DATA SECURITY

Palo Alto Networks and Deloitte Deepen Strategic Alliance

Palo Alto Networks | May 17, 2022

Palo Alto Networks
Palo Alto Networks and Deloitte announced today the advancement of their existing strategic partnership to provide managed security services to their shared U.S. clients, making Palo Alto Networks' leading cybersecurity technology portfolio accessible in Deloitte's outcome-based, managed offerings.

Many businesses are turning to managed security service providers (MSSPs) and managed detection and response (MDR) providers to run and elevate high-impact cyber defensive capabilities employing modern technologies that assist in handling continually developing cyberthreats.

"Our customers are asking for managed secure access service edge (SASE), cloud, and threat detection and response capabilities. By offering our innovative security solutions portfolio as a managed service through Deloitte, we're providing newly extended support to customers who want their cyber programs to truly enable their critical business initiatives."

Prem Iyer, vice president, Global Systems Integrator Ecosystems for Palo Alto Networks

Kieran Norton, Deloitte Risk & Financial Advisory infrastructure solution leader and principal, Deloitte & Touche LLP said that "We're advising our clients every day on how cybersecurity can help empower their strategic business priorities but building it all in-house can be challenging and costly. Together with Palo Alto Networks, we are able to advise, equip and operate security capabilities for organizations as they work to manage cyber threats with agility and resilience."

Deloitte Cyber and Palo Alto Networks first announced their strategic alliance in July 2021, with the goal of providing comprehensive cybersecurity solutions to shared customers. Managed services will feature expanded solutions such as:
  • Deloitte and Palo Alto Networks help companies move to a Zero Trust framework by combining cyber technology platforms and professional services.
  • Deloitte's Cloud Security solution includes the industry's most complete Cloud Native Security Platform, Palo Alto Networks Prisma® Cloud, and Cortex XSOAR.
  • Palo Alto Networks' Prisma Cloud and Prisma Cloud Compute are part of Deloitte's OpenCloud, which is the management plane for Deloitte's Cloud Management Platform.
  • Presently, 5G-native security from Deloitte and Palo Alto Networks includes 5G security blueprints, data, control, and cellular signaling domain integration, and network protection.

Spotlight

Users and apps pose the biggest risk to your enterprise data. Hackers are financially motivated to gain unauthorized access to your data. View this infographic to find out how to prevent major data breaches from both internal and external threats.


Other News
PLATFORM SECURITY

QuSecure Launches Industry’s First End-to-End Post-Quantum Cybersecurity Solution to Uniquely Address Current and Future Quantum Computing Threats

