ControlCase | July 11, 2022
ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced its recent partnership with ConnectWise and FifthWall Solutions. Under this partnership, Managed Service Providers (MSPs) can now access the ConnectWise MSP+ security best practices framework from the ControlCase Compliance HubTM platform for both self-assessment and verification by ControlCase. This partnership also provides the rate-quote-bind assistance required for procuring insurance.
ConnectWise’s MSP+ framework is derived from the NIST CSF framework and aims to help MSPs strengthen their cybersecurity program, increase cybersecurity maturity, and ultimately lower their risk of a data breach. MSP+ provides an affordable compliance framework that can be used as the foundation for an MSPs cybersecurity program. The MSP+ program is split into 3 parts:
1. MSP+ Self Assessment – Allows the MSP to access the framework and start implementing controls and closing gaps at their own pace.
2. MSP+ Advanced – Includes assistance with remediation and final verification by ControlCase.
3. MSP+ Mastery – Demonstrates a mature cybersecurity program and is also verified by ControlCase.
“This partnership is a gamechanger for MSPs,” said Mike Jenner, CEO at ControlCase. “Security incidents involving MSPs, and their clients continue to rise. This rise necessitates stringent security controls to be implemented and the MSP+ framework provides a great place for MSPs to start learning about cybersecurity and implementing necessary controls.”
Speaking on the achievement, Raffael Marty, General Manager -Cybersecurity at ConnectWise said “Cyber insurance is a critical element to help partners protect their legacy by building a more cyber-resilient business. This partnership will help MSPs increase their cybersecurity maturity, prepare for and procure insurance; eliminating dozens of steps they and their customers would otherwise have to take.”
The ControlCase Compliance HubTM platform is integrated with ConnectWise Manage. MSPs can complete their MSP+ assessments without ever leaving their PSA. The MSP+ Advanced and Mastery offerings also include real-time compliance status and vital statistics such as risk rating and security milestone planning.
“FifthWall is excited to be the dedicated Cyber Insurance & Risk Management Solution Provider,” said Reid Wellock, President, FifthWall Solutions. “We work with 35+ insurers to limit clients’ cyber exposure and give peace of mind for businesses of any size.” This partnership greatly simplifies MSPs and their clients' access to insurance.”
For more information on this partnership and the related offerings, please contact Kimberly Simon at firstname.lastname@example.org
ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premises and cloud environments. ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP.
About FifthWall Solutions
FifthWall works with 35+ carriers to limit your clients’ cyber exposure and give peace of mind for businesses of any size. With our policies, MSPs and their clients are covered from business interruptions, cyber crimes, and several of the consequences that follow. With breach prevention and response tools, MSPs and their clients avoid risk and minimize impact in the event of a security incident.
DATA SECURITY,NETWORK THREAT DETECTION,PLATFORM SECURITY
Pathlock | September 27, 2022
Pathlock, the leading provider of application security and controls automation for critical business applications, today announced the acquisition of Grey Monarch, a UK-based specialist SAP Partner dedicated to SAP Process Automation. The acquisition will strengthen Pathlock's vision of providing the industry's most complete 360-degree platform for application security and controls automation for the SAP ecosystem.
Since 2008, Grey Monarch has developed expertise in SAP Security, Segregation of Duties, SAP Licence Optimization, SAP Background Processing Automation and Secure Managed File Transfer. With this acquisition, the SAP community will benefit from the very best SAP Process Automation advice, implementation skills, and software and training capabilities, improving levels of security, enhancing their users' experience and streamlining audit, compliance and control procedures.
"It's now more imperative than ever for organizations to utilize a holistic view of user access and privileges so they can be managed, monitored and controlled to ensure the maximum protection of data, business processes and intellectual property," said David Lloyd, Director and Co-Founder, Grey Monarch. "Combining Grey Monarch's capabilities with the Pathlock family of expertise, resources and product portfolio will provide our customers, existing and new, with an unsurpassed visibility into their business applications."
"We're thrilled to complete the acquisition of Grey Monarch. "We continue to see a strong demand for our globally recognized application security and controls automation solutions, and know that with Grey Monarch's specialization in SAP process automation we can continue to enable our global customers to revolutionize the way they secure their sensitive financial and customer data."
Piyush Pandey, CEO of Pathlock
In May 2022, Pathlock announced a $200M capital raise sponsored by Vertica Capital Partners alongside a merger with Appsian and Security Weaver and the acquisition of Belgium-based CSI Tools and Germany-based SAST SOLUTIONS. The company has successfully doubled in size in terms of revenue and employees and is now servicing over 1,400 customers across all major industries on a global scale with offices across the United States, Belgium, the UK, Germany, Israel and India.
Pathlock is the leader in application security and controls automation. With Pathlock, enterprises can manage all aspects of access governance via a single platform, across applications, including user provisioning, ongoing User Access Reviews, segregation of duties, control testing, and audit preparation. Today, many of the world's most respected, global 2000 companies rely on Pathlock to protect their critical digital assets from financial, operational, regulatory and security threats, ensure corporate compliance and improve performance. Our customers have saved millions in employee productivity, labor costs, audit fees and data loss prevention.
