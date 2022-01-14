ContributorsPublishersAdvertisers
Technology

3 Pillars of a Successful Managed Security Services Deployment

By Adam Burns
securityboulevard.com
 7 days ago

Cover picture for the articleAs much as they’d like to be able to, not many enterprises can afford a dedicated, in-house SWAT team of security experts, ready to pounce on and deflect the latest threats to the organization. Most companies are time- and resource-constrained as it is. Others are still feeling the crunch from the...

securityboulevard.com

Comments / 0

Related
securityboulevard.com

Datto Acquires Cybersecurity Company Infocyte

NORWALK, Conn., January 20, 2022 — Datto Holding Corp. (Datto) (NYSE:MSP), the leading global provider of cloud-based software and security solutions purpose-built for Managed Service Providers (MSPs), today announced that it has acquired threat detection and response company Infocyte, extending Datto’s security capabilities that protect, detect, and respond to cyberthreats found within endpoints and cloud environments.
NORWALK, CT
securityboulevard.com

SecZetta And Strivacity Announce Joint Offering to Automate Third-party Identity Risk Management and Customer Identity and Access Management (CIAM)

Solution offers easy-to-use risk-based access for partners and consultants – including vendors, consultants, and bots – with just a few clicks. Fall River, Mass. & Herndon, Va. – January 20, 2022 – SecZetta, a leading provider of third-party identity risk solutions, today announced a new partnership with Strivacity, a no-code customer identity and access management (CIAM) platform. Together, SecZetta and Strivacity offer organizations an automated solution for making risk-based decisions about when, where, and how non-employees, ranging from vendors to bots, can access their systems and data.
HERNDON, VA
securityboulevard.com

Buyers Guide to Compliant Cloud Services for Defense Contractors

When defense contractors look for a reliable source to store and share their controlled unclassified information (CUI), they will frequently turn to a cloud service provider (CSP). Cloud is a superior choice for contractors over storing on premise as cloud enables unlimited storage, access to data from anywhere, data resiliency, and freedom from managing and maintaining hardware.
SOFTWARE
securityboulevard.com

Critical OWASP Top 10 API Security Threats

It’s no secret that APIs are under attack. Companies are struggling to keep their APIs safe and secure from accidental breaches to malicious hacks. The problem will only worsen as APIs become more complex and more companies rely on them for critical business functions. The security risks increase exponentially.  
COMPUTERS
IN THIS ARTICLE
#Infrastructure Security#Information Security#Managed Services#Internal Security#Swat#Msps#Cisa
securityboulevard.com

Log4j Exploit Hits Again: Vulnerable VMWare Horizon Servers at Risk

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. [see “Protecting Against the Log4J Vulnerability”] Countless millions of devices instantly became at risk of attack, and Log4j ranked among the worst vulnerabilities yet seen. The fear of the Log4j security flaw has once again returned as threat actors have started to exploit vulnerable VMWare Horizon Servers. Learn more about Log4j and this new threat in this Morphisec blog post.
SOFTWARE
helpnetsecurity.com

NordPass for MSP offers password management services for online security

NordPass Business has released NordPass for MSP, a password management solution that enables managed service providers (MSPs) to deliver an easy-to-use tool to their customers. Today, an increasing number of small and medium-sized businesses (SMBs) are interested in ensuring their company’s cybersecurity and routinely look for MSPs that can offer...
TECHNOLOGY
securityboulevard.com

Digital Hygiene Tip From Our SOC: Update Your Cipher Suites and Certificates

It’s January, and most of us are hitting the gym, eating salads, and resolving to take better care of our health. This year, we’d encourage you to add “improve digital health.” We’re telling ThreatX customers to make sure their new year’s resolutions include good digital hygiene, such as updating cipher suites and certificates. 
HEALTH
securityboulevard.com

The Rise of the 24/7 Security Scanning Access Point

An astonishing 90% of enterprise data breaches are caused by phishing attacks, costing businesses billions every year in lost revenue and downtime. Rogue devices are often the gateway to such attacks. The industries most vulnerable to hacking include finance, medicine, education, warehousing, airports and rail stations, government and distributed enterprise networks. These verticals operate at pervasive levels and handle highly sensitive data that could devastate businesses and customers in the wrong hands.
TECHNOLOGY
YOU MAY ALSO LIKE
NewsBreak
Technology
NewsBreak
Economy
securityboulevard.com

Stories from the Field: How DTEX i3 Identified Personal Criminal Activity on a Corporate Device

When sports started being televised 50+ years ago, it brought a new level of visibility to teams and games. You no longer needed to be in or from the town or city, or correlate multiple sources of information from newspapers and radio broadcasts just to find out what happened. Then, with the advent of video replay and the opportunity to challenge the play, came the visibility to correct mistakes in near real-time as they happened; most importantly, the mistakes made by both player and official. Those mistakes could now be peer reviewed, discussed, decided, and communicated to the necessary stakeholders. Something that historically was resigned to arguing over a beer after the game.
FOOTBALL
securityboulevard.com

