DATA SECURITY

70% of Financial Organizations Are Concerned About Insider Data Theft During Remote Work

prnewswire | October 27, 2020

Netwrix, a cybersecurity merchant that makes information security simple, today declared monetary market discoveries from its 2020 Netwrix Cyber Threats Report. Netwrix directed this online overview in June 2020 to see how the pandemic and following work-from-home activities changed the IT hazard scene.

Of the apparent multitude of verticals the online study investigated, the money related industry displayed the most extraordinary changes in cybersecurity needs. Worry about VPN misuse soar, with an astounding 94% of respondents naming it a top security hazard. Stress over gracefully chain bargain additionally took off, from half to 97%. The quantity of associations organizing intentional information burglary dramatically increased, from 30% pre-pandemic to 70% now, while worry about incidental information sharing dropped from 80% to half.

Notwithstanding this expanded worry about vindictive action, the most generally detailed occurrences included human blunders: 48% of respondents had clients succumb to phishing assaults in the initial hardly any months of the pandemic, 31% endured ill-advised information sharing, and 28% experienced episodes brought about by administrator botches.

Different discoveries of the overview include:

30% of monetary associations feel they are at more prominent cybersecurity hazard now than they were pre-pandemic. The lion's share (64%) are worried about both more regular cyberattacks and the security holes brought about by far off work.

14% of respondents announced a flexibly chain bargain since the pandemic started. Despite the fact that this function is viewed as a basic danger by practically all monetary associations now, the casualties were especially delayed in distinguishing it: 76% required days, weeks or months.

Uncertain information sharing took the longest to recognize: 51% expected days to hail the episode, while 19% required weeks and 11% required months.

"In the money related area, worry about pernicious admittance to touchy information soar in the initial hardly any months of the pandemic, more so than in some other vertical. Notwithstanding, most of occurrences at budgetary associations during that period were really brought about by the human component. To limit both malevolent and unintentional information misfortune, this industry should notice cybersecurity specialists, who suggest consolidating normal end-client preparing with adaptable arrangements that can proactively distinguish and secure touchy information and spot assaults before they become breaks," said Ilia Sotnikov, VP of Product Management at Netwrix.

About Netwrix

Netwrix makes information security simple, in this way disentangling how experts can control delicate, controlled and business-basic information, paying little heed to where it lives. In excess of 10,000 associations overall depend on Netwrix answers for secure delicate information, understand the full business estimation of big business content, pass consistence reviews with less exertion and cost, and increment its efficiency groups and information laborers.

Established in 2006, Netwrix has acquired in excess of 150 industry grants and been named to both the Inc. 5000 and Deloitte Technology Fast 500 arrangements of the quickest developing organizations in the U.S.

Spotlight

SMBs are in need of more robust solutions to back up their business-critical data due to limited financial and IT resources. Sorting through all the solutions available is not the easiest task so what exactly should you look for in a backup solution? Access this e-book to learn the 6 important criteria that SMBs should consider when choosing a backup solution, including comprehensiveness, ease of use, recoverability, performance, and more.


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Palo Alto Networks 5G-Native Security Now Available on Microsoft Azure Private Multi-Access Edge Compute

