Data Security

Use NetSPI's New Ransomware Attack SimulationTo Improve Ransomware Attack Resiliency

The leader in attack surface management and enterprise penetration testing, NetSPI,  has announced its new service for ransomware attack simulation., In collaboration with its ransomware security experts, the new service enables organizations to emulate ransomware families of real-world to find and fix dangerous susceptibilities in their defenses for cybersecurity.

Major cybersecurity gaps were exposed globally in the recent ransomware attacks. The Biden administration in the U.S. urges all business leaders to take enough precautions to get away from ransomware. Deputy national security advisor for emerging and cyber technology, Anne Neuberger, recommends various companies in a recent memo to use third-party pentester to test the security of the systems and the ability to defend a sophisticated cyber-attack effectively.

NetSPI closely collaborates during a ransomware attack simulation engagement with companies to simulate sophisticated ransomware techniques, tactics, and procedures (TTPs) utilizing its tailor-made technology for breach and attack simulation. Following each engagement, organizations get access to NetSPI's technology to run custom plays independently and unceasingly assess how well their cybersecurity platform will hold up to a ransomware attack.

About NetSPI

NetSPI, the leader in attack surface management and enterprise security testing, has a partnership with the most significant global cloud providers, nine of the top 10 U.S. banks, many of the Fortune® 500, and three of the world's five largest healthcare companies. NetSPI experts perform deep dive manual penetration testing of network, application, and cloud occurrence surfaces, historically testing over 1 million resources to find 4 million specific vulnerabilities. NetSPI is headquartered in Minneapolis, MN, and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Related News

Enterprise Security

Honeywell Uses Quantum Computing Encryption to Protect Utility Data

Honeywell | September 11, 2023

Honeywell has announced that it's the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, protecting end-user data from advanced cybersecurity threats. Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness. Honeywell's new Smart Energy and Thermal Solution products powered with Quantum Origin are now available to North American and European customers. Honeywell recently made a groundbreaking announcement that it is the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, a move that provides advanced protection for end-user data against cyber threats. To achieve this, Honeywell will leverage Quantinuum's Quantum Origin technology to not only enhance data security but also contribute to building greater reliability and trust in the evolving utility sector. The enhanced security utility meters establish a new standard for safeguarding against data breaches and ensuring the uninterrupted operation of water, gas, and electricity utility infrastructure for both commercial and residential applications. Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness, thereby rendering them truly unpredictable and substantially enhancing the data security of utilities' end users. No other organizations in the smart meter market presently offer quantum-hardened encryption protection. The incorporation of this technology into Honeywell's Smart Energy and Thermal Solutions' products will assist in addressing the industry's expanding data security requirements, especially as they pertain to critical infrastructure. President of Smart Energy and Thermal Solutions at Honeywell, Hamed Heyhat, said, By integrating Quantinuum's quantum-computing-hardened encryption technology into our smart meters, we are advancing data security for our customers and helping to shape the dialogue on how the utility industries should approach cybersecurity in the quantum era. [Source – Cision PR Newswire] Hamed Heyhat emphasized the significance of continuous innovation in enabling customers to stay ahead of the ever-changing threat landscape. It was noted that such a level of protection is crucial in our progressively digital and interconnected world. Tony Uttley, President and COO of Quantinuum, mentioned, Our work with Honeywell demonstrates the importance of using the power of today's quantum computers to create a more resilient cyber infrastructure to better protect customers. [Source – Cision PR Newswire] Smart Energy and Thermal Solution products from Honeywell with Quantum Origin are now available to North American and European customers. The collaboration will strengthen Honeywell's position as an industry-leading provider of innovative and secure solutions for the utilities industry.

