Q&A with Shelton Newsham, Director and Founder at Newsham Business Solutions

Shelton Newsham, Director and Founder at Newsham Business Solutions, is a highly experienced board advisor, educator and public speaker and specialist in a number of areas enabling me to support management to identify risk, reduce exposure and achieve organisational objectives.He is a subject matter expert in many disciplines including process improvement, organsational assessment and information security. He has also worked closely with both UK Government agencies and international law enforcement.

If you are credible and capable of delivering then customer's confidence will grow, this will lead to more opportunities and business growth.



MEDIA 7: Congratulations on being named as one of the UK’s Top 30 Chief Security Officers at the CSO30 awards 2020. What has your professional journey been like?
SHELTON NEWSHAM:
Thank you, it has been an incredible journey for me. When joined the regional cybercrime unit just over 4 years ago, I had overseen several cybercrime investigations conducted by frontline police officers but the opportunity to run the prevent and protect teams elevated this to a different level. I was able to redefine our approach to cyber protection for businesses and our communities.

The cybersecurity industry has been incredibly welcoming, and I was able to build up key networks across the United Kingdom and beyond. I was able to collaborate with industry and academia to develop new products and provide them free to communities and businesses.

Professionally I was able to learn from some of the best in the sector, people at the forefront of innovation, and dedicated to making people safer. I gradually built up my expertise in several areas and was able to represent UK law enforcement at national and international events.
Being able to design and deliver the largest Police led Cyber engagement project was a real highlight, I was so proud of the National Matrix Challenge and how it empowered children and young people to learn about cyber. The support from all the police forces was fantastic, there remain some brilliant people in Team Cyber UK (Police cyber network).
I was honored to be named Cyber Policing Individual of the year in 2020 at the national cyber awards.

When I was named as one of the UK’s Top 30 Chief Security officers after being supported by industry, I knew I had achieved something special. This gave me the belief that I could make continue to help protect individuals and organizations but from outside policing. To ensure I was best placed to provide the business-focused Information security advice I also completed my MBA. I Left law enforcement in December 2020 and started Newsham Business Solutions Ltd, We’ve gone from strength to strength so I’m excited about the future.

M7: We are also delighted to hear that you will be speaking at Cybersecurity Festival! What topics on cybersecurity are you planning to throw light on for the attendees?
SN:
I am really looking forward to the Cybersecurity Festival, the agenda looks brilliant. I will be discussing the importance of security considerations during digital transformation. I have seen many businesses taking on a digital transformation program without driving this change with a security mindset. We expect teams to drive with speed, precision and agility undertaking transformations which will be making significant changes to process and systems, but it is far too easy to fall foul of focusing on a deliverable and not delivering a secure solution. It is a common theme but I will also be discussing staff awareness training and empowering individuals to be a crucial line of defense.


Finding the right individual who aligns their advice to your business objectives is an important factor in driving improved performance across the organization.



M7: How does NBS help companies by reviewing their business functions, risks, processes and implement solutions to ensure they achieve their organizational goals?
SN:
At NBS (Newsham Business Solutions) We want to support all organizations fully understand their information security exposure, many organizations are vulnerable through overprocessing or sudden expansion. Triaging organizations and following all the key business processes enables them to look at process improvement around information security. I believe that this should be carried out by someone independent as this will help identify gaps that may not be spotted by internal staff as its an accepted practice.  There is an added benefit that by saving money through improvement they can potentially reinvest in security.
I also support organizations that cannot afford a full-time CISO, providing guidance and define metrics to support board discussions.

I also feel that it is crucial that organizations consider all manner of solutions not just technical. A layered defense is important. Management controls are a great place to start, there are many low-cost, high-impact measures we can take before outlaying larger sums on other controls. For technical solutions, I will always work with that organizations to define the scope and objective before approaching the market and making recommendations. I have seen many organizations purchasing all manner of technical solutions which were not the right ones. It is important that the requirement is driven by the business not, other parties.

