DATA SECURITY

Global VM Market Sees Strong Growth Due to Rise in Cyber Threats, Finds Frost & Sullivan

Frost & Sullivan | October 07, 2021

Frost & Sullivan's recent analysis on the Global Vulnerability Management Market finds that enterprises are becoming more vulnerable to cyber-attacks as they embrace digital transformation initiatives. This is due to an expanded attack surface resulting from multiple touchpoints through an open network and easy accessibility to databases and applications. An expanded attack surface has triggered the need for greater investments in vulnerability management (VM) solutions. Given this demand, the global VM market is expected to reach $2.51 billion by 2025, expanding at a compound annual growth rate (CAGR) of 16.3%.

From a regional perspective, North America will continue to dominate the VM market over the forecast period. The recent executive order to improve US cybersecurity is one of the main demand drivers in the region. Europe, the Middle East, and Africa (EMEA) will be the second-largest VM market as a result of regulations such as General Data Protection Regulations (GDPR). Finally, the growing significance of cybersecurity among end-users and rapid digital transformation initiatives encourage organizations to embrace VM in APAC and Central and Latin America.

The COVID-19 pandemic and the resulting work-from-home economy have expanded organizations' attack surface. With organizations adjusting to a new mode of business operations, VM capabilities for emerging platforms and applications will gain traction,In addition, as businesses embrace network-attached endpoints, cloud-based applications, and connected devices, the need for managing vulnerabilities in the extended attack surface will surge.

                                                                                                                                                                                                                                                                                                            Swetha R Krishnamoorthi, Senior Industry Analyst, Cybersecurity at Frost & Sullivan

Swetha added: "Organizations' move toward holistic and focused security will encourage vendors to integrate capabilities from upstream, downstream, and alternative applications. Over the next decade, there will also be a likely emergence of an 'integrated security posture assessment tool' that provides end-to-end risk management for enterprises."

Increased threats amid higher numbers of connected devices and regulatory requirements for organizations to perform regular vulnerability scanning and remediation will present lucrative growth prospects for VM vendors, including:
  • Addressing end-to-end vulnerability management workflow through an integrated platform by having an extensive list of integrations that enable an organization to pull in data from different tools and trigger workflows on other platforms from a single pane of glass.
  • Focusing on emerging economies and identifying local distribution partners and value-added resellers to boost expansion initiatives in emerging markets.
  • Leveraging managed security service providers (MSSPs) as a revenue source to expand the customer base by developing a separate pricing model that works well for both MSSPs and customers, ensuring profitability.
  • Expanding asset-type coverage to a non-conventional environment through strategic partnerships or inorganic deals with operational technology security vendors to hasten the acquisition of capabilities and achieve growth.

Global Vulnerability Management Market, Forecast to 2025 is the latest addition to Frost & Sullivan's Information & Communication Technology research and analyses available through the Frost & Sullivan Leadership Council, which helps organizations identify a continuous flow of growth opportunities to succeed in an unpredictable future.

About Frost & Sullivan
For six decades, Frost & Sullivan has been world-renowned for its role in helping investors, corporate leaders and governments navigate economic changes and identify disruptive technologies, Mega Trends, new business models, and companies to action, resulting in a continuous flow of growth opportunities to drive future success.

Spotlight

This guide makes awareness a simple set of steps and takes down the intimidation barrier. ICC has produced the Cyber security guide for business to reach a broad audience with its over six million members in mind.


