SOFTWARE SECURITY

Lookout and CipherCloud Together are Ready to Redefine Security from Endpoint to Cloud

Lookout | March 15, 2021

In the current event, Lookout, Inc announced that it had acquired CipherCloud. Lookout, Inc is a leading cybersecurity company. It is now joining hands with CipherCloud, a leading cloud-native security company, operates in the emerging Secure Access Service Edge (SASE) market. They both blaze a new path together to combine and create an integrated endpoint-to-cloud security solution. By this combination, Lookout will be in a unique position to deliver the industry's first end-to-end platform that will secure an organization's entire data path from an endpoint to the cloud. This will later empower customers with a single source of unified policies and provide end-to-end security to accelerate their digital transformation.

CipherCloud solutions are related to several developing SASE categories. This includes Secure Web Gateway (SWG), Zero-Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), and Data Loss Prevention (DLP). Together these solutions will deliver data security, comprehensive visibility, threat protection, and compliance for cloud-based applications. Familiar to this, CipherCloud has already been providing services to many of the world's largest global enterprises and government institutions seeking protection and security through cloud technology.

The purpose of this integrated endpoint-to-cloud security solution is accelerated by the adoption of cloud applications, proliferation of remote users, data transitioning of the corporate data center into the cloud, and more network traffic flowing to public cloud services. To tackle the security challenges caused by the above trends, businesses in this industry need a cohesive platform that can track activity and enforce policies from the endpoint device to cloud-based applications. And the need to stop zero-day attacks on data information across the entire end-to-end path, this integrated solution can fill the gaps immediately, keeping all information secured in one place.

Jim Dolce, CEO of Lookout, highlights this acquisition. Gartner forecasts that the SASE market will nurture at a CAGR of 42% over the next five years and would reach almost $11 billion by 2024. With the acquisition of CipherCloud, Lookout is head-on with the transformation to cloud infrastructure and is in a unique position to deliver value to its customers.

Besides all, the integration of CipherCloud and Lookout technologies will also remove friction, augment usability and convenience, enable user freedom and reduce operational costs compared to a collection of siloed point products. The integrated Lookout platform will authorize a growing number of businesses to deliver critical applications to users working anywhere securely.

Jim Dolce, CEO, Lookout, puts his words expressing his version about this acquisition. He says that "We couldn't be more excited to welcome the CipherCloud team to Lookout. Our two organizations share a common passion for accelerating cloud adoption with cloud-native solutions that secure critical data." Joining hands with CipherCloud is the next phase of our enterprise market expansion. By this, we will be extending our reach from endpoint into cloud, where the applications and data reside. Through this combination, we will deliver endpoint-to-cloud security by keeping elements of our solutions together into a single cloud-delivered offering."

Apart from this, Pravin Kothari, Founder, and CEO, CipherCloud, also speaks, "as a pioneer of the Cloud Access Security Broker market, CipherCloud has allowed organizations worldwide to achieve their digital transformation. Today, we take the exciting next step on the road to SASE by integrating our strengths with Lookout to deliver endpoint-to-cloud security for the modern workforce."

Spotlight

The information security workforce shortfall is widening. In this year’s survey, 62% of the survey respondents stated that their organizations have too few information security professionals. This compares to 56% in the 2013 survey. Also in a shift from the 2013 survey, the reasons for this hiring shortfall are less about money as more organizations are making the budgets available to hire more personnel. Rather, an insufficient pool of suitable candidates is causing this shortfall. These new observations and others generated from this extensive survey (almost 14,000 respondents globally) allowed Frost & Sullivan, for the first time, to estimate the shortfall in the global information security workforce; which we project will reach 1.5 million in five years. This shortfall is the difference between Frost & Sullivan’s projection of the workforce needed to fully address escalating security staffing needs and our workforce projection that accounts for workforce supply constraints (e.g., a tightening labor market among security professionals).