Finally, we all know our people are the biggest risk in terms of security incidents, I work with organizations to provide awareness training at all levels. Security must be driven from the top, but your staff must be supported and provided with guidance, confidence to report and clear processes to follow. Again, I like to bring back the human factor in delivery at the beginning ensuring specific organizations focused questions can be answered and you can see the confidence grow. This also means that the organization's mission is embedded in the training. I am a supporter of computer-based training after that initial people-focused engagement.


Organisations need to do their research, whilst some organizations are transforming at pace others may benefit from transforming slightly slower. Understanding the market and the factors that will drive your business.



M7: What are the common types of cyberattacks an enterprise is likely to face? What are the preventive measures that companies should undertake?
SN:
Ransomware continues to be the biggest threat; threat actors are still finding this the quickest and easiest source of income. Organization's digital assets continue to grow as does the valuable data held by them. we continue to see medical facilities; academia, local government and private organizations targeted across the globe.

User training, robust backing up policy and technical controls are important. Organizations must remember that one technical solution will not stop every threat no matter the cost, remember a defense in depth is important.

Phishing, business email compromise and related frauds continue to have a serious impact on organizations many due to human error, lack of training is a big factor in this. Organizations need to invest in awareness training, empower their staff and with the right deliverables, you can evidence continual improvement and ROI.

Finally, it’s important to consider the expert opinion, many consultants work independently and will focus on the business requirements not upselling. Finding the right individual who aligns their advice to your business objectives is an important factor in driving improved performance across the organization.

M7: What do you believe are the top three security challenges faced by the companies in the post COVID-19 era?
SN:
Organisations must review their security monitoring capabilities and incident response protocols. They need to make sure that they have visibility of their new expanded operational environment. The pace at which organizations needed to change their normal working practices and move to remote working practices was in many cases transformation that was not previously planned. Organizations should exercise their current incident response, disaster recovery and business continuity procedures to identify further gaps that have developed.

Organizations should review their staff awareness training and consider the environments of their remote workers. Many end-users would have previously relied on office-based colleagues to ask for advice, this has obviously changed. End users are being actively targeted with social engineering, malicious calls which purport to be from the organization's IT support are successfully gaining remote access to systems. Physical security in the home and the correct management of documents also need to be reinforced. Our staff need our support, it is a change for organizational management and business processes but it's also a major change for staff.

From a technology point of view, organizations should review their endpoint protection, ensure appropriate asset management and patching is in place. It’s likely that BYOD is in place so those basic reviews must include end-user devices. Organizations may need to develop single sign-on or MFA for remote access, whilst these seems obvious it has been very difficult for some organizations to survive during the pandemic so some of these processes may have been missed or put on a ‘backlog’.

M7: What do you think is essential to stay competitive in a market that is going through constant digitalization?
SN:
Organisations need to do their research, whilst some organizations are transforming at pace others may benefit from transforming slightly slower. Understanding the market and the factors that will drive your business. I like to use the ‘porter five forces’ model to help organizations retain their competitive edge. Expert advice from security consultants with a business background is also beneficial, understanding the business landscape whilst driving security can lead to real growth.

M7: What is the marketing mantra that you swear by?
SN:
My core mantra is
Capability x Credibility = Opportunity

If you are credible and capable of delivering then customer's confidence will grow, this leads to more opportunities and business growth. I have built my career on being credible and supporting individuals and organizations.

Having a background in law enforcement is a unique attribute, my core belief remains ‘to protect and serve’. This transfers into the private sector, I continue to focus on protecting individuals and businesses that are integral to communities. If you are truly credible you will remain focused on your belief and not be tempted to change on a whim.
Capability to deliver on your words and business objectives builds trust, it also helps change behaviors.

For me empowering positive behavioral change around security is an opportunity we cannot underestimate. We can empower communities, build confidence, and secure businesses by delivering real engagement, support and understanding. That is the opportunity………create a safer world for all!

