COVID-19 Pandemic Moves Organizations to Increase Cybersecurity Spending

Cisco | May 22, 2020

  • Coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions.

  • The challenge for many organizations is continuing to accomplish their security must-dos with significantly less resources.

  • It’s important for security providers to understand that their goal is to help an organization maintain security continuity during this period, not to replace their teams long term.


With coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions. According to a LearnBonds.com report, besides boosting their cybersecurity spending, as the top IT priority this year, around 55 percent of major organizations will boost their investments in automation solutions, revealed HFS Research survey conducted in April. Smart analytics, hybrid or multi-cloud and artificial intelligence follow, with 53 percent, 49 percent and 46 percent of those bodies asked naming them as their leading IT investments this year. The statistics show spending on augmented and virtual reality technology, blockchain and edge computing is under pressure this year, with just 32 percent, 30 percent and 27 percent of enterprises planning to increase their spending on these technologies in 2020.


Though recent years have witnessed a surge in the use of artificial intelligence, helping businesses to improve their efficiency, quality and speed, statistics show artificial intelligence solutions are set to witness a massive drop in spending this year, with 23 percent of major enterprises planning to cut their investments on these technologies. Blockchain follows with an 18 percent share among those asked downsizing their IT budgets. However, data revealed IT vendors are much more optimistic about their clients spending on AI technology, with 59 percent of respondents expecting increased investments this year. Jack Mannino, CEO at nVisium, says, “The challenge for many organizations is continuing to accomplish their security must-dos with significantly less resources.



Learn more: SINGLE LAYERS OF SECURITY AREN’T ENOUGH TO PROTECT YOUR ORGANIZATION’S DATA .
 

"Employees working from home are using their personal mobile devices to connect to home networks, which means traditional perimeter-based security tools no longer provide visibility or control for security teams. CISOs are adapting to provide endpoint security to all devices in this new normal, to enable teams and organizations to get back to business."

~ Cisco Team


Relying on a pool of trusted security partners is critical, as niche skills or deep expertise may come from external sources when internal headcount is constrained. Historically, companies have increased their security outsourcing in periods where it’s hard to justify increasing or maintaining internal head count. It’s important for security providers to understand that their goal is to help an organization maintain security continuity during this period, not to replace their teams long term.” Budgets will have more scrutiny than ever before, however, a risk-based approach is still required. Non-essential spending should be pushed back, but it would be foolish to stop mitigating risks in the near term.

"CISOs were focused on endpoint protection for traditional work devices like laptops. In a remote work world, cybersecurity tools must protect all devices employees connected to corporate cloud data - in particular mobile devices,"


Historically, cybersecurity is a sector where spending still occurs, even when the economy dips. There are risks to smaller and emerging firms, but sales revenue and the amount of capital raised provides resilience. To avoid going under, startups must have enough funds to cover operating expenses over the next few months to survive the COVID-19 storm.” Steve Durbin, managing director of the Information Security Forum, cautions about organizations reducing their cyber workforce at a vulnerable time. “It is more likely that businesses will be exposed because they neither have in-house, nor external access to the necessary skills to deliver their business operations with a remote workforce. I don’t see a short term altering of spending, but clearly this will come for many organizations as the COVID-19 crisis continues. It would extremely short sighted for business leaders to reduce cybersecurity staff and budget at a time when the majority of the workforce is critically dependent on cyber to function.


Fausto Oliveira, Principal Security Architect at Acceptto, agrees reducing cybersecurity and IT staff would affect the well-being of systems in place and the security of remote workers. “Losing cybersecurity and IT staff increases the risk of a successful attack during the COVID-19 pandemic and may impair the ability of a company to sustain the large volume of remote workers. MSSPs are certainly a good choice when the financial cost of the cybersecurity function exceeds what the company can afford. I imagine that if the current scenario of personnel working from home remains in place for the long-term, then we will see a surge in the usage of MSSPs to address security gaps and act as a virtual cybersecurity function.” Bob Stevens, Vice President, Americas at Lookout, warns the move to a remote workforce has changed the security attack surface for every organization.


Learn more: HOW CSOS CAN PROTECT USERS FROM PHISHING ATTACKS RELATED TO COVID-19 .
 

Spotlight

Want to protect your hard earned email reputation and brand from phishers and spoofers? Not sure where to start or do you find DMARC implementation confusing and time consuming? The Getting Started with DMARC guide will tell you everything you need to know about DMARC and how to quickly get up and running.


