Sara Andrews, Chief Information Security Officer of PepsiCo Appointed to FireEye board of directors

FireEye, Inc. | August 11, 2020

FireEye, Inc., the intelligence-led security company, today announced that Sara Andrews has been appointed to the FireEye board of directors. Andrews currently serves as Senior Vice President and Chief Information Security Officer (CISO) at PepsiCo.

Andrews brings more than two decades of front line experience defending some of the world’s largest organizations. As PepsiCo’s CISO, Andrews is responsible for developing and implementing the risk-based information security strategy for PepsiCo. In this role, she serves as PepsiCo’s top information security executive, responsible for safeguarding networks and data across the food and beverage powerhouse, including all its business units and brands globally.

Spotlight

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Spotlight

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Related News

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Aqua Security Launches Industry First Real-Time CSPM

Globenewswire | May 17, 2023

Aqua Security, the pioneer in cloud native security, today announced the launch of Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, offering the best visibility and context in the industry. Real-Time CSPM provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and dramatically reduces noise so security practitioners can rapidly identify, prioritize, and remediate the most important cloud security risks, saving time and money. “Customers have told us that they are bogged down by too much noise from current CSPM offerings,” said Amir Jerbi, CTO and co-founder, Aqua Security. “They receive too many findings yet lack complete visibility and therefore the ability to properly prioritize. Simply put, they fix the wrong things and end up compromised. This is where Aqua comes in. We are introducing Real-Time CSPM so security practitioners can pinpoint the most significant cloud risks and remediate them quickly.” With Real-Time CSPM, teams have a complete view of cloud security risk and surface the most critical findings. This includes the ability to match correlated findings across multi-cloud environments, deduplicate findings and focus on identifying real cloud risks with smarter insights. Instead of wasting time on issues with low effective risk, customers can focus on what truly matters most and provide the context needed for resource owners to remediate quickly and secure their cloud applications. “One of the world’s largest telcos turned to Aqua to provide better visibility and context. They went from 120M risk findings to 50k and they saw a reduction in their attack surface by 99% in just months. If everything is a priority, then nothing is – that’s why they chose Aqua,” said Jerbi. Detailed context also allows teams to connect issues found in their cloud to their respective code repositories. With better prioritization and the ability to identify risk ownership, Real-Time CSPM then allows for rapid remediation of those most critical issues. Security professionals can focus their limited resources to manage, investigate and respond faster. Identify Attacks That Agentless Solutions Cannot See Point-in-time scanning opens the door for increased attacks. According to the IDC report, “The State of Cybersecurity Maturity in Vulnerability Management Among U.S. Organizations,” 74% of organizations scan less than 85% of their IT assets when they do scan, leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them. By then it is too late. Aqua Real-Time CSPM eliminates that risk and delivers real-time visibility and risk prioritization in a single, unified platform for faster, more effective risk management. Unlike point-in-time scanning solutions, Aqua Real-Time CSPM provides a deeper layer of visibility for better context, leading to the ability to prioritize the most critical cloud security risks. “Other CSPM solutions give you a false sense of security. Whether you scan daily or monthly, you’re only seeing a portion of the risks with a point-in-time scan. And that’s not true security,” said Jerbi. Further data from Aqua Nautilus, Aqua’s cloud security research team, supports the need for real-time scanning. Nautilus uses an extensive honeypot network to detect and analyze over 80,000 attacks a month. Of those attacks, one in three do not leave a footprint and would be missed by point-in-time scanning solutions. Similarly, zero-day attacks are missed, whilst other standard operating procedures like ephemeral containers and transient attacks raise that number to 50%. Real-Time CSPM is part of the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP). The Aqua Platform is composed of a fully integrated set of security and compliance capabilities to discover, prioritize, and eliminate risk in minutes across the full software development life cycle. Aqua improves operational efficiency by connecting cloud to code and tracing runtime risks to the code and developer who can fix them. By connecting CSPM to runtime, it shields risks that cannot be immediately addressed with a code fix. For more information on Aqua’s Real-Time CSPM, visit the blog. About Aqua Security Aqua Security stops cloud native attacks and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Lookout Announces Acquisition of its Consumer Mobile Security Business Segment

