DATA SECURITY

Palo Alto Networks and PwC Join Forces to Boost Cybersecurity Defenses

prnewswire | October 29, 2020

Palo Alto Networks, the global cybersecurity leader, and PwC today announced an expanded partnership to deliver managed detection and response (MDR) services to joint customers. The offering combines MDR services delivered by PwC — Managed Cyber Defence — and Cortex XDR™ by Palo Alto Networks. Together, customers can take advantage of a state-of-the-art managed threat hunting, protection, detection and response service from anywhere, globally.
The Managed Cyber Defence service fuses the power of PwC's global threat intelligence, thousands of hours of incident response expertise, and advisory services with Cortex XDR, the industry's first fully integrated detection and response platform, to provide a unique level of protection with unrivaled visibility and detection capabilities. As a result, security teams can significantly reduce attack dwell time, down to minutes, and manual day-to-day security operations workloads by up to 90%, elevating organizations to a mature security posture.
According to Christina Richmond, vice president of Worldwide Security Services research at IDC, "The evolving threat landscape has forced organizations to mature their security capabilities, creating opportunities for PwC to elevate their offerings and provide a blending of managed security/MDR and professional security capabilities."  
Built to cater to organizations of any size, in any industry, PwC's Managed Cyber Defense reduces response times from what typically takes days to minutes, minimizing the likelihood of an emerging threat manifesting as a breach. Detection of emerging attacker behaviors and pivoted attack scenarios put organizations on a path to proactive defense against "the unknown," while extending protection across on-premises, cloud, virtualized and IoT environments.
Cortex XDR is the industry's first extended detection and response platform that runs on integrated endpoint, network, cloud and third-party data to reduce noise and focus on real threats. By combining Cortex XDR with MDR services, customers can relieve the day-to-day burden of security operations and achieve 24/7 coverage, from alert management and investigation to incident response.
Colin Slater, cyber security partner at PwC UK, had this to say:
"Our unique market insight and trusted relationships with our clients makes us best placed to advise on their cyber challenges. Using this in-depth knowledge, we have meticulously created a service offering to address our clients' pain points. We are excited to work with Palo Alto Networks as the market demands new ways to do detection and response. COVID-19 has spurred a move to remote work at a scale that has left many businesses more vulnerable than ever to cyberattacks because they are less able to respond and recover remotely. PwC's cybersecurity team has responded to several major incursions from nation-state threat groups and mitigated cyber breaches caused by vulnerabilities introduced through transitions to remote work at scale. Preventing these attacks is a core element of the PwC and Palo Alto Networks approach."
Shailesh Rao, senior vice president for Cortex at Palo Alto Networks, offered:
"We are thrilled to expand our partnership with PwC through the delivery of best-in-class managed detection and response (MDR) services powered by Cortex XDR to our joint customers. More and more enterprise customers have validated PwC's service over the last year in detecting and responding to cyberattacks. The combination of advisory services, analytics, and modern, AI-driven detection and response capabilities and metrics, with visibility across an enterprise's entire infrastructure, is made possible by our unmatched joint Cortex XDR and MDR service offering."
About PwC
At PwC, our purpose is to build trust in society and solve important problems. We're a network of firms in 157 countries with over 276,000 people who are committed to delivering quality in assurance, advisory and tax services.
About Palo Alto Networks
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.
Palo Alto Networks, Cortex, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.

Spotlight

Bridging the Gap Between Cyber Security and Your Organization Cybercrime has climbed to 2nd most reported economic crime affecting organizations (Global Economic Crime Survey 2016 - PwC). The results are shocking, but many governments and businesses are only about to put cyber security consciously on their agenda. These days, massive security breaches and compromised accounts undoubtedly demonstrated why everyone is under threat. Malicious cyber-attacks are targeting organizations for many reasons, including financial, strategic or even political conflicts. X Infotech’s intention with this paper is primarily to take a closer look on the cyber-threat landscape and strategic actions governments and businesses should take to fight cybercrime.


Other News
SOFTWARE SECURITY

Windfall Recognized for Its Commitment to Data Security with Renewed SOC 2 Type 2 Certification

