Data Breach Trends to Evolve in 2016

Infosecurity Magazine | November 30, 2015

Cybercrime is no longer the only concern when it comes to data breaches, and as the landscape continues to evolve, companies must try to stay ahead of the curve and be prepared to respond to any type of security incident. Experian Data Breach Resolution has released its third annual Data Breach Industry Forecast white paper, showing that while some current issues remain relevant, there are a few emerging areas that warrant attention.

Spotlight

"This paper uses a case study approach to help individuals learn about the Critical Controls for Effective Cyber Defense. By developing a scenario built around a ransomware incident, this case study is intended to be a context for students to use in applying the Critical Security Controls against one of the attack methods progressively used by cybercriminals in the past 5 years"


Other News
SOFTWARE SECURITY

Anglepoint Launches New Public Sector Software Compliance Offering

ANGLEPOINT | December 08, 2022

Anglepoint, the leading Software Asset Management (SAM) services provider for the Public Sector and the Global 2000, has launched the Software Supply Chain Security (SSCS) offering. As mandated by Executive Order 14028, federal government agencies must complete a full audit of their software as part of widespread efforts to improve the nation's cybersecurity. The SSCS offering encompasses a pre-packaged suite of tools and support for agency compliance with the new requirements as set forth by the Office of Management and Budget (OMB) in accordance with the National Institute of Standards and Technology (NIST) under publication 800-218. "More than ever before, the government's mission to safeguard information and systems against threats and vulnerabilities sits firmly at the forefront of every agency Chief Information Security Officer (CISO). Anglepoint stands ready to assist Federal agencies in meeting all requirements as specified by the OMB security regulations in accordance with NIST 800-218 within the designated time frames. We are excited to collaborate with government agencies to meet these important milestones." -Philippe de Raet, Anglepoint's Vice President of Business Development for Public Sector clients. SSCS addresses the three major areas of the regulations that agencies must meet, including: 1) completing a software inventory, 2) developing process and training plans, and 3) attaining self-attestation from all software vendors. Anglepoint's Chief Product Officer, Kris Johnson, says, Anglepoint understands the unique security concerns faced by the US government. SSCS was carefully crafted to offer agencies a level of service in achieving compliance with these complicated regulations that is not available anywhere else. Rather than relying on already over-burdened internal teams or a patchwork of outside consultants, Anglepoint's SSCS experts take agencies through each step necessary to achieve compliance while adhering to the quick succession of deadlines. ABOUT ANGLEPOINT: Anglepoint is the leading provider of SAM & ITAM services to the Fortune 500 & Global 2000. Anglepoint's services drive cost optimization, risk mitigation, strategic planning within the cloud, SaaS, enterprise software and hardware estates of complex hybrid IT environments. We deliver comprehensive managed services including SAM strategy, execution, process automation, technology selection and implementation.

Read More

SOFTWARE SECURITY,WEB SECURITY TOOLS,WIRELESS AND MOBILE SECURITY

Airbyte Integrates with dbt Cloud to Bring Together Leading Data Integration and Transformation Technologies

