CompTIA | August 05, 2021
Advanced cybersecurity threat analysis and intelligence capabilities are now available from the CompTIA Information Sharing and Analysis Organization (ISAO) through an expanded collaboration with global next-generation cybersecurity leader Sophos and it industry-leading and highly acclaimed threat research lab, SophosLabs.
The announcement of the new cyber capabilities was made today by CompTIA, the nonprofit association for the information technology (IT) industry and workforce.
CompTIA ISAO members can directly submit suspicious URLs and files through the ISAO's Cyber Forum to SophosLabs Intelix™ for rapid analysis to determine if they are known or zero-day cybersecurity threats. SophosLabs Intelix combines petabytes of threat intelligence derived from decades of SophosLabs threat research with Sophos AI tools and techniques, bringing a powerful new source of threat intelligence to the CompTIA ISAO and its managed services provider (MSP), vendor, distributor, and associate members.
"SophosLabs research illustrates how adversaries are constantly changing their tactics, techniques and procedures (TTPs) to breach targets, move laterally and carry out ransomware and other attacks," said Simon Reed, senior vice president, SophosLabs. "The only way to effectively fight modern cybercrime is if we do it together. That's why Sophos is committed to sharing actionable threat intelligence with the CompTIA community. This new integration gives member organizations advanced abilities to quickly investigate suspicious URLs and files to determine their risk and to understand what happens if they are opened or executed. Powered by machine learning, SophosLabs Intelix predictively convicts never-before-seen threats, and is constantly improving based on the collective input of community intelligence."
"This is a real differentiator for our members, who can access a powerful analysis resource to identify, classify and prevent threats, further protecting themselves and more importantly, their customers," said MJ Shoer, senior vice president and executive director of the CompTIA ISAO.
The new integration expands Sophos' support of the CompTIA ISAO. As a Silver Industry Partner, Sophos has been contributing detailed threat analysis from SophosLabs Uncut to the CompTIA ISAO.
"This is a significant addition to the resources available to our members," Shoer added. "It is the latest example of the support that industry partners such as Sophos have for the CompTIA ISAO, and the commitment we all have to make the industry more secure."
The CompTIA ISAO is a community of nearly 1,200 member companies that share best practices, cyber threat intelligence, educational content and more to help address ever-evolving cyber threats. Working closely with public and private cybersecurity agencies and organizations, the CompTIA ISAO is helping its members understand the threat landscape, defend against current and future attacks and raise cybersecurity awareness throughout the global tech industry.
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world's economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce.
Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today's most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K.
RedMonocle | April 29, 2021
RedMonocle, a leader in SaaS-based cybersecurity risk quantification software, today announced new features to its platform aimed at helping chief information security officers (CISOs) and other security leaders anticipate threats in their Technology Security Stack by helping them find, fund, and fix cybersecurity risk blind spots that leave organizations vulnerable for a breach through their Tech Stack.
The acceleration of digital transformation last year brought security into the spotlight as companies scrambled to shift their entire organization to remote operations practically overnight. According to the FBI Internet Crime Complaint Center, cybercrime is up 300% in the last 12 months. As a result, cyber risk blind spots, or unknown areas outside of a company’s field of vision, and other security gaps were created. One out of five cybersecurity leaders surveyed by RedMonocle named blind spots as the No. 1 risk keeping them up at night, followed closely by data loss protection and leadership commitment.
“CISOs are feeling extra pressure this year to minimize security risks across the ever-growing Security Stack while maintaining compliance to security standards and fending off daily threats from well-funded attackers,” said Sean McDermott, CEO, and co-founder of RedMonocle. “Every day Security Leaders are playing a highly complex game of chess knowing there are parts of the board they can’t even see. CISOs know they have blind spots hidden in their Security Stack. Now, they want to know what to do next and we want to help them get there.”
New features to the RedMonocle platform include the Security Stack Assessment and Always-On Risk Intelligence. Their newly released Security Stack Assessment helps CISOs and cybersecurity leaders find cyber risk blind spots by checking for gaps and overlaps in the current system that could risk compliance, increase costs and leave company and consumer data exposed to malicious activity. This assessment simplifies the way CISOs compare the security of their stack with their selected security standards. Their Always-On Risk Intelligence helps CISOs find blind spots before they become a problem and highlights how to fix them. This update also compares Stack to Standard and continuously tracks gaps in compliance to NIST-800-53 for companies to always be prepared for audits.
RedMonocle Inc. is a SaaS-based risk intelligence software designed to help CISOs and cybersecurity leaders find, fund, and fix their cybersecurity risk blind spots. Founded by Sean McDermott and Chris Schroeder, RedMonocle has spent the past 25 years working with Fortune 500 companies to evaluate, install, customize and optimize the IT Tech Stack.
prnewswire | October 27, 2020
Netwrix, a cybersecurity merchant that makes information security simple, today declared monetary market discoveries from its 2020 Netwrix Cyber Threats Report. Netwrix directed this online overview in June 2020 to see how the pandemic and following work-from-home activities changed the IT hazard scene.
Of the apparent multitude of verticals the online study investigated, the money related industry displayed the most extraordinary changes in cybersecurity needs. Worry about VPN misuse soar, with an astounding 94% of respondents naming it a top security hazard. Stress over gracefully chain bargain additionally took off, from half to 97%. The quantity of associations organizing intentional information burglary dramatically increased, from 30% pre-pandemic to 70% now, while worry about incidental information sharing dropped from 80% to half.
Notwithstanding this expanded worry about vindictive action, the most generally detailed occurrences included human blunders: 48% of respondents had clients succumb to phishing assaults in the initial hardly any months of the pandemic, 31% endured ill-advised information sharing, and 28% experienced episodes brought about by administrator botches.
Different discoveries of the overview include:
30% of monetary associations feel they are at more prominent cybersecurity hazard now than they were pre-pandemic. The lion's share (64%) are worried about both more regular cyberattacks and the security holes brought about by far off work.
14% of respondents announced a flexibly chain bargain since the pandemic started. Despite the fact that this function is viewed as a basic danger by practically all monetary associations now, the casualties were especially delayed in distinguishing it: 76% required days, weeks or months.
Uncertain information sharing took the longest to recognize: 51% expected days to hail the episode, while 19% required weeks and 11% required months.
"In the money related area, worry about pernicious admittance to touchy information soar in the initial hardly any months of the pandemic, more so than in some other vertical. Notwithstanding, most of occurrences at budgetary associations during that period were really brought about by the human component. To limit both malevolent and unintentional information misfortune, this industry should notice cybersecurity specialists, who suggest consolidating normal end-client preparing with adaptable arrangements that can proactively distinguish and secure touchy information and spot assaults before they become breaks," said Ilia Sotnikov, VP of Product Management at Netwrix.
Netwrix makes information security simple, in this way disentangling how experts can control delicate, controlled and business-basic information, paying little heed to where it lives. In excess of 10,000 associations overall depend on Netwrix answers for secure delicate information, understand the full business estimation of big business content, pass consistence reviews with less exertion and cost, and increment its efficiency groups and information laborers.
Established in 2006, Netwrix has acquired in excess of 150 industry grants and been named to both the Inc. 5000 and Deloitte Technology Fast 500 arrangements of the quickest developing organizations in the U.S.