Arceo.ai Adds CJ Pruzinsky to Its Team of Cyber Insurance Experts, Strengthens Cyber Security Risk Capabilities

Arceo.ai | July 17, 2020

Arceo.ai, a cyber risk analytics company that empowers enterprises to better identify, respond to, and recover from cyber risks, continues to grow its team of senior cyber insurance experts to enhance the services and solutions it delivers to the cyber insurance industry. Charles J. "CJ" Pruzinsky, an experienced cyber underwriting executive, has joined Arceo as Executive Vice President and Chief Underwriting Officer for its U.S. operations. Before joining Arceo, Pruzinsky was responsible for managing the Northeastern operations at Beazley Group, based in New York. Prior to Beazley, he held senior underwriting positions at American International Group, where his responsibilities included building out AIG's Midwestern U.S. regional capabilities.

Spotlight

The damaging cyberattacks of the last few years have given business leaders reason to pause and rethink their IT security strategies. In its first State of Dynamic Data Center and Cloud Security in the Modern Enterprise survey and research report, the SANS Institute identified a shift to a new normal for enterprise security—one that involves redefining how to contain and handle attacks.


Other News
DATA SECURITY

DataTribe Announces Fourth Annual Cybersecurity Start-Up Challenge

DataTribe | July 29, 2022

DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today the launch of its fifth-annual DataTribe Challenge. The competition is poised to identify and curate Pre-Series A, high-technology start-ups with a vision to disrupt cybersecurity and data science. Three finalists will split $20,000 in prize money, and one winner will be eligible to receive up to $2 million in seed capital from DataTribe. In 2021, the Challenge had two winners: Quickcode.ai and ContraForce. Quickcode.ai helps non-technical experts build machine learning training data with unprecedented speed and accuracy while ContraForce is the only platform to make comprehensive cybersecurity easy, effective, and accessible for the small to midsize enterprise. “Over the last five years, the Challenge has evolved into an excellent platform for entrepreneurs to not only get exposure and feedback — but to actually fundraise. For the winner, it could take care of their entire seed round. We’re always humbled by the quality of submissions — as founders look over the horizon to chart the future of cyber. The Challenge is a lot of fun and we look forward to working with participants.” John Funge, Managing Director of DataTribe Mike Janke, Co-founder of DataTribe said, “The Challenge is the top cybersecurity startup competition in the world. We are inspired by the founders that participate and the innovations they present. We’re honored to be able to use all the resources we have at DataTribe to co-build with entrepreneurs, giving them an unfair advantage and creating the next generation of market-leading companies.” In June 2021, Synopsys acquired the winner of the 2019 Challenge, Code Dx, a software security testing orchestration, correlation, and prioritization platform. The exit was a demonstration of the Challenge’s ability to draw top cybersecurity solutions, as well as of the success of the DataTribe model of partnering with over the horizon technology coming out of national security agencies. DataTribe invites contestants to join the Challenge who have developed a robust concept and/or initiated development of a minimal viable product (MVP) – i.e., a product developed with sufficient features to entice early adopters. The firm anticipates a strong showing from teams with experience working in national security, defense, national laboratories, or at organizations specializing in cybersecurity and data science R&D. Applicants will have until August 31, 2022 to enter an application. DataTribe will review submissions for technical merit, market potential, and readiness of the team. On October 12, 2022, DataTribe will announce up to three finalists. These teams will then have 3 weeks to refine their pitch and prepare for final judging, with assistance from DataTribe’s team of startup veterans. In a live event, finalists will present a pitch and answer questions from a panel of esteemed judges on November 3, 2022. “Winning the 2021 DataTribe Challenge was a major catalyst in achieving the product and market momentum necessary to grow our customer base,” said Stan Golubchick, ContraForce Co-Founder and CEO. “DataTribe is more than just an investor. Their unique foundry approach is a true partnership, adding the experience, support, and knowledge of successful company-builders to our team.” About DataTribe DataTribe is a startup foundry that invests in and co-builds world-class startups focused on generational leaps in cybersecurity and data science. DataTribe was launched in 2015 with the vision of empowering technologists in the Washington, D.C. region to build and grow successful companies.

Read More

DATA SECURITY

ControlCase Partners with ConnectWise & FifthWall Solutions to Increase MSP Cybersecurity Maturity & Bridge Access to Cyber Insurance.

