PLATFORM SECURITY

Morganfranklin Launches Cybersecurity Innovation Center

Morganfranklin | June 14, 2022

Morganfranklin
MorganFranklin Consulting, a management consulting business located in Washington, DC, has opened a new cybersecurity innovation center (CIC).

Customers will be able to obtain insight into how security technologies will perform in their environment and how cyberattacks will influence their systems thanks to the bespoke, interactive lab environment.

“As ever-increasing and more sophisticated attacks combine with rapid digital transformation, cybersecurity preparation has never been more challenging or more important. The MorganFranklin Cybersecurity Innovation Center is a powerful new way to help our clients answer essential questions that improve their security operations, upskill their teams, and address their most pressing threats.”

John Fung, a director in MorganFranklin’s cybersecurity operations practice area

Clients can duplicate their live systems and troubleshoot countermeasures to the most recent attack vectors prior to deployment. Customers can also assess how different security products from different vendors perform alone and together in order to optimize program spending.

The CIC will enable MorganFranklin to produce continual threat information and optimize its cybersecurity practices.

The extended cybersecurity practice of the consultancy offers services in program planning, governance, risk, and compliance; identity and access management; cybersecurity operations; incident response; business and technology resilience; risk intelligence; and managed security.

MorganFranklin offers accounting and risk advisory services, strategic transformation and program execution, supply chain and retail management, technological enablement, and cybersecurity consultancy. The company employs over 600 workers across eight locations in the United States.

Spotlight

Cybersecurity has become a leading topic both within and beyond the corporate boardroom. To stop the escalation of cyber attacks, enterprises need a network security approach that is designed from the outset to enable the safe use of the applications and technologies required to support a thriving business.


Other News
PLATFORM SECURITY

Searchlight Security Elevates Dark Web Intelligence to Board Level with New Automated Reporting

Searchlight Security | August 02, 2022

Searchlight Security, the dark web intelligence company, has introduced new automated reporting functionality into its DarkIQ dark web monitoring solution to help security analysts and MSSPs to quickly and easily communicate external threats to executives. DarkIQ is a powerful dark web monitoring solution that utilizes the most comprehensive dark web dataset on the market, and the only one that includes dark web traffic to and from the organization’s network. It takes the attributes that are most important to a business - including employee credentials, software, devices, IP addresses, network components, and company datasets - and alerts organizations to their presence in deep and dark web marketplaces, forums, and conversations, which could indicate an imminent attack. This threat intelligence is specific to the organization, removing “alert fatigue” and allowing security teams to prioritize the most urgent threats to the business. DarkIQ’s new automated reporting function builds on its existing capabilities by helping analysts to more easily communicate the dark web intelligence they discover - improving response times to possible attacks and educating the wider business on dark web threats. “Our mission is to make dark web intelligence as relevant and actionable for businesses as possible and our new reporting function is a huge part of that. Threat intelligence is only powerful if it can be understood and acted on - otherwise it is just noise. Communication is everything.” Eric Milam, EVP product at Searchlight Security DarkIQ Reporting gives enterprise security teams and MSSPs the ability to: Generate slick reports with one click - with threat intelligence data automatically pulled, inputted, and presented from the DarkIQ platform. Select the right level of detail for the audience - with an “Executive” report option for a high level summary or “Detailed” report for security personnel, which includes recommended remediative actions that should be taken based on the threat data. Add and remove reporting fields - to further customize the report to suit the audience by adding, moving, or removing components, as well as the ability for security teams to add their own analysis, context and observations. Customize design - with the ability to brand reports and change the font and color scheme, a particularly important feature for MSSPs reselling DarkIQ to their customers. Resource more effectively - with less time spent on reporting so they can spend more time protecting the business. Demonstrate Return on Investment - with the ability to show imminent threats that have been identified and prevented through dark web intelligence. Milam concluded: “In threat intelligence, the job isn’t done until the report is filed. This is a burden on security teams that we wanted to - and have been able to - alleviate, because every minute less they spend reporting is a minute more they can spend stopping the bad guys. At the same time, they have a better solution to deliver pre-attack intelligence with more clarity so the business can be more proactive in stopping imminent threats.” About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More