Other News
DATA SECURITY

ControlCase Partners with ConnectWise & FifthWall Solutions to Increase MSP Cybersecurity Maturity & Bridge Access to Cyber Insurance.

ControlCase | July 11, 2022

ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced its recent partnership with ConnectWise and FifthWall Solutions. Under this partnership, Managed Service Providers (MSPs) can now access the ConnectWise MSP+ security best practices framework from the ControlCase Compliance HubTM platform for both self-assessment and verification by ControlCase. This partnership also provides the rate-quote-bind assistance required for procuring insurance. ConnectWise’s MSP+ framework is derived from the NIST CSF framework and aims to help MSPs strengthen their cybersecurity program, increase cybersecurity maturity, and ultimately lower their risk of a data breach. MSP+ provides an affordable compliance framework that can be used as the foundation for an MSPs cybersecurity program. The MSP+ program is split into 3 parts: 1. MSP+ Self Assessment – Allows the MSP to access the framework and start implementing controls and closing gaps at their own pace. 2. MSP+ Advanced – Includes assistance with remediation and final verification by ControlCase. 3. MSP+ Mastery – Demonstrates a mature cybersecurity program and is also verified by ControlCase. “This partnership is a gamechanger for MSPs,” said Mike Jenner, CEO at ControlCase. “Security incidents involving MSPs, and their clients continue to rise. This rise necessitates stringent security controls to be implemented and the MSP+ framework provides a great place for MSPs to start learning about cybersecurity and implementing necessary controls.” Speaking on the achievement, Raffael Marty, General Manager -Cybersecurity at ConnectWise said “Cyber insurance is a critical element to help partners protect their legacy by building a more cyber-resilient business. This partnership will help MSPs increase their cybersecurity maturity, prepare for and procure insurance; eliminating dozens of steps they and their customers would otherwise have to take.” The ControlCase Compliance HubTM platform is integrated with ConnectWise Manage. MSPs can complete their MSP+ assessments without ever leaving their PSA. The MSP+ Advanced and Mastery offerings also include real-time compliance status and vital statistics such as risk rating and security milestone planning. “FifthWall is excited to be the dedicated Cyber Insurance & Risk Management Solution Provider,” said Reid Wellock, President, FifthWall Solutions. “We work with 35+ insurers to limit clients’ cyber exposure and give peace of mind for businesses of any size.” This partnership greatly simplifies MSPs and their clients' access to insurance.” For more information on this partnership and the related offerings, please contact Kimberly Simon at ksimon@controlcase.com About ControlCase ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premises and cloud environments. ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP. About FifthWall Solutions FifthWall works with 35+ carriers to limit your clients’ cyber exposure and give peace of mind for businesses of any size. With our policies, MSPs and their clients are covered from business interruptions, cyber crimes, and several of the consequences that follow. With breach prevention and response tools, MSPs and their clients avoid risk and minimize impact in the event of a security incident.

