Vectra AI | August 06, 2021
Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.
As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found:
64% of DevOps respondents are deploying new workload services weekly or even more frequently
78% of organizations are running AWS across multiple regions (40% in at least three)
71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.)
The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include:
30% of organizations surveyed have no formal sign-off before pushing to production
40% of respondents say they do not have a DevSecOps workflow
71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers.
Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure.
"Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness."
Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS.
To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report or read our companion blog.
Vectra is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office 365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem.
businesswire | December 08, 2020
Keysight Technologies a main innovation organization that helps endeavors, specialist co-ops and governments quicken advancement to associate and make sure about the world, reported that Altiostar has chosen the organization's 5G test answers for quicken improvement and sending of an open virtualized radio access organization (open vRAN) foundation basic in the conveyance of a wide-scope of 5G use cases.
Altiostar chose Keysight's exhaustive set-up of 5G test arrangements, including 5G multi-band vector handsets, channel emulators, client gear (UE) emulators and O-RU (O-RAN radio unit) emulators to confirm interoperability between vRAN parts and conformance to details distributed by the O-RAN Alliance. A multi-merchant open RAN biological system, comprising of providers of radio and baseband equipment, just as disaggregated virtualized and cloud-local RAN and 5G center (5GC) programming parts, use Altiostar's open vRAN programming to convey creative arrangements that help robotized and savvy versatile organizations.
“This is a decisive moment in the ICS/OT cybersecurity market, with many powerful drivers coalescing to generate an unprecedented level of market interest and customer demand,” said Robert M. Lee, Chief Executive Officer and Co-Founder of Dragos, Inc. “Our Series C funding is an investment by industry, for industry, and will enable us to fully meet this moment for our customers by advancing the innovative technology at the center of our Dragos Platform, expanding our global footprint, and continuing to recruit the world’s most elite team of ICS/OT cybersecurity experts.”
“Koch Industries has more than 500 global manufacturing facilities, and the need for protection from cybersecurity threats grows each day,” said Byron Knight, Managing Director of Koch Disruptive Technologies. “As we continue to transform and modernize operations, Dragos will be a key partner in helping protect these assets to ensure we can continue providing products and services our customers prefer.”
"Combating cyber threats against critical assets that power our operations is at the center of our risk management approach across the entirety of Koch Industries," said Jarrod Benson, Chief Information Security Officer of Koch Industries. "Industrial cyberattacks can impact worker safety, plant productivity, and business continuity. Safeguarding our data is important and protecting our operations is essential."
“We understand the importance of technologies like the Dragos Platform that protect operational technologies and provide insights to help customers stay at the forefront of cyber innovation,” said Lisa Lambert, Chief Technology and Innovation Officer at National Grid and President of National Grid Partners. “We first invested in Dragos in 2018, and since then, their innovation in industrial cybersecurity has become even more important. We’re pleased to reinvest and to co-lead the round at this important stage of the company’s growth.”
CFGI | May 26, 2021
CFGI, a leading provider of Accounting Advisory, Cybersecurity and IT Risk Advisory solutions, and SecurityScorecard, the worldwide leader in cybersecurity ratings, today announced a new partnership to streamline and strengthen how organizations manage their cybersecurity and third-party risk through the use of Security Ratings.
CFGI has partnered with SecurityScorecard to non-intrusively evaluate an organizations' cybersecurity using an 'outside-in methodology. This approach enables CFGI to monitor and update the cybersecurity ratings of our clients in a very continuous manner. With these cybersecurity ratings and the extensive information on which they are based, organizations are presented with valuable information for assessing compliance with industry-leading cybersecurity risk standards.
As a SecurityScorecard managed security services provider (MSSP), CFGI will be delivering industry-leading cybersecurity ratings to clients to enhance their security posture, ensure adherence to regulatory requirements, and continuously monitor third-party risk. This partnership comes at a time when risk and compliance teams are experiencing unprecedented pressure to successfully manage their own and third-party risk, due to changing regulatory requirements, higher numbers of vendors, and more pressure from the board of directors. Heightened regulatory scrutiny has created the necessity for next-generation solutions to assist organizations in better manage the risk posed by their business partners. With the partnership between CFGI and SecurityScorecard, organizations can now be aware of cybersecurity gaps and advised on what is needed to fill them.
What value do CFGI clients receive?
• Technical dashboards and detailed reports with your most critical risk factors.
• Easy-to-read board-level reports and workflow tools for cybersecurity assessments.
• Risk remediation advisory services by CFGI, whose experts work closely with your technology teams or third parties.
• Ability to view your historical vulnerabilities and threats for continued improvement.
• Ability to quantify and demonstrate your return on security investments.
• Ability to benchmark your cybersecurity current state against industry peers and competitors.
CFGI, a portfolio company of The Carlyle Group, is a highly specialized financial consulting company that supports the office of the CFO with all its accounting, finance, risk management, and digital transformation needs. As an extension of your SOX, internal audit, corporate finance, or cybersecurity team, CFGI can serve in a variety of capacities – from technical accounting or finance transformation advisor to IPO and M&A support to controller or CFO.