ENTERPRISE IDENTITY,PLATFORM SECURITY,SOFTWARE SECURITY

Safe Security Introduces Free Assessments to Provide Trusted Financial Risk Calculations for Cyber Attacks and Cyber Insurance Discussions

Safe Security | August 17, 2022

Safe Security, a global leader in cybersecurity risk quantification and management, today announced two industry-first assessment tools to empower organizations to make holistic financial decisions based on their actual cyber risk. At no cost, organizations can access Safe Security’s Interactive Cost Calculator, as well as the Cyberinsurance Assessment, which are designed to enable data-driven discussions about risk and coverage requirements. “Executive leadership from the CEO and board members, to CISOs, risk teams, and CFOs are asking questions like, ‘how much will a cyber attack cost us?’ Or, ‘how much should our cyber insurance cost?’ Today, those leaders either do not have a financial figure at all or possess a financial figure from a ‘black-box’ approach that they can’t explain or trust,” said Saket Modi, co-founder and CEO of Safe Security. “Based on our research, Safe Security is offering organizations the opportunity to understand the financial impact of a cyber attack with full visibility into how the assessment is calculated so you can trust and explain the numbers. Knowledge is power, and our mission is to arm you with an unbiased assessment that can be used for risk discussions and insurance negotiations.” Interactive Cost Calculator for Cyber Attacks Safe Security’s Interactive Cost Calculator for cyber attacks is a free, tunable calculator that enables organizations to understand their potential financial risk due to a cyber attack, such as ransomware. The easy-to-use assessment gathers specific inputs about the company, and provides a cost estimate based on Safe Security’s cost model that takes into account cost drivers associated with security incidents. The output can be customized to the parameters of an organization to further refine the estimate. Inside-Out Cyberinsurance Assessment Safe Security’s Inside-Out Cyberinsurance Assessment helps companies better understand their cyber health and reduce premiums. Cyber insurance premiums keep rising despite increasing cybersecurity investments. Companies can gain specific guidance on how their cybersecurity risk posture compares to others in the same industry, how much coverage they need, and the top actions they should take to ensure a successful cyber insurance renewal. The SAFE platform runs a cyber risk assessment based on the following data points: API feeds from the organization’s internal technology environment Maturity of the organization’s cybersecurity policies and products About Safe Security Safe Security is a leader in cybersecurity and digital business risk quantification management, with a mission to build a safer digital future. Safe’s cyber risk quantification and management (CRQM) platform enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.

Read More

SOFTWARE SECURITY

BlastWave Unifies Remote Cloud Security with Bulk Onboarding and Login Convenience Through BlastShield Software Update

BlastWave | June 17, 2022

BlastWave, a zero-trust networking solution provider that reduces the cost and complexity of remote access VPN management, today announced enhancements to its zero-trust security software solution, BlastShield™. The enhancements include added security capability for the three main cloud service providers, identity manager unification, Azure gateway security integration and easy bulk onboarding. BlastWave sees these updates as increasingly important with the global workforce shift to remote cloud environments on multiple vendor platforms. The recent update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment without forcing a user to rely on the respective security measures of each provider. This means users can have workloads distributed across provider environments but only one user authentication system. The update continues BlastWave's mission of convenient, cutting-edge cybersecurity, all while offering enhanced protection within identity management systems. Most importantly, users can take advantage of BlastShield's heightened speed and functionality, two vital features in multi-functional, cloud environments. This latest update also adds support for gateway security in Azure environments, expanding on BlastShield's previous gateway security capabilities in GCP, AWS, ESXi and COTS hardware systems. This new gateway security integration increases functionality for Azure users, allowing them to rely on password-less authentication instead of dated VPN security measures within their cloud-based Azure environments. BlastShield's latest update streamlines bulk onboarding, a typically arduous process, leveraging customers' SSO functionality. This update's features rely on an industry-standard API, System for Cross-domain Identity Management (SCIM), designed to simplify the management of user identities in cloud-based services as well as applications. It enables the automatic exchange of user information between identity domains, eliminating the insecure provisioning of identity managers when onboarding large numbers of users in distributed cloud environments. Identity managers have conventionally suffered from potential exposure to credential theft, SIM jacking, and other threat vectors. BlastShield's update addresses these vulnerabilities without hampering the convenience of identity managers. "BlastShield's latest update enhances our proven security mechanisms with single sign-on identity management tools and offers simplified bulk onboarding. "Many competitors are focusing more on endpoint security in these hybrid cloud environments, but we're offering a macro-level security approach that combines the convenience of identity management systems like Okta and One Identity with the proven agile security of BlastShield's network-level ZTNA and microsegmentation." Michael Bacon, BlastWave Solution Engineer The recent software update and resulting functionality are automatic for new subscribers and can be implemented with the click of a button in the BlastShield interface for current professional and enterprise customers. "In the past, cybersecurity may have elicited groans from providers, largely due to its perceived inconvenience. This update lends BlastWave's proven security stack to the login convenience offered by established identity managers," said Mel Knight, Brier and Thorn CISO. "Once again, whether through bulk onboarding via secure provisioning or enhanced Azure environment security, BlastWave continues to imbue existing technologies with their patented, proven ZTNA security solution. We are excited for our customers to experience this update's improved, secure convenience, bulk onboarding, and multi-vendor cloud security." About BlastWave Founded by former executives and technologists from Apple and Cisco, BlastWave is taking a fundamentally different approach to security aimed at protecting privacy and connected devices from cyberattacks. BlastWave's patented product, BlastShield™️, is an integrated, zero-trust stack that combines state-of-the-art passwordless multi-factor authentication with high-performance, resilient encrypted connectivity and built-in microsegmentation. BlastWave is backed by Rocket Strategies, Lucas Venture Group, and Millennium Investments. The company is headquartered in Palo Alto, California.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,NETWORK THREAT DETECTION

