DATA SECURITY

Modus Collaborates with AgileBlue to Introduce Modus Data Protector™, for Managed Breach Protection from Cybersecurity Threats

AgileBlue | April 30, 2021

Security threats grow rapidly, and proper investigation and response necessitate the use of people who are familiar with endpoints, networks, cloud systems, and other technologies. Many businesses need a professional SOC manager, an accomplished Security Analyst, a Threat Researcher, a Security Architect, a Security Analyst, a Cloud Security Architect, and so on. This ensures that you need a team that is always improving to have the best skills as you need them. Unfortunately, there is a critical lack of specialized cybersecurity expertise in the overall talent industry, and there are not enough qualified resources to fulfill the need.

Cybersecurity is complicated, and different technologies will often be needed to work together. Maintaining technical expertise to implement, update, and customize each component, as well as educating the staff on new versions and features, is needed. You must manage these distributor relationships, licenses, and training operations if you operate your SOC. Having coverage 24 hours a day, seven days a week is no longer discretionary. It's a must! Allowing an enemy to sow seeds for hours, days, or weeks makes it infinitely more difficult to control and eliminate risks. The adversary is aware that they only have a finite amount of time to do as much harm as possible, as in the case of ransomware, or to set back doors, as in the case of data exfiltration.

You have the best chance of recovery if you can investigate and answer within minutes, so having a solution that is available 24 hours a day, seven days a week is essential.

If money isn't a problem and you have the resources devoted to building out a 24x7 Security Operations Center, it could make sense to go in that direction. If you are limited on any of those fronts, Modus suggests that SOCaaS is a safer option. In summary, Modus Data ProtectorTM SOCaaS will allow you to:

• Leverage security insights from other organizations

• Have predictable spending – no need for surprise budget requests

• Handle alerts more efficiently and with more predictable results

• Have the agility and keep pace with your ever-changing organization’s IT demands

• Enjoy a 24 x 7 x 365 promise to you that includes human-based responses, asset discovery, vulnerability assessment, intrusion detection, behavior monitoring, log management, and cloud-based SIEM

About AgileBlue

AgileBlue is a software firm that offers a cutting-edge SOC-as-a-Service for 24X7 network monitoring, cloud security, data protection, and enforcement. AgileBlue's team of cybersecurity and technical experts created a new SOC-as-a-Service technology that safeguards the company's sensitive network infrastructure, cloud, and confidential data. AgileBlue, founded by Joe Marquette and Tony Pietrocola, is a premier 24X7 Autonomous CyberSOC. AgileBlue Leadership also advises executives and boards of directors on cyber threats, creating a cyber policy, and providing cyber risk management as a service.

About Modus

Modus Discovery, Inc is a relationship-driven data analytics firm founded by experienced founders and industry veterans. As corporate owners, CIOs/CTOs, general counsel, and cybersecurity professionals, we've been in your shoes. They understand the difficulties you are experiencing because they have faced them earlier. This empathy is what motivates them to provide you with the most successful solutions and to make each information governance or eDiscovery partnership a stunning success. Modus puts individuals, systems, and technologies together to assist clients with compliance and eDiscovery problems. The Modus team has gained subject matter expertise through decades of hands-on experience in their respective fields, resulting in informed and empowered advisors ready to make timely choices that support their clients and their needs.

Spotlight

Mobility is transforming enterprises at an unprecedented rate with the continued proliferation of smart devices, explosive development of mobile apps and increased access to work files. Employees are empowered by their organizations to be more productive at any time and from anywhere, adopting policies for Bring Your Own Device (BYOD) and even allowing the use of personal apps for work-related activities.


Other News
DATA SECURITY

Futurex Announces Support for Google Cloud External Key Manager

Futurex | October 12, 2021

Futurex’s key management technology and Google Cloud EKM give customers more control over encryption keys to maximize data security, privacy, and compliance BULVERDE, Texas, October 12, 2021 — Futurex, a leader in hardened, enterprise-class data security solutions, today announced support for Google Cloud External Key Manager (EKM), giving customers more control over encryption keys. Google Cloud EKM gives users full separation between their data and encryption keys, enabling users to create, store, and manage their encryption keys in a third-party key management service (KMS) — such as Futurex’s key management servers (KMES). Users can turn to Futurex KMES Series 3, a FIPS 140-2 Level 3-validated key management enterprise server, or Futurex's VirtuCrypt cloud service to handle all cryptographic key lifecycle management to maximize data security, privacy, and compliance. “We continue to add security and flexibility for Google Cloud users, giving them full control of the location, distribution, and access of their externally-managed keys,” said Bahul Harikumar, Head of Infrastructure Security Partnerships at Google Cloud. “Google Cloud EKM and Futurex give users more security options and more control.” Futurex’s robust key management platform is globally available and highly scalable, providing a versatile, external key service using fully-validated HSM and cloud technology. In addition to solutions for Google Cloud External Key Manager, Futurex’s KMES Series 3 offers: Cloud key management Data protection Public key infrastructure (PKI) Certificate Authority (CA) Code signing Vaultless tokenization Integration with numerous 3rd-party applications and services “Google Cloud’s commitment to encryption is evidenced by its support for external key management partners and we are thrilled to support Google Cloud EKM with our FIPS 140-2 Level 3-validated systems,” said Ryan Smith, vice president, global business development, at Futurex. “Futurex’s centralized encryption makes everything easier by fulfilling multiple key management use cases in a single platform.” Futurex’s Google Cloud EKM can be deployed via Futurex on-premises key management servers, Futurex’s VirtuCrypt Cloud, or an on-premises/cloud hybrid. For more information on Futurex’s support for Google Cloud EKM, visit futurex.com. Google Cloud will be showcasing its Cloud EKM at its Google Cloud Next ‘21 conference, taking place October 12-14, 2021. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