ControlCase | July 11, 2022

ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced its recent partnership with ConnectWise and FifthWall Solutions. Under this partnership, Managed Service Providers (MSPs) can now access the ConnectWise MSP+ security best practices framework from the ControlCase Compliance HubTM platform for both self-assessment and verification by ControlCase. This partnership also provides the rate-quote-bind assistance required for procuring insurance. ConnectWise’s MSP+ framework is derived from the NIST CSF framework and aims to help MSPs strengthen their cybersecurity program, increase cybersecurity maturity, and ultimately lower their risk of a data breach. MSP+ provides an affordable compliance framework that can be used as the foundation for an MSPs cybersecurity program. The MSP+ program is split into 3 parts: 1. MSP+ Self Assessment – Allows the MSP to access the framework and start implementing controls and closing gaps at their own pace. 2. MSP+ Advanced – Includes assistance with remediation and final verification by ControlCase. 3. MSP+ Mastery – Demonstrates a mature cybersecurity program and is also verified by ControlCase. “This partnership is a gamechanger for MSPs,” said Mike Jenner, CEO at ControlCase. “Security incidents involving MSPs, and their clients continue to rise. This rise necessitates stringent security controls to be implemented and the MSP+ framework provides a great place for MSPs to start learning about cybersecurity and implementing necessary controls.” Speaking on the achievement, Raffael Marty, General Manager -Cybersecurity at ConnectWise said “Cyber insurance is a critical element to help partners protect their legacy by building a more cyber-resilient business. This partnership will help MSPs increase their cybersecurity maturity, prepare for and procure insurance; eliminating dozens of steps they and their customers would otherwise have to take.” The ControlCase Compliance HubTM platform is integrated with ConnectWise Manage. MSPs can complete their MSP+ assessments without ever leaving their PSA. The MSP+ Advanced and Mastery offerings also include real-time compliance status and vital statistics such as risk rating and security milestone planning. “FifthWall is excited to be the dedicated Cyber Insurance & Risk Management Solution Provider,” said Reid Wellock, President, FifthWall Solutions. “We work with 35+ insurers to limit clients’ cyber exposure and give peace of mind for businesses of any size.” This partnership greatly simplifies MSPs and their clients' access to insurance.” For more information on this partnership and the related offerings, please contact Kimberly Simon at ksimon@controlcase.com About ControlCase ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premises and cloud environments. ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP. About FifthWall Solutions FifthWall works with 35+ carriers to limit your clients’ cyber exposure and give peace of mind for businesses of any size. With our policies, MSPs and their clients are covered from business interruptions, cyber crimes, and several of the consequences that follow. With breach prevention and response tools, MSPs and their clients avoid risk and minimize impact in the event of a security incident.

Read More

PLATFORM SECURITY

SentinelOne and Okta Integration Accelerates Incident Response with XDR and Identity Security

SentinelOne | May 31, 2022

SentinelOne, an autonomous cybersecurity platform company, today announced SentinelOne XDR Response for Okta, enabling security teams to quickly respond to credential compromise and identity-based attacks. The integration of SentinelOne’s XDR platform with Okta’s identity management capabilities offers a powerful new solution to accelerate response and minimize enterprise risk. “Attackers exploit endpoint and identity security and access gaps. SentinelOne and Okta are leaders in securing both of these enterprise domains. “Incorporating SentinelOne Singularity XDR into the Okta identity platform improves the contextual awareness of our solution, ensuring that every identity is verified and malicious actors cannot advance laterally in pursuit of high-value targets. With SentinelOne across enterprise attack surfaces and Okta enforcing identity policies, organizations enjoy the best of both worlds in a single solution.” Stephen Lee, VP Technical Strategy & Partnerships, Okta According to the 2022 Verizon Data Breach Investigations Report, 82% of breaches involved the human element including the use of stolen credentials. While there are existing solutions that secure various pieces of the enterprise they are often siloed, causing gaps in visibility and making it difficult to achieve a holistic understanding of an organization’s security posture. “Groupon is on a constant journey of modernization, adopting new and cutting-edge cloud technologies like SentinelOne Singularity XDR and Okta to best protect our employees and customers,” said Ryan Ogden, Director of Information Security, Groupon. “Consolidating context from various tools and automating response force multiplies our team to address the growing scale and speed of threats.” SentinelOne’s StorylineTM observes all concurrent processes across OSs and cloud workloads, providing rich context for any potential endpoint security incident. When a threat is detected, Singularity XDR informs Okta of the last logged-in user for that endpoint and Okta provides identity context from Okta data. By combining XDR and identity context, the joint solution helps security analysts quickly determine who is doing what on which device, significantly reducing the risk of endpoint or identity-based attacks. SentinelOne XDR Response for Okta provides a fully automated remediation process, alleviating the burden on the SOC team and allowing analysts to focus on higher-value tasks. Other key use cases include: Threat Enrichment - automatically enriches threats within Singularity XDR with recent login information via Okta to make security data actionable. User Suspension - terminates active sessions originating from compromised devices to minimize response time for prevention and remediation. Reset Password - forces password resets, preventing SSO-enabled lateral movement across corporate applications. Force Reauthentication - initiates a multi-factor authentication (MFA) workflow within Okta, locking the account until the user re-authenticates with a valid MFA token for identity verification. “Compromising identities and moving laterally to exploit an organization’s ‘crown jewels’ is the blueprint of modern attacks,” said Yonni Shelmerdine, Vice President of Product Management, SentinelOne. “Organizations need robust endpoint protection and visibility into user sessions to respond effectively to malicious activity. With SentinelOne and Okta, enterprises gain enterprise-grade context for effective security operations.” About SentinelOne SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Read More