Palo Alto Networks | September 26, 2022

Palo Alto Networks, a Microsoft Azure private MEC ecosystem partner, today announced availability of VM-Series Virtual Next-Generation Firewall (NGFW) technology on the Azure Marketplace. Delivering end-to-end Zero Trust security at the enterprise edge, VM-Series virtual firewalls can now extend best-in-class NGFW capabilities to help protect Azure private MEC applications, providing centralized defense against cyberattacks. Azure private MEC combines network functions, applications and edge-optimized Azure services managed from the cloud to deliver high-performance, ultra-low-latency 4G/5G private wireless solutions that address the modern business needs of enterprise customers. "Our long-standing partner solutions with Azure and our VM-Series virtual firewalls have been protecting customer cloud environments for years. "The new VM-Series 5G capabilities enable enterprises to secure mission-critical applications in industry verticals like manufacturing, healthcare, utilities and public sector, all of which demand the latest in private wireless network technology." Prem Iyer, vice president, Ecosystems GSI and CSP, Palo Alto Networks Mobile 5G networks with multi-access edge compute combine AI and cloud technologies to transform enterprises and industries. Customers choose this next-generation mobile technology for its security and reliability, but increasingly sophisticated networks must be safeguarded against a complex and escalating "threatscape." Palo Alto Networks 5G-Native Security on the VM-Series brings advanced Layer 7 security capabilities to help detect and block known exploits, malware, malicious URLs, spyware, and command and control (C2) to 5G-powered edge computing use cases. The VM-Series Next-Generation Firewall enables enterprises to achieve comprehensive security for end-user application traffic that traverses the Azure Private 5G Core, securing edge infrastructure and helping detect and mitigate malicious activity within the user traffic. Key benefits of the solution include: Faster time to market with a fully tested and validated solution. Simpler deployment at scale from the Azure marketplace, facilitating a rapid rollout of NGFWs. Predefined configuration templates for comprehensive zero-day security. The Panorama management solution, integrated with Azure, allows for common management of VM-Series virtual firewalls deployed across all cloud and edge environments from a single console and provides centralized visibility and actionable insights into network traffic, logs and threats. "We're pleased to add Palo Alto Networks 5G security products to Azure Marketplace and our Azure private MEC ecosystem," said Shriraj Gaglani, general manager, Azure for Operators. "This adds an important option for customers when architecting critical end-to-end security frameworks that underpin Industry 4.0 use-cases built on our Azure private MEC solution." About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

SOFTWARE SECURITY

GuidePoint Security Achieves AWS Security Competency Status

GuidePoint Security | July 27, 2022

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today that it has achieved the Compliance and Privacy distinction in the Amazon Web Services (AWS) Security Competency. This designation recognizes that GuidePoint Security has demonstrated and successfully met AWS’s technical and quality requirements for providing customers with a deep level of consulting services expertise in Compliance and Privacy to help them achieve their cloud security goals. Achieving the Compliance and Privacy distinction in the AWS Security Competency differentiates GuidePoint Security as an AWS Partner that provides specialized consulting services designed to help companies from startups and mid-sized businesses to the largest global enterprises to adopt, develop, and deploy security into their AWS environments, increasing their overall security posture on AWS. To receive the designation, partners must possess deep AWS expertise and deliver solutions seamlessly on AWS. “GuidePoint Security was an original AWS Security Competency launch partner and we are proud to be launch partner yet again for the updated AWS Security Competency program having achieved the Compliance and Privacy distinction,” said Anil Badruddin, Practice Director – AWS Cloud Security, GuidePoint Security. “Our team is dedicated to helping organizations achieve their security goals by combining our in-depth knowledge of technical solutions along with our deep expertise of the powerful security tools AWS provides.” AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise. GuidePoint Security’s distinction for Compliance and Privacy is based on the following attributes: Specialized consulting service offerings including: cloud security assessments, cloud governance, solution design and implementation, and security automation The ability to develop enterprise-wide security playbooks to help organizations mature their cybersecurity programs Deep technical expertise for a wide range of third-party security solution providers and AWS native services to help customers identify, implement, and manage the right solutions for their environment and business Expertise in helping customers ensure Payment Card Industry Data Security Standard (PCI DSS) compliance on AWS (GuidePoint Security is certified as a PCI QSA) About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Keeper Security's Cybersecurity Census Finds U.S. Businesses are Unprepared for Escalation in Cyberattacks