Radiant Logic Named Winner of 1st Annual Cybersecurity Impact Award

Radiant Logic | August 18, 2022

Radiant Logic, the Identity Data Fabric company, announced today that it has been named the winner of the 2022 Cybersecurity Impact Award for “Best Enterprise Security Solution for Employee and Nth Party Access” from Aite-Novarica Group, a global advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to the Financial Services industry. In its first year, the Cybersecurity Impact Awards program identifies the organizations and vendors pioneering new and disruptive cybersecurity tools and services. Award recipients and their innovations are bringing the financial services industry one step closer to stopping illicit cyber activity. “Our Cybersecurity Impact Awards help CISOs looking for highly innovative solutions that deliver transformative value to the institution,” said John Horn, Cybersecurity Practice Director at Aite-Novarica Group. “Seven judges worked through a rigorous scoring process to select Radiant Logic for this award. Radiant’s unique approach allows CISOs to leverage identity silos across the business, and recreate Identity as a powerful enabler for the workforce, third parties, and customers.” The award winners were selected based on various factors, including innovation, market need, and impact on customer experience and operational efficiency. All entries were considered by a panel of industry expert judges. “We’re thrilled to receive this award in such a competitive category. “RadiantOne has been known over the last twenty years as the technical enabler for solving enterprise-grade security and business challenges; with this award, we’re pleased to be recognized as a strategic investment in the security infrastructure.” Joe Sander, CEO of Radiant Logic After years of inorganic growth, piecemeal identity solutions, and a loss of control due to unplanned remote work, identity sprawl is a reality for most modern enterprises. This sprawl leads to tremendous technical debt, increased risk posture, reduced productivity, and poor decision-making capabilities. RadiantOne’s ability to unify identity data across disparate sources creates an authoritative identity data pipeline, improving security, efficiency, and ease-of-use across the organization. About Radiant Logic Radiant Logic, the enterprise Identity Data Fabric company, helps organizations combat complexity and improve security by making identity data easy to use, manage, and protect. The RadiantOne Platform turns identity data into a strategic asset, enabling organizations to improve decision making, accelerate innovation, and minimize risk. About Aite-Novarica Group Aite-Novarica Group is an advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to hundreds of banks, insurers, payments providers, and investment firms—as well as the technology and service providers that support them. Comprising former senior technology, strategy, and operations executives as well as experienced researchers and consultants, our experts provide actionable advice to our client base, leveraging deep insights developed via our extensive network of clients and other industry contacts.

Read More

Spotlight

Cybersecurity has become a leading topic both within and beyond the corporate boardroom. To stop the escalation of cyber attacks, enterprises need a network security approach that is designed from the outset to enable the safe use of the applications and technologies required to support a thriving business.

Resources