Other News
DATA SECURITY,SOFTWARE SECURITY

Corelight Selects Normalyze As Its Primary Cloud and Data Security Platform

Normalyze | August 24, 2022

Normalyze, a data-first cloud security platform, today announced that Corelight, the leader in network detection and response (NDR) technology, has adopted the Normalyze data-first cloud security platform to automate data discovery and classification across all of its cloud data. Corelight provides security teams with network evidence so they can protect the world's most critical organizations and companies. Corelight's customers include Fortune 500 companies, major government agencies, and large research universities. Modern data security is so complex that even sophisticated security companies like Corelight require external support to remain diligent and comprehensive in their security strategies. Prior to implementing Normalyze, Corelight struggled with a lack of comprehensive visibility into the locations of their sensitive data and business-technology assets, as well as configurations of their cloud access points. To get this information, Corelight Chief Information Security Officer (CISO) Bernard Brantley and his team had to manually gather data from the engineering, operations, and application teams, and scour access logs and security and operations dashboards. With Normalyze, Brantley achieved a more comprehensive cloud data security posture. "Normalyze's data-centric vision mirrored my long-term data security vision perfectly," said Brantley. "That vision is to have comprehensive situational and structural awareness, specifically regarding context, about how that awareness supports better security decision-making. There are two critical questions that Normalyze solves: do I know where everything resides and how the systems are configured? And, do I clearly understand the risks facing that data and those systems? Normalyze gives me the confidence that we have that full visibility." Following the deployment of Normalyze, Corelight achieved the following: Identified the locations of Corelight's sensitive data in minutes, and spotted data in areas they did not anticipate. This utilizes the Normalyze Graph and one-pass scanner, which connects all enterprise data with its associated assets, identities, and their access to that data, as well as misconfigurations and vulnerabilities that place data at risk. Complete compliance profiles that detect personally identifiable information (PII), the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA) to ensure sensitive data never leaves Corelight's cloud environments. Knowledge when a weakness surfaces that could lead to a data breach with an automatic dispatched service ticket to ensure that situations that place data at risk are fixed swiftly. "There is no doubt that Corelight is a leader in network detection and requires a reliable, comprehensive and agile infrastructure to scale with the company as it grows. "The Normalyze Platform has been able to go to-to-toe with Corelight's critical cloud infrastructure needs, with the ability to benefit the entire team - from the CISO, to the security engineer, analyst, and DevOps professionals - to discover data, classify its risk and attack paths, and remediate risks." Amer Deeba, co-founder and CEO at Normalyze About Normalyze Normalyze is a pioneering provider of cloud data security solutions helping customers secure their data, applications, identities, and infrastructure across public clouds. With Normalyze, organizations can discover and visualize their cloud data attack surface within minutes and get real-time visibility and control into their security posture including access, configurations, and sensitive data to secure cloud infrastructures at scale. The Normalyze agentless and machine-learning scanning platform continuously discovers resources, sensitive data and access paths across all cloud environments. The company is founded by security veterans Ravi Ithal and Amer Deeba and calls Corelight and Netskope to be customers. It is funded by Lightspeed Venture Partners and Battery Ventures.

Read More

DATA SECURITY,SOFTWARE SECURITY

Rubrik Surpasses $400 Million in Subscription ARR and Launches Rubrik Zero Labs, Data Threat Research Unit to Help Combat Global Cyber Events