DATA SECURITY

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

HYAS | August 10, 2022

Leading security technology firm HYAS Infosec — whose proactive solutions ensure that businesses can keep moving full forward in our ever-changing world — today announced the general release of its newest product, HYAS Confront, a cybersecurity solution offering complete visibility into every corner of a production environment. HYAS will be demoing Confront at Black Hat USA in Las Vegas from August 8 to August 11. Production environments are increasingly becoming a target for bad actors, as they want their attacks to cause as much disruption as possible. Afterall, if a company’s production environment is rendered inoperable, its ability to generate income is shut down. HYAS Confront addresses this growing issue by giving DevSecOps teams complete visibility into their production environment. HYAS Confront finally gives them a definitive picture of which devices on their network are communicating with one another, which devices are sending traffic outside the network, and how often and to whom they are sending it. HYAS Confront also automatically identifies communication to known command and control servers as well as other risks and threats. “We have gotten an excellent response from our first customers, who began using the service during development and testing. “We are extremely proud of the solution we have brought to market and the vital role it fulfills in providing complete network visibility.” HYAS CEO David Ratner Most cybersecurity solutions on the market today focus on protecting the perimeter of your network, but unfortunately, regardless of the strength of your outward-facing security posture, you will be breached at some point. The numbers bear this out, with 97 percent of companies reporting having experienced a successful cybersecurity breach at some point. However, even if bad actors sneak past your perimeter security, they can’t hide from the foundational network monitoring provided by HYAS Confront. Once deployed, a process that usually takes less than 30 minutes, it establishes a baseline of normal, healthy network traffic. With this data, HYAS Confront can recognize aberrations from normal traffic patterns that could indicate a problem. When such an anomaly is discovered, Confront alerts administrators so they can take appropriate action. But the benefits of full production environment visibility doesn’t end with security. HYAS Confront can also reveal issues like misconfigurations, violations of policies or controls, and incomplete removal of malware after an attack. One of the most difficult aspects of incident response is ensuring that the environment is actually clean again, and HYAS Confront’s visibility can play a vital role in that process. It can also be a useful tool for understanding service assurance. This innovative solution integrates seamlessly with other network management and security infrastructure, working alongside them to enhance the value of these pre-existing investments. This improves overall network health, preventing problems down the road and giving businesses the confidence to move forward at full speed. “Production environments are so critical to a company’s ability to function, and unfortunately, no matter how strong your perimeter is, bad actors will eventually find a way in,” said Ratner. “HYAS Confront’s distinctive ability to detect anomalies within your production environment ensures that even in these cases, you can uncover the problem before it does damage, letting businesses operate confidently and without fear of costly interruptions.” About HYAS HYAS is a valued partner and world-leading authority on cyber adversary infrastructure and communication to that infrastructure. We help businesses see more, do more, and understand more about the nature of the threats they face — or don’t even realize they are facing — in real time. HYAS’s foundational cybersecurity solutions and personalized service provide the confidence and enhanced risk mitigation that today’s businesses need to move forward in an ever-changing data environment.

Read More

Spotlight

The damaging cyberattacks of the last few years have given business leaders reason to pause and rethink their IT security strategies. In its first State of Dynamic Data Center and Cloud Security in the Modern Enterprise survey and research report, the SANS Institute identified a shift to a new normal for enterprise security—one that involves redefining how to contain and handle attacks.

Resources