Q&A with Shelton Newsham, Director and Founder at Newsham Business Solutions

Shelton Newsham, Director and Founder at Newsham Business Solutions, is a highly experienced board advisor, educator and public speaker and specialist in a number of areas enabling me to support management to identify risk, reduce exposure and achieve organisational objectives.He is a subject matter expert in many disciplines including process improvement, organsational assessment and information security. He has also worked closely with both UK Government agencies and international law enforcement.

If you are credible and capable of delivering then customer's confidence will grow, this will lead to more opportunities and business growth.



MEDIA 7: Congratulations on being named as one of the UK’s Top 30 Chief Security Officers at the CSO30 awards 2020. What has your professional journey been like?
SHELTON NEWSHAM:
Thank you, it has been an incredible journey for me. When joined the regional cybercrime unit just over 4 years ago, I had overseen several cybercrime investigations conducted by frontline police officers but the opportunity to run the prevent and protect teams elevated this to a different level. I was able to redefine our approach to cyber protection for businesses and our communities.

The cybersecurity industry has been incredibly welcoming, and I was able to build up key networks across the United Kingdom and beyond. I was able to collaborate with industry and academia to develop new products and provide them free to communities and businesses.

Professionally I was able to learn from some of the best in the sector, people at the forefront of innovation, and dedicated to making people safer. I gradually built up my expertise in several areas and was able to represent UK law enforcement at national and international events.
Being able to design and deliver the largest Police led Cyber engagement project was a real highlight, I was so proud of the National Matrix Challenge and how it empowered children and young people to learn about cyber. The support from all the police forces was fantastic, there remain some brilliant people in Team Cyber UK (Police cyber network).
I was honored to be named Cyber Policing Individual of the year in 2020 at the national cyber awards.

When I was named as one of the UK’s Top 30 Chief Security officers after being supported by industry, I knew I had achieved something special. This gave me the belief that I could make continue to help protect individuals and organizations but from outside policing. To ensure I was best placed to provide the business-focused Information security advice I also completed my MBA. I Left law enforcement in December 2020 and started Newsham Business Solutions Ltd, We’ve gone from strength to strength so I’m excited about the future.

M7: We are also delighted to hear that you will be speaking at Cybersecurity Festival! What topics on cybersecurity are you planning to throw light on for the attendees?
SN:
I am really looking forward to the Cybersecurity Festival, the agenda looks brilliant. I will be discussing the importance of security considerations during digital transformation. I have seen many businesses taking on a digital transformation program without driving this change with a security mindset. We expect teams to drive with speed, precision and agility undertaking transformations which will be making significant changes to process and systems, but it is far too easy to fall foul of focusing on a deliverable and not delivering a secure solution. It is a common theme but I will also be discussing staff awareness training and empowering individuals to be a crucial line of defense.


Finding the right individual who aligns their advice to your business objectives is an important factor in driving improved performance across the organization.



M7: How does NBS help companies by reviewing their business functions, risks, processes and implement solutions to ensure they achieve their organizational goals?
SN:
At NBS (Newsham Business Solutions) We want to support all organizations fully understand their information security exposure, many organizations are vulnerable through overprocessing or sudden expansion. Triaging organizations and following all the key business processes enables them to look at process improvement around information security. I believe that this should be carried out by someone independent as this will help identify gaps that may not be spotted by internal staff as its an accepted practice.  There is an added benefit that by saving money through improvement they can potentially reinvest in security.
I also support organizations that cannot afford a full-time CISO, providing guidance and define metrics to support board discussions.

I also feel that it is crucial that organizations consider all manner of solutions not just technical. A layered defense is important. Management controls are a great place to start, there are many low-cost, high-impact measures we can take before outlaying larger sums on other controls. For technical solutions, I will always work with that organizations to define the scope and objective before approaching the market and making recommendations. I have seen many organizations purchasing all manner of technical solutions which were not the right ones. It is important that the requirement is driven by the business not, other parties.

Finally, we all know our people are the biggest risk in terms of security incidents, I work with organizations to provide awareness training at all levels. Security must be driven from the top, but your staff must be supported and provided with guidance, confidence to report and clear processes to follow. Again, I like to bring back the human factor in delivery at the beginning ensuring specific organizations focused questions can be answered and you can see the confidence grow. This also means that the organization's mission is embedded in the training. I am a supporter of computer-based training after that initial people-focused engagement.


Organisations need to do their research, whilst some organizations are transforming at pace others may benefit from transforming slightly slower. Understanding the market and the factors that will drive your business.



M7: What are the common types of cyberattacks an enterprise is likely to face? What are the preventive measures that companies should undertake?
SN:
Ransomware continues to be the biggest threat; threat actors are still finding this the quickest and easiest source of income. Organization's digital assets continue to grow as does the valuable data held by them. we continue to see medical facilities; academia, local government and private organizations targeted across the globe.

User training, robust backing up policy and technical controls are important. Organizations must remember that one technical solution will not stop every threat no matter the cost, remember a defense in depth is important.

Phishing, business email compromise and related frauds continue to have a serious impact on organizations many due to human error, lack of training is a big factor in this. Organizations need to invest in awareness training, empower their staff and with the right deliverables, you can evidence continual improvement and ROI.

Finally, it’s important to consider the expert opinion, many consultants work independently and will focus on the business requirements not upselling. Finding the right individual who aligns their advice to your business objectives is an important factor in driving improved performance across the organization.

