Securing the Future: MCPc launches New Cybersecurity as a platform for service subscriptions

prnewswire | September 14, 2020

MCPc, a leading data protection and security risk management firm has launched Cybersecurity as a Service (CYBaaS), a unique, tailored security service to help companies clearly understand and identify their security vulnerabilities and protect their business from cyber risk."The threat landscape is very real and on the rise, significantly increasing the probability of a cyber incident taking place - particularly now with a distributed workforce," says MCPc's Chief Information Security Officer Ronnie Munn. "Having a clear and thoroughly-outlined Incident Response program and plan helps organizations dramatically reduce their chances of an attack and helps them 'keep their calm' in moments of crisis."

Spotlight

We are in an age where cyber-protection is equally important as having a breakfast—you can skip it, but that would most likely harm you only. Based on a research conducted by Ipsos, HM Government, and the University of Portsmouth, here is a look at some of the findings from the research. 69% of businesses agree to cyber security being a high priority for managers. But only 51% of businesses have taken any action, only 29% have formal, written cyber security policies.

Spotlight

We are in an age where cyber-protection is equally important as having a breakfast—you can skip it, but that would most likely harm you only. Based on a research conducted by Ipsos, HM Government, and the University of Portsmouth, here is a look at some of the findings from the research. 69% of businesses agree to cyber security being a high priority for managers. But only 51% of businesses have taken any action, only 29% have formal, written cyber security policies.

Related News

DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY

Veza Announces Open Authorization API to Extend Identity-First Security Across the Enterprise Data Landscape

Veza | December 02, 2022

Veza today announced that its Open Authorization API (OAA) is now public on GitHub for community collaboration, extending the reach of identity-first security across the enterprise. Developers can now create and share connectors to extend the Veza Authorization Graph to all sensitive data, wherever it lives, including cloud providers, SaaS apps, and custom-built internal apps, accelerating their company’s path to zero trust security. Security professionals espouse the principle of ‘Least Privilege’ to secure enterprise data, but the rush to a multi-cloud, multi-app environment has exploded the complexity and layers of interconnection for which access must be understood, monitored, and constantly remediated to achieve and maintain least privilege. Recent attacks on Okta and Twilio demonstrate that companies are allowing overly-broad access to data via constructs of groups, roles, policies, and system specific permissions. Veza connects the dots of effective permissions across cloud providers, SaaS apps and identity platforms, making it easy to visualize who can view or delete sensitive data. OAA allows organizations and the broader community to create their own integrations with Veza, extending visibility to any resource, including SaaS apps like GitLab and Jira as well as custom-built internal apps. “The vast majority of cybersecurity failures are rooted in issues with the gap that exists between identity, access to data, and permissions,” said Tarun Thakur, co-founder and CEO, Veza. “Since our founding, we have been committed to protecting our customers from threats like ransomware, privilege abuse, and data breaches. With Veza Open Authorization API, we are extending our identity-first security approach broadly in the market and arming organizations with the tools they need to remediate undesirable and unnecessary data access at a granular level, and meet the requirements of access governance for enterprise systems, both on-premises and in the cloud." With Veza's Open Authorization API, customers can translate and visualize authorization metadata from any SaaS app, custom and in-house applications. Users can explore identity-to-data relationships through the Authorization Graph, monitor for least privilege misconfigurations and violations, and conduct comprehensive entitlement reviews for all of their sensitive data. “We specifically chose Veza because their Open Authorization API allowed us to connect to our custom internal applications. We follow the principle of least privilege, but with so many systems to review, we valued Veza’s unique ability to give us a comprehensive view quickly. They made it faster and easier for our team to review all permissions with confidence.” -Riaz Lakhani, CISO of Barracuda Networks. As an open-source project on GitHub, Veza’s Open Authorization API allows customers and partners to learn from, and build upon, each other’s work to create a control plane that reaches all data. By bringing OAA SDK and connectors available on GitHub Community, Veza empowers customers to ingest authorization metadata previously isolated in internal systems and SaaS applications. The OAA community has already created integrations for critical SaaS apps including GitHub, GitLab, Bitbucket, Jira, Zendesk, Slack, Coupa Software, Pagerduty, and Looker. These integrations are available now to all Veza customers. “Veza solves the problem of aligning identities to data,” said Craig Rosen, Chief Security & Trust Officer at ASAPP. “Veza’s Open Authorization Platform helped us extend that visibility to all the apps and data that matter most to us, like GitHub and Jira. Now it is easy for our security professionals to understand (and remediate) who has access to our important intellectual property.” About Veza Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to visualize, remediate, and control who can and should take what action on what data. We empower customers to take an identity-first approach to secure data by addressing critical business needs of streamlining identity and access governance, implementing data lake security, managing cloud entitlements, and modernizing privileged access. Our Authorization Graph connects identities to data across enterprise systems, enabling analysis, monitoring, and certification of end-to-end access. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza to secure their enterprise data. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures.