Rubrik | September 01, 2022

Rubrik, the Zero Trust Data Security™ Company, today announced it surpassed $400 million in software subscription annual recurring revenue (ARR) to date, growing over 100 percent year over year. The company has achieved a net dollar retention rate greater than 140 percent based on its ability to retain customers and expand within the customer base. Today, over 4,500 customers around the world and across multiple industries rely on Rubrik to help them secure their data and keep their business running, including BMO Financial Group, Citigroup, Estee Lauder, Fiserv, The Home Depot, and many others. The company also announced the launch of Rubrik Zero Labs, Rubrik’s new cybersecurity research unit to analyze the global threat landscape, report on emerging data security issues and give organizations research-backed insights and best practices to secure their data against the increasing threat of cyber events. “There is no industry, government, or company that is immune to cyberattacks. These threats continue to increase in volume and sophistication and have the power to bring entire organizations to their knees. “We are striking a chord with organizations globally because they need a better strategy to protect their data. With Rubrik, they are better able to secure their business from ongoing cyber events.” Bipul Sinha, CEO and Co-Founder of Rubrik Cybersecurity Veteran Steven Stone Joins as Head of Rubrik Zero Labs Today Rubrik announced it has named Steven Stone as the Head of Rubrik Zero Labs. Stone will lead Rubrik’s new data threat research unit to uncover real-world intrusions from a range of threats including espionage-based data breaches to ransomware attacks, and to inform customers and partners of the best ways to proactively address risk in their business operations. He has over 15 years of experience in threat intelligence with roles in the U.S. military, intelligence community, and private sector, including Mandiant/FireEye and IBM. Most recently, he was Vice President of Adversary Operations at Mandiant, leading global teams who were responsible for adversary hunting, attribution, and data collection efforts. “Data and insights are critical for understanding, responding, preventing, and recovering from cyber events. In many cases, the data aspects are the least understood across the threat landscape, and we want to close this delta. Comprehensive threat intelligence will enable organizations to make informed decisions so they can be prepared for a full swath of cyber threats,” said Stone. “I’m thrilled to pioneer the data threat intelligence unit at Rubrik and help to deliver valuable insights to our customers and the cybersecurity industry so that together we can stay ahead of the evolving data threat landscape.” Additional Milestones: Rubrik has also achieved a number of recent industry recognitions, landmark accomplishments, and launches including: Launched Rubrik Security Cloud to secure customers’ data wherever it lives across enterprise, cloud, and SaaS while delivering data resilience, data observability, and data recovery Grew the leadership team by appointing Mike Mestrovich as Chief Information Security Officer (CISO), following his role as CISO at the Central Intelligence Agency (CIA). Appointed Chris Krebs — former director of the U.S. Cybersecurity and Infrastructure Agency (CISA) — as Chair of Rubrik’s new CISO Advisory Board, where he will assemble some of the nation’s top CISOs to facilitate information exchange and thought leadership in data security. Rubrik also named Ghazal Asif, who previously served as Google’s Head of Channel for EMEA, as Head of Global Partners and Alliances Named a Leader in the 2022 Gartner® Magic Quadrant™ for Enterprise Backup and Recovery Software Solutions, positioned the furthest overall in Completeness of Vision for third year in a row Rubrik ranked amongst highest scoring 3 vendors for all Use Cases in 2022 Gartner® Critical Capabilities™ for Enterprise Backup and Recovery Software Solutions for 2 consecutive years Received numerous industry accolades, including placement on the Forbes Cloud 100 for the sixth year in a row, and distinction as winner of the Global InfoSec Awards as Hot Company in Data Security About Rubrik Rubrik is a cybersecurity company, and our mission is to secure the world’s data. We pioneered Zero Trust Data Security™ to help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

Read More

PLATFORM SECURITY

Talon Cyber Security Announces $100M in Series A Funding to Redefine Security for the Future of Work

Talon Cyber Security | August 04, 2022

Talon Cyber Security, the leading secure enterprise browser provider, today announced $100 million in Series A funding, led by Evolution Equity Partners, with participation from Ballistic Ventures, CrowdStrike’s Falcon Fund, Merlin Ventures, SYN Ventures and previous investors CrowdStrike co-founder and CEO George Kurtz, Lightspeed Venture Partners, Sorenson Ventures and Team8. The funds will be used to accelerate go-to-market efforts to meet the increasing global demand for Talon’s secure enterprise browser, TalonWork, and deliver new product enhancements to continuously improve security for modern workforces. As organizations have embraced distributed work for employees and contractors, the reliance on SaaS applications has risen, and security needs have evolved drastically. The traditional ways of enabling secure access to enterprise applications are complex, expensive, and put organizations at risk. The TalonWork browser simplifies security by allowing secure access to corporate applications and data on any device, managed or unmanaged, and on any operating system. With Talon, security teams benefit from deep visibility into browser and application activity, as well as native security features like authentication, data loss prevention and Zero Trust controls. Based on Chromium, TalonWork delivers the consistent and familiar user experiences expected by today’s workers, fostering productivity across the enterprise. “We have built the team and technology to redefine and power security for the future of work – a future where security is delivered naturally through the enterprise’s most heavily-used application: the browser. “The world and the applications the largest organizations rely on are moving to the web, creating an extensive need for a vehicle that can provide secure access without changing the way work is conducted. This new funding will allow us to continue to show why that vehicle is Talon’s secure enterprise browser.” Ofer Ben-Noon, co-founder and CEO, Talon Cyber Security Co-founded by Ben-Noon and CTO Ohad Bobrov, Talon was named the winner of the Innovation Sandbox Contest at RSA Conference 2022, and has demonstrated unrivaled market and technical leadership since launching the industry’s first secure enterprise browser in October 2021. The company’s recent momentum includes numerous customer deployments at large organizations, the release of the industry’s first secure enterprise browser for mobile devices, and established partnerships with the two leaders in endpoint security: CrowdStrike and Microsoft. The round includes the conversion of $17 million in SAFE (Simple Agreement for Future Equity) investments announced earlier this year into A round shares, bringing Talon’s total amount raised to over $126 million. As part of today’s announcement, Richard Seewald, Founder and Managing Partner of Evolution Equity Partners, is joining Talon’s board of directors. “In cybersecurity, the word innovative gets thrown around often, but with Talon, it is a perfect descriptor,” said Richard Seewald, Founder and Managing Partner, Evolution Equity Partners. “I have never seen a company create and lead a category with such authority, and experience such impressive traction with customers so quickly. Talon has the potential to become one of the leading companies in the broader security industry, and it’s an honor to help them on their journey.” “Today’s threat environment is complex, but an organization’s approach to security should not be,” said George Kurtz, co-founder and CEO, CrowdStrike. “By delivering enterprise-grade security through the TalonWork browser, Talon makes security simple and effective for its customers.” “When we launched Ballistic, we made it our mission to find and partner with companies that have the technology and what it takes to change the trajectory of cybersecurity, and Talon fits this bill perfectly,” said Jake Seid, co-founder and General Partner, Ballistic Ventures. “The browser has fundamentally become the most important tool for today's workforce. Talon’s secure enterprise browser does something few security products do. It offers the trifecta of strong security, seamless end-user experience, and low cost and complexity for the enterprise. Talon’s team and solution are some of the strongest I have ever come across, and this financing will help propel the company to new heights.” “From my time as a CISO and now as an investment partner for leading security companies, I have evaluated countless technologies,” said Jay Leek, co-founder and Managing Partner, SYN Ventures. “The widespread problem that Talon addresses and the time to value of its technology is beyond impressive – it's a game changer. I’m thrilled to have the opportunity to work with the company and help accelerate its growth.” About Talon Cyber Security Talon Cyber Security is modernizing security programs and improving user experiences for hybrid work by delivering the first secure enterprise browser. Built on Chromium, the TalonWork browser provides customers with the consistent user experiences, deep security visibility, and control over SaaS and web applications needed to simplify security for the future of work. Talon was named the Most Innovative Startup of 2022 at the prestigious RSA Conference Innovation Sandbox Contest.

