NIBS (credit image/Pixabay/ Ryan McGuire)Last week, Check Point Software added new managed security capabilities to its Infinity Global Services. Enterprise Times discussed What Is Identity in a podcast with Mike Kiser, Director of Strategy at Sailpoint. Veeam and Sophos announced a strategic partnership.

There were also announcements from Microsoft, which partnered with PWC and released its Data Security Index. Privacera has announced its Generative AI Governance Solution is now available.

Check Point Software Technologies

Check Point Software Technologies Ltd, has announced key enhancements to its Check Point Infinity Global Services suite. It has added new managed security services across networks, cloud and Security operations.

The new enhancements to Infinity Global Services are:

  • New Managed Network Security Service: Delivers Network Operations Center (NOC) and Security Operation Center (SOC) as a service, utilizing expert tools and processes to optimize networking security and infrastructure
  • New Managed Cloud Security Service: Provides cloud security experts to facilitate secure cloud migration, enhance cloud security posture, and provide managed CSPM and CNAPP services
  • Extended Managed Detection and Response (MDR) Capabilities: Extends Horizon MDR/MPR with Microsoft Sentinel platform capabilities for security analytics, incident detection and response

Eitan Lugassi-Gilad, VP, Infinity Global Services at Check Point Software Technologies said, “Given the dynamic threat landscape, our focus is on ensuring our customers and partners are equipped with leading-edge managed security and cloud services.

“This expansion enhances our services offering, while strengthening Check Point’s role as a key player in delivering managed security services. We are proud to help customers of all sizes address the complex challenges of designing and implementing a cyber-resiliency strategy and the nuances of cloud migrations for enterprises.”

ESET

ESET released its latest APT Activity Report covering the period April-September 2023. The report looked at a select number of APTs, their activity levels, their targets and what they exploited. It makes for worrying but essential reading if you are a likely target of any of the groups from Russia, China, Iran, the wider Middle-East hacking groups and North Korea.

Despite focusing on known APTs, ESET uncovered the operations of several previously unknown China-aligned groups. Two of these are actively targeting governmental organisations in the EU. The report can be found here and is not gated.

ESET Research has also published details of an attack by Winter Vivern. This group has been targeting Roundcube webmail servers of government entities in Europe and a European think tank. It effectively exploited a zero-day XSS vulnerability (CVE-2023-5631) in the Roundcube Webmail server.

ESET reported this to Roundcube, who issued a patch within two days. An impressive turnaround and all organisations using Roundcube should apply it.

Europol

Europol hosted a conference called “Tackling counterfeit goods posing a threat to health, safety, and the environment.” It focused on a range of issues surrounding IP theft. There were several key topics, including:

  • the role of women in fighting intellectual property crime
  • counterfeit goods posing a threat to health and safety
  • counterfeit goods posing a threat to the environment
  • the impact of advanced technology on intellectual property crime.

Catherine De Bolle, Executive Director of Europol, said: “The financial and economic crimes afflicting the EU and its Member States amount to billions of euros in damages, and the criminals behind intellectual property crime infiltrate every aspect of the legal supply chain, threatening public health and safety.”

In September, In September 2023, Europol unveiled its assessment of the threats originating from financial and economic crimes at the EU level. It includes a section dedicated to intellectual property crime.

Europol also issued a report on the risks posed by Quantum Computing. The report is called, “The Second Quantum Revolution: The impact of quantum computing and quantum technologies on law enforcement”. The focus on the impact on law enforcement is interest and, in places, worrying.

The report takes a wide look at the things that Quantum Computing can enable. Importantly, it also comes up with five key recommendations for law enforcement. These are:

  1. Observe quantum trends
  2. Build up knowledge and start experimenting
  3. Foster research and development projects
  4. Assess the impact of quantum technologies on fundamental rights
  5. Review your organisation’s transition plans

The challenge that this report doesn’t address is how this will be funded or staffed. It took a long time for Europol to build its cyber division, and most European countries are far behind it. Where it will find the skills around quantum and how it will meet salary demands remains to be seen.

Ivanti

Ivanti has added new capabilities to its Neurons platform to improve the digital employee experience. The company says that this will enable it to “deliver on its mission to empower IT and Security teams with a 360-degree view of their entire IT estate – providing visibility, actionable insights and security.”