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform

SaaS Alerts | September 12, 2022

SaaS Alerts, the cybersecurity company purpose-built for Managed Service Providers (MSPs) to protect and monetize their customers' core business SaaS applications, announced today that it has secured a $22 million growth investment from global software investor Insight Partners to accelerate the growth of its SaaS Security monitoring and response platform. The accelerated rate of SaaS Application adoption by businesses, driven by the need to provide collaboration and productivity tools to remote workforces and for more centralized and tightly controlled business data resources, has elevated awareness and critical concern for major threat vectors and security gaps that exist in SaaS Application security. These security concerns present opportunities for MSPs to better safeguard their clients while offering SaaS security services that drive profitable new revenue streams. SaaS Alerts was designed to help MSPs monitor and protect their customers' usage of today's most popular SaaS applications such as Microsoft 365, Google Workspace, Salesforce, Dropbox and more – and to safeguard against security threats to a business' SaaS environment such as data theft, data that's at risk due to unintentional employee mishaps and actions taken by bad actors. "We couldn't be more excited to partner with Insight Partners and we see their investment in SaaS Alerts as a monumental endorsement for what we have built and what we intend to build as we collaborate going forward. "I'm very proud of our team for reaching this milestone and look forward to working with Insight to continue to build value for our MSP partners and stakeholders." Jim Lippie, CEO of SaaS Alerts "SaaS applications have become essential for businesses of every size and MSPs need the ability to better protect those applications on behalf of their customers. SaaS Alerts has pioneered SaaS security for MSPs and has a clear vision for how detecting and correlating abnormal user behavior can greatly impact the MSP industry," said Philine Huizing, Principal at Insight Partners. "We're excited to partner with SaaS Alerts as the company scales to address this unique opportunity." About SaaS Alerts SaaS Alerts is the cybersecurity company purpose-built for MSPs to protect and monetize customers' core SaaS business applications. SaaS Alerts offers a unified, real-time monitoring platform for MSPs to protect against: data theft, data at risk and bad actors and integrates with the most popular SaaS Applications. Learn more at www.saasalerts.com. About Insight Partners Insight Partners is a global software investor partnering with high-growth technology, software, and Internet startup and ScaleUp companies that are driving transformative change in their industries. As of June 30, 2022, the firm has over $80B in regulatory assets under management. Insight Partners has invested in more than 700 companies worldwide and has seen over 55 portfolio companies achieve an IPO. Headquartered in New York City, Insight has offices in London, Tel Aviv, and Palo Alto. Insight's mission is to find, fund, and work successfully with visionary executives, providing them with practical, hands-on software expertise to foster long-term success. Insight Partners meets great software leaders where they are in their growth journey, from their first investment to IPO.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Sentra Joins Cloud Security Alliance

Sentra | November 04, 2022

Sentra, a cloud data security company, today formally announced that it has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. Backed by Bessemer Venture Partners and Zeev Ventures, Sentra enables security teams to gain full visibility and control of cloud data, as well as protect against sensitive data breaches across the entire public cloud stack. The company was recently recognized by Gartner® as a Sample Vendor for Data Security Posture Management in the Hype Cycle™ report for Data Security 2022.1 "As enterprise cloud adoption has accelerated across industries over the past two years, data security has become an inevitable challenge for all organizations –– Sentra's platform takes the guesswork out of what data needs to be protected. "We look forward to collaborating with CSA's extensive network of industry peers to create a secure cloud environment for all organizations. With Sentra's new North American headquarters in New York City, we're eager to align our product mission and security expertise with CSA's initiatives as we expand our global customer base." Yoav Regev, co-founder and CEO of Sentra "We're excited to welcome Sentra as a member of CSA," said Jim Reavis, co-founder and CEO of the Cloud Security Alliance. "Sentra's visibility-driven data security platform and its founders' decades of cyber security experience are an asset to our organization. We look forward to collaborating with Sentra to increase awareness of the importance of data protection in the cloud." GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About Sentra Sentra is a cloud data security platform that helps organizations discover and remediate the top data security risks in their public cloud. Sentra automatically detects if sensitive data is vulnerable due to misconfigurations, over-permissions, unauthorized access, data duplication or other security issues. The company was founded in 2021 in Tel Aviv, Israel, and has raised $23 million in seed funding to date. The company is now co-headquartered in New York City and Tel Aviv. About the Cloud Security Alliance The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

Balbix | November 17, 2022

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the general availability of support for Google Cloud Platform (GCP). Security teams can now use Balbix to easily quantify, prioritize and mitigate risks in their Google Cloud environments. With this announcement, Balbix has also extended its Cyber Asset Attack Surface Management (CAASM) solution to support multi-cloud environments that span both GCP and Amazon Web Services. The rapid move to the cloud has made IT environments more complex to manage and secure. As a result, security teams struggle to get a consolidated view of risk. Yet, 63 percent of organizations say they look at security posture in the cloud separately from on-premises, according to Cybersecurity Insiders' 2002 State of Security Posture Report. "Our customers' environments can include over 1 million assets, spread across multiple clouds and their own facilities. Managing an attack surface this large is no longer a human-scale problem. "With Balbix's new support for GCP, our customers can use automation to manage cybersecurity posture across more of their environment." Gaurav Banga, Founder and CEO of Balbix Cyber Security Posture Automation for Google Cloud Platform Balbix now provides support for popular Google Cloud services, including Compute Engine, Cloud Storage, Cloud SQL, Google Kubernetes Engine (GKE) Cluster & Deployments, Cloud Functions, Cloud Key Management Service (KMS), Pub/Sub and Secret Manager. As a result, Balbix customers with Google Cloud environments can use automation and advanced analytics to: Get comprehensive, near real-time visibility of their Google Cloud assets. Combine data from Google Cloud with their other IT and security tools to gain security and business context for their assets. Discover misconfigurations – the most exploited attack vector for the cloud – as well as unpatched software vulnerabilities, weak credentials and trust issues. Measure risk in terms of breach likelihood and business impact in order to prioritize remediation. Calculate and report on cyber risk quantified in dollars (or other currencies) instead of risk scores Cyber Asset Attack Surface Management for Multi-Cloud Environments The addition of support for GCP extends Balbix's CAASM solution to multi-cloud environments. Security practitioners no longer need to use multiple tools or combine data manually from these tools in a custom spreadsheet to understand their security posture. They can see the relationships between assets, applications and users no matter where the assets are in the cloud or on-premises. They can also identify any gaps in coverage for security controls. Balbix provides more than just visibility. Unlike other vendors, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) solutions so security teams are able to immediately take action to reduce their cyber risk. They can continuously identify, prioritize and mitigate security issues as they emerge, while quantifying and tracking residual cyber risk in dollars. Daily cybersecurity decisions – operational as well as executive – can be made using a unified and up-to-date view of cyber risk. "By adding support for Google Cloud, Balbix has broadened its risk model to be inclusive of multiple public cloud platforms and allowed organizations to better measure their overall cyber risk," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "Customers can leverage this unified risk model to quantify cyber risk by business unit, geography, site, asset type or business owner – and quickly remediate those risks." The API-based Balbix Connector for Google Cloud Platform collects asset inventory and misconfiguration data and is available now. Visibility into other types of vulnerabilities is provided by optional Balbix sensors. These sensors also catalog the software bill of materials (SBOM) of applications running in GCP. Data collected by Balbix connectors and sensors is automatically deduplicated, correlated and inferenced to provide security teams with an accurate and unified view of risk. About Balbix Balbix enables businesses to reduce cyber risk by identifying and mitigating their riskiest cybersecurity issues faster. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate inventory of their cloud and on-premise assets, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data not opinions.