Read More

DATA SECURITY

DoControl Integrates with Box to Transform SaaS Data Access Security

DoControl | August 03, 2022

DoControl, the automated Software as a Service (SaaS) security company, today announced an expanded integration with Box, the leading Content Cloud, that adds a foundational layer of granular controls to protect sensitive data and provide comprehensive data access security. The solution further secures cross-application, business-critical data, and files accessed by every identity and entity, both internal employees and external collaborators, allowing for content collaboration to be achieved securely. Recent research found that nearly half of enterprise tech leaders find too much time is spent on manually provisioning and managing apps. In addition, it found other pain points around managing SaaS, including a lack of visibility, data exposure, and unmanageable access. DoControl No-Code SaaS Security Workflows Engine supports organizations in mitigating ongoing risk consistently, with the customization level required to effectively balance security with business enablement. "By partnering with Box, we will help customers confidently maintain business continuity and mitigate the risk of data breaches, overexposure, and exfiltration. "Security teams can effectively extend least privilege to the SaaS data layer and utilize a risk-based approach in securing their Box instances through the prioritization of identities that present higher levels of risk." Adam Gavish, CEO and Co-Founder of DoControl "Organizations today need products that are inherently secure to support employees working from anywhere," said Fred Klein, Vice President of Business and Corporate Development at Box. "At Box, we continuously strive to improve our integrations with third-party apps so that it's easier than ever for customers to use Box alongside best-in-class solutions. With today's integration with DoControl, we are taking that mission one step further to enable our joint customers to have more granular security controls over who has access to their business-critical content." Key joint solution capabilities include: Comprehensive asset management: Gain full awareness of every entity that is accessing corporate data within Box to identify what needs to be protected; Real-time monitoring and control: Monitor every user activity in real-time, with self-service tooling to detect and respond to immediate threats; Automated remediation: Establish data access control workflows that are future-proofed, consistently enforced, and allow for secure file sharing between all internal and external users. About DoControl Founded in 2020 and headquartered in New York, DoControl is an automated data access controls platform for SaaS applications, improving security and operational efficiency with ease for enterprises. DoControl is backed by investors Insight Partners, StageOne Ventures, Cardumen Capital, RTP Global and global cybersecurity leader CrowdStrike's early stage investment fund, the CrowdStrike Falcon Fund. The company's leadership team combines product, engineering and sales experience across cybersecurity, enterprise and SaaS innovators.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Barracuda recognized for industry-leading email security and data protection solutions

Barracuda | August 23, 2022

Barracuda, a trusted partner and leading provider of cloud-first security solutions, announced today that it is recognized as an innovator with two prestigious awards for email protection in the 2022 SC Awards and for data protection in the 2022 CRN Annual Report Card (ARC) Awards. 2022 SC Awards Barracuda Email Protection has been recognized as the winner of the Email Protection category in the 2022 SC Awards. Now in its 25th year, the SC Awards are cybersecurity's most prestigious and competitive program. Winners are recognized for outstanding solutions, organizations, and people driving innovation and success in information security. Barracuda Email Protection is a comprehensive, easy-to-use solution that delivers API-based inbox defense, phishing protection, incident response, gateway defense, data protection, and compliance capabilities. "We're thrilled that our solutions were named the best in the Email Protection category this year. "This win recognizes the value of our solutions, including our advanced ML capabilities, which enable our customers to fully automate detection and remediation. At Barracuda, it's our mission to deliver innovative security products that are easy to by, deploy, and use, and we see this award as a sign we are delivering on that." Don MacLennan, SVP of Engineering and Product Management, Email Protection, at Barracuda The 2022 SC Awards received a record 800 entries across 38 categories — a 21% increase over 2021. Entries for the SC Awards were judged by a panel of industry leaders, from sectors including healthcare, financial services, manufacturing, consulting, and education, among others. 2022 CRN Annual Report Card Barracuda was named the overall winner in the Data Protection Software category of CRN's 2022 Annual Report Card award. This award honors the industry's top technology vendors for success in providing high levels of satisfaction for channel partners through innovative products, services, and partner programs. Barracuda not only earned the highest score overall in the category, but also swept the four subcategories: Product Innovation, Support, Partnership, Managed & Cloud Services. With 37 years of history, CRN's ARC Awards recognize best-in-class vendors that are devoted to boosting IT channel growth through innovation in technology and partner strategy. Through the ARC Awards — known as one of the most prestigious honors in the IT industry — solution providers offer key feedback that commends technology manufacturers for designing channel-friendly product offerings, developing strong partner programs, and building long-term successful relationships with solution providers. This win recognizes both Barracuda Cloud-to-Cloud Backup and Barracuda Backup. Barracuda Cloud-to-Cloud Backup provides easy-to-use, cloud-native backup for Microsoft 365 data. Barracuda Backup combines storage, software, and inline deduplication, to ensure data is protected against loss no matter what happens. "We're honored by this recognition, and it is especially meaningful because it is based on input from channel partners," said Bill Fitzgerald, VP, Channel Sales, Americas. "I'd like to express my sincere thanks to all channel partners that participated in the CRN survey." The ARC Awards are based on an invitation-only research survey conducted by The Channel Company. Responses from 3,000 solution providers across North America were evaluated in this year's survey, rating 82 vendor partners across four criteria: product innovation, support, partnership, and managed cloud services. Scores were awarded in 25 major product categories in technology areas that are critical to channel partner success. About Barracuda At Barracuda we strive to make the world a safer place. We believe every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level.

