Securing the Future: MCPc launches New Cybersecurity as a platform for service subscriptions

prnewswire | September 14, 2020

MCPc, a leading data protection and security risk management firm has launched Cybersecurity as a Service (CYBaaS), a unique, tailored security service to help companies clearly understand and identify their security vulnerabilities and protect their business from cyber risk."The threat landscape is very real and on the rise, significantly increasing the probability of a cyber incident taking place - particularly now with a distributed workforce," says MCPc's Chief Information Security Officer Ronnie Munn. "Having a clear and thoroughly-outlined Incident Response program and plan helps organizations dramatically reduce their chances of an attack and helps them 'keep their calm' in moments of crisis."

Spotlight

"As a leading provider of financial services to agribusinesses, Rabobank Australia and New Zealand has many rural customers. Internet banking is an important service for customers that are located far from bank branches.

To address customer concerns while mitigating the potential risks, the bank needed ways to protect those online banking transactions.

Read this case study to learn about safe and secure transactions that will increase customer confidence."

Spotlight

"As a leading provider of financial services to agribusinesses, Rabobank Australia and New Zealand has many rural customers. Internet banking is an important service for customers that are located far from bank branches.

To address customer concerns while mitigating the potential risks, the bank needed ways to protect those online banking transactions.

Read this case study to learn about safe and secure transactions that will increase customer confidence."

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

BeyondTrust and NCS Partner to Strengthen Cybersecurity Posture for APAC Organisations

BeyondTrust | September 19, 2022

BeyondTrust, the leader in intelligent identity and access security, announced today a new strategic partnership with NCS Group, a leading technology services firm that provides services and solutions in consulting, digital, technology, cybersecurity and more. A strong player in identity security, NCS will be using the technology provided by BeyondTrust to offer companies best practice solutions in Privileged Access Management (PAM), a core component of enabling Zero Trust security. Organisations today are evolving as a result of digital transformation, an accelerating shift to cloud, and an expanded remote workforce. However, these changes are also creating an increase in vulnerable endpoints and remote access, as well as a large number of digital identities that pose a significant cybersecurity risk if left unmanaged and unsecured. According to Gartner, unauthorised privileged access is now the primary method that threat attackers use to infiltrate an organisation's systems and network. "From the rise of ransomware to an increased focus on digital transformation and Zero Trust strategies, it is a critical time for organisations to be equipped with solutions that can secure identities, safeguard access for remote employees, and strengthen endpoint security across hybrid environments. "Through this partnership, BeyondTrust and NCS will enable organisations in Asia Pacific with our Privileged Access Management (PAM) solutions to address these cybersecurity challenges." Ben Wong, Director of Channel and Alliance for Asia Pacific & Japan at BeyondTrust "When organisations think of access management, they may only think of traditional password management – and that should not be the case. There is an urgent need for organisations to implement more advanced endpoint security and access management solutions and many are still playing catch up in this area," said Mr. Wong. "This partnership with NCS enables us to provide tailored PAM solutions to customers across a wide range of industries from government to the commercial sectors. Combining the skills and experience of NCS with BeyondTrust's leading portfolio of PAM solutions will help their customers defend against the evolving threat landscape." BeyondTrust is a leader in the 2022 Gartner Magic Quadrant for PAM for the fourth year running, with a comprehensive PAM portfolio that enables identity and access security that is monitored, managed, secured, and just-in-time, and includes these solutions:: Privileged Password Management Secure Remote Access Endpoint Privilege Management Cloud Security Management About NCS Group NCS, a subsidiary of Singtel Group, is a leading technology services firm with presence in Asia Pacific and partners with governments and enterprises to advance communities through technology. Combining the experience and expertise of its 10,000-strong team across 55 specialisations, NCS provides differentiated and end-to-end technology services to clients with its NEXT capabilities in digital, cloud and platforms, as well as core offerings in application, infrastructure, engineering and cybersecurity. NCS also believes in building a strong partner ecosystem with leading technology players, research institutions and start-ups to support open innovation and co-creation. For more information, visit ncs.co. About BeyondTrust BeyondTrust is the worldwide leader in intelligent identity and access security, empowering organisations to protect identities, stop threats, and deliver dynamic access to empower and secure a work-from-anywhere world. Our integrated products and platform offer the industry's most advanced privileged access management (PAM) solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