Keeper Security | September 15, 2022

Keeper Security, the leading provider of zero-trust, zero-knowledge and FedRAMP Authorized cybersecurity software, today released findings from its second annual Cybersecurity Census. The report explores insights from IT decision-makers at businesses and organizations across the U.S., revealing that most respondents expect the onslaught of cyberattacks to intensify over the next year, yet 32% lack a management platform for IT secrets–posing a significant risk to organizational security. The 2022 U.S.Cybersecurity Census Report explores the ongoing threats of cyberattacks and the need for cybersecurity investment. The report maps the evolving cybersecurity landscape as hybrid and remote work have transformed businesses over the past two years. According to survey findings, the average U.S. business experiences 42 cyberattacks annually—between three to four each month. Still, fewer than half (44%) of respondents provide their employees with guidance or best practices for governing passwords and access management. IT leaders reveal a lack of preparedness for cyberattacks U.S. businesses face many cyberattacks each year, significantly impacting their organizations. Most respondents agree the total number of attacks will increase over the next year, with 39% predicting the number of successful cyberattacks will also rise. Most organizations in the U.S. believe they're prepared to fend off cyberattacks, with 64% of respondents rating their preparedness at least an eight on a 10-point scale and 28% rating themselves as a 10/10. At the same time, the majority of respondents (57%) say it is taking longer to respond to attacks and only 8% say responses are getting faster. Though most report feeling prepared for attacks, leaders admit their tech stacks lack essential tools. Nearly one-third of respondents (32%) lack a management platform for IT secrets, such as API keys, database passwords and privileged credentials. 84% are concerned about the dangers of hard-coded credentials in source code but 25% don't have software to remove them. More than one-quarter of respondents (26%) said they lack a remote connection management solution to secure remote access to IT infrastructure. With the rise in hybrid work and remote work, this is a significant security gap. This lack of investment in cybersecurity tools is alarming, especially considering the lasting impact of cyberattacks that survey respondents revealed. Nearly one-third (31%) suffered a disruption of partner or customer operations in the wake of a cyberattack and the same percentage experienced theft of financial information. 18% of organizations experienced theft of money, with the average amounting to more than $75,000, while 37% lost $100,000 or more. 23% experienced the inability to carry out business operations. In addition to direct costs, cyberattacks can cause lasting damage to business perception and client trust. More than one-quarter of respondents (28%) suffered reputational damage due to a successful cyberattack and 19% reported losing business or a contract. "The volume and pace at which cyberattacks are hitting businesses is increasing and with that come severe financial, reputational and organizational penalties," said Darren Guccione, CEO and co-founder of Keeper Security. "Leadership must prioritize cybersecurity, enabling their security teams to address rapid shifts in technology and distributed remote work. The impact these shifts have on cybersecurity are both pervasive and extreme. Building a culture of trust, accountability and responsiveness is critical." U.S. businesses must take immediate action against cyber threats Cybersecurity is a pillar of every good business and these findings underscore the need for business leaders to make cybersecurity a part of organizational culture. U.S. business leaders are working to source the necessary talent to stay secure. Nearly three-quarters (71%) of respondents have made new hires in cybersecurity over the past year and 58% say they've increased cybersecurity training. A devastating cyberattack is one stolen password away, but despite this threat, fewer than half (48%) of respondents state they have plans to invest in password management, visibility tools for network-based threats or infrastructure secrets management. Only 44% of respondents provide their employees with guidance and best practices governing passwords and access management. 30% of respondents allow employees to set and manage their passwords and admit that employees often share access to passwords. A mere 26% have a highly sophisticated framework for visibility and control of identity security. Many organizations are considering future investments with 73% of respondents expecting their cybersecurity budgets to increase. However, they face being outmatched by rising external threats and the demands created by existing weaknesses. Cybersecurity in company culture Employees understand the dangers of both external and internal threats. An overwhelming 79% of IT professionals are concerned about a breach from within their organization and 47% have suffered a breach of that nature. As more employees work remotely, businesses must rethink their investments in order to maintain security. In fact, 40% of respondents highlighted remote and hybrid work as a top concern, with rising external threats close behind at 39%. IT leaders themselves admit a lack of transparency in cyber incident reporting within their organizations, with nearly half of respondents (48%) being aware of a cyberattack, but keeping it to themselves. Businesses must foster a sense of trust and transparency in their organizations, creating an open dialogue to recognize the scale of the cybersecurity challenges their organization faces. Only with that recognition can resources be devoted to education and embedding a cybersecurity mindset into the organization's culture. Keeper's 2022 U.S. Cybersecurity Census Report demonstrates that cyberattacks present a profound and ongoing threat. Preventative measures, including investment, education and cultural shifts, are essential for businesses to drive resilience and protect their organizations from cybercriminals. Methodology The report yielded results from 516 IT leaders and decision-makers in businesses across the U.S. About Keeper Security Keeper Security, Inc. ("Keeper") is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity security-related cyberattacks, while gaining visibility and control. Keeper is the leading provider of zero-trust and zero-knowledge security cloud services trusted by millions of people and thousands of organizations for password management, secrets management, privileged access, secure remote infrastructure access and encrypted messaging.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,NETWORK THREAT DETECTION

