Last week Enterprise Times published a podcast with Richard Ford, Chief Technology Officer at Integrity360. Ford discussed how organisations should use managed detection and response for an active security posture. The focus is to move from reaction to being proactive.
Celebrus unveiled the latest version of its first real-time customer data and fraud prevention platform.
Babel Street and Boeing Intelligence & Analytics (BI&A) announced their expanded partnership to further enhance the capabilities of the Think, Analyze, Connect (TAC) application in providing military decision-makers with strategic and tactical intelligence in conflict zones, including the ongoing Russia-Ukraine conflict.
The TAC application, led by BI&A on behalf of the US Government, will leverage Babel Street’s Rosette. This will provide multilingual text analytics, integrating enhanced publicly and commercially available information from Babel Street’s Insights platform. This will augment traditional intelligence collection. The result is a more comprehensive, verifiable, all-source analysis, delivered through a single pane of glass.
Roxanne Wood, CEO and President of Boeing Intelligence & Analytics commented, “The expanded collaboration with Babel Street brings us closer to realizing our vision of a safer world. Babel Street’s proven technology, combined with our experience in developing and delivering advanced solutions, will undoubtedly result in a more robust, versatile tool for intelligence analysis and military decision-making.”
Check Point Software Technologies
Check Point Software Technologies announced its Q2 2023 results. Key figures included:
- Total Revenues: $589 million, a 3% increase year over year
- Product and License Revenues: $117 million, a 12% decrease year over year
- Security Subscription Revenues: $239 million, a 14% increase year over year
- Deferred Revenues: $1,774 million, a 7% increase year over year
- GAAP Operating Income: $221 million, representing 38% of revenues
- Non-GAAP Operating Income: $263 million, representing 45% of revenues
- GAAP EPS: $1.70, a 25% increase year over year
- Non-GAAP EPS: $2.00, a 22% increase year over year
Gil Shwed, Founder and CEO of Check Point Software, said, “The second quarter delivered robust profitability with over 22% growth in EPS. Our platform security strategy realized continued success, as Infinity revenues surpassed 10% of total revenues for the quarter. This was further emphasized by a 14% increase in security subscription revenues that encompasses our advanced security solutions such as ThreatCloud AI, CloudGuard, and Harmony E-mail.
“This mitigated some of the impact from customers delaying network security refresh projects. As we move forward, our priority remains driving revenue growth by delivering a prevention-first approach, with a focus on collaborative cyber security where multiple products work in concert to protect against the most sophisticated threats.”
Dragos published a brief case study about the LockBit 3.0 Ransomware attack on the Port of Nagoya, one of Japan’s busiest ports. The attack led to a four-day outage.
Dragos revealed that another prominent container terminal operator recognized the significance of OT cybersecurity and proactively prioritized the protection of its OT systems.
Understanding the potential consequences of cyber threats, this company deployed Dragos technology and expertise across its enterprise to ensure the uninterrupted flow of cargo and maintain the safety and reliability of its operations. As a result, the company has fortified its environments, improved threat visibility, and developed effective incident response capabilities.
IBM has received an additional Trusted Supplier accreditation from the Department of Defense (DoD) Defense Microelectronics Activity (DMEA). It will deliver embedded security services customized for a U.S.-based advanced microelectronics manufacturer.
Susan Wedge, Managing Partner, U.S. Public and Federal Market at IBM Consulting, commented, “Our national security, economy and even our way of life are at risk without adequate security and trust in microelectronics manufacturing. It’s critical that microelectronics and related parts are manufactured in properly secured environments and available when and where they’re most needed.
“This additional accreditation is a demonstration of IBM Consulting’s commitment to continuous innovation in the delivery of security services that help safeguard the ongoing domestic supply of defense-critical microelectronics.”
Infoblox published a second threat report with critical updates on “Decoy Dog,” the remote access trojan (RAT) toolkit they discovered and disclosed in April 2023. The malware uses DNS to establish command and control (C2). And is suspected as a secret tool used in ongoing nation-state cyber attacks.