Read More

PLATFORM SECURITY

Picus Security brings automated security validation to businesses of all sizes

Picus Security | November 10, 2022

Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced the availability of its next-generation security validation technology. The new Picus Complete Security Validation Platform levels up the company's attack simulation capabilities to remove barriers of entry for security teams. It enables any size organization to automatically validate the performance of security controls, discover high-risk attack paths to critical assets and optimize SOC effectiveness. "Picus helped create the attack simulation market, and now we're taking it to the next level, By pushing the boundaries of automated security validation and making it simpler to perform, our new platform enables organizations even without large in-house security teams to identify and address security gaps continuously." -H. Alper Memis, Picus Security CEO and Co-Founder The all-new-and-improved Picus platform extends Picus's capabilities beyond security control validation to provide a more holistic view of security risks inside and outside corporate networks. It consists of three individually licensable products: Security Control Validation - simulates ransomware and other real-world cyber threats to help measure and optimize the effectiveness of security controls to prevent and detect attacks. Attack Path Validation - assesses an organization's security posture from an 'assume breach' perspective by performing lateral movement and other evasive actions to identify high-risk attack paths to critical systems and users. Detection Rule Validation - analyzes the health and performance of SIEM detection rules to ensure that SOC teams are reliably alerted to threats and can eliminate false positives. A global cybersecurity workforce gap of 3.4 million professionals∗ means automated security validation is now essential to reduce manual workloads and help security teams respond to threats sooner. Recently, the US's Cybersecurity and Infrastructure Security Agency (CISA) and UK's National Cyber Security Centre (NCSC) published a joint advisory recommending organizations test their defenses continually and at scale against the latest techniques used by attackers. Insights from point-in-time testing are quickly outdated and do not give security teams a complete view of their security posture, With the Picus platform, security teams benefit from actionable insights to optimize security effectiveness whenever new threats arise, not once a quarter. With our new capabilities, these insights are now deeper and cover even more aspects of organizations' controls and critical infrastructure,said Volkan Erturk, Picus Security CTO and Co-Founder. About Picus Security Picus Security is the pioneer of Breach and Attack Simulation (BAS). The Picus Complete Security Validation Platform is trusted by leading organizations worldwide to continuously validate security effectiveness and deliver actionable insights to strengthen resilience 24/7. Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners. Picus has been named a 'Cool Vendor' by Gartner and is cited by Frost & Sullivan as one of the most innovative players in the BAS market.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,PLATFORM SECURITY

Wipro Launches Cybersecurity Consulting Offering in Europe

Wipro | November 28, 2022

Wipro Limited, a leading technology services and consulting company, today announced that it is launching a strategic cybersecurity consulting offering in Europe. The announcement comes on the heels of a series of acquisitions in the consulting space—Edgile, Capco, and Ampion—and is part of the firm’s vision to build a global cybersecurity consulting offering to help clients stay ahead of a dynamic threat and regulatory environment. “Escalation of cyber threats, compounded by the rapidly changing regulatory environment, is creating brand new challenges for businesses across Europe. "Our extensive experience in cybersecurity, global network of cybersecurists, combined with our expanded consulting capabilities, will help clients stay ahead of emerging threats and adapt to a changing regulatory environment with speed and agility. We are thrilled to be bringing this offering to clients in this market at this critical juncture.” Tony Buffomante, Senior Vice President & Global Head of Cybersecurity and Risk Services (CRS) at Wipro Limited The new consulting capability, offered through Wipro CRS Europe, will expand on Wipro’s existing cybersecurity services and enable clients to tap into Wipro’s full set of capabilities—from strategy and implementation to managed services. Under this new offering, Wipro consultants located in Europe will work with clients to build tailored strategies and solutions that address the unique challenges in this market. Leveraging Wipro’s extensive global network of more than 9000 cybersecurists, Wipro CRS Europe will help clients realize enhanced scale and speed in implementations. “Our recent acquisitions in the cybersecurity space, as well as our recent strategic hires in Europe, have created an opportunity for us to rethink how we serve our clients in this market,” said John Hermans, Head of Wipro CRS Europe. “This launch will bring together our entire set of cyber capabilities under a single umbrella, allowing us to deliver clients a truly end-to-end offering that leads with strategy but delivers on every single aspect of their cybersecurity needs.” The new offering will bring all Wipro’s cyber consulting capabilities under one umbrella, CyberTransformSM, and deliver them to clients alongside the company’s managed services capabilities, CyberShieldSM. CyberTransform is Wipro’s business-aligned strategy-first approach to cybersecurity transformation. It enables business growth through a business-led approach to solve security, risk, cloud, identity, and compliance challenges on a global scale. CyberTransform brings together Wipro’s suite of cybersecurity consulting capabilities and delivers clients a truly holistic, 360 approach designed to help them manage cyber threats and build resilient, future-proof businesses. CyberShield is Wipro CRS’ industry-leading suite of managed services, which defends business operations through On-Demand cyber resilience management. About Wipro Limited Wipro Limited is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 250,000 employees and business partners across 66 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world.

Read More