ABOUT NEWSHAM BUSINESS SOLUTIONS

Newsham Business Solutions is an Independent Information Security Consultancy that puts the organization’s requirements at the forefront of any recommendation. They investigate process improvement and management controls to reduce outlay but if technical solutions need to be considered we are truly vendor agnostic. Their services include organizational triage, consultancy, a virtual / Part-time CISO and awareness training for all levels of an organization. They can also support you through ISO 27001 and support physical security reviews.

More THOUGHT LEADERS

Futurex’s Adam Cason advises, ‘To look at your data security posture with a critical eye’

Media 7 | December 1, 2021

Adam Cason, Vice President of Global and Strategic Alliances at Futurex speaks about some major cybersecurity developments retailers need to look out for in the next 5 years. Read on for his thoughts on the top security needs of brands and retailers....

Read More

'Data is the answer to a more effective digital transformation,' says SonicWall's Diane Walker

Media 7 | November 23, 2021

In this interview with Diane Walker, Senior Director of Demand Generation at SonicWall, we had the opportunity to peek into SonicWall's latest high-performance firewall models that are aimed to combat the unprecedented surge of malware and ransomware resulting from a rise in remote and hybrid workforces across enterprises. She shared meaningful insights into SonicWall's vision of cybersecurity, and how modern-day marketers need to reflect on the different levels of the digital buyer journey. Read on to discover effective approaches towards marketing to drive business growth....

Read More

No backup can land companies in serious trouble, warns Tinesh Chhaya, Founder at Decipher Cyber

Media 7 | November 15, 2021

With only a few weeks till the launch of Jenny 2.0, Tinesh Chhaya, Founder at Decipher Cyber, explores the different ways Jenny makes searching and analyzing cybersecurity vendors and service providers easier for businesses who are looking to upgrade their security systems, in this interview with Media 7. Read on to find out how businesses can make digital transformations and hybrid work environments safer from cyber-attacks....

Read More

Futurex’s Adam Cason advises, ‘To look at your data security posture with a critical eye’

Media 7 | December 1, 2021

Adam Cason, Vice President of Global and Strategic Alliances at Futurex speaks about some major cybersecurity developments retailers need to look out for in the next 5 years. Read on for his thoughts on the top security needs of brands and retailers....

Read More

'Data is the answer to a more effective digital transformation,' says SonicWall's Diane Walker

Media 7 | November 23, 2021

In this interview with Diane Walker, Senior Director of Demand Generation at SonicWall, we had the opportunity to peek into SonicWall's latest high-performance firewall models that are aimed to combat the unprecedented surge of malware and ransomware resulting from a rise in remote and hybrid workforces across enterprises. She shared meaningful insights into SonicWall's vision of cybersecurity, and how modern-day marketers need to reflect on the different levels of the digital buyer journey. Read on to discover effective approaches towards marketing to drive business growth....

Read More

No backup can land companies in serious trouble, warns Tinesh Chhaya, Founder at Decipher Cyber

Media 7 | November 15, 2021

With only a few weeks till the launch of Jenny 2.0, Tinesh Chhaya, Founder at Decipher Cyber, explores the different ways Jenny makes searching and analyzing cybersecurity vendors and service providers easier for businesses who are looking to upgrade their security systems, in this interview with Media 7. Read on to find out how businesses can make digital transformations and hybrid work environments safer from cyber-attacks....