QuSecure | May 21, 2022

QuSecure™, Inc., an innovator in post-quantum cybersecurity (PQC), today introduced its quantum orchestration platform, QuProtect™, the industry’s first end-to-end PQC software-based solution uniquely designed to protect encrypted communications and data with quantum-resilience using quantum secure channels. With QuProtect, for the first time organizations can leverage quantum resilient technology to help prevent today’s cyberattacks, while future-proofing networks and preparing for post-quantum cyberthreats. Leading experts, including Arthur Herman, senior fellow and director of the Quantum Alliance Initiative at The Hudson Institute, believe that a Cryptographically Relevant Quantum Computer (CRQC), which is a quantum computer that can break current cryptography and will expose the world’s encrypted communications and data, will be available within the next 3-5 years. Additionally, nation-state attackers are currently stealing encrypted data, using a “Steal Now, Decrypt Later” (SNDL) strategy to collect global encrypted data, which will be retroactively decrypted once a CRQC is available. As a result, on May 4, the White House mandated PQC compliance via the National Security Memorandum “Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems.” Also, the bipartisan Endless Frontiers Act would establish a Technology and Innovation Directorate at the National Science Foundation which would use $100 billion in federal funds over five years to research emerging technologies including quantum computing, and specifically mentions the need for PQC. Organizations will need to follow suit to protect their data and communications from post-quantum cyberthreats. QuProtect provides quantum-resilient cryptography, anytime, anywhere and on any device. QuProtect uses an end-to-end quantum security as a service (QSaaS) architecture that addresses the digital ecosystem’s most vulnerable aspects, uniquely combining zero-trust, next-generation post-quantum-cryptography, quantum-strength keys, high availability, easy deployment, and active defense into a comprehensive and interoperable cybersecurity suite. The end-to-end approach is designed around the entire data lifecycle as data is stored, communicated, and used. “Quantum technologies have the potential to represent a platform shift, and platform shifts don’t come around that often,” said Laura Thomas, former CIA Chief of Base with more than 17 years in various national security and leadership roles and currently VP of Corporate Strategy at ColdQuanta, a quantum computing and sensing company. “When they do, they bring enormous opportunity coupled with the power for intense disruption, in all arenas, to include national security and economic security. Organizations should be evaluating post-quantum encryption solutions now and mapping out the resources and timelines needed to deploy them on their networks. QuSecure is playing a key role in future-proofing our networks from current classical and future quantum attacks.” QuSecure also today announced its formal company launch. See accompanying company launch press release issued by QuSecure today at QuSecure Company Launch. “Enterprises are charged with providing high levels of data security,” said Skip Sanzeri, QuSecure Founder and COO. “We are facing the largest computer upgrade cycle in history as all public key cryptography globally needs to be upgraded to PQC. Our QuProtect solution provides organizations with a first-mover advantage as the industry accelerates toward a quantum future. QuProtect allows organizations and their clients to maintain the highest level of quantum-resilient security to address cyberthreats with minimal disruption to existing systems.” QuProtect protects any node on the network by using National Institute of Standards and Technology (NIST) approved quantum algorithms to create secure quantum communications channels. Its technology enables backwards compatibility and can translate back and forth from PQC to standard Transport Layer Security (TLS), ensuring interoperability with any network. No other company combines QuSecure’s broad-based quantum and post-quantum technologies providing secure, interoperable cybersecurity to protect organizations’ networks from quantum threats. QuProtect’s unique differentiators include (partial list): Post-quantum open-source, end-to-end data protection on all platforms and networks – QuSecure applies post-quantum protections to all systems and devices – from cloud, to server, to laptop, to edge and IoT – protecting communications and data. QuProtect uses Quantum Random Number Generation (QRNG) to create quantum-resilient cryptographic keys which provide entropy throughout the entire network. Network-wide entropy is important because true quantum randomness protects systems from vulnerabilities and attacks such as pattern detection and cryptanalysis. Easy integration and deployment with zero client-side installations supporting most platforms – QuProtect is designed to be simple to deploy, operate and manage for existing devices and systems. Any existing platform that runs cryptography can be upgraded to PQC through QuProtect’s software-upgrade solutions. QuSecure’s solution enables controlled, phased deployment in highest priority segments first, enabling organizations to audit and/or delay endpoints which don’t need immediate upgrade. QuProtect permits instantaneous re-selection of algorithms enabling crypto agility while NIST finalizes the PQC algorithms to be standardized. Continuous monitoring and attack resilience – QuProtect improves security through continuous anomaly monitoring, machine learning-enabled attack detection, and active remediation. QuProtect is the industry’s most advanced PQC solution providing end-to-end quantum-resilience for many of today’s critical use cases, including satellite, network, and IoT communications. QuProtect can be hosted on-premise or via cloud-based orchestration delivering the most compatible solution to the post-quantum problem. An organization can implement PQC across all devices on the network with minimal disruption to existing systems, protecting against current and future classical and quantum attacks which could irreparably disrupt industries and infrastructures across government and commercial sectors. About QuSecure QuSecure is an innovator in post-quantum cybersecurity with a mission to protect enterprise and government data from quantum and classical cybersecurity threats. Its patent-pending, quantum-safe solutions provide an easy transition path to quantum resiliency across any organization. The company’s QuProtect solution is the industry’s first PQC software-based platform uniquely designed to protect encrypted communications and data with quantum-resilience using a quantum secure channel. QuSecure has current customer deployments in banking/finance, healthcare, space/satellite, IT/data enterprises, datacenters and various Department of Defense agencies. QuSecure is investor backed and has offices in Silicon Valley.