Businesswire | April 27, 2023

Lookout, Inc., the endpoint-to-cloud security company, today announced it has entered into an agreement to sell its consumer mobile security business to F-Secure, a global provider of consumer security products and services. This complementary acquisition expands F-Secure’s market leadership in the communication service provider channel and accelerates its vision of becoming the No. 1 security experience company. With this transaction, Lookout’s core business will now evolve into a pure-play enterprise company. “In today's complex cybersecurity landscape, consumers want consolidated solutions that secure every aspect of their digital lives in a seamless experience,” said Jim Dolce, Lookout CEO. “Early discussions with F-Secure led both parties to the realization that we’d be better together. The combination creates a holistic, integrated consumer experience while building on a shared partner-centric go-to-market model. The impact on customers is a genuine example of when one plus one equals three.” With this partial divestiture, Lookout’s core enterprise business will continue to expand and diversify to address the most pressing security challenges facing IT and security leaders today. The core business includes Lookout’s Mobile Endpoint Security (MES) and its Security Services Edge (SSE) cloud-native solution, the Lookout Cloud Security Platform. Lookout plans to redirect the transaction proceeds back into the business and invest in expanding its enterprise products and customer base with a clear focus and vision. “Our success in the highly competitive enterprise market has compelled us to focus our product and go-to-market efforts to gain advantage,” continued Dolce. “By doubling down on the enterprise market, we’ll be better positioned to capitalize on its projected hypergrowth, fueled by an increase in remote and hybrid work, a shift to cloud-based delivery models and the transition to zero-trust architectures.” Lookout entered the fast-growing cloud security market through its acquisition of CipherCloud in March 2021, and that business continues to grow and expand. Its Cloud Security Platform was recently scored among the highest three vendors in the 2023 Gartner Critical Capabilities for Security Service Edge (SSE)1 report in each of the four use cases. The Gartner Critical Capabilities for SSE – an essential companion to the Gartner Magic Quadrant™ for SSE2 in which Lookout was named a Visionary for the second year in a row – is a comparative analysis that scores products or services against a set of critical differentiators that every business needs, as identified by Gartner. The divestiture of Lookout’s consumer mobile security business segment is expected to close by the end of June, 2023. About Lookout Lookout, Inc. is the endpoint-to-cloud security company purpose-built for the intersection of enterprise and personal data. We safeguard data across devices, apps, networks and clouds through our unified, cloud-native security platform — a solution that's as fluid and flexible as the modern digital world. By giving organizations and individuals greater control over their data, we enable them to unleash its value and thrive. Lookout is trusted by enterprises of all sizes, government agencies and millions of consumers to protect sensitive data, enabling them to live, work and connect — freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter. © 2023 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design®, and SIGNAL FLARE® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, SCREAM, the 4 Bar Shield Design, and the Lookout multi-color/multi-shaded Wingspan design.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Centripetal Expands Internationally with the Launch of its European Cyber Intelligence Centre of Excellence