Read More

DATA SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

DartPoints Launches Enhanced Managed Detection and Response (MDR) Security Solution

DartPoints | September 21, 2022

DartPoints®, the leading edge digital infrastructure provider, launches its updated managed detection and response (MDR) product, which combines MDR, endpoint detection and response (EDR), security orchestration, automation and response (SOAR), and extended detection and response (XDR) into one complete solution with support and monitoring by DartPoints experts. With ransomware and other cybersecurity incidents striking more than ever, DartPoints' MDR solution quickly detects threats 24x7 across endpoints, network, cloud, and SaaS applications. "Executives and security leaders know they need a multi-layered cybersecurity strategy that combines MDR, EDR, SOAR, and XDR solutions, but increasingly, they don't have the in-house resources to make that happen. "Plus, with the hundreds of tools and providers on the market, analysis paralysis sets in. We are proud to help our clients by bringing these best-in-class security vendors and technologies together into one comprehensive, airtight solution." Brad Alexander, CTO for DartPoints DartPoints' enhanced MDR offering addresses many weaknesses in legacy antivirus and security solutions, including the overwhelming high volume of alerts and false positives. Offering advanced threat detection, continuous threat hunting, and 24x7 monitoring and investigations, the solution is built for high-risk, compliance-sensitive verticals, including finance, government, manufacturing, education, and healthcare. Organizations with compliance, standard, or framework requirements, those looking to obtain or renew cyber insurance, and those without their own security operations center will find the enhanced product especially beneficial. Outlined in Accenture's State of Cybersecurity Resilience 2021 report, a global survey of nearly 4,800 executives found an average of 270 cyberattacks per company in 2021, a jump of 31% compared with the previous year. Meanwhile, ransomware attacks nearly doubled in 2021. IBM's latest Cost of a Data Breach Report finds that the average cost of a data breach is at an all-time high in 2022: $4.35 million. About DartPoints DartPoints is the leading digital infrastructure provider enabling next-generation applications at the edge. By weaving together cloud, interconnection, colocation, and managed services, DartPoints enables edge ecosystems for enterprises, carriers, and cloud and content providers. DartPoints is building tomorrow's distributed digital infrastructure while serving today's cloud and colocation needs — and helping to bridge the digital divide.

Read More

Spotlight

Want to protect your hard earned email reputation and brand from phishers and spoofers? Not sure where to start or do you find DMARC implementation confusing and time consuming? The Getting Started with DMARC guide will tell you everything you need to know about DMARC and how to quickly get up and running.

Resources