How to Build a Security Awareness Training Program

With increased digitization of everything post-pandemic, cybersecurity has become a top concern for global CEOs with almost half planning to increase cybersecurity investment by 9%, according to PwC. Since 85% of breaches involve human error, throwing more money at the problem by buying the latest cybersecurity technology may hit a point of diminishing returns. At its core, cybersecurity isn’t just a technical problem, it’s a human problem. Organizations need more than technology—they need employees as both their first and last line of defense; employees who embrace security awareness and who identify, avoid and flag activities and items that are of a suspicious nature.
COMPUTERS
securityboulevard.com

MSPs and MSSPs: 6 Password Management Tips

The majority of users, whether new employees or CEOs, don’t realize that even if their password meets complexity requirements, it doesn’t mean it’s secure. In fact, many common password policies are overdue for an update, as for several years now cybercriminals have been taking advantage of these password policy weaknesses.
TECHNOLOGY
securityboulevard.com

Deloitte Extends Managed Security Service to Include XDR

Deloitte today extended its portfolio of managed security services to include a managed extended detection and response (MXDR) offering that incorporates security monitoring and response capabilities developed by both Deloitte and its third-party partners. Curt Aubley, MXDR by Deloitte leader and a managing director for Deloitte Risk & Financial Advisory...
ECONOMY
securityboulevard.com

How ThreatX Can Help Address Cyber Insurance Critical Controls

Our customers often ask us for help addressing the requirements of insurers. It’s clear that securing APIs and web apps is increasingly top of mind for insurers; our customers tell us that these are the 10 most common controls insurers are looking at:. Managed vulnerabilities. Patched systems and applications.
SOFTWARE
securityboulevard.com

What is a Cloud Native Application Protection Platform (CNAPP)?

When I first joined DeepFactor, I set out to learn as much as I could about the relevant markets and technology categories to inform our go-to-market strategy. One of the first questions I asked myself was “What category does DeepFactor fit into and what are the trends that are shaping that category?”
SOFTWARE
securityboulevard.com

6 Things Cyber Insurers Are Looking for in Cyberattack Claim Applications

The modern digital environment is more risky than ever before, and the incidence of cyberattacks only increased throughout the COVID-19 pandemic. In this day and age, even the most robust security systems may still be penetrated or breached by a sophisticated cyber-attack. This means companies can no longer afford to be complacent about security.
TECHNOLOGY
securityboulevard.com

Bolster Global Fraud Index Now Live!

Online Fraud is off the Charts – See For Yourself. You've heard us say it before, and we'll say it again, online fraud represents a tremendous threat to businesses and brands of all sizes. The scale of the problem is mind-boggling, and with so many different digital channels to contend with from websites to social media platforms to marketplaces and more, modern threat actors have the upper hand. In fact, we've been measuring the scale of the problem for the past few years. You'll recall in our 2019 State of Phishing and Online Fraud Report our systems detected over 4.2 million phishing and scam pages. In 2020, that number jumped to over 6.9 million pages, with nearly 30,000 new phishing and scam pages detected globally on a daily basis. (Read full report here). And this past year, 2021, the rate of phishing and online fraud across the Internet skyrocketed even higher. Stay tuned for our 2021 year-end report to learn more.
PUBLIC SAFETY
The Independent

New laws proposed to boost UK business cyber security

New laws have been proposed that would help boost the UK’s resilience from cyber attack, following a rise in incidents targeting national infrastructure around the world.The Department for Digital, Culture, Media and Sport (DCMS) has unveiled plans to bolster security standards across the country, including improving the way firms report cyber security incidents and setting new qualification standards for those working in the sector to ensure they’re properly equipped to do so.The plans come in response to a number of recent high-profile cyber incidents, including the SolarWinds and Microsoft Exchange Servers attacks, which used vulnerabilities in third-party products used by...
PUBLIC SAFETY
securityboulevard.com

Hunting for Log4j Vulnerabilities: A Fortune 100 Case Study

Finding Log4j Instances in Runtime and Tracking Completed Remediation at a Fortune 100 Company. Time is a funny thing. It’s hard to believe that it’s already been just over a month since Log4Shell, a zero-day vulnerability in the Java logging tool Log4j, was publicly disclosed on December 9th, 2021. The following day, I was contacted by one of our customers, a Fortune 100 company, for assistance with finding and patching Log4j instances amongst the millions of assets they manage. At the onset of the crisis they estimated it would take 2-3 months just to discover instances of Log4j across their environment, and several more months to remediate instances that were vulnerable.
SOFTWARE
securityboulevard.com

Teachable Moment: An Insider Threat on Your Team

No manager or executive wants to receive a phone call informing them that a team member has engaged in suspicious activities that require a security investigation. But that’s just what happened to Code42’s vice president of portfolio strategy and product marketing, Mark Wojtasiak. Code42’s internal instance of its insider risk management toolbox discovered a member of Wojtasiak’s team, who had recently given notice, had downloaded inside information to an unauthorized device.
ECONOMY
securityboulevard.com

Protecting Data in the Cloud: A Work in Progress

Throughout its history, the tech industry has had to deal with constant change, increasingly complex architectures and security challenges. Security is a particularly deep well of concepts to navigate. One offshoot of this is acronym fatigue, a never-ending, ever-changing mishmash of insider terms that are intended to define markets. The advent of cloud has taken this issue to an entirely new level.
SOFTWARE

Comments / 0

Community Policy