Read More

DATA SECURITY

ShardSecure® To Present at Black Hat Cybersecurity Conference

ShardSecure | August 09, 2022

ShardSecure, inventor of the innovative MicroshardTM technology that mitigates data security and privacy risks in the cloud, will be exhibiting at Black Hat 2022, the leading information security event, from August 6 to 11 in Las Vegas, Nevada. While at Black Hat, ShardSecure will showcase their patented microsharding solution at Booth #30 in the Business Hall's Innovation City. During the conference, ShardSecure will demonstrate how microsharding renders sensitive data unintelligible in the wrong hands, offering crucial protection in multi-cloud and hybrid-cloud environments. ShardSecure Lead Developer Anthony Whitehead will present "Microsharding, an Alternative to Encryption for Data at Rest" from 2:25 to 2:45 p.m. PT on August 10 in the Business Hall, Theater C. Additionally, VP of Marketing Marc Blackmer will be interviewed on microsharding and encryption by Chuck Harold of SecurityGuyTV at 9:20 a.m. PT on August 11. "We're looking forward to making new connections and sharing how we can help organizations strengthen their data resilience, maintain business continuity, and mitigate the impact of ransomware," said Marc Blackmer. "Black Hat is an excellent opportunity for ShardSecure to participate in key industry conversations, strengthen our brand, and grow our networking opportunities." Microshard technology works to desensitize sensitive data by digitally shredding it into tiny microshards. Those microshards are then mixed with poison data and distributed to multiple customer-owned storage locations of the customer's choosing. Its self-healing data also reverses unauthorized data deletion and tampering — including ransomware — for data at rest. Through its ability to reconstruct data impacted by storage service outages, ShardSecure also helps protect against the effects of data loss and allows business operations to continue unaffected during an outage. "We're pleased to be sharing Microshard technology with a wide audience of thought leaders and vendors at Black Hat. "Combined with several new partnerships and our recent availability in Azure Marketplace, Black Hat is allowing us to reach more organizations with our innovative data security and data resilience solution. We look forward to continuing the discussion about how we can help organizations maintain control of their sensitive data in the cloud while protecting it from outages and attacks." Bob Lam, CEO and Co-Founder of ShardSecure About Black Hat Now in its 25th year, Black Hat USA is a leading cybersecurity event. With trainings, briefings, and virtual and in-person events, Black Hat 2022 will present the latest research, development, and trends in the information security industry. About ShardSecure ShardSecure is changing the nature of data security. It believes that all organizations can easily and securely enjoy the benefits of cloud adoption without surrendering control of their data. Inventors of the patented Microshard technology, ShardSecure cloud-enables sensitive data by desensitizing it in multi-cloud and hybrid-cloud environments.

Read More

PLATFORM SECURITY

Searchlight Security Elevates Dark Web Intelligence to Board Level with New Automated Reporting

Searchlight Security | August 02, 2022

Searchlight Security, the dark web intelligence company, has introduced new automated reporting functionality into its DarkIQ dark web monitoring solution to help security analysts and MSSPs to quickly and easily communicate external threats to executives. DarkIQ is a powerful dark web monitoring solution that utilizes the most comprehensive dark web dataset on the market, and the only one that includes dark web traffic to and from the organization’s network. It takes the attributes that are most important to a business - including employee credentials, software, devices, IP addresses, network components, and company datasets - and alerts organizations to their presence in deep and dark web marketplaces, forums, and conversations, which could indicate an imminent attack. This threat intelligence is specific to the organization, removing “alert fatigue” and allowing security teams to prioritize the most urgent threats to the business. DarkIQ’s new automated reporting function builds on its existing capabilities by helping analysts to more easily communicate the dark web intelligence they discover - improving response times to possible attacks and educating the wider business on dark web threats. “Our mission is to make dark web intelligence as relevant and actionable for businesses as possible and our new reporting function is a huge part of that. Threat intelligence is only powerful if it can be understood and acted on - otherwise it is just noise. Communication is everything.” Eric Milam, EVP product at Searchlight Security DarkIQ Reporting gives enterprise security teams and MSSPs the ability to: Generate slick reports with one click - with threat intelligence data automatically pulled, inputted, and presented from the DarkIQ platform. Select the right level of detail for the audience - with an “Executive” report option for a high level summary or “Detailed” report for security personnel, which includes recommended remediative actions that should be taken based on the threat data. Add and remove reporting fields - to further customize the report to suit the audience by adding, moving, or removing components, as well as the ability for security teams to add their own analysis, context and observations. Customize design - with the ability to brand reports and change the font and color scheme, a particularly important feature for MSSPs reselling DarkIQ to their customers. Resource more effectively - with less time spent on reporting so they can spend more time protecting the business. Demonstrate Return on Investment - with the ability to show imminent threats that have been identified and prevented through dark web intelligence. Milam concluded: “In threat intelligence, the job isn’t done until the report is filed. This is a burden on security teams that we wanted to - and have been able to - alleviate, because every minute less they spend reporting is a minute more they can spend stopping the bad guys. At the same time, they have a better solution to deliver pre-attack intelligence with more clarity so the business can be more proactive in stopping imminent threats.” About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More