ISG Partners With cyberconIQ on Human Side of Cybersecurity

ISG | September 20, 2022

Information Services Group, a leading global technology research and advisory firm, said today it is has formed a partnership with cyberconIQ, a cybersecurity platform and advisory company, to address the human side of cybersecurity. Under the new partnership, ISG Cybersecurity will be able to offer its clients the capabilities of cyberconIQ’s Human Defense Platform, a SaaS-based solution that helps mitigate the human factors that create cyber risk, while cyberconIQ will be able to offer its customers access to the full range of ISG Cybersecurity services. “People are one of the biggest risks to enterprise cybersecurity,” said Doug Saylors, partner and co-leader of ISG Cybersecurity. “Some 85 percent of breaches today involve human error, with breaches caused by phishing attempts up 25 percent in the last year alone. To combat this problem, enterprises need to strengthen their cybersecurity culture and help people become their own—and their employers’—best protection against cyber threats.” Saylors said the partnership with cyberconIQ will enable ISG Cybersecurity to offer its clients a platform-based approach to identify individual risk styles among employees, increase overall security awareness, and actively monitor, measure, model and manage people-related cyber risk. “The solution set of cyberconIQ is a welcome addition to ISG Cybersecurity’s market-leading portfolio of advisory, benchmarking, sourcing, organizational change management and third-party risk management capabilities,” Saylors said. CyberconIQ’s Human Defense Platform is proven to reduce people-related cyber risk by up to 95 percent, said the company’s CEO and Founder Dr. James Norrie. “We are able to substantially reduce cyber risk by leveraging our CYBERology™ approach – the intersection of cybersecurity and psychology,” said Norrie. “We embed behavioral science methods targeting changes in on-the-job behavior into all of our cybersecurity solutions.” The cyberconIQ offering includes the patented myQ Risk-Style Questionnaire, unIQue Security Awareness Education modules, cybermetrIQs Cyber Risk Dashboard, phishFixIQ Phishing Simulation and Remediation solution, and leaderIQ adaptive learning approach to creating a risk-aware and compliant culture. “We are excited to be working with ISG and its blue-chip client roster to bring the benefits of our human-centered approach to cybersecurity to more organizations,” Norrie said. “Working together, our combination of technology and people-based approaches will help companies significantly improve their cyber defenses and risk awareness.” ISG Cybersecurity is a unit of ISG that helps enterprise clients increase their cybersecurity maturity in line with their overall digital transformations. The unit helps clients assess and benchmark their cybersecurity programs, develop a cybersecurity strategy, design and implement their cybersecurity operating model, design overall solutions and select appropriate vendors, manage third-party risk and create and execute cybersecurity awareness and training programs. About cyberconIQ Headquartered in York, Penn., cyberconIQ was founded with the knowledge that technical approaches to cybersecurity alone do not address the prevalent issues we face today. With years of research and development with financial industry leaders, Dr. James Norrie discovered that our foundational CYBERology™ approach – the intersection of cybersecurity and psychology – would improve security outcomes and would advance the risk and compliance culture within organizations world-wide. With proven results that are 8 - 10x more effective than generic training alternatives, cyberconIQ's platform measurably reduces the risk of a human-factors cybersecurity breach or data leak. About ISG ISG is a leading global technology research and advisory firm. A trusted business partner to more than 800 clients, including more than 75 of the world’s top 100 enterprises, ISG is committed to helping corporations, public sector organizations, and service and technology providers achieve operational excellence and faster growth. The firm specializes in digital transformation services, including automation, cloud and data analytics; sourcing advisory; managed governance and risk services; network carrier services; strategy and operations design; change management; market intelligence and technology research and analysis. Founded in 2006, and based in Stamford, Conn., ISG employs more than 1,300 digital-ready professionals operating in more than 20 countries—a global team known for its innovative thinking, market influence, deep industry and technology expertise, and world-class research and analytical capabilities based on the industry’s most comprehensive marketplace data.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Traceable AI Announces API Security Testing