Scott Harrell, Infoblox President and CEO, commented, “It’s intuitive that DNS should be the first line of defense for organizations to detect and mitigate threats like Decoy Dog. Infoblox is the industry’s best-of-breed DNS Detection and Response solution, providing companies with a turn-key defense that other XDR solutions would miss. As demonstrated with Decoy Dog, studying and deeply understanding the attacker’s tactics and techniques allows us to block threats before they are even known as malware.”
Infoblox has published a detailed analysis of its findings as the malware continues its threat. Dr Renée Burton, Head of Threat Intelligence at Infoblox, added, “The lack of insight into underlying victim systems and vulnerabilities being exploited makes Decoy Dog an ongoing and serious threat. The best defense against this malware is DNS. Malicious activity often goes unnoticed because DNS is undervalued as a critical component in the security ecosystem.
“Only enterprises with a strong protective DNS strategy can protect themselves from these types of hidden threats.”
Integrity360 announced the acquisition of leading European PCI QSA (Payment Card Industry Qualified Security Assessor) and cyber security services company Advantio. The acquisition will enable Integrity360 to expand further into continental Europe. It will also provide an additional cyber services practice focused on PCI compliance.
This will complement Integrity360’s existing service practices, including cyber risk and assurance, cyber security testing, incident response, infrastructure, end-point and SIEM professional services, and a highly comprehensive range of managed cyber security services.
Ian Brown, Executive Chairman at Integrity360, commented, “We are delighted to be welcoming the Advantio team to Integrity360. The enhanced group will now significantly expand our existing activities and cyber services throughout continental Europe, and further develop Advantio’s considerable expertise in PCI compliance.
“The combination of the two businesses provides a powerhouse of technical cyber and security payments expertise for the group’s customer base including preparing for the impending arrival of the new PCI DSS 4.0 standard which requires comprehensive threat detection and incident response services.
“The two companies are highly complementary, with common strengths in cyber assurance, cyber security testing and managed detection and response and share the same customer service ethos. We look forward to delivering our expanded and extensive range of services for the benefit of our combined customers over the coming weeks and months.”
LogRhythm announced that Infoline Tec Group Berhad had launched a LogRhythm SIEM-powered SOC to deliver crucial cybersecurity services in Malaysia. The new SOC aims to protect clients’ IT infrastructure and data from cyber threats, attacks and unauthorised access through improved visibility and continuous monitoring. The SOC team will consist of L1 and L2 Analysts, Shift Leads, Consultants, and a SOC Manager that reports directly to the CTO.
Koay Hean Jin, Chief Technology Officer, Infoline, commented, “The launch of our SOC marks a significant milestone for Infoline. With the increasing threat landscape, we have invested in cutting-edge technology and expert capabilities to provide robust cybersecurity solutions.
“Our SOC enables us to proactively detect and mitigate threats, ensuring the safety and integrity of our clients’ digital assets. We are committed to delivering advanced security measures and empowering businesses to navigate the digital world with confidence.”
Jerry Tng, Vice President, APJ, LogRhythm, said, “For organisations that do not require an in-house SOC, MSSPs like Infoline helps provide them with a solution towards increased visibility and threat detection over their IT infrastructure.
“We are proud to equip the Infoline SOC with the LogRhythm SIEM, which is a testament to the industry’s trust in our history and ongoing innovations. With LogRhythm, the Infoline SOC will be able to access our powerful capabilities coupled with simple analyst experience.”
Mimecast announced the August 2023 release of Protection for Microsoft Teams for its Email Security Cloud Integrated customers, enabling them to Work Protected across the hybrid attack surface. Security solutions for additional collaboration channels will follow, such as Microsoft SharePoint, Microsoft OneDrive, Slack, and Google Workspace.
Mimecast also released research titled “Collaboration Security: Risks and Realities of the Modern Work Surface”. The report reveals a disconnect between cybersecurity leadership and employees regarding collaboration security posture. While nearly 75% of cybersecurity leaders believe their organizations are prepared to defend against collaboration tool attacks, nine in 10 respondents were victims of a breach stemming from these applications over the past year.