Windfall | September 02, 2022

Today, Windfall Data, Inc. , the most trusted and accurate provider of insights and democratized intelligence on people, announced that it has once again successfully completed the Service Organization Control (SOC) 2 Type 2 audit. This certification validates the company’s ongoing commitment to data protection and security. An industry recognized technical audit for technology & service organizations, SOC 2 Type 2 requires companies to establish and follow strict information security policies and procedures. The independent audit was conducted by Boulay PLLP, and has assessed internal controls involving security, availability, processing integrity, and confidentiality. The assessment applies to internal controls within the organization and encompasses the processing of data on behalf of its customers. As defined by the Trust Services Criteria set forth by the American Institute of Certified Public Accountants (AICPA), the SOC 2 Type 2 certification report is generally recognized as the gold standard for data security and re-validates Windfall’s commitment to protecting both company and customer data. “Security and privacy have always been core company values at Windfall. “By re-completing our SOC 2 Type 2 certification, we are demonstrating to our customers that Windfall is accountable to the highest standards of data protection and requirements.” Windfall CEO and Co-Founder, Arup Banerjee Windfall analyzes vast amounts of data with advanced technologies like artificial intelligence and machine learning in order to give organizations deep insights into their data, and to activate those insights into business workflows. Because this data is sensitive, Windfall has top security measures in place to protect critical data from being lost or stolen and developed detailed policies to safeguard customer data, as demonstrated through SOC 2 Type 2 re-certification. “We are intent on providing a platform that organizations can trust,” said Cory Tucker, CTO and Co-Founder of Windfall. “We’re excited to have achieved this security milestone for the second year in a row as it demonstrates the strength and seriousness of our commitment to privacy and security.” ABOUT WINDFALL: Windfall is a people intelligence and AI company that gives go-to-market teams actionable insights. By democratizing access to people data, organizations can intelligently prioritize go-to-market resources to drive greater business outcomes. Powered by best-in-class machine learning and propensity modeling, Windfall activates insights into workflows that engage the right people for each respective organization. More than 800 data-driven organizations use Windfall to power their business.

Read More

ENTERPRISE IDENTITY,PLATFORM SECURITY,SOFTWARE SECURITY

Safe Security Introduces Free Assessments to Provide Trusted Financial Risk Calculations for Cyber Attacks and Cyber Insurance Discussions

Safe Security | August 17, 2022

Safe Security, a global leader in cybersecurity risk quantification and management, today announced two industry-first assessment tools to empower organizations to make holistic financial decisions based on their actual cyber risk. At no cost, organizations can access Safe Security’s Interactive Cost Calculator, as well as the Cyberinsurance Assessment, which are designed to enable data-driven discussions about risk and coverage requirements. “Executive leadership from the CEO and board members, to CISOs, risk teams, and CFOs are asking questions like, ‘how much will a cyber attack cost us?’ Or, ‘how much should our cyber insurance cost?’ Today, those leaders either do not have a financial figure at all or possess a financial figure from a ‘black-box’ approach that they can’t explain or trust,” said Saket Modi, co-founder and CEO of Safe Security. “Based on our research, Safe Security is offering organizations the opportunity to understand the financial impact of a cyber attack with full visibility into how the assessment is calculated so you can trust and explain the numbers. Knowledge is power, and our mission is to arm you with an unbiased assessment that can be used for risk discussions and insurance negotiations.” Interactive Cost Calculator for Cyber Attacks Safe Security’s Interactive Cost Calculator for cyber attacks is a free, tunable calculator that enables organizations to understand their potential financial risk due to a cyber attack, such as ransomware. The easy-to-use assessment gathers specific inputs about the company, and provides a cost estimate based on Safe Security’s cost model that takes into account cost drivers associated with security incidents. The output can be customized to the parameters of an organization to further refine the estimate. Inside-Out Cyberinsurance Assessment Safe Security’s Inside-Out Cyberinsurance Assessment helps companies better understand their cyber health and reduce premiums. Cyber insurance premiums keep rising despite increasing cybersecurity investments. Companies can gain specific guidance on how their cybersecurity risk posture compares to others in the same industry, how much coverage they need, and the top actions they should take to ensure a successful cyber insurance renewal. The SAFE platform runs a cyber risk assessment based on the following data points: API feeds from the organization’s internal technology environment Maturity of the organization’s cybersecurity policies and products About Safe Security Safe Security is a leader in cybersecurity and digital business risk quantification management, with a mission to build a safer digital future. Safe’s cyber risk quantification and management (CRQM) platform enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

AI-Based Cloud Security Meets Live Professional Monitoring--Rhombus Releases 24/7 Alarm Monitoring with Video Verification and Emergency Dispatch

Rhombus | September 17, 2022

Rhombus, a leader in enterprise cloud physical security, has released Alarm Monitoring, a 24/7 service that deters threats in real time and enhances an organization's after-hours security by combining AI-based alerts with live professional monitoring. "Many IT and Safety Managers love that Rhombus automatically sends AI-based alerts but don't have the staff on call to respond after hours. "This is where Alarm Monitoring comes in. When an alert is triggered—for instance, if human movement is detected when a building should be empty—an audible deterrent can be issued to deescalate a threatening situation and a live dispatcher will verify the alert to determine the appropriate course of action. The combination of issuing a deterrent while conducting a live investigation not only reduces false alarms but also accelerates incident resolution and emergency response." Rickey Cox, Director of Product at Rhombus Once an alert is triggered, live agents will automatically verify the alert and will text/call an organization's contact list or immediately dispatch emergency services if a threat to a person or property is identified. Additionally, with the Rhombus A100 Audio Gateway, an audible deterrent can be issued, such as a police siren, loud alarm, or custom message. Monitoring agents can also use the A100 as a two-way communication device, informing perpetrators that the authorities are on their way and to vacate the property. The use of an audible deterrent helps neutralize damage or threats in real-time as emergency services are en route. Within minutes, Rhombus can trigger an alert, issue an audible deterrent, verify an alert, contact essential personnel regarding the situation, send emergency services, and provide contextual information to first responders, including alert footage, live streams, and location details. Alarm Monitoring utilizes fully redundant, Five Diamond, UL-Listed Central Monitoring Centers and the full suite of Rhombus products –including smart cameras, sensors, and industry-leading AI analytics—to provide best-in-class coverage to enterprise organizations. Rhombus Alarm Monitoring is now available starting at $1,799 per year, per location. About Rhombus Rhombus is a cloud physical security platform designed to bring greater intelligence, security, and productivity to enterprise organizations. Rhombus delivers NDAA-compliant smart cameras and connected sensors that can be managed from a single pane of glass to simplify infrastructure and security management at scale.

