DATA SECURITY

Cohere Cyber Secure and SecurityScorecard Partner to Improve Cybersecurity of Financial Sector

Cohere Cyber Secure and SecurityScorecard | September 24, 2021

Cohere Cyber Secure today announced a partnership with SecurityScorecard, the global leader in cybersecurity ratings, to deliver cyber ratings to customers and jointly drive market penetration with a single integrated solution. These include the most recognized companies globally across financial services, including various groups surrounding Registered Investment Advisors of Real Estate, Private Equity, Portfolio Managers, Hedge and LBO funds. As part of the partnership, Cohere will embed SecurityScorecard's monitoring capabilities into our security operations via Cohere's SIEM technology to continuously monitor and mitigate potential cyber threats, both on-premise and in the cloud.

"Financial organizations are the biggest target for cyber criminals, and security teams need a comprehensive and compliant cybersecurity strategy that provides in-depth intelligence," says Aleksandr Yampolskiy, CEO at SecurityScorecard. "This partnership provides real actionable insights into the real-time threats facing financial organizations, and ensures that they will maintain the strongest possible security posture and conform to industry compliance standards."

The combined solution from Cohere delivers a 360-degree view and addresses critical security concerns including vulnerability assessment and risk management, threat detection with real-time monitoring, incident response, and regulatory reporting. Partnership customers can review their SecurityScorecard rating and extend this support to their portfolio and vendor firms. This complete solution allows for continuous monitoring that provides an outside-in view into security practices, ensuring that organizations can continue to provide their clients the most secure financial services. Additionally, as a tightly-coupled solution, customers can generate comprehensive monthly or on-demand Cyber health reports for governance boards and regulators.

Security organizations are often hamstrung by only looking within their cyber borders with an inside-out view into their vulnerabilities, and often have to break up monitoring tools with multiple outside vendors. Investors, customers, regulators, CISO's and compliance officers can rest easier knowing our solution keeps your company safe and secure.

Steven Francesco, Chairman and CEO at Cohere Cyber Secure

Scoring more than 11 million companies continuously and on a daily basis, SecurityScorecard provides an objective, outside-in view of cyber risk based on publicly-available data. In addition, the company's technology uses non-intrusive proprietary methods and data feeds continuously monitor covered entities based on 10 risk factors, including endpoint security, patching cadence, and network security, and ultimately delivers an "A" through "F" rating.

About Cohere Cyber Secure
Cohere Cyber Secure is a trusted, single-source provider of technology solutions including, Cybersecurity, Cloud Hosting, Managed IT and UCaaS Services. From its New York City headquarters, Cohere maintains data center facilities throughout North America and key global locations. Additionally, Cohere performs cyber protection assessments and advises companies on regulatory compliance requirements. Our clients include global enterprises that demand high availability, operating diversity and tailored IT solutions. In addition, Cohere's Consulting services provide unparalleled IT expertise that enable strategic planning in Cyber and Compliance Policies, Managed IT and Data Protection Services, Crisis Management/Incident Response, Risk Management and Business Continuity. Cohere's enhanced solutions and dedicated staff simplify the everyday challenges of complex business technologies.

About SecurityScorecard
Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 11 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 22,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Spotlight

Bring your own device (BYOD) is far from a cutting edge term, in fact, it’s been on the table for a while now and it all started with the boss when they bought their nice new shiny toy into work that they got for Christmas and announced this is what they will use from this day forward. It became the universally accepted hall pass for ‘Let’s sidestep the policies we once insisted were important. Never mind that standardisation malarkey, details, details. Let’s not worry about any of that, we have new shiny toys. That’s all that matters’.