SOFTWARE SECURITY

ReliaQuest Expands GreyMatter Platform with support for Risk Scenarios and MITRE ATT&CK v10

ReliaQuest | February 18, 2022

ReliaQuest, the leader in Open XDR-as-a-Service, today announced the expansion of its GreyMatter platform with support for MITRE ATT&CK v10 and Risk Scenarios that visually maps and measures a security program’s detection coverage in terms of threats and cyber risks. This new feature enables security leaders to close the communications gap with business leaders while demonstrating how well their security program mitigates cyber risks of most concern to the enterprise. Many leaders are challenged with measuring the progress of their security program and the impact of their security investments. According to a recent Ponemon Institute Research report, 64% of security leaders say a lack of standardized security metrics to measure progress is the primary obstacle to implementing an IT security risk management program. What’s more, 58% say that the lack of a well-defined security and risk management program is what makes their organization most vulnerable to cyberattacks. With the ability to map coverage against Risk Scenarios, GreyMatter enables security leaders to have a real-time view into how they are performing against individual threats or cyber risks they are most concerned about. They can pinpoint any gaps in coverage and make informed decisions on how best to proceed with investments and actions to close these gaps. Breakdowns by cyber risk categories and subcategories within them help security leaders focus on areas of concern at a granular level. “Too often, leaders rely on technical metrics that lack a holistic view of how security tools are operating together, leaving them at a loss when it comes to communicating cyber risks to the business, What’s more, translating the effectiveness of security tools in a language that leadership understands poses even more of a challenge. Now, with Risk Scenarios, security leaders have a more comprehensive view into how much coverage they have across cyber risk areas that concern them the most. This will help them make informed decisions on how best to approach these issues and communicate them effectively to leadership.” Brian Foster, Chief Product Officer at ReliaQuest Additionally, ReliaQuest announced an upgrade of its support for the latest MITRE ATT&CK framework version 10. By upgrading to support v10 of the framework, GreyMatter users are better able to visualize and measure detection coverage aligned to the latest techniques. In line with keeping with improving efficiencies for security operators, GreyMatter delivers enhancements to reduce tool hopping by automating collection of various contextual information, aiding in faster investigations and further streamlining the security operations workflow. About ReliaQuest ReliaQuest, the leader in Open XDR-as-a-Service, is the force multiplier for security operations teams. ReliaQuest GreyMatter is a cloud-native Open XDR platform that brings together telemetry from any security and business solution, whether on-premises, or in one or multiple clouds, to unify detection, investigation, response and resilience. ReliaQuest combines the power of technology and 24/7/365 security expertise to give organizations the visibility and coverage they require to make cybersecurity programs more effective.

Read More

SOFTWARE SECURITY

Guidepost Solutions Acquires Significant Equity Interest in Cybersecurity Solutions Firm Truvantis, Inc.