Airbyte | December 07, 2022

Airbyte, creators of the fastest-growing open-source data integration platform, today announced a deeper partnership with dbt Labs, the pioneer in analytics engineering. The partnership now includes a new integration that allows dbt Cloud customers to trigger dbt jobs from directly within Airbyte Cloud. The integration brings together two of the leading open-source products in the data ecosystem, making it simpler than ever to move and transform data, while minimizing the risk of lock-in. Airbyte helps move data from a collection of sources, and dbt helps organize that data for analysis by, for example, consistently defining key business logic or standardizing data structures. “Our companies already share hundreds of users and now they will see the integration of our Cloud products, making it simple to use the two together,” said Michel Tricot, co-founder and CEO of Airbyte. “With partners like dbt Labs, we are building a more open modern data stack to better serve the data community.” “We’re thrilled to deepen this partnership with Airbyte, a company with whom we are aligned regarding the importance of open standards in the data ecosystem. This partnership and integration will help better serve our joint users, customers, and the data community as a whole.” Nikhil Kothari, director of technology partnerships at dbt Labs With its growing community of 10,000 data practitioners and 600 contributors, Airbyte is redefining the standard of moving and consolidating data from different sources to data warehouses, data lakes, or databases in a process referred to as extract, load, and, when desired, transform (ELT). Over the past year and a half, more than 25,000 companies have used Airbyte to sync data from sources such as PostgreSQL, MySQL, Facebook Ads, Salesforce, Stripe, and connect to destinations that include Redshift, Snowflake, Databricks, and BigQuery. Airbyte’s open-source data integration solves two problems. First, companies always have to build and maintain data connectors on their own because most less popular “long tail'' data connectors are not supported by closed-source ELT technologies. Second, data teams often have to do custom work around pre-built connectors to make them work within their unique data infrastructure. dbt Cloud enables data teams to develop faster and collaborate more effectively to build and deploy production-grade data pipelines with version control and CI/CD, pre-production testing and documentation of models, modular SQL modeling, and dependency management built in. dbt Cloud provides a centralized development experience to safely deploy, monitor, and investigate transformation code with a web-based user interface. About Airbyte Airbyte is the open-source data integration leader running in the safety of your cloud and syncing data from applications, APIs, and databases to data warehouses, lakes, and other destinations. Airbyte was co-founded by Michel Tricot (former director of engineering and head of integrations at Liveramp and RideOS) and John Lafleur (serial entrepreneur of dev tools and B2B). The company is headquartered in San Francisco with a distributed team around the world.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Blackpoint Cyber Launches Three Product Features

Blackpoint Cyber | November 11, 2022

Blackpoint Cyber, a leading technology-focused cybersecurity company, has released three product features this fall, as they look ahead to 2023. “I am consistently blown away by the Blackpoint Cyber team. Our desire to improve the security posture for our partners is an ongoing journey as we continue to expand an ecosystem of products which address the needs of MSPs and customers in todays’ dynamic threat landscape. As someone with previous experience in the MSP space, it is refreshing to see how much our team really loves the channel and strives to regularly provide additional value by helping MSPs to secure themselves as well as their customers,” said Justin Weller, Director of Business Development at Blackpoint Cyber. Blackpoint partners can stay ahead of cyberthreats with the following products: Security Configuration Benchmarks for M365 – Vulnerability Mapping to CIS Benchmarks for Cloud Environments CIS foundation benchmark for M365 and Azure provide prescriptive guidance for establishing a secure baseline configuration. Blackpoint has reviewed every control on your behalf and made recommendations on several to harden your customer environments. Now you can compare your security measures to Center of Internet Security Benchmarks directly in the Blackpoint portal. Assess your standing against these internationally recognized security standards and implement the recommended changes to reduce the attack surface in cloud tenants. MDE Vulnerability Report—Security Visibility Unlocked The capabilities of Blackpoint’s product bundle, Blackpoint Response, have grown. With Managed Defender for Endpoint, we've introduced internal vulnerability reporting to help you better assess your customers’ security posture, directly within the portal. The reports include recommendations for remediation and simplify the process to action them. Improvements based on the reports may pertain to expiring certificates, device exposure, or vulnerable software. macOS Agent—The Power of MDR Within Your Mac After many requests from their partner community, due to a lack of true Mac MDR, Blackpoint’s flagship MDR product, SNAP-Defense, is now available to monitor and respond to threats on Apple devices running macOS. As the macOS market share in business settings continues to grow, Blackpoint partners now have the capability to provide protection to those assets. About Blackpoint Cyber Blackpoint Cyber offers the only world-class, nation-state-grade cybersecurity ecosystem serving the MSP community. Using its own software and SOC, Blackpoint’s true 24/7 MDR service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep your and your clients’ networks safe from widespread damage.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY

Wib Raises $16 Million Investment to Accelerate Growth and Tackle Rising API Security Problem

Wib | November 08, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA. API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk. Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. "APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk. Gil Don, CEO and Co-Founder of Wib "What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security." A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach. About Wib Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.

Read More

Spotlight

"This paper uses a case study approach to help individuals learn about the Critical Controls for Effective Cyber Defense. By developing a scenario built around a ransomware incident, this case study is intended to be a context for students to use in applying the Critical Security Controls against one of the attack methods progressively used by cybercriminals in the past 5 years"

Resources