Other News
PLATFORM SECURITY

TAC Security Launches the ESOF Vulnerability Prediction Feature

TAC Security | June 13, 2022

TAC Security, a Silicon Valley-based Cybersecurity company, announced the launch of their ESOF Prediction Feature. The Prediction feature allows the organizations to forecast the quantity of new vulnerabilities in an asset for the coming month. The results will be based on the vulnerability specifics from anyone’s most recent scan results for each Asset type. The feature anticipates the ESOF cyber scores of various Asset types present in one’s infrastructure and based on the number, the predicted vulnerabilities are generated. The count of predicted vulnerabilities gets further divided based on severity levels for e.g., Critical, High, Medium and Low. ESOF predicts the number of vulnerabilities in the coming months and generates a cyber score based on that for the coming months. The platform will predict the following - Monthly Prediction of Vulnerabilities. Prediction of ESOF Cyber Score Prediction of Vulnerabilities that can be patched Prediction of Type of Vulnerability(s) ESOF also allows the count of predicted vulnerabilities to be compared to the number of actual vulnerabilities. The representational graphs will contain both the actual count and predictive count of the vulnerabilities for the coming months. “The prediction feature allows security teams to foresee threats and prepare for them. If the security team needs training or resources, knowing in advance allows them to invest time and resources to improve their security processes. ESOF plays an essential role in allowing teams to discover, prioritize and remediate before situation demands, rather than mass efforts like other tools,” said, Trishneet Arora, Founder and Chief Executive Officer, TAC Security. “We are thrilled to take the next step to ensure ESOF becomes Cybersecurity's Future. The Prediction feature is a revolutionary contribution by TAC Security to the ever-evolving Risk and Vulnerability Management market. The ability to foresee threats allows not only the security teams and leaders to be prepared. And gives them the chance to communicate with the whole organization, including the Board Members, so they know what to expect. It allows the organization to be well prepared and plan their resources to strengthen their security processes and reduce the chances of a breach remarkably.” Chris Fisher – CMO, TAC Security This announcement closely follows TAC Security’s recent launch of another new product, ESOF Product CyberScore. The product provides ability to generate risk scores for each product installed in the system. In addition to an individual product risk score for the product on a single asset, there is also a group score that will be based upon all the assets that have the product installed. With the overall product score, they can easily identify the most vulnerable products present in all the assets and prioritize the top 10 most vulnerable products present in the organization. The prediction model is a major stepping stone in TAC Security’s mission of ensuring a cyberscore becomes the next credit score system for organizations to be considered compliant. The ability to forecast upcoming vulnerabilities gives organizations an edge over the adversaries and continues to strengthen the risk posture of their overall IT infrastructure. About TAC Security TAC Security, headquartered in San Francisco, is a global leader in Vulnerability Management that protects Fortune 500 companies, leading enterprises, and governments around the world. TAC Security manages 5+ Million vulnerabilities through its Artificial Intelligence (AI) based Vulnerability Management Platform ESOF (Enterprise Security in One Framework). TAC Security has established strategic partnerships with leading cloud providers and managed service providers and consulting organizations including Tech Mahindra, IBM, KDDI Japan, and distributors including Dataguard Technologies LLC and Ingram Micro.

Read More

DATA SECURITY

Netskope Revolutionizes Data Protection with Patented Lightweight, Cloud-Powered Endpoint Data Loss Prevention