Read More

Software Security

IBM Announces New AI-Powered Threat Detection and Response Services

PR Newswire | October 06, 2023

IBM (NYSE: IBM) today unveiled the next evolution of its managed detection and response service offerings with new AI technologies, including the ability to automatically escalate or close up to 85% of alerts,1 helping to accelerate security response timelines for clients. The new Threat Detection and Response Services (TDR) provide 24x7 monitoring, investigation, and automated remediation of security alerts from all relevant technologies across client's hybrid cloud environments – including existing security tools and investments, as well as cloud, on-premise, and operational technologies (OT). The managed services are delivered by IBM Consulting's global team of security analysts via IBM's advanced security services platform, which applies multiple layers of AI and contextual threat intelligence from the company's vast global security network – helping automate away the noise while quickly escalating critical threats. Security teams today are not just outnumbered by attackers, but also by the number of vulnerabilities, alerts and security tools and systems they're tasked with managing on a day-to-day basis, said Chris McCurdy, General Manager, Worldwide IBM Consulting Cybersecurity Services. By combining advanced analytics and real-time threat intelligence with human expertise, IBM's new Threat Detection and Response Services can augment organization's security defenses with a capability that is scalable, continuously improving and strong enough for tomorrow's threats. Intelligently Adapting Threat Defenses The new TDR Services are underpinned by a set of AI-powered security technologies that support thousands of clients across the world, monitoring billions of potential security events per day. It leverages AI models that continuously learn from real-world client data, including security analyst responses, engineered to automatically close low priority and false positive alerts based on a client-defined confidence level. This capability also automatically escalates high risk alerts that require immediate action by security teams and provides investigation context. IBM's TDR Services are designed to provide: Crowdsourced detection rules, Optimized alerts. Leveraging real-time insights from IBM's threat management engagements, the new services use AI to continuously assess and auto-recommend the most effective detection rules – helping to improve alert quality, and speed response times. This capability helped reduce low-value SIEM alerts by 45% and auto escalate 79% more high-value alerts that required immediate attention2. Organizations can approve and update detection rules with just two clicks through its co-managed portal. MITRE ATT&CK assessment. To stay prepared for ransomware and wipe-out attacks, organizations will be able to see how their environment is covering MITRE ATT&CK framework tactics, techniques, and procedures as compared to their industry and geography peers. By applying AI, the new services are designed to reconcile the multiple detection tools and policies currently in place at an organization, providing an enterprise view into how to best detect threats and assess gaps to update within an ATT&CK framework. Seamless end-to-end integration. With its open API approach, the new services can quickly integrate with a client's enterprise-wide security assets, whether on premise or in the cloud. Organizations can continue to access their ecosystem while also having the option to connect and collaborate and define their own response playbooks through a co-managed portal. This provides a unified enterprise view, precise remediation capabilities, and consistently enforces security policies across IT & OT. 24x7 global support. Organizations will have access to more than 6,000 IBM Cybersecurity Services professionals across the globe 24/7 x 365 to help augment security programs. IBM Consulting Cybersecurity Services' vast global network serves more than 3,000 clients around the world – managing more than 2 million endpoints and 150 billion security events per day. "Security leaders today are trying to escape the vicious cycle of staff shortages, increased threats, and rising demands from the C-Suite to mature their cyber program without breaking the bank. For many organizations the old playbook of swapping out their tools for a vendor's preferred platform does not work, as they cannot afford to write off prior SOC investments," said Craig Robinson, IDC Research VP of Security Services. "A service like IBM's Threat Detection and Response offering can provide an off-ramp to these concerns, without requiring a full rip-and-replace of their prior security investments and help shift their human capital in the SOC to more of a proactive mode." To support continuous improvement for security operations capabilities, IBM's TDR Services, which are now available, include access to IBM's X- Force Incident Response Services along with the option to include additional proactive security services from IBM X-Force, such as penetration testing, adversary simulation or vulnerability management. X-Force will also provide guidance to help clients improve their security operations over time, based on the current threat landscape, clients' evolving IT environment, and insights gleaned from engagements with thousands of IBM Cybersecurity Services clients around the world.

Read More

Cloud Security

Fortinet New SASE Offerings Improve Cloud Protection for Microbranches

Fortinet | September 05, 2023

Fortinet, the worldwide cybersecurity leader driving the integration of networking and security, has announced new enhancements to its market-leading single-vendor Secure Access Service Edge (SASE) offering. FortiSASE already shields the hybrid workforce using a unified agent and includes SD-WAN integration for the branch. This solidifies FortiSASE's position as the market's most comprehensive offering. The list of Fortinet extended SASE solutions: SASE for Microbranches and IoT/OT Devices: FortiSASE now offers expanded integrations within the Fortinet wireless local-area network (WLAN) suite to aid organizations in securing microbranches and associated devices. FortiAP wireless access points intelligently offload traffic from microbranches to a SASE point of presence (POP) for scalable security inspection of all devices, including IoT and OT devices. This integration also implies that the Fortinet WLAN portfolio can be managed by the same straightforward, cloud-based management console customers already use for FortiSASE. Enhanced Data Loss Prevention Service: As a component of its cloud-delivered security services, FortiSASE includes the FortiGuard-powered Data Loss Prevention (DLP) service to safeguard sensitive data across the entire hybrid environment. This service now consists of a broader range of file types, data identifiers, and Software-as-a-Service (SaaS) applications, along with sophisticated data matching techniques to prevent accidental data breaches. By constant DLP enhancement, Fortinet provides organizations with a detailed understanding of their cloud applications and the tools needed to defend against new threats effectively. End-to-end Digital Experience Monitoring: For comprehensive network and SaaS application monitoring, Fortinet's Digital Experience Monitoring (DEM) solution integrates with FortiSASE to offer insights across users, Fortinet global SASE POPs, and the performance of SaaS applications such as WebEx, Office365, and Dropbox. In addition, this integration enable endpoint monitoring to provide end-to-end visibility, empowering IT teams with the data they need to decrease resolution times and ensure a positive user experience. Leveraging FortiGuard AI-Powered Security Services, Fortinet's SASE provides an extensive set of features, including unified security, streamlined management, and end-to-end Data Edge Management (DEM). This is accomplished by seamlessly integrating cloud-based security components, such as a cloud access security broker, secure web gateway, and Firewall-as-a-Service, in conjunction with networking functionalities through Software-Defined Wide Area Networking (SD-WAN). In addition, the solution incorporates Universal Zero Trust Network Access (ZTNA) capabilities to ensure resilient and secure connectivity to and from the internet, privately hosted applications, and Software as a Service (SaaS) applications.

Read More