Radiant Logic Named Winner of 1st Annual Cybersecurity Impact Award

Radiant Logic | August 18, 2022

Radiant Logic, the Identity Data Fabric company, announced today that it has been named the winner of the 2022 Cybersecurity Impact Award for “Best Enterprise Security Solution for Employee and Nth Party Access” from Aite-Novarica Group, a global advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to the Financial Services industry. In its first year, the Cybersecurity Impact Awards program identifies the organizations and vendors pioneering new and disruptive cybersecurity tools and services. Award recipients and their innovations are bringing the financial services industry one step closer to stopping illicit cyber activity. “Our Cybersecurity Impact Awards help CISOs looking for highly innovative solutions that deliver transformative value to the institution,” said John Horn, Cybersecurity Practice Director at Aite-Novarica Group. “Seven judges worked through a rigorous scoring process to select Radiant Logic for this award. Radiant’s unique approach allows CISOs to leverage identity silos across the business, and recreate Identity as a powerful enabler for the workforce, third parties, and customers.” The award winners were selected based on various factors, including innovation, market need, and impact on customer experience and operational efficiency. All entries were considered by a panel of industry expert judges. “We’re thrilled to receive this award in such a competitive category. “RadiantOne has been known over the last twenty years as the technical enabler for solving enterprise-grade security and business challenges; with this award, we’re pleased to be recognized as a strategic investment in the security infrastructure.” Joe Sander, CEO of Radiant Logic After years of inorganic growth, piecemeal identity solutions, and a loss of control due to unplanned remote work, identity sprawl is a reality for most modern enterprises. This sprawl leads to tremendous technical debt, increased risk posture, reduced productivity, and poor decision-making capabilities. RadiantOne’s ability to unify identity data across disparate sources creates an authoritative identity data pipeline, improving security, efficiency, and ease-of-use across the organization. About Radiant Logic Radiant Logic, the enterprise Identity Data Fabric company, helps organizations combat complexity and improve security by making identity data easy to use, manage, and protect. The RadiantOne Platform turns identity data into a strategic asset, enabling organizations to improve decision making, accelerate innovation, and minimize risk. About Aite-Novarica Group Aite-Novarica Group is an advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to hundreds of banks, insurers, payments providers, and investment firms—as well as the technology and service providers that support them. Comprising former senior technology, strategy, and operations executives as well as experienced researchers and consultants, our experts provide actionable advice to our client base, leveraging deep insights developed via our extensive network of clients and other industry contacts.

Read More

Spotlight

SMBs are in need of more robust solutions to back up their business-critical data due to limited financial and IT resources. Sorting through all the solutions available is not the easiest task so what exactly should you look for in a backup solution? Access this e-book to learn the 6 important criteria that SMBs should consider when choosing a backup solution, including comprehensiveness, ease of use, recoverability, performance, and more.

Resources