Netskope | May 24, 2022

Netskope, the leader in Security Service Edge (SSE) and zero trust,announced a key expansion of data protection capabilities to endpoint devices and private apps. The introduction of a patented endpoint data loss prevention (DLP) solution will enable Netskope Intelligent SSE customers to protect data everywhere it moves across the hybrid enterprise. Zero trust principles are critical to SSE, which describes the security stack needed to enable a modern Secure Access Service Edge (SASE) architecture. Data protection is of utmost importance throughout a SASE architecture—specifically, the need for security to move with data wherever it is accessed, and apply zero trust to determine the right level of access. Additionally, legacy and endpoint DLP offerings have failed enterprises by being siloed, complicated, and intrusive, hindering user productivity. Netskope has been consistently recognized by top industry analysts for its advanced data protection capabilities. With today's continued expansion of the Netskope Intelligent SSE platform, Netskope customers will be able to protect data across SaaS, IaaS, private applications, web, e-mail, and endpoint devices from a single converged data protection solution, leveraging machine learning, user and entity behavior analytics (UEBA), and insider threat mitigation capabilities to improve security efficacy, efficiency, and agility. Notable features of Endpoint DLP include: Context-aware, zero trust data protection on local peripherals and devices, such as USB drives and printers Unified data classification, policy enforcement, and incident management for DLP across SaaS, IaaS, private apps, web, e-mail, and endpoint devices A patented lightweight endpoint agent with cloud-based inspection and contextual data protection policies that enhance the user experience Machine learning and Advanced Analytics to help simplify data classification and policy definition, lowering operational overhead UEBA, which makes it possible to identify and stop complex data loss scenarios such as insider risk, where users are unintentionally or even maliciously abusing their access to data "No SASE or zero trust journey will be successful without data protection capabilities that can address all critical use cases in a way that is easy to deploy and doesn't slow down users, The introduction of Endpoint DLP extends Netskope's award-winning data protection capabilities that much further, to critical use cases with endpoint devices. While some competitors may offer unified policy and management or provide data protection for certain vectors, Netskope is the only vendor that can provide truly converged data protection across the full IT environment. We are very excited to deliver Endpoint DLP to customers as another Netskope game-changer." John Martin, Chief Product Officer, Netskope "With Netskope's new eDLP, we can now offer single-pass data protection —across all vectors, from the cloud to the endpoint —with unified policies, within a single management console," said Mick Coady, Global Vice President CyberSecurity Solutions, World Wide Technology. "As a Platinum Partner in Netskope's Evolve partner program, we're seeing the huge growth opportunity that Netskope's Intelligent SSE approach represents. This new addition will accelerate that growth." A work-from-anywhere, or "hybrid," environment makes it increasingly difficult to maintain security models based on implicit trust in any entity that wants to connect. Zero trust principles enable organizations to govern access to data based on behavior by users, devices, networks, and applications— increasing confidence in policy enforcement everywhere. By evaluating several contextual elements—user identity, device identity and security posture, time of day, geolocation, business role, sensitivity level of the data, and more—the resource itself can determine an appropriate level of confidence, or trust, only for that specific interaction and only for that specific resource. Using Netskope Intelligent SSE with zero trust principles applied throughout the environment, businesses become more agile, reduce risk, and streamline solution deployment and maintenance. "DLP has been extremely complicated and cumbersome, and that's before you factor in cloud, web, email, private apps, and endpoints," said Frank Dickson, IDC Group Vice President, Security & Trust. "Netskope looks to address complexity with integration, providing a unified cloud delivered solution. Compared to old school network and endpoint-based DLP solutions, having DLP in this integrated solution makes it dramatically easier to protect data wherever it may be and in a manner that is frictionless for end users. It is a win-win." About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. The Netskope Intelligent Security Service Edge (SSE) platform is fast, easy to use, and secures people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

ENTERPRISE SECURITY

DTEX Systems Named to the Enterprise Security Tech Cyber Top 20 List

DTEX Systems | June 18, 2022

DTEX Systems, the Workforce Cyber Intelligence & Security Company™, today announced that it has been named to the Enterprise Security Tech Cyber Top 20 List. The list recognizes the top cybersecurity companies providing the most value to market based on technical product/service innovation, industry analyst recognition, customer testimony, diversity and inclusion initiatives, talent development initiatives, and contributions to the cyber community. “The future of data loss prevention and protection is human-centric, not data-centric. “We’re thrilled to be named to this inaugural list of top cybersecurity companies by Enterprise Security Tech, as it is further testament to the success of DTEX’s innovative, human-centric approach to enterprise security and our team’s continued efforts to expand beyond the capabilities of legacy cybersecurity solutions.” Jonathan Daly, Chief Marketing Officer at DTEX Systems As the first and only Workforce Cyber Intelligence and Security platform to put humans at the center of an organization's cybersecurity matrix, DTEX InTERCEPT offers an innovative approach to data collection and analysis that centers around human activity and intent, providing organizations with the context needed to escalate and remediate an event before malicious insiders attack, or data exfiltration occurs. The InTERCEPT platform brings together the capabilities of Insider Threat Management, User and Entity Behavior Analytics, Digital Forensics, and Behavioral DLP in an all-in-one lightweight, cloud-native platform. Only DTEX InTERCEPT delivers the behavioral context and activity intelligence that answers the Who, What, When, Where, Why and How related to any potential insider threat situation, compromised account event or data loss scenario without invading personal privacy. “The cybersecurity industry is going through an evolution right now,” said Jack Campbell, Editor, Enterprise Security Tech. “The threat landscape is growing at a faster pace than organizations can keep up with - so companies need innovative tools and services that leverage automation and simplification to combat threats at scale. We’re honored to be able to recognize these leaders for the value that they are bringing to the market and their contributions to the fight against cyber threats.” This accolade comes on the heels of two notable industry recognitions from Cyber Defense Magazine (CDM), which named DTEX ‘Most Innovative Data Loss Prevention’ and ‘Publisher's Choice Insider Threat Prevention’ in the 10th annual Global InfoSec Awards. About DTEX Systems DTEX Systems helps hundreds of organizations worldwide better understand their workforce, protect their data, and make human-centric operational investments. Its Workforce Cyber Intelligence & Security platform brings together next-generation DLP, UEBA, digital forensics, user activity monitoring and insider threat management in one scalable, cloud-native platform. Through its patented and privacy-compliant meta-data collection and analytics engine, the DTEX platform surfaces abnormal behavioral “indicators of intent” to mitigate risk of data and IP loss, enabling SOC enrichment with human sensors and empowering enterprises to make smarter business decisions quickly. About Enterprise Security Tech Enterprise Security Tech is a specialized cyber media company with a global presence. The Enterprise Security Tech blog is a cybersecurity blog written for CISOs, CIOs, and security-minded CEOs that brings together critical news, expert insights, and product information to help security leaders make informed business decisions. Enterprise Security Tech is also home to The Cyber Jack Podcast, which brings listeners the latest cybersecurity insights via security experts from around the industry.