Read More

Related News

Platform Security

Stellar Cyber and Proofpoint Strategic Alliance to Deliver Comprehensive Email Security Solution For SecOps Teams

Stellar Cyber | January 23, 2024

Stellar Cyber, the innovator of Open XDR, announced a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this alliance, Proofpoint and Stellar Cyber customers benefit from an out-of-the-box integration enabling swift email investigations and real-time response actions to email-driven attacks. Proofpoint Targeted Attack Protection monitors emails to identify suspicious emails and potentially malicious attachments and URLs. Once identified, the findings are shared with Stellar Cyber automatically. Stellar Cyber’s Open XDR platform ingests, normalizes, and analyzes Proofpoint findings and other collected data to deliver a comprehensive threat picture. As security analysts conduct investigations, they can instruct integrated third-party products – including Proofpoint – on corrective actions. “Protecting organizations against email-borne attacks is a top priority, and security teams need a way to automatically correlate threat telemetry across the entire attack surface in order to quickly remediate threats,” said Andrew Homer, VP of Strategic Alliances, Stellar Cyber. “This new partnership with Proofpoint is the latest example of Stellar Cyber delivering on its Open XDR strategy to provide customers turn-key integrations that improve productivity and threat detection.” “Email attacks remain the number one entry point into an organization, and the level of sophistication of these attacks continues to grow exponentially,” said D.J. Long, Vice President, Strategic Alliances & Business Development, Proofpoint. “We’re thrilled to work with Stellar Cyber on this strategic alliance to help customers protect against advanced email-based threats and unify their cybersecurity defense.” Through this alliance, Stellar Cyber and Proofpoint give security teams an advantage over attackers, resulting in the following: Real-time threat signals exchanged for proactive detection Correlation of Proofpoint alerts across the entire attack surface Automated response actions for immediate threat containment About Stellar Cyber Stellar Cyber’s Open XDR Platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill level to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

Data Security

Rubrik Chosen by Carhartt to Drive Complete Cyber Resilience

Rubrik | January 10, 2024

Rubrik, the Zero Trust Data Security™ company, today announced that America’s premium workwear brand Carhartt has consolidated multiple legacy backup tools with Rubrik Security Cloud to achieve cyber resilience. After moving to Rubrik, Carhartt realized more than 50 percent in monthly cost savings, while significantly improving its data security capabilities. “Data resilience is key to the continued security and success of our business. We work hard to ward off intruders but we have to operate on the assumption that they will find a way in,” said Michael Karasienski, cloud platforms manager at Carhartt. “Rubrik Security Cloud restores data fast and without fail for both our cloud and on-premises environments. Rubrik plays a key role in building trust in our system with secure protocols and access controls; it isn’t just a data security solution, it’s peace of mind for our brand.” Established in 1889, Carhartt has a rich heritage of developing rugged products for workers on and off the job. The company honors hard work, approaching its business with the same honesty, dependability, and trust that its consumers display day-in and day-out. Prior to Rubrik, Carhartt used a variety of different backup solutions across its operations. After an upgrade of a critical application failed, Carhartt’s administrators discovered that that application data hadn’t been backed up, forcing the team to reconstruct more than two-weeks’ worth of data manually. Furthermore, the Carhartt team discovered malware in backups from its legacy tools, resulting in weeks of searching data sets to manually complete the investigation. With Rubrik Security Cloud, Carhartt’s IT team can now devote more time to other priorities — like business requests, incidents, and reducing technical debt — while saving more than 50 percent in operational costs each month. The company’s IT and Security teams are also collaborating to reduce risk to the organization, zeroing in on malware and tying investigations into its security operations center. “A highly interconnected business like Carhartt is responsible for mountains of sensitive data. Protecting that data is paramount to maintain customer trust and minimize business disruption,” said Anneka Gupta, Chief Product Officer at Rubrik. “Outdated legacy technology was never built with security in mind, so organizations must turn to modernized platforms and zero-trust methodologies to defend their data. With a holistic solution like Rubrik Security Cloud, organizations like Carhartt know their business will be resilient in the face of any cyber threat.” Carhartt utilizes numerous Rubrik products, including Anomaly Detection, Sensitive Data Monitoring, Threat Hunting, as well as its integration with Microsoft Sentinel. About Rubrik Rubrik is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

Read More

API Security

Cequence and Vercara Partner to Combat Cyber Threats and Revolutionize API Security