DATA SECURITY,SOFTWARE SECURITY
Quad9 | September 22, 2022
Today, Quad9, the leading free recursive DNS service, has joined the Cyber Threat Alliance (CTA) [cyberthreatalliance.org], a global non-profit working to improve the cybersecurity of our global digital ecosystem by enabling near real-time, high-quality cyber threat information sharing among organizations. Quad9 is part of the Contributing Allies program, which involves collaboration on cyber incidents and key cybersecurity topics.
Exchange of expertise and threat intelligence with partners within the Cyber Threat Alliance is indispensable to counter online threats like malware, phishing, identity theft and ransomware.
"As we expand our global reach, Quad9 is committed to working together with other cybersecurity providers through strategic partnerships and alliances. "Joining CTA's Contributing Allies program certainly fits that goal and enables us to engage more frequently with other like-minded organizations as we work together to improve security and privacy for all."
John Todd, General Manager for Quad9
The Domain Name System (DNS) is where malicious domain names can be blocked most effectively preventing users from getting robbed of their money, identity or data. Over the past six years, Quad9 has built its strength developing the best-in-class maximum security and 100% privacy-assured DNS service. In so doing Quad9 has secured its place as one of the most important free cybersecurity providers in the world; protecting many tens of millions of users with servers in almost 100 countries.
"We're excited to have Quad9 as a Contributing Ally," said Michael Daniel, President and CEO of the Cyber Threat Alliance. "They provide great security services and have some unique insights into the flow of data across the Internet. We look forward to working with them to continue improving the security of our digital ecosystem."
Anyone who wants to boost their privacy and security can configure their device to use Quad9's DNS service, which blocks more than 150 million malicious events each day. Quad9's services are available to both individuals and organizations.
Quad9 is a recursive DNS service providing cybersecurity protection against malware and phishing. Quad9 is a Swiss public-benefit foundation which exists for the purpose of improving privacy and security, Quad9 does not collect or resell personal data. Its service is provided to individuals and organizations at no cost and requires no contract. The organization was launched in 2017 and now operates from nearly two hundred locations in ninety countries. Quad9 exists to improve end user protection and privacy worldwide in addition to promoting the stability and security of the Internet.
DATA SECURITY,SOFTWARE SECURITY
Normalyze | August 24, 2022
Normalyze, a data-first cloud security platform, today announced that Corelight, the leader in network detection and response (NDR) technology, has adopted the Normalyze data-first cloud security platform to automate data discovery and classification across all of its cloud data.
Corelight provides security teams with network evidence so they can protect the world's most critical organizations and companies. Corelight's customers include Fortune 500 companies, major government agencies, and large research universities.
Modern data security is so complex that even sophisticated security companies like Corelight require external support to remain diligent and comprehensive in their security strategies. Prior to implementing Normalyze, Corelight struggled with a lack of comprehensive visibility into the locations of their sensitive data and business-technology assets, as well as configurations of their cloud access points.
To get this information, Corelight Chief Information Security Officer (CISO) Bernard Brantley and his team had to manually gather data from the engineering, operations, and application teams, and scour access logs and security and operations dashboards. With Normalyze, Brantley achieved a more comprehensive cloud data security posture.
"Normalyze's data-centric vision mirrored my long-term data security vision perfectly," said Brantley. "That vision is to have comprehensive situational and structural awareness, specifically regarding context, about how that awareness supports better security decision-making. There are two critical questions that Normalyze solves: do I know where everything resides and how the systems are configured? And, do I clearly understand the risks facing that data and those systems? Normalyze gives me the confidence that we have that full visibility."
Following the deployment of Normalyze, Corelight achieved the following:
Identified the locations of Corelight's sensitive data in minutes, and spotted data in areas they did not anticipate. This utilizes the Normalyze Graph and one-pass scanner, which connects all enterprise data with its associated assets, identities, and their access to that data, as well as misconfigurations and vulnerabilities that place data at risk.
Complete compliance profiles that detect personally identifiable information (PII), the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA) to ensure sensitive data never leaves Corelight's cloud environments.
Knowledge when a weakness surfaces that could lead to a data breach with an automatic dispatched service ticket to ensure that situations that place data at risk are fixed swiftly.
"There is no doubt that Corelight is a leader in network detection and requires a reliable, comprehensive and agile infrastructure to scale with the company as it grows. "The Normalyze Platform has been able to go to-to-toe with Corelight's critical cloud infrastructure needs, with the ability to benefit the entire team - from the CISO, to the security engineer, analyst, and DevOps professionals - to discover data, classify its risk and attack paths, and remediate risks."
Amer Deeba, co-founder and CEO at Normalyze
Normalyze is a pioneering provider of cloud data security solutions helping customers secure their data, applications, identities, and infrastructure across public clouds. With Normalyze, organizations can discover and visualize their cloud data attack surface within minutes and get real-time visibility and control into their security posture including access, configurations, and sensitive data to secure cloud infrastructures at scale. The Normalyze agentless and machine-learning scanning platform continuously discovers resources, sensitive data and access paths across all cloud environments. The company is founded by security veterans Ravi Ithal and Amer Deeba and calls Corelight and Netskope to be customers. It is funded by Lightspeed Venture Partners and Battery Ventures.