Read More

SOFTWARE SECURITY

JFrog Advances Software Development Collaboration, Automation, Speed, and Security with New Microsoft Teams App

JFrog | July 12, 2022

JFrog Ltd. , the Liquid Software company and creators of the JFrog DevOps Platform, today unveiled new integrations for JFrog Artifactory - the world's leading binary repository – and its JFrog Xray advanced security solution - with the Microsoft Teams collaboration platform. Available immediately, the JFrog App for Microsoft Teams delivers organization-wide visibility into security and software development events, such as failed builds, security vulnerabilities, or compliance issues. Using the new app, development team members can both assign and execute the tasks required to address issues, accelerating time-to-resolution. "Designing software and keeping it up-to-date has always been a team effort – but the urgency of that collaboration becomes even more important when builds fail or security vulnerabilities strike. “Our goal is to empower developers with solutions that enable efficient, cross-team communications on the platforms they’re already using day-to-day, which is why integrating with Teams was a logical choice. The JFrog App for Microsoft Teams makes it easier for developers to notify and collaborate with the wider business to devise and execute a speedy path to resolution." Stephen Chin, Vice President of Developer Relations, JFrog Many software teams use Teams to collaborate and provide visibility into development events or security vulnerabilities using both public and private group channels, as well as direct messaging. The new JFrog App for Microsoft Teams delivers insight into whether artifacts are being uploaded, moved, copied, or deleted, so developers and their extended team of stakeholders from across the organization can quickly make informed decisions and take action to keep their software pipelines on track and secure. “Microsoft Teams changes the way work gets done. It helps remote colleagues and partners collaborate and stay connected even when they’re working apart – and there are few places where collaboration is as critical to a project’s success as software development,” said Ben Summers, Director, Teams & Microsoft 365 Platform Marketing at Microsoft. “This integration aims to make life easier for developers who are already using Teams for their everyday work to share project or security updates with their extended set of stakeholders in one click.” Other features and benefits of the JFrog App for Microsoft Teams include: Accelerated vulnerability resolution - Integrating JFrog Artifactory and JFrog Xray with Teams significantly decreases the time it takes to resolve development challenges or security issues. Improved collaboration - Developers can use Teams to both delegate action items to extended team members - across departments – and take action on assigned tasks and provide status updates during each phase of the software development lifecycle. Quality assurance – Easily configure JFrog Xray policies and watches to monitor targeted artifact repositories used for test and staging environments, and tag team members on security vulnerabilities and compliance violations through Teams for prompt resolution. About JFrog JFrog Ltd.is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won’t go back

Read More

Spotlight

The information security workforce shortfall is widening. In this year’s survey, 62% of the survey respondents stated that their organizations have too few information security professionals. This compares to 56% in the 2013 survey. Also in a shift from the 2013 survey, the reasons for this hiring shortfall are less about money as more organizations are making the budgets available to hire more personnel. Rather, an insufficient pool of suitable candidates is causing this shortfall. These new observations and others generated from this extensive survey (almost 14,000 respondents globally) allowed Frost & Sullivan, for the first time, to estimate the shortfall in the global information security workforce; which we project will reach 1.5 million in five years. This shortfall is the difference between Frost & Sullivan’s projection of the workforce needed to fully address escalating security staffing needs and our workforce projection that accounts for workforce supply constraints (e.g., a tightening labor market among security professionals).

Resources