Federal Information Security Spending to Reach $12 Billion by 2021, According to Deltek

PR Newswire | December 15, 2016

HERNDON, Va., Dec. 15, 2016 /PRNewswire-USNewswire/ -- According to a new report from Deltek, federal IT security spending will continue to grow despite a relatively flat IT market. Given the growth in scope and sophistication of diverse and persistent threats, security is at the top of most agencies' priority lists. Deltek's GovWin IQ Federal Information Security Market, 2016-2021 report provides analysis of the trends and drivers shaping the federal information security marketplace, and predicts spending growing from $9.3 billion in FY 2016 to $12.0 billion in 2021 at a Compound Annual Growth Rate (CAGR) of 5.3%. The complexity of agency IT environments, the vulnerabilities and challenges of hardening legacy systems, and the breadth of cyber-threats continues to challenge progress in increasing federal cybersecurity. Agencies will continue to look to rely heavily on industry for assistance with a broad scope of solutions and services.

Spotlight

The U.S. has long been at the forefront of defense, but the rise of the Internet age creates serious challenges for the security of our digital information.The infographic below examines which U.S. states have the most public records for miscellaneous security breaches, revealing what areas are most at risk. With California leading the pack in most breaches, it’s safe to say that network security and disaster recovery are two important areas all Golden State businesses should cover, ASAP.


Other News
PLATFORM SECURITY

Resecurity® Brings Cyber Threat Intelligence to Microsoft Azure

Resecurity | July 01, 2022

Resecurity, a cybersecurity and intelligence company, today announced its award-winning cybersecurity threat intelligence and risk monitoring platform is now available on Microsoft's Azure Marketplace. Microsoft's Azure Marketplace is the most comprehensive marketplace on the planet, offering thousands of certified cloud applications and software to over four million active users and subscribers. With cyber-risk ranking as a top concern for CEOs and business owners1, enterprises are looking for additional support to secure and manage the evolving cyber threatscape. More importantly, they're looking for trusted vendors who provide scalable, secure solutions that can work inside existing operating systems. Today, nearly 70 percent of organizations worldwide use Microsoft Azure for their cloud services.2 By joining the Microsoft Azure marketplace, Resecurity's software solutions will be easily accessible to the millions of Microsoft Azure customers needing comprehensive cybersecurity management and monitoring. "Enterprises continue to battle increasing cyber threats emerging from the Dark Web and ransomware groups targeting cloud services. Trusted partners like Microsoft Azure have enabled organizations to confidently bring in the cybersecurity expertise and solutions they need to protect their ecosystems. "Resecurity is dedicated to helping organizations worldwide mitigate these risks with our reliable, scalable and accessible cybersecurity and threat intelligence software." Gene Yoo, CEO of Resecurity Resecurity's AI-powered solutions provide proactive alerts and comprehensive visibility of digital risks targeting the enterprise ecosystem. The innovative platform allows administrators to reduce potential blind spots and security gaps by quickly seeing in-depth analysis and specific artifacts obtained through the dark web, botnets activity, network intelligence and high-quality threat intelligence data. Microsoft Azure users who integrate Resecurity into their cybersecurity strategy will benefit from: Around-the-clock security monitoring of your cloud workloads and enterprise ecosystem, In-depth risk evaluation of the entire enterprise ecosystem (Dark Web, Compromised Accounts, Data Leaks, Network Hygiene, Cloud Security, etc.), A scalable software solution that can monitor a digital footprint of any size (Domains, Network Ranges, Cloud-based Nodes), AI-powered threat intelligence that leverages Rescurity's Dark Web intelligence repositories with over 3.4 billion records and cyber intelligence analysts deployed across all continents, Contextualized risk alerts and data-backed suggested actions to enable a proactive security strategy.Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). About Resecurity Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, Resecurity was named as one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California by Inc. Magazine. An Official Member of Infragard, AFCEA, NDIA, SIA and FS-ISAC.