M7: What do you believe are the top three security challenges faced by the companies in the post COVID-19 era?
SN:
Organisations must review their security monitoring capabilities and incident response protocols. They need to make sure that they have visibility of their new expanded operational environment. The pace at which organizations needed to change their normal working practices and move to remote working practices was in many cases transformation that was not previously planned. Organizations should exercise their current incident response, disaster recovery and business continuity procedures to identify further gaps that have developed.

Organizations should review their staff awareness training and consider the environments of their remote workers. Many end-users would have previously relied on office-based colleagues to ask for advice, this has obviously changed. End users are being actively targeted with social engineering, malicious calls which purport to be from the organization's IT support are successfully gaining remote access to systems. Physical security in the home and the correct management of documents also need to be reinforced. Our staff need our support, it is a change for organizational management and business processes but it's also a major change for staff.

From a technology point of view, organizations should review their endpoint protection, ensure appropriate asset management and patching is in place. It’s likely that BYOD is in place so those basic reviews must include end-user devices. Organizations may need to develop single sign-on or MFA for remote access, whilst these seems obvious it has been very difficult for some organizations to survive during the pandemic so some of these processes may have been missed or put on a ‘backlog’.

M7: What do you think is essential to stay competitive in a market that is going through constant digitalization?
SN:
Organisations need to do their research, whilst some organizations are transforming at pace others may benefit from transforming slightly slower. Understanding the market and the factors that will drive your business. I like to use the ‘porter five forces’ model to help organizations retain their competitive edge. Expert advice from security consultants with a business background is also beneficial, understanding the business landscape whilst driving security can lead to real growth.

M7: What is the marketing mantra that you swear by?
SN:
My core mantra is
Capability x Credibility = Opportunity

If you are credible and capable of delivering then customer's confidence will grow, this leads to more opportunities and business growth. I have built my career on being credible and supporting individuals and organizations.

Having a background in law enforcement is a unique attribute, my core belief remains ‘to protect and serve’. This transfers into the private sector, I continue to focus on protecting individuals and businesses that are integral to communities. If you are truly credible you will remain focused on your belief and not be tempted to change on a whim.
Capability to deliver on your words and business objectives builds trust, it also helps change behaviors.

For me empowering positive behavioral change around security is an opportunity we cannot underestimate. We can empower communities, build confidence, and secure businesses by delivering real engagement, support and understanding. That is the opportunity………create a safer world for all!

ABOUT NEWSHAM BUSINESS SOLUTIONS

Newsham Business Solutions is an Independent Information Security Consultancy that puts the organization’s requirements at the forefront of any recommendation. They investigate process improvement and management controls to reduce outlay but if technical solutions need to be considered we are truly vendor agnostic. Their services include organizational triage, consultancy, a virtual / Part-time CISO and awareness training for all levels of an organization. They can also support you through ISO 27001 and support physical security reviews.

More THOUGHT LEADERS

Futurex’s Adam Cason advises, ‘To look at your data security posture with a critical eye’

Media 7 | December 1, 2021

Adam Cason, Vice President of Global and Strategic Alliances at Futurex speaks about some major cybersecurity developments retailers need to look out for in the next 5 years. Read on for his thoughts on the top security needs of brands and retailers....

Read More

'Data is the answer to a more effective digital transformation,' says SonicWall's Diane Walker

Media 7 | November 23, 2021

In this interview with Diane Walker, Senior Director of Demand Generation at SonicWall, we had the opportunity to peek into SonicWall's latest high-performance firewall models that are aimed to combat the unprecedented surge of malware and ransomware resulting from a rise in remote and hybrid workforces across enterprises. She shared meaningful insights into SonicWall's vision of cybersecurity, and how modern-day marketers need to reflect on the different levels of the digital buyer journey. Read on to discover effective approaches towards marketing to drive business growth....

Read More

No backup can land companies in serious trouble, warns Tinesh Chhaya, Founder at Decipher Cyber

Media 7 | November 15, 2021

With only a few weeks till the launch of Jenny 2.0, Tinesh Chhaya, Founder at Decipher Cyber, explores the different ways Jenny makes searching and analyzing cybersecurity vendors and service providers easier for businesses who are looking to upgrade their security systems, in this interview with Media 7. Read on to find out how businesses can make digital transformations and hybrid work environments safer from cyber-attacks....

Read More

Futurex’s Adam Cason advises, ‘To look at your data security posture with a critical eye’

Media 7 | December 1, 2021

Adam Cason, Vice President of Global and Strategic Alliances at Futurex speaks about some major cybersecurity developments retailers need to look out for in the next 5 years. Read on for his thoughts on the top security needs of brands and retailers....

Read More

'Data is the answer to a more effective digital transformation,' says SonicWall's Diane Walker

Media 7 | November 23, 2021

In this interview with Diane Walker, Senior Director of Demand Generation at SonicWall, we had the opportunity to peek into SonicWall's latest high-performance firewall models that are aimed to combat the unprecedented surge of malware and ransomware resulting from a rise in remote and hybrid workforces across enterprises. She shared meaningful insights into SonicWall's vision of cybersecurity, and how modern-day marketers need to reflect on the different levels of the digital buyer journey. Read on to discover effective approaches towards marketing to drive business growth....

Read More

No backup can land companies in serious trouble, warns Tinesh Chhaya, Founder at Decipher Cyber

Media 7 | November 15, 2021

With only a few weeks till the launch of Jenny 2.0, Tinesh Chhaya, Founder at Decipher Cyber, explores the different ways Jenny makes searching and analyzing cybersecurity vendors and service providers easier for businesses who are looking to upgrade their security systems, in this interview with Media 7. Read on to find out how businesses can make digital transformations and hybrid work environments safer from cyber-attacks....

Read More

Related News

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

Spotlight

Events

Resources

Events