Author: Guru's

CyberSmart, the UK’s leading provider of complete cyber confidence to UK SMEs has announced its partnership with Australian technology distributor, HAT Distribution. The partnership will provide businesses in Australia with fast, hassle-free Essential Eight assessment and year-round assurance.
CyberSmart is the world’s first complete SME solution, offering all-in-one cybersecurity monitoring, optimisation and training, proven to defend against cyber threats. With its user-friendly platform, simplified progression framework, year-round protection and unlimited support, implementing Essential Eight controls has never been easier for Australian businesses.
As cybercrime escalates in Australia, with 94,000 incidents reported in 2023* alone (equivalent to one report every 6 minutes!), completing Essential Eight – the recognised Australian government standard for cybersecurity – is not just advantageous but also crucial in certain industries. CyberSmart’s solutions are specifically designed to help businesses implement these strategies effectively so they can attain and maintain a government-approved standard of cybersecurity, reducing cyber risk.
The platform is tailored for MSPs and SMEs, who represent a critical segment in the economy but often face challenges with maintaining robust cyber defences due to limited resources and expertise. With CyberSmart, MSPs can enhance their service offerings by delivering comprehensive and cost-effective solutions to their clients, while SMBs gain access to straightforward Essential Eight assessment, without the need for extensive resources.
Australian SMEs will also gain access to CyberSmart Active Protect,  a powerful on-device agent that delivers comprehensive endpoint monitoring, risk management, policy enforcement, and cybersecurity awareness