Read More

DATA SECURITY

DoControl Integrates with Box to Transform SaaS Data Access Security

DoControl | August 03, 2022

DoControl, the automated Software as a Service (SaaS) security company, today announced an expanded integration with Box, the leading Content Cloud, that adds a foundational layer of granular controls to protect sensitive data and provide comprehensive data access security. The solution further secures cross-application, business-critical data, and files accessed by every identity and entity, both internal employees and external collaborators, allowing for content collaboration to be achieved securely. Recent research found that nearly half of enterprise tech leaders find too much time is spent on manually provisioning and managing apps. In addition, it found other pain points around managing SaaS, including a lack of visibility, data exposure, and unmanageable access. DoControl No-Code SaaS Security Workflows Engine supports organizations in mitigating ongoing risk consistently, with the customization level required to effectively balance security with business enablement. "By partnering with Box, we will help customers confidently maintain business continuity and mitigate the risk of data breaches, overexposure, and exfiltration. "Security teams can effectively extend least privilege to the SaaS data layer and utilize a risk-based approach in securing their Box instances through the prioritization of identities that present higher levels of risk." Adam Gavish, CEO and Co-Founder of DoControl "Organizations today need products that are inherently secure to support employees working from anywhere," said Fred Klein, Vice President of Business and Corporate Development at Box. "At Box, we continuously strive to improve our integrations with third-party apps so that it's easier than ever for customers to use Box alongside best-in-class solutions. With today's integration with DoControl, we are taking that mission one step further to enable our joint customers to have more granular security controls over who has access to their business-critical content." Key joint solution capabilities include: Comprehensive asset management: Gain full awareness of every entity that is accessing corporate data within Box to identify what needs to be protected; Real-time monitoring and control: Monitor every user activity in real-time, with self-service tooling to detect and respond to immediate threats; Automated remediation: Establish data access control workflows that are future-proofed, consistently enforced, and allow for secure file sharing between all internal and external users. About DoControl Founded in 2020 and headquartered in New York, DoControl is an automated data access controls platform for SaaS applications, improving security and operational efficiency with ease for enterprises. DoControl is backed by investors Insight Partners, StageOne Ventures, Cardumen Capital, RTP Global and global cybersecurity leader CrowdStrike's early stage investment fund, the CrowdStrike Falcon Fund. The company's leadership team combines product, engineering and sales experience across cybersecurity, enterprise and SaaS innovators.

Read More

SOFTWARE SECURITY

JFrog Advances Software Development Collaboration, Automation, Speed, and Security with New Microsoft Teams App

JFrog | July 12, 2022

JFrog Ltd. , the Liquid Software company and creators of the JFrog DevOps Platform, today unveiled new integrations for JFrog Artifactory - the world's leading binary repository – and its JFrog Xray advanced security solution - with the Microsoft Teams collaboration platform. Available immediately, the JFrog App for Microsoft Teams delivers organization-wide visibility into security and software development events, such as failed builds, security vulnerabilities, or compliance issues. Using the new app, development team members can both assign and execute the tasks required to address issues, accelerating time-to-resolution. "Designing software and keeping it up-to-date has always been a team effort – but the urgency of that collaboration becomes even more important when builds fail or security vulnerabilities strike. “Our goal is to empower developers with solutions that enable efficient, cross-team communications on the platforms they’re already using day-to-day, which is why integrating with Teams was a logical choice. The JFrog App for Microsoft Teams makes it easier for developers to notify and collaborate with the wider business to devise and execute a speedy path to resolution." Stephen Chin, Vice President of Developer Relations, JFrog Many software teams use Teams to collaborate and provide visibility into development events or security vulnerabilities using both public and private group channels, as well as direct messaging. The new JFrog App for Microsoft Teams delivers insight into whether artifacts are being uploaded, moved, copied, or deleted, so developers and their extended team of stakeholders from across the organization can quickly make informed decisions and take action to keep their software pipelines on track and secure. “Microsoft Teams changes the way work gets done. It helps remote colleagues and partners collaborate and stay connected even when they’re working apart – and there are few places where collaboration is as critical to a project’s success as software development,” said Ben Summers, Director, Teams & Microsoft 365 Platform Marketing at Microsoft. “This integration aims to make life easier for developers who are already using Teams for their everyday work to share project or security updates with their extended set of stakeholders in one click.” Other features and benefits of the JFrog App for Microsoft Teams include: Accelerated vulnerability resolution - Integrating JFrog Artifactory and JFrog Xray with Teams significantly decreases the time it takes to resolve development challenges or security issues. Improved collaboration - Developers can use Teams to both delegate action items to extended team members - across departments – and take action on assigned tasks and provide status updates during each phase of the software development lifecycle. Quality assurance – Easily configure JFrog Xray policies and watches to monitor targeted artifact repositories used for test and staging environments, and tag team members on security vulnerabilities and compliance violations through Teams for prompt resolution. About JFrog JFrog Ltd.is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won’t go back