Cequence Security | January 25, 2024

Cequence Security is proud to announce a new partnership with Vercara, a leading provider of cloud-based services that secure the online experience. This collaboration aims to fortify the cybersecurity landscape by pairing Vercara’s network and application protections with Cequence Security's innovative Unified API Protection (UAP) platform. Security teams encounter substantial hurdles in safeguarding API applications from cyber-attacks, including the rapid development and deployment of API applications across diverse cloud providers. The unmanaged and unprotected nature of these APIs can harbor critical vulnerabilities, making them susceptible to exploitation. Moreover, the lack of a clear and consistent security posture across the application footprint introduces further complexities. To address these challenges, Cequence Security's UAP platform provides a comprehensive discovery of the entire API attack surface, encompassing both external and internal APIs. It ensures compliance with security and governance best practices, eliminating unknown and unmitigated API security risks. Furthermore, the solution offers native real-time inline protection, blocking API attacks before they reach applications. "The absence of API protection puts you at risk of potential theft, fraud, non-compliance, and business disruptions,” said Carlos Morales, SVP Solutions at Vercara. “Our partnership with Cequence combines our collective best-in-class services to address the evolving demands of the cybersecurity landscape, ensuring that businesses can confidently deploy needed applications and successfully navigate the complexities of API security with advanced, holistic protection.” Arun Gowda, VP, Business Development at Cequence Security, said, “In the evolving landscape of cybersecurity, the extensive risk of data compromise in API breaches goes beyond external APIs to internal ones. These often-overlooked internal APIs can access sensitive data not intended for public exposure. APIs have changed the game for attackers, making it imperative to prioritize the security of all assets accessible through APIs, including those not expected to be publicly exposed.” He added, “We are pleased to combine our innovative API security solutions with Vercara's innovative WAF and DDoS services to deliver advanced, holistic API protection. This collaboration reinforces our commitment to provide unparalleled security measures for businesses reliant on APIs.” Cequence Security's UAP platform is unparalleled in addressing all phases of the API security lifecycle. It provides: Discovery: A continuous API attack surface discovery management product that assesses your application footprint, offering a complete inventory of external APIs. Compliance: A security posture management product that identifies security risks in APIs, ensuring compliance with specifications, security test requirements, and governance best practices. Protection: Detects and prevents sophisticated automated API attacks and business logic abuse using advanced machine learning rules, providing real-time protection without relying on third-party components. About Cequence Security Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection across all internal and external APIs to defend against attacks, targeted abuse, and fraud. Requiring less than 15 minutes to onboard an API without requiring any instrumentation, SDK, or JavaScript integration, the flexible deployment model supports SaaS, on-premises, and hybrid installations. Cequence solutions scale to handle the most demanding Fortune and Global 2000 organizations, securing more than 8 billion daily API calls and protecting more than 3 billion user accounts across these customers. To learn more, visit www.cequence.ai. About Vercara Vercara is a purpose-built, global, cloud-based security platform that provides layers of protection to safeguard businesses’ online presence, no matter where attacks originate or where they are aimed. Delivering the industry’s highest-performing solutions and supported by unparalleled 24/7 human expertise and hands-on guidance, top global brands depend on Vercara to protect their networks and applications against threats and downtime. Vercara’s suite of cloud-based services is secure, reliable, and available, delivering peace of mind and ensuring that businesses and their customers experience exceptional interactions all day, every day. Pressure-tested in the world’s most tightly regulated and high-traffic verticals, Vercara’s mission-critical security portfolio provides best-in-class DNS and application and network security (including DDoS and WAF) services to its Global 5000 customers and beyond. For more information, visit vercara.com.

