Sara Andrews, Chief Information Security Officer of PepsiCo Appointed to FireEye board of directors

FireEye, Inc. | August 11, 2020

FireEye, Inc., the intelligence-led security company, today announced that Sara Andrews has been appointed to the FireEye board of directors. Andrews currently serves as Senior Vice President and Chief Information Security Officer (CISO) at PepsiCo.

Andrews brings more than two decades of front line experience defending some of the world’s largest organizations. As PepsiCo’s CISO, Andrews is responsible for developing and implementing the risk-based information security strategy for PepsiCo. In this role, she serves as PepsiCo’s top information security executive, responsible for safeguarding networks and data across the food and beverage powerhouse, including all its business units and brands globally.

Spotlight

According to Forrester, the right engagement model can help companies achieve double-digit growth. Simply put, establishing trust through differentiated and secure digital experiences is key to competing in today’s marketplace. Achieve the necessary balance and your company wins. This handbook is designed to start you on the ro


Other News
PLATFORM SECURITY

Cloudflare Completes Acquisition of Area 1 Security

Cloudflare | April 04, 2022

Cloudflare, Inc. , the security, performance, and reliability company helping to build a better Internet, today announced it has completed its acquisition of Area 1 Security. Email is both one of the largest cloud applications for any business, and the biggest security threats that organizations of all sizes face. Yet legacy email security solutions are often expensive, overly complex, and disjointed from an organization’s holistic security strategy. Further, malicious phishing and business email compromise campaigns are incredibly costly—with U.S. businesses losing more than $2.4 billion a year according to data from the FBI’s Internet Crime Complaint Center 2021 Internet Crime Report. With the acquisition of Area 1 Security, Cloudflare will provide organizations an easy way to block phishing, malware, business email compromise and other advanced threats as part of an integrated, Zero Trust approach to securing all of their organizations’ applications. “Cloudflare's mission is to help build a better Internet, and we've invested heavily in building the world's most powerful cloud network to deliver a faster, safer, and more reliable Internet for our users. Now we're officially able to welcome the Area 1 team to Cloudflare and enhance our ability to secure the number one place where security threats come from, email. To us, Zero Trust security without email built in is worth nearly zero. By bringing email security and Zero Trust together with Area 1 Security, we believe that we will give customers the most complete Zero Trust security platform available." Matthew Prince, co-founder & CEO of Cloudflare Area 1 Security’s cloud native platform, which works seamlessly with any email offering, stops phishing and other advanced email attacks by preemptively discovering and eliminating them before they can inflict damage in a corporate environment. By combining Area 1 Security’s highly scalable technology and years of experience in email protection with Cloudflare’s global network, the two companies will provide a holistic Zero Trust solution that customers can enable through Cloudflare’s global network. Area 1 Security’s email security capabilities will be available for purchase for all enterprise plan customers today, and will be available to customers on all other paid plans in the months to come. "Cloudflare delivers one of the world’s leading Zero Trust networks, and we're excited about what we'll be able to build together for our customers and channel partners," said Patrick Sweeney, CEO and President of Area 1 Security. "By joining forces, Area 1’s technology and Cloudflare's global network will give customers the most complete Zero Trust security platform available, inclusive of securing the most critical of today’s business applications – your email." About Cloudflare Cloudflare, Inc. is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures 2018 list and ranked among the World’s Most Innovative Companies by Fast Company in 2019. Headquartered in San Francisco, CA, Cloudflare has offices in Austin, TX, Champaign, IL, New York, NY, San Jose, CA, Seattle, WA, Washington, D.C., Toronto, Lisbon, London, Munich, Paris, Beijing, Singapore, Sydney, and Tokyo.

Read More

SOFTWARE SECURITY

Contrast Security Joins Foojay Advisory Board to Accelerate Java Developer Community Growth, Raise Security Perspective

Contrast Security | April 13, 2022

Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announces its commitment to helping Java developers build code securely by joining the Foojay Advisory Board. "Prior to the creation of Foojay, the ecosystem of OpenJDK users lacked a vendor-neutral community platform for many years. It is wonderful to see more and more individuals and organizations, such as Contrast Security, getting involved since the foundation's inception in April 2020. Contrast Security not only shares their insights about the OpenJDK, but also provides valuable security tips and tricks as well as helps collaborate around Foojay, the place for friends of OpenJDK." said Geertjan Wielenga, Senior Director of Open Source Projects at Azul, the initiator of Foojay. Contrast Security along with the other Foojay Advisory Board Members will help guide the direction, content and oversight of Foojay.io, the community site for developers who use, target, and run their applications on top of Java and OpenJDK, with a focus on growing the community and meeting its mission to provide free information for everyday Java developers. "We're honored to join the Foojay Advisory Board because we know Java developers rely on the Foojay community and the foundation's mission of sharing information and improving the entire market as a whole. Contrast is proud to help progress security within Java applications and assist developers to build securely without having to change the way they work." Steve Wilson, Chief Product Officer at Contrast Security Contrast Secure Code Platform is the only platform on the market that embeds intelligent agents directly into the code to enable developers to detect vulnerabilities during and post-production. In addition to Java support, Contrast Secure Code Platform supports .NET, Ruby, Python, Node, PHP and Go. About Foojay: Foojay, a place for Friends of OpenJDK, is a fast-growing community focused around the OpenJDK, providing tips and insights for Java developers, and user-focused Java and OpenJDK technical dashboards with free information on all things Java. A dedicated blogging area is available on Foojay to anyone who has thoughts or code to share on topics relevant to the Java ecosystem. About Contrast Security: Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive Code Security Platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.