SOFTWARE SECURITY

BlackBerry Helps Channel Partners Tap Exploding Managed Security Service Market

BlackBerry | June 09, 2022

BlackBerry Limited today announced a number of enhancements to the BlackBerry Partner Program to help Managed Security Service Providers (MSSPs) capture the exploding demand among small and medium-sized businesses (SMBs) for 24x7x365 Managed Extended Detection and Response (XDR) services, a market which industry experts expect will grow from $22.45 billion in 2020 to $77.01 billion by 2030. BlackBerry's 2022 Threat Report found SMBs experience 11-13 attacks every day. Amidst this growing threat landscape, the company has significantly increased its MSSP focus, launching new marketing incentives, a global hiring campaign to boost partner support and a revamped curriculum of training, tools and enablement resources to aid overall go-to-market efforts. Enhancements include: Greater Cybersecurity Protection for Customers & More to Sell – New products and services now available to MSSPs include CylanceGUARD®, CylancePERSONA™, and CylanceGATEWAY™. This will enable new service opportunities and help MSSPs secure their client environments. Increased Support & Field Seller Alignment – Commitment to significantly increase the size of BlackBerry's channel team, doubling employee headcount in roles such as partner management, customer success and channel enablement to ensure partners have the technical and sales support to compete and win in the crowded EDR/XDR market. BlackBerry has also introduced seller compensation on MSSP deals to encourage field alignment and to embrace MSSPs as a critical route to market. More Comprehensive Training – New BlackBerry Cyber Security Administrator (BCSA) technical training – aimed at MSSPs who will be configuring, managing, and troubleshooting BlackBerry UES products. Representing the next-generation evolution of the popular Cylance Security Professional Certification, the new program includes a blend of videos, instructor-led training, and online assessments on BlackBerry's industry-leading, AI-based, prevention-first solutions focused on preventing breaches before they happen. Lucrative Marketing Incentives – Expanded the generous 'Protect and Earn' partner incentive program that rewards MSSPs for uncovering and closing net-new BlackBerry logos. Partners earn cash-based rewards which are determined by the qualifying closed deal's Total Contract Value, with no limits. New Pricing – New flexible licensing and pricing options built to match the way MSSPs do business with customers. New MSSP-focused aid in partner business development including demand generation & sales support via proposal-based marketing funds, case studies, strategic Go-To-Market engagement and access to inside sales resources. The expanded investment and support for MSSPs comes following last month's joint warning from the Five Eyes Alliance of security authorities from the United Kingdom, Australia, Canada, New Zealand and the United States, highlighting an increase in malicious cyber activity targeting managed service providers (MSPs) and urging them to protect the IT supply chain with a fresh set of cybersecurity measures. "With headline-grabbing hacks and a cybersecurity talent gap showing no signs of letting up, SMBs have never been more under-staffed or ill-prepared to meet the challenges posed by the continuously evolving threat landscape. "Our top 20 MSSPs have grown more than 50 per cent year over year and demand for human threat experts is through the roof. To that end, BlackBerry is doubling down and increasing our focus on our MSSP partners to ensure they're set up for success." Colleen McMillan, VP, Global Channel Sales at BlackBerry About BlackBerry BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including over 195M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint management, endpoint security, encryption, and embedded systems. BlackBerry's vision is clear - to secure a connected future you can trust.

Read More

Spotlight

Users and apps pose the biggest risk to your enterprise data. Hackers are financially motivated to gain unauthorized access to your data. View this infographic to find out how to prevent major data breaches from both internal and external threats.

Resources