Read More

Platform Security

Stellar Cyber and Proofpoint Strategic Alliance to Deliver Comprehensive Email Security Solution For SecOps Teams

Stellar Cyber | January 23, 2024

Stellar Cyber, the innovator of Open XDR, announced a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this alliance, Proofpoint and Stellar Cyber customers benefit from an out-of-the-box integration enabling swift email investigations and real-time response actions to email-driven attacks. Proofpoint Targeted Attack Protection monitors emails to identify suspicious emails and potentially malicious attachments and URLs. Once identified, the findings are shared with Stellar Cyber automatically. Stellar Cyber’s Open XDR platform ingests, normalizes, and analyzes Proofpoint findings and other collected data to deliver a comprehensive threat picture. As security analysts conduct investigations, they can instruct integrated third-party products – including Proofpoint – on corrective actions. “Protecting organizations against email-borne attacks is a top priority, and security teams need a way to automatically correlate threat telemetry across the entire attack surface in order to quickly remediate threats,” said Andrew Homer, VP of Strategic Alliances, Stellar Cyber. “This new partnership with Proofpoint is the latest example of Stellar Cyber delivering on its Open XDR strategy to provide customers turn-key integrations that improve productivity and threat detection.” “Email attacks remain the number one entry point into an organization, and the level of sophistication of these attacks continues to grow exponentially,” said D.J. Long, Vice President, Strategic Alliances & Business Development, Proofpoint. “We’re thrilled to work with Stellar Cyber on this strategic alliance to help customers protect against advanced email-based threats and unify their cybersecurity defense.” Through this alliance, Stellar Cyber and Proofpoint give security teams an advantage over attackers, resulting in the following: Real-time threat signals exchanged for proactive detection Correlation of Proofpoint alerts across the entire attack surface Automated response actions for immediate threat containment About Stellar Cyber Stellar Cyber’s Open XDR Platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill level to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

Data Security

Rubrik Chosen by Carhartt to Drive Complete Cyber Resilience

Rubrik | January 10, 2024

Rubrik, the Zero Trust Data Security™ company, today announced that America’s premium workwear brand Carhartt has consolidated multiple legacy backup tools with Rubrik Security Cloud to achieve cyber resilience. After moving to Rubrik, Carhartt realized more than 50 percent in monthly cost savings, while significantly improving its data security capabilities. “Data resilience is key to the continued security and success of our business. We work hard to ward off intruders but we have to operate on the assumption that they will find a way in,” said Michael Karasienski, cloud platforms manager at Carhartt. “Rubrik Security Cloud restores data fast and without fail for both our cloud and on-premises environments. Rubrik plays a key role in building trust in our system with secure protocols and access controls; it isn’t just a data security solution, it’s peace of mind for our brand.” Established in 1889, Carhartt has a rich heritage of developing rugged products for workers on and off the job. The company honors hard work, approaching its business with the same honesty, dependability, and trust that its consumers display day-in and day-out. Prior to Rubrik, Carhartt used a variety of different backup solutions across its operations. After an upgrade of a critical application failed, Carhartt’s administrators discovered that that application data hadn’t been backed up, forcing the team to reconstruct more than two-weeks’ worth of data manually. Furthermore, the Carhartt team discovered malware in backups from its legacy tools, resulting in weeks of searching data sets to manually complete the investigation. With Rubrik Security Cloud, Carhartt’s IT team can now devote more time to other priorities — like business requests, incidents, and reducing technical debt — while saving more than 50 percent in operational costs each month. The company’s IT and Security teams are also collaborating to reduce risk to the organization, zeroing in on malware and tying investigations into its security operations center. “A highly interconnected business like Carhartt is responsible for mountains of sensitive data. Protecting that data is paramount to maintain customer trust and minimize business disruption,” said Anneka Gupta, Chief Product Officer at Rubrik. “Outdated legacy technology was never built with security in mind, so organizations must turn to modernized platforms and zero-trust methodologies to defend their data. With a holistic solution like Rubrik Security Cloud, organizations like Carhartt know their business will be resilient in the face of any cyber threat.” Carhartt utilizes numerous Rubrik products, including Anomaly Detection, Sensitive Data Monitoring, Threat Hunting, as well as its integration with Microsoft Sentinel. About Rubrik Rubrik is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