Read More

DATA SECURITY

Netskope Revolutionizes Data Protection with Patented Lightweight, Cloud-Powered Endpoint Data Loss Prevention

Netskope | May 24, 2022

Netskope, the leader in Security Service Edge (SSE) and zero trust,announced a key expansion of data protection capabilities to endpoint devices and private apps. The introduction of a patented endpoint data loss prevention (DLP) solution will enable Netskope Intelligent SSE customers to protect data everywhere it moves across the hybrid enterprise. Zero trust principles are critical to SSE, which describes the security stack needed to enable a modern Secure Access Service Edge (SASE) architecture. Data protection is of utmost importance throughout a SASE architecture—specifically, the need for security to move with data wherever it is accessed, and apply zero trust to determine the right level of access. Additionally, legacy and endpoint DLP offerings have failed enterprises by being siloed, complicated, and intrusive, hindering user productivity. Netskope has been consistently recognized by top industry analysts for its advanced data protection capabilities. With today's continued expansion of the Netskope Intelligent SSE platform, Netskope customers will be able to protect data across SaaS, IaaS, private applications, web, e-mail, and endpoint devices from a single converged data protection solution, leveraging machine learning, user and entity behavior analytics (UEBA), and insider threat mitigation capabilities to improve security efficacy, efficiency, and agility. Notable features of Endpoint DLP include: Context-aware, zero trust data protection on local peripherals and devices, such as USB drives and printers Unified data classification, policy enforcement, and incident management for DLP across SaaS, IaaS, private apps, web, e-mail, and endpoint devices A patented lightweight endpoint agent with cloud-based inspection and contextual data protection policies that enhance the user experience Machine learning and Advanced Analytics to help simplify data classification and policy definition, lowering operational overhead UEBA, which makes it possible to identify and stop complex data loss scenarios such as insider risk, where users are unintentionally or even maliciously abusing their access to data "No SASE or zero trust journey will be successful without data protection capabilities that can address all critical use cases in a way that is easy to deploy and doesn't slow down users, The introduction of Endpoint DLP extends Netskope's award-winning data protection capabilities that much further, to critical use cases with endpoint devices. While some competitors may offer unified policy and management or provide data protection for certain vectors, Netskope is the only vendor that can provide truly converged data protection across the full IT environment. We are very excited to deliver Endpoint DLP to customers as another Netskope game-changer." John Martin, Chief Product Officer, Netskope "With Netskope's new eDLP, we can now offer single-pass data protection —across all vectors, from the cloud to the endpoint —with unified policies, within a single management console," said Mick Coady, Global Vice President CyberSecurity Solutions, World Wide Technology. "As a Platinum Partner in Netskope's Evolve partner program, we're seeing the huge growth opportunity that Netskope's Intelligent SSE approach represents. This new addition will accelerate that growth." A work-from-anywhere, or "hybrid," environment makes it increasingly difficult to maintain security models based on implicit trust in any entity that wants to connect. Zero trust principles enable organizations to govern access to data based on behavior by users, devices, networks, and applications— increasing confidence in policy enforcement everywhere. By evaluating several contextual elements—user identity, device identity and security posture, time of day, geolocation, business role, sensitivity level of the data, and more—the resource itself can determine an appropriate level of confidence, or trust, only for that specific interaction and only for that specific resource. Using Netskope Intelligent SSE with zero trust principles applied throughout the environment, businesses become more agile, reduce risk, and streamline solution deployment and maintenance. "DLP has been extremely complicated and cumbersome, and that's before you factor in cloud, web, email, private apps, and endpoints," said Frank Dickson, IDC Group Vice President, Security & Trust. "Netskope looks to address complexity with integration, providing a unified cloud delivered solution. Compared to old school network and endpoint-based DLP solutions, having DLP in this integrated solution makes it dramatically easier to protect data wherever it may be and in a manner that is frictionless for end users. It is a win-win." About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. The Netskope Intelligent Security Service Edge (SSE) platform is fast, easy to use, and secures people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

Spotlight

The U.S. has long been at the forefront of defense, but the rise of the Internet age creates serious challenges for the security of our digital information.The infographic below examines which U.S. states have the most public records for miscellaneous security breaches, revealing what areas are most at risk. With California leading the pack in most breaches, it’s safe to say that network security and disaster recovery are two important areas all Golden State businesses should cover, ASAP.

Resources