Read More

DATA SECURITY, ENTERPRISE IDENTITY

SandboxAQ Acquires Cryptosense to Accelerate Delivery of Security Solutions to Global Organizations

SandboxAQ | September 14, 2022

SandboxAQ, an enterprise SaaS company delivering the compound effects of AI and Quantum tech (AQ) to governments and the Global 1000, today announced it has acquired Cryptosense, a leading cybersecurity and encryption analysis software company. SandboxAQ's acquisition comes just weeks after the company unveiled its Strategic Investment Program and initial investment in evolutionQ. The acquisition of Cryptosense complements and accelerates the deployment of SandboxAQ's Post-Quantum Cryptography (PQC) solutions to corporations and government institutions worldwide. SandboxAQ's cybersecurity products enable large enterprises to scale cryptography management across their IT infrastructure, providing CISOs with a single, 360° view of how encryption is used throughout the enterprise – a critical first step in migrating to PQC. This migration to stronger cybersecurity is important for critical infrastructure sectors such as financial services, technology, energy, biopharma, logistics, and government. Cryptosense is used by leading technology and financial services organizations and is a fellow NIST NCCOE partner. The combined customer relationships will help SandboxAQ bring its PQC solutions to market faster and protect these organizations and their customers from existing and emerging quantum threats, such as Store Now, Decrypt Later (SNDL) attacks. "Rapid advances in quantum computing and AI challenge the effectiveness and performance of existing cryptography-based cybersecurity solutions. The combined leadership, talent, and expertise that SandboxAQ and Cryptosense bring to the marketplace accelerates the deployment of more effective cryptography solutions to protect the world against the security threats of today and tomorrow," said Jack D. Hidary, CEO of SandboxAQ. "The caliber of the Cryptosense team is recognized throughout the information security community, with the leadership by Graham Steel and Clément Jeanjean. We welcome Cryptosense to the SandboxAQ family and look forward to our continued success as one company." "The complementary functionality and expertise between Cryptosense and SandboxAQ enables us to build and deliver SaaS solutions at scale with higher touch customer service. PQC implementation is critical to protect the world's sensitive data and together we will make a greater impact." Dr. Graham Steel, Cryptosense founder Cryptosense was advised by Stifel and Hogan Lovells and SandboxAQ was advised by Morgan Lewis. About SandboxAQ SandboxAQ is an enterprise SaaS company, providing solutions at the nexus of AI and Quantum technology (AQ) to address some of the world's most challenging problems. The company's core team and inspiration formed at Alphabet Inc., emerging as an independent, growth-capital-backed company in 2022. About Cryptosense Cryptosense is an enterprise SaaS company that helps organizations identify and catalog the cryptography leveraged within their applications and infrastructure. Some of the largest technology and financial services companies worldwide use Cryptosense for their cybersecurity needs. Cryptosense announced a $4.8 million funding round in May 2021 backed by Amadeus Capital Partners, Elaia Partners and BGV.

Read More

Spotlight

This guide makes awareness a simple set of steps and takes down the intimidation barrier. ICC has produced the Cyber security guide for business to reach a broad audience with its over six million members in mind.

Resources