Read More

API Security

Cequence and Vercara Partner to Combat Cyber Threats and Revolutionize API Security

Cequence Security | January 25, 2024

Cequence Security is proud to announce a new partnership with Vercara, a leading provider of cloud-based services that secure the online experience. This collaboration aims to fortify the cybersecurity landscape by pairing Vercara’s network and application protections with Cequence Security's innovative Unified API Protection (UAP) platform. Security teams encounter substantial hurdles in safeguarding API applications from cyber-attacks, including the rapid development and deployment of API applications across diverse cloud providers. The unmanaged and unprotected nature of these APIs can harbor critical vulnerabilities, making them susceptible to exploitation. Moreover, the lack of a clear and consistent security posture across the application footprint introduces further complexities. To address these challenges, Cequence Security's UAP platform provides a comprehensive discovery of the entire API attack surface, encompassing both external and internal APIs. It ensures compliance with security and governance best practices, eliminating unknown and unmitigated API security risks. Furthermore, the solution offers native real-time inline protection, blocking API attacks before they reach applications. "The absence of API protection puts you at risk of potential theft, fraud, non-compliance, and business disruptions,” said Carlos Morales, SVP Solutions at Vercara. “Our partnership with Cequence combines our collective best-in-class services to address the evolving demands of the cybersecurity landscape, ensuring that businesses can confidently deploy needed applications and successfully navigate the complexities of API security with advanced, holistic protection.” Arun Gowda, VP, Business Development at Cequence Security, said, “In the evolving landscape of cybersecurity, the extensive risk of data compromise in API breaches goes beyond external APIs to internal ones. These often-overlooked internal APIs can access sensitive data not intended for public exposure. APIs have changed the game for attackers, making it imperative to prioritize the security of all assets accessible through APIs, including those not expected to be publicly exposed.” He added, “We are pleased to combine our innovative API security solutions with Vercara's innovative WAF and DDoS services to deliver advanced, holistic API protection. This collaboration reinforces our commitment to provide unparalleled security measures for businesses reliant on APIs.” Cequence Security's UAP platform is unparalleled in addressing all phases of the API security lifecycle. It provides: Discovery: A continuous API attack surface discovery management product that assesses your application footprint, offering a complete inventory of external APIs. Compliance: A security posture management product that identifies security risks in APIs, ensuring compliance with specifications, security test requirements, and governance best practices. Protection: Detects and prevents sophisticated automated API attacks and business logic abuse using advanced machine learning rules, providing real-time protection without relying on third-party components. About Cequence Security Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection across all internal and external APIs to defend against attacks, targeted abuse, and fraud. Requiring less than 15 minutes to onboard an API without requiring any instrumentation, SDK, or JavaScript integration, the flexible deployment model supports SaaS, on-premises, and hybrid installations. Cequence solutions scale to handle the most demanding Fortune and Global 2000 organizations, securing more than 8 billion daily API calls and protecting more than 3 billion user accounts across these customers. To learn more, visit www.cequence.ai. About Vercara Vercara is a purpose-built, global, cloud-based security platform that provides layers of protection to safeguard businesses’ online presence, no matter where attacks originate or where they are aimed. Delivering the industry’s highest-performing solutions and supported by unparalleled 24/7 human expertise and hands-on guidance, top global brands depend on Vercara to protect their networks and applications against threats and downtime. Vercara’s suite of cloud-based services is secure, reliable, and available, delivering peace of mind and ensuring that businesses and their customers experience exceptional interactions all day, every day. Pressure-tested in the world’s most tightly regulated and high-traffic verticals, Vercara’s mission-critical security portfolio provides best-in-class DNS and application and network security (including DDoS and WAF) services to its Global 5000 customers and beyond. For more information, visit vercara.com.

Read More

Spotlight

Events

Resources