers while we seek to strategically deploy resources through acquisitions." About Plurilock - Plurilock is an inventive, personality driven online protection organization that decreases or dispenses with the requirement for passwords, additional validation steps, and awkward verification gadgets. Plurilock's product use best in class social biometric, ecological, and relevant advances to give undetectable, versatile, and hazard based confirmation arrangements with the most reduced conceivable expense and multifaceted nature. Plurilock empowers associations to figure securely and with true serenity. Qualys, Inc. detailed a week ago its examination group, utilizing the Qualys Cloud Platform, has distinguished 7.54 million weaknesses identified with FireEye Red Team appraisal devices and traded off renditions of SolarWinds Orion, followed as Solorigate or SUNBURST, across its 15,700-part client base. Of the weaknesses recognized, scientists noticed that across 5.29 million special resources most are identified with the FireEye Red Team devices. These discoveries feature the extent of the potential assault surface if these apparatuses are abused. The examination group additionally recognized that 99.84% of the 7+ million weakness examples are from eight weaknesses in Microsoft programming that have patches accessible. CyberArk Software Ltd. detailed a month ago that it is working with Forescout and Phosphorus to empower associations to make sure about the expanding number of IoT gadgets and innovations coming about because of advanced business change. Clients can altogether diminish hazard utilizing the joint mix to constantly find, make sure about and oversee IoT gadgets associated with corporate organizations. CyberArk holds the most complete arrangement of restricted admittance the board related affirmations and accomplishments for the public authority area, including global Common Criteria accreditation by the National Information Association Partnership (NIAP). CyberArk is additionally remembered for the U.S. Branch of Defense Information Network Approved Products List (DoDIN APL) and the U.S. Armed force Certificate of Networthiness (CoN) under the Cybersecurity Tools (CST) gadget type (Tracking Number (TN) 1712401). The CyberArk Privileged Account Security Solution has been freely approved and granted an Evaluation Assurance Level (EAL) 2+ under the Common Criteria Recognition Agreement (CCRA). CyberArk helps government organizations meet consistence necessities including FISMA/NIST SP 800-53, Phase 2 of the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) program, NERC-CIP, HSPD-12 and that's only the tip of the iceberg. Total Software Corporation declared a month ago new capacities that furnish IT and Security groups with cutting edge bits of knowledge into programming and web utilization across their circulated endpoint gadget armadas. With supreme's new Software Inventory and Web Usage investigation, associations can boost returns on programming ventures and discover possible cost reserve funds; help guarantee representatives have the instruments they need to work beneficially and safely from anyplace; and distinguish potential security weaknesses or vulnerable sides emerging from unsanctioned, unreliable applications or web content. "With gadgets remaining generally off-network in the new universe of far off and cross breed work models, IT offices face numerous difficulties with regards to having a total image of what programming has been bought and conveyed, regardless of whether the applications being utilized are endorsed or completely refreshed, and where they may have holes in security or profitability," said Ameer Karim, EVP of Product Management at Absolute. Fortinet, Inc. declared recently new reconciliations with Amazon Web Services (AWS) to additionally furnish clients with cutting edge security across their cloud stages, applications, and organization. Fortinet's cloud security arrangements – including its virtual cutting edge firewall, FortiGate VM a

Read More

DATA SECURITY

Honeywell to Introduce Advanced Incident Response and Monitoring Service for Improving OT Cybersecurity and Operation

Honeywell | June 14, 2021

A global leader in industrial cybersecurity, Honeywell (NASDAQ: HON), has announced the introduction of the Honeywell Advanced Monitoring and Incident Response (AMIR) service. It provides rapid response for emerging and current cyber threats and 24/7 operational technology (OT) cybersecurity detection. AMIR is a easy to deploy, cost-effective, scalable cybersecurity service that is customized to help OT and IT security teams that is struggling to cope up with the emerging cyber threats that mainly target industrial operational technology networks and control systems (ICS), which happens due to budget constraints and lack of expertise. AMIR comes as part of Honeywell Forge Managed Security Services (MSS). MSS is an an end-to-end security as a service solution that helps protect control systems, operations, and OT environments. By "hunting" for various anomalous behaviors, including both emerging and known cybersecurity threats, AMIR constantly screens OT environments. It examines indicators of compromise and signals operators to possible problems before major damage can happen. Using proprietary technology, AMIR correlates, collects, prioritizes, and analyzes security proceedings and log data from numerous sources, giving a complete approach to better lessen cyber risk and maintain cybersecurity compliance. The offerings of the AMIR are already being installed at many sites globally to help companies increase their maturity of cybersecurity. AMIR is combined with the bigger Honeywell Forge Cybersecurity portfolio intended to help further support cyber defenses for functioning surroundings. About Honeywell A Fortune 100 technology company, Honeywell delivers industry specific solutions such as control technologies for buildings and industry, aerospace products and services, and performance materials globally. Technologies of Honeywell help buildings, aircraft, manufacturing plants, and supply chains.

Read More