Read More

DATA SECURITY

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

HYAS | August 10, 2022

Leading security technology firm HYAS Infosec — whose proactive solutions ensure that businesses can keep moving full forward in our ever-changing world — today announced the general release of its newest product, HYAS Confront, a cybersecurity solution offering complete visibility into every corner of a production environment. HYAS will be demoing Confront at Black Hat USA in Las Vegas from August 8 to August 11. Production environments are increasingly becoming a target for bad actors, as they want their attacks to cause as much disruption as possible. Afterall, if a company’s production environment is rendered inoperable, its ability to generate income is shut down. HYAS Confront addresses this growing issue by giving DevSecOps teams complete visibility into their production environment. HYAS Confront finally gives them a definitive picture of which devices on their network are communicating with one another, which devices are sending traffic outside the network, and how often and to whom they are sending it. HYAS Confront also automatically identifies communication to known command and control servers as well as other risks and threats. “We have gotten an excellent response from our first customers, who began using the service during development and testing. “We are extremely proud of the solution we have brought to market and the vital role it fulfills in providing complete network visibility.” HYAS CEO David Ratner Most cybersecurity solutions on the market today focus on protecting the perimeter of your network, but unfortunately, regardless of the strength of your outward-facing security posture, you will be breached at some point. The numbers bear this out, with 97 percent of companies reporting having experienced a successful cybersecurity breach at some point. However, even if bad actors sneak past your perimeter security, they can’t hide from the foundational network monitoring provided by HYAS Confront. Once deployed, a process that usually takes less than 30 minutes, it establishes a baseline of normal, healthy network traffic. With this data, HYAS Confront can recognize aberrations from normal traffic patterns that could indicate a problem. When such an anomaly is discovered, Confront alerts administrators so they can take appropriate action. But the benefits of full production environment visibility doesn’t end with security. HYAS Confront can also reveal issues like misconfigurations, violations of policies or controls, and incomplete removal of malware after an attack. One of the most difficult aspects of incident response is ensuring that the environment is actually clean again, and HYAS Confront’s visibility can play a vital role in that process. It can also be a useful tool for understanding service assurance. This innovative solution integrates seamlessly with other network management and security infrastructure, working alongside them to enhance the value of these pre-existing investments. This improves overall network health, preventing problems down the road and giving businesses the confidence to move forward at full speed. “Production environments are so critical to a company’s ability to function, and unfortunately, no matter how strong your perimeter is, bad actors will eventually find a way in,” said Ratner. “HYAS Confront’s distinctive ability to detect anomalies within your production environment ensures that even in these cases, you can uncover the problem before it does damage, letting businesses operate confidently and without fear of costly interruptions.” About HYAS HYAS is a valued partner and world-leading authority on cyber adversary infrastructure and communication to that infrastructure. We help businesses see more, do more, and understand more about the nature of the threats they face — or don’t even realize they are facing — in real time. HYAS’s foundational cybersecurity solutions and personalized service provide the confidence and enhanced risk mitigation that today’s businesses need to move forward in an ever-changing data environment.

Read More

Spotlight

Bring your own device (BYOD) is far from a cutting edge term, in fact, it’s been on the table for a while now and it all started with the boss when they bought their nice new shiny toy into work that they got for Christmas and announced this is what they will use from this day forward. It became the universally accepted hall pass for ‘Let’s sidestep the policies we once insisted were important. Never mind that standardisation malarkey, details, details. Let’s not worry about any of that, we have new shiny toys. That’s all that matters’.

Resources