Dr. Srinivas Mukkamala, Chief Product Officer, Ivanti, said, “By continuously extending capabilities for the Ivanti Neurons platform, we help ensure that customers have the best solutions to manage, secure and service all their devices and networks to empower their people. With the speed at which threats are targeting the workplace, organizations need to have the right solutions to discover and remediate security threats before threat actors have a chance to exploit them.”

The new capabilities cover four key areas:

  • Integrated Vulnerability Prioritization and Remediation:
  • New Secure Unified Endpoint Management (UEM) Solution Packages
  • New Enterprise Service Management Solution Packages
  • New Actionable Insights

Microsoft

Microsoft Incident Response has announced a new collaboration with PwC to extend both company’s incident response and recovery capability. It will see Microsoft begin the initial containment and investigation and then pass clients to PwC to complete the recovery. PwC will also help companies build a long-term solution to prevent future attacks.

Kelly Bissell, Corporate Vice President, Microsoft Security Solutions, said, “This type of industry collaboration is key to addressing the volume, complexity, and severity of breaches we see today. It will take all of us working together to stop nation-actors from attacking organizations and governments around the world.”

Microsoft also launched its Data Security Index: Trends, insights, and strategies to secure data report. The report was announced by Herain Oberoi, General Manager, Data Security, Compliance, and Privacy, Microsoft. The post is a 10-minute read and worth the time. In it, Oberoi focuses on three key findings:

  • Data security incidents remain frequent.
  • Vulnerabilities manifest in various dimensions due to a diverse set of factors.
  • How a fragmented solution landscape can weaken an organization’s data security posture.

Privacera

Privacera has announced the General Availability (GA) of Privacera AI Governance (PAIG). It aims to help organisations secure the entire AI application lifecycle. Importantly, this also includes the securing of sensitive fine-tuning data and Retrieval Augmented Generation (RAG). These two areas are a major challenge for many organisations.

Balaji Ganesan, co-founder and CEO of Privacera, said, “With PAIG, Privacera is becoming the unified AI and data security platform for today’s modern data applications and products.”

The announcement calls out several key features of PAIG:

  • Discover and classify sensitive data used to train, or fine-tune custom or generally available GenAI models and VectorDB
  • Protect models and VectorDB from being exposed to sensitive training or tuning data
  • Secure and continuously protect models from sensitive data prompt inputs and outputs with allow/deny, masking, or redaction of sensitive data in real-time
  • Comprehensive observability alongside built-in dashboards and user query analytics which provide enhanced transparency on who accessed what AI applications, what sensitive data was accessed or denied, what sensitive data assets are leveraged for each AI application, and what data protection policies are in place for each AI application
  • Ability to easily integrate with existing security monitoring and management tools
  • Open and extensible SDK to integrate seamlessly into your GenAI applications and LLM libraries

Veeam

Veeam and Sophos have agreed on a strategic partnership. It will see the two companies integrate their technology to improve the detection of ransomware, decide on the right response and recovery faster. Key to this announcement is the capabilities of the two companies. Veeam brings its experience in data protection and ransomware recovery. Sophos is adding its managed detection and response (MDR).

Danny Allan, CTO at Veeam, said, “The growing threat of cyberattacks can only be addressed by companies coming together to offer customers more complete and integrated protection.”

Among the benefits this partnership brings are:

  • Defending Against Ransomware: Advanced threat detection and prevention capabilities from Sophos, with immutable backups and versioning provided by Veeam, ensure backup data remains secure and recoverable.
  • Improving Threat Response Time: Sophos MDR security operations specialists execute immediate response actions to stop confirmed threats with an industry-leading average response time of 38 minutes—96% faster than the industry benchmark.
  • Identifying Internal Security Threats: Comprehensive monitoring of internal and external threats like malware detect unauthorized or suspicious activity that could compromise backup data.
  • Preventing Accidental Deletion: Backup versioning, audit trails, and immutable storage options safeguard backup data against unintentional actions.
  • Maintaining Compliance: Robust data protection and security features can help organizations meet regulatory compliance requirements such as GDPR, HIPAA, and other industry-specific regulations.
  • Satisfying Cyber Insurance Requirements: Sophos MDR helps satisfy critical cyber insurance requirements, like having 24/7 threat monitoring—reducing the likelihood of a claim denial and helping organizations get better premiums.

Security news from the week beginning 16 October 2023

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here