Traceable AI | September 02, 2022

Traceable AI, the industry's leading API security and observability company, today announced the general availability of its API Security Testing (xAST) solution in its API Security Platform. This comprehensive and seamless testing ability enables any API in pre-production to be tested for vulnerabilities, accuracy, reliability, and overall security — ensuring organizations are aligned with the highest API security standards before releasing APIs into production.This announcement reinforces Traceable's commitment to helping organizations ensure the highest level of API security throughout the entire software development lifecycle (SDLC). Traceable's API Security Testing offering is built to make the testing of APIs fast, easy, and a seamless experience for both development and security teams. It supports organizations' shift left initiatives, including providing remediation insights from runtime back to development, so developers can further harden their APIs. It is API focused providing complete vulnerability analysis that leverages functional testing, as well as API DNA and user attribution for improved detection and coverage. It offers extensive coverage for the OWASP API top 10, top CVEs (such as Java, Go, Node JS, AuthN, AuthZ, and many more), business logic vulnerabilities, and sensitive data exposure. Uniform API testing is based on dynamic payloads for standard tests, and dynamic Traceable payloads for business logic vulnerabilities such as BOLA – all with virtually zero false positives. Its DevSecOps focus enables companies to identify API security gaps between prod and pre-prod, perform fast scans for actionable results in CI/CD pipelines, scan at a granularity from every pull request with API spec changes, and utilize integrations with application security tools, including SCA, SAST, DAST and IAST. "Because of our comprehensive approach to API security, the testing component was the logical evolution. It is key to enable development teams to identify security weaknesses and vulnerabilities in the build itself, in addition to the capability of providing runtime insights back to development teams, so they can further harden their APIs. "It's an important step to enable teams to seamlessly fit API security testing into their development cycles. It is based on a simple logic: prevent breaches by eliminating the flaws at the very beginning." CTO of Traceable AI, Sanjay Nagaraj Traceable's API security testing is built to both reduce the risk of vulnerable APIs early in the SDLC, and enable development teams to move fast. Additional benefits include: Eliminating the Risk of Vulnerable APIs: Find and fix API vulnerabilities early in the SDLC. Cost Reduction: Reduce costs associated with finding vulnerabilities in APIs in production. Rapid Scans that Maintain the Speed of Innovation: With Traceable, development teams can perform fast scans with virtually no change in dev-release cadences – eliminating friction for both dev and security teams. Comprehensive Reporting: Traceable produces a "scan summary" report of vulnerabilities found while testing the APIs. This includes the OWASP API top 10 vulnerabilities, language and library vulnerabilities like Log4shell, misconfigurations, data exposure, and broken authentication/authorization. The information, including CVSS/CWE scores for overall risk assessment and recommendations for remediation is provided to development and security teams, so they can correct the security issues in APIs before those APIs are pushed to production. Operational Effectiveness: Traceable's API security testing is easy to deploy and reduces complexity, with numerous CI/CD and appsec tooling integrations that allow for operational effectiveness. It also enables targeted API security testing which takes actual payloads from real time traffic into account for a concise set of actionable findings. Extensive and Effortless Integrations: Traceable allows for numerous integrations with CI/CD pipelines, notifications, ticketing and application security testing solutions. "Whether an API is in the development cycle or is in production, being accessed by thousands of users, Traceable's API Security Platform protects companies' most vulnerable attack vector from threats at every juncture" added Nagaraj. About Traceable AI Traceable is the industry's leading API security platform that identifies APIs, evaluates API risk posture, stops API attacks, and provides deep analytics for threat hunting and forensic research. With visual depictions of API paths at the core of its technology, its platform applies the power of distributed tracing and machine learning models for API security across the entire development lifecycle. Visual depictions provide insight into user and API behaviors to understand anomalies and block API attacks, enabling organizations to be more secure and resilient.

Read More