Read More

DATA SECURITY,SOFTWARE SECURITY

Rubrik Surpasses $400 Million in Subscription ARR and Launches Rubrik Zero Labs, Data Threat Research Unit to Help Combat Global Cyber Events

Rubrik | September 01, 2022

Rubrik, the Zero Trust Data Security™ Company, today announced it surpassed $400 million in software subscription annual recurring revenue (ARR) to date, growing over 100 percent year over year. The company has achieved a net dollar retention rate greater than 140 percent based on its ability to retain customers and expand within the customer base. Today, over 4,500 customers around the world and across multiple industries rely on Rubrik to help them secure their data and keep their business running, including BMO Financial Group, Citigroup, Estee Lauder, Fiserv, The Home Depot, and many others. The company also announced the launch of Rubrik Zero Labs, Rubrik’s new cybersecurity research unit to analyze the global threat landscape, report on emerging data security issues and give organizations research-backed insights and best practices to secure their data against the increasing threat of cyber events. “There is no industry, government, or company that is immune to cyberattacks. These threats continue to increase in volume and sophistication and have the power to bring entire organizations to their knees. “We are striking a chord with organizations globally because they need a better strategy to protect their data. With Rubrik, they are better able to secure their business from ongoing cyber events.” Bipul Sinha, CEO and Co-Founder of Rubrik Cybersecurity Veteran Steven Stone Joins as Head of Rubrik Zero Labs Today Rubrik announced it has named Steven Stone as the Head of Rubrik Zero Labs. Stone will lead Rubrik’s new data threat research unit to uncover real-world intrusions from a range of threats including espionage-based data breaches to ransomware attacks, and to inform customers and partners of the best ways to proactively address risk in their business operations. He has over 15 years of experience in threat intelligence with roles in the U.S. military, intelligence community, and private sector, including Mandiant/FireEye and IBM. Most recently, he was Vice President of Adversary Operations at Mandiant, leading global teams who were responsible for adversary hunting, attribution, and data collection efforts. “Data and insights are critical for understanding, responding, preventing, and recovering from cyber events. In many cases, the data aspects are the least understood across the threat landscape, and we want to close this delta. Comprehensive threat intelligence will enable organizations to make informed decisions so they can be prepared for a full swath of cyber threats,” said Stone. “I’m thrilled to pioneer the data threat intelligence unit at Rubrik and help to deliver valuable insights to our customers and the cybersecurity industry so that together we can stay ahead of the evolving data threat landscape.” Additional Milestones: Rubrik has also achieved a number of recent industry recognitions, landmark accomplishments, and launches including: Launched Rubrik Security Cloud to secure customers’ data wherever it lives across enterprise, cloud, and SaaS while delivering data resilience, data observability, and data recovery Grew the leadership team by appointing Mike Mestrovich as Chief Information Security Officer (CISO), following his role as CISO at the Central Intelligence Agency (CIA). Appointed Chris Krebs — former director of the U.S. Cybersecurity and Infrastructure Agency (CISA) — as Chair of Rubrik’s new CISO Advisory Board, where he will assemble some of the nation’s top CISOs to facilitate information exchange and thought leadership in data security. Rubrik also named Ghazal Asif, who previously served as Google’s Head of Channel for EMEA, as Head of Global Partners and Alliances Named a Leader in the 2022 Gartner® Magic Quadrant™ for Enterprise Backup and Recovery Software Solutions, positioned the furthest overall in Completeness of Vision for third year in a row Rubrik ranked amongst highest scoring 3 vendors for all Use Cases in 2022 Gartner® Critical Capabilities™ for Enterprise Backup and Recovery Software Solutions for 2 consecutive years Received numerous industry accolades, including placement on the Forbes Cloud 100 for the sixth year in a row, and distinction as winner of the Global InfoSec Awards as Hot Company in Data Security About Rubrik Rubrik is a cybersecurity company, and our mission is to secure the world’s data. We pioneered Zero Trust Data Security™ to help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

Read More

Spotlight

Bridging the Gap Between Cyber Security and Your Organization Cybercrime has climbed to 2nd most reported economic crime affecting organizations (Global Economic Crime Survey 2016 - PwC). The results are shocking, but many governments and businesses are only about to put cyber security consciously on their agenda. These days, massive security breaches and compromised accounts undoubtedly demonstrated why everyone is under threat. Malicious cyber-attacks are targeting organizations for many reasons, including financial, strategic or even political conflicts. X Infotech’s intention with this paper is primarily to take a closer look on the cyber-threat landscape and strategic actions governments and businesses should take to fight cybercrime.

Resources