Businesswire | May 29, 2023

Centripetal, the global leader in intelligence powered cybersecurity, today announced that it has opened its Galway based European Cyber Intelligence Centre of Excellence to address cybersecurity opportunities in the UK, Ireland and across Europe. Additionally, the company is enabling cloud-based deployments of its CleanINTERNET® solution for total enterprise protection. Centripetal is headquartered in the US and has plans to create 50 jobs in Galway. The project is supported by the Government of Ireland through IDA Ireland. According to the International Trade Administration, the cybersecurity market in Ireland is thriving, valued at €280 million. However, with economic crime and fraud on the rise in recent years, cybercrime is extremely disruptive in how it impacts the business community. Grant Thornton Ireland reports that the cost of cybercrime in Ireland exceeded €9.6 billion in 2020. With the opening of Centripetal’s European Cyber Intelligence Centre of Excellence, the company will bring its innovative, patented technologies to the European market to protect organizations from every known cyberthreat. Centripetal’s European Cyber Intelligence Centre of Excellence will serve as the central hub where new and existing customers can work with Centripetal to gain insight on the current European and global threat landscape and how they might be affected. Customers will have access to Centripetal’s global cyber intelligence operations analyst team, who continuously analyze emerging threats, highlighting critical risks and applying global threat intelligence. “Today’s jobs announcement is yet another vote of confidence in Galway, in our available skilled workforce and in our city and county as a great place to work and live. Galway was home to a number of significant investment announcements last year including Fidelity Investment, Genesys, SAP and Diligent, so Centripetal are certainly in good company,” said Minister Hildegarde Naughton TD. “Congratulations again to the entire team at Centripetal and thank you for choosing not only Galway but the people of Galway.” ‘’The news that Centripetal is to open a European Cyber Intelligence Centre of Excellence in Galway is great news for the West Region and this investment will support the development of the wider technology ecosystem in Ireland for cyber,” said Anne-Marie Tierney Le-Roux, Head of Department Enterprise Technology at IDA Ireland. “The creation of 50 jobs is a vote of confidence in the talent and skill set that our regional locations in Ireland have to offer. I would like to wish Centripetal every success as they scale operations.’’ To give customers the ability to access intelligence powered cybersecurity everywhere, Centripetal’s CleanINTERNET® CLOUD is now available for deployment. The CleanINTERNET® service is a revolutionary approach to defending a company’s assets from cyber threats by leveraging dynamic threat intelligence on a mass scale. The solution can be deployed to protect assets running in cloud environments, providing unparalleled cyber defense and removing the need for more costly cybersecurity infrastructure. The addition of AWS cloud support extends CleanINTERNET® to protect all enterprise assets whether on premises, remote or in the cloud. Centripetal will additionally provide CleanINTERNET® on Azure and Google Cloud Platform in late 2023. “Centripetal is the only cybersecurity vendor that delivers intelligence powered protection that neutralizes every known cyberattack at the network level while simultaneously driving down the cost of security operations,” said Jonathan Rogers, Chief Operating Officer for Centripetal. “Our innovative technology is an industry first and we’re thrilled to be partnering with the IDA to bring our solution to Ireland and the UK to not only provide unparalleled protection for our customers but also valuable employment opportunities for the country.” Centripetal uses threat intelligence to shield organizations from 99% of known cyberthreats globally with CleanINTERNET®. This uniquely managed cyber defense service provides greater effectiveness, lower costs, and enhanced security expertise to defend networks from attacks. Centripetal goes beyond traditional threat intelligence methods and pushes the industry forward by operationalizing the world's largest collection of threat intelligence: With over 250 Threat Intelligence providers, CleanINTERNET® applies over 100 billion indicators of compromise from real-time intelligence feeds, updated every 15 minutes, to protect its customers' networks. Centripetal defends customers networks by providing the fastest packet filtering technology on the planet, applying millions of threat intelligence based rules to incoming and outgoing datastreams with zero latency. Centripetal’s elite team of highly trained intelligence operations analysts acts as an extension of its customer’s internal cybersecurity team, who monitor and analyze emerging threats. This mitigates the skills gap and reduces the burden on overworked IT resources. For more information on Centripetal’s offering and its latest global European expansion, visit www.centripetal.ai/centripetal-ireland/ ABOUT CENTRIPETAL Centripetal, a global leader in intelligence powered cybersecurity, is operationalizing the world’s largest collection of threat intelligence, in real-time, to protect organizations from every known cyberthreat through its innovative patented technologies. Through its CleanINTERNET® service, Centripetal delivers a highly effective solution leveraging the latest computing technology and skilled intelligence operators at a significantly lower cost. We are experts in intelligence, with a team comprised of cryptologists, and security analysts from the U.S. Intelligence & Defense community who have protected the most sensitive assets in the world. Centripetal is based in Reston, VA with offices in Portsmouth, NH and Galway, Ireland. For more information, visit www.centripetal.ai.

Read More