Training is patchy, and often seems inadequate. Only 38% of employees state they have received any training despite claims from leadership. Worryingly, 20% of employees do not check the spelling or the legitimacy of attachments before opening. While 30% do not believe they are directly responsible for collaboration tools breaches.
David Raissipour, Mimecast Chief Technology and Product Officer, commented, “The modern workplace has experienced explosive change in a short period of time. Adoption of Microsoft Teams has never been higher due to hybrid work, making collaboration tools essential to productivity. But cybercriminals know this and are increasingly seeking to exploit this tool, which is often under-protected or unprotected all together.
“Leveraging Mimecast’s 20 years of experience and innovation in securing email communications, Protection for Microsoft Teams is designed to ensure that Microsoft 365 remains a productivity tool rather than a security risk.”
Sophos released a report entitled “The State of Ransomware in Education 2023.” The report found that 79% of higher educational organizations surveyed reported being hit by ransomware. While 80% of lower educational organizations surveyed were targeted — an increase from 64% and 56% in 2021. These figures are the highest ever for the sector.
Many establishments are also paying the ransom. With 56% of higher educational organizations paying and 47% of lower educational organizations paying the ransom. Despite paying, the cost of recovery following payment is often higher than for those who don’t. Paying also lengthened recovery times.
Chester Wisniewski, Field CTO Sophos, commented, “While most schools are not cash-rich, they are very highly visible targets with immediate widespread impact in their communities. The pressure to keep the doors open and respond to calls from parents to ‘do something’ likely leads to pressure to solve the problem as quickly as possible without regard for cost. Unfortunately, the data doesn’t support that paying ransoms resolves these attacks more quickly, but it is likely a factor in victim selection for the criminals.”
Other key findings in the report include:
- Exploits and compromised credentials accounted for 77% of ransomware attacks against higher educational organizations (65% in lower educational organizations).
- The rate of encryption increased slighter in higher education by +1% year over year to 73% but increased by 9% for lower educational organisations (81% from 72%).
- Higher educational organizations reported a lower rate of using backups than the cross-sector average (63% versus 70%).
Sophoes provided three means by which organisations should strengthen their security shields.
Trend Micro Incorporated has been named an Official Partner of the NEOM McLaren Formula E Team. The multi-year partnership aligns the brands’ innovative cultures, focus on speed and acceleration and commitment to securing complex and dynamic environments. Whether that be across an electronic vehicle or a global enterprise.
Ian James, Managing Director, NEOM McLaren Electric Racing & Team Principal, NEOM McLaren Formula E Team, said, “I’m excited to welcome Trend Micro to our team. As we travel around the world, cybersecurity is critically important to us. With Trend Micro we will explore ways to collaborate and keep our operations safe. We are two brands with great synergy, and I’m looking forward to our years of partnership.”
Trustwave has achieved supplier status with Bridgepointe. A tech advisory firm that helps mid-market and enterprise companies transform tech investments into unrivalled business results. Partnering with Bridgepointe and its robust network of Selling Partners, Trustwave can now provide its security consulting, managed detection and response, threat hunting, co-managed SOC, database security, and email security services to an even broader set of clients.
Garrett Gee, Trustwave’s Global Vice President, Indirect Channels and Alliances, commented, “Trustwave is honored to be positioned as a strategic supplier to Bridgepointe customers, adding vital protection and increased value for midmarket and enterprise companies. Organizations are looking for a trusted cyber defender as their partner to protect against a wide range of threats, and Bridgepointe and Trustwave are well positioned to meet those needs.”
Gary Jacobs, Vice President of Operations and Sales Programs at Bridgepointe Technologies, added, “We’re hyper-focused on ensuring our clients have right security strategy and solutions to identify and defend against current and emerging threats. By partnering with Trustwave we’ll further our ability to support our clients and we’re pleased to add them to our supplier ecosystem.”