Read More

DATA SECURITY

Futurex Named a Leader in Hardware Security Modules by ABI Research

Futurex | February 25, 2022

Futurex receives top scores for cloud HSM service and strong cloud integration, extensive payment HSM platform, richest features, customer flexibility BULVERDE, Texas, February 24, 2022 — ABI Research, global technology intelligence firm, today named Futurex a leader in hardware security modules (HSMs). In its latest Hardware Security Module: OEM competitive assessment report, ABI Research gave Futurex, a leader in enterprise-class data security solutions, high scores for its cryptography-as-a-service options, extensive payment HSM offerings, rich features, hybrid deployment options, and customer flexibility. “The HSM market is changing rapidly. This is propelling highly flexible HSM offerings that can scale easily and adapt quickly to emerging demands,” the report by ABI Research reads. “Futurex showcases an extensive payment HSM platform with strong cloud integration and service availability, enabling it to carve itself a particularly successful niche in the HSM market which it is actively expanding.” “We are honored to be recognized by ABI Research as a leader in the HSM space,” said Ryan Smith, vice president, global business development, at Futurex. “Our four decades of HSM R&D, in-depth knowledge of enterprise security needs, and being the first in industry to offer cryptography-as-a-service, have made us the trusted HSM partner for the world’s largest enterprises.” Putting Innovation and Customers First ABI Research’s report highlights Futurex’s commitment to innovation by recognizing the operational flexibility and application versatility its HSMs have to offer. The report also noted that Futurex is the only company offering the same suite of features with its cloud HSM as with its on-premises hardware. With multiple payment HSM vendors currently going through end-of-life processes with their HSMs, organizations are looking for options including migrating their infrastructures to the cloud without changing any application code. As organizations look for robust security while optimizing costs with OPEX models, many turn to Futurex’s VirtuCrypt Cloud Payment HSM for their cryptographic needs. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

DATA SECURITY

SecurityScorecard Research Reveals Cyber Vulnerabilities Pose a Threat to U.S. Maritime Security

SecurityScorecard | December 21, 2021

SecurityScorecard, the global leader in cybersecurity ratings, today released a new report on the U.S. shipping industry, "Proactive Security Measures for Global Maritime Shipping." The research found that high severity cyber vulnerabilities pose a big risk to U.S. maritime security, especially ahead of a busy holiday season. In December 2021, SecurityScorecard conducted an analysis of the cybersecurity health of 100 global shipping container companies compared to the Forbes Global 2000 companies, finding that: Overall, the cybersecurity risk posture of the shipping industry was better than the Forbes Global 2000, but the shipping industry did not perform higher in every risk group factor The largest risks to the sector include vulnerabilities in application security, irregular patching cadence, and network security Data breach percentages for shipping container companies increased from 2018 through 2021, indicating that the industry may be an increasingly attractive target for malicious cyber actors during the 2021 winter holiday season Shipping container companies initially did better than the Forbes Global 2000 until April 2020, when high-profile attacks sank the industry average. Since mid-2020, shipping container companies have continued to struggle to build resilience in their cybersecurity and have not yet returned to their pre-2020 breach scores. Global supply shortages and shipping disruptions brought on by the COVID-19 pandemic pose a threat to U.S maritime security and threaten to disrupt the holiday gift-giving season. The maritime shipping network, which is responsible for 90% of the global trade, has gone from being a fast and cost-effective system to one plagued by delays, clogged shipping lanes, and exorbitant prices. "The shipping and maritime industry is already strained and taxed by the pandemic and resulting supply chain backlog,A potential cyber incident in the shipping industry could have catastrophic effects on people and businesses all across the world. This research is a key indicator that the industry should continue to keep a focus on cyber resilience through continuous monitoring." Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard SecurityScorecard continuously monitors millions of entities world-wide, and non-intrusively assesses their security posture across ten risk categories, including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. This instantly delivers an easy-to-understand "A" through "F" security rating. About SecurityScorecard Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More

Spotlight

According to Forrester, the right engagement model can help companies achieve double-digit growth. Simply put, establishing trust through differentiated and secure digital experiences is key to competing in today’s marketplace. Achieve the necessary balance and your company wins. This handbook is designed to start you on the ro

Resources