Guidepost Solutions LLC | March 29, 2022

Guidepost Solutions LLC, a global leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting, announced that it has acquired a significant equity stake in Truvantis, Inc., a cybersecurity company formed in 2010. Truvantis provides best-in-class cyber and privacy services to secure infrastructure, data, operations, and products. This strategic partnership allows both Guidepost and Truvantis to offer a wide-ranging suite of cybersecurity solutions and consulting services, at a time when cybersecurity risks are evolving and affecting all business operations. Truvantis is led by its founder and CEO, Andy Cottrell. With more than 25 years of experience in IT and cybersecurity, Cottrell has designed and implemented security solutions, launched innovative security products to market, and helped countless small and large companies improve their security posture. “I am pleased to announce this partnership with Truvantis, as part of our firm’s continued efforts to grow its capabilities and footprint in the cybersecurity arena. We are committed to providing our clients with unique solutions to defend against one of the greatest risks facing their companies – cyber threats. This partnership significantly expands our ability to fulfill that commitment.” Julie Myers Wood, Guidepost Solutions CEO This new alliance enables clients to leverage comprehensive threat, risk, vulnerability management, privacy, and assessment services to protect against a full spectrum of cyber and physical security issues and address a variety of regulatory and business-critical requirements. Today’s companies are faced with an increasing number of requests for independent verification of their cybersecurity and privacy policies and practices. Whether it’s an assessment against a security framework like the NIST CSF, ISO 27001, or CIS Controls, addressing compliance with privacy laws and requirements like the PCI DSS, or preparing for a SOC2 or HITRUST audit, companies are seeking help from highly qualified, credentialed consultants who can help address these complex cybersecurity and privacy challenges. The Guidepost/Truvantis team will afford clients a depth of expertise as well as a breadth of services to address a broad range of risk mitigation needs. “Guidepost Solutions is a leader in investigations, compliance, and physical security consulting and we’re excited to bring these capabilities to our clients to provide comprehensive risk management solutions,” said Andy Cottrell, CEO, Truvantis. “As the market continues to evolve toward consolidated physical, personnel, and cybersecurity management, this partnership enables us to provide the most comprehensive solutions in the market.” Through this investment and partnership, Guidepost Solutions and Truvantis are positioned to enhance cyber and physical security defenses for clients and provide resiliency for their critical systems. Specific security services include risk assessments, security testing, cyber investigations, cybersecurity governance, data protection, privacy consulting, operational security design and project management, vCISO, and remediation services. About Guidepost Solutions LLC Guidepost Solutions is a leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting. We work wherever your needs take us – whether on the ground around the globe – or from one of our offices located in Bogotá, Boston, Chicago, Dallas, Honolulu, London, Los Angeles, Miami, New York, Palm Beach, Philadelphia, Phoenix, San Francisco, Seattle, Singapore, Walnut Creek, and Washington, DC. About Truvantis Inc. Truvantis® is a cybersecurity consulting organization providing best-in-class privacy and cybersecurity services to secure your organization’s infrastructure, data, operations, and products. We specialize in helping our customers improve their cybersecurity posture by implementing, testing, auditing, and operating information security programs.

Read More

SOFTWARE SECURITY

CyCognito and Carahsoft Partner to Deliver Attack Surface Management and Protection Solutions to the Public Sector

CyCognito | December 29, 2021

CyCognito, the leader in external attack surface management and protection, today announced a strategic go-to-market alliance with Carahsoft Technology Corp., the Trusted Government IT Solutions Provider. Under the agreement, Carahsoft will serve as CyCognito’s first Public Sector Distributor. The new relationship expands and deepens CyCognito’s reach across and within the Public Sector through Carahsoft’s NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), OMNIA Partners, National Association of State Procurement Officials (NASPO) ValuePoint, and National Cooperative Purchasing Alliance (NCPA), as well as through Carahsoft’s reseller partners. “Together with our channel partners, CyCognito is using its platform, program and best practices to help the Public Sector establish a stronger security posture and proactively identify, protect and prevent cyberattacks from happening,” says Channel Chief and CyCognito’s Worldwide Sales Leader Lori Cornmesser. Most of today’s cyberattacks continue to intrude through external attack vectors. CyCognito’s innovative platform automates the discovery, multi-factor security testing and risk prioritization of all externally-exposed assets in an organization’s extended IT ecosystem. Once cyber threats are identified, CyCognito orchestrates data sharing to automatically start the remediation process by creating an incident response ticket. The platform integrates its findings and intelligence into existing vulnerability lifecycle management processes through channels such as Slack, PagerDuty, ServiceNow, and several additional platforms. This proven and proactive layer of automated security ensures an organization’s entire attack surface is protected quickly and efficiently when risks are detected. “Empowering organizations to find and eliminate the paths attackers easily exploit is a vital tactic within any surface management and protection strategy,Prevention and remediation must remain top of mind for channel partners and IT decision makers, especially those working within the Public Sector where the stakes are high and the impact of a single breach has the potential to span states, the nation and even the globe.” Rob Gurzeev, Founder and CEO, CyCognito CyCognito and Carahsoft are enabling forward-thinking security value-added resellers (VARs), managed service providers (MSPs), global systems integrators (GSIs) and managed security services providers (MSSPs) with a new and enhanced lineup of SLED and Federal-focused sales and marketing assets. Offered at no charge, these business-building assets are readily available within CyCognito’s partner portal and include how to market, how to pitch and position, and how to demo the technology. “Agencies today are under tremendous pressure to protect their customers from cybercrime,” said Michael Shrader, Vice President of Intelligence and Innovative Solutions at Carahsoft. “CyCognito’s leading platform preempts attacks and helps businesses satisfy key elements of most common security frameworks and regulatory compliance standards. We look forward to working with CyCognito and our reseller partners to help educate and better enable the Public Sector with the knowledge, specialization and technology needed to properly assess their cyber risk and eliminate exposure.” About CyCognito CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure. Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. The Palo Alto-based company is funded by leading Silicon Valley venture capitalists, and its mission is to help organizations protect themselves from even the most sophisticated attackers. It does this with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers. About Carahsoft Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and Engagement, and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles.

Read More

Spotlight

Mobility is transforming enterprises at an unprecedented rate with the continued proliferation of smart devices, explosive development of mobile apps and increased access to work files. Employees are empowered by their organizations to be more productive at any time and from anywhere, adopting policies for Bring Your Own Device (BYOD) and even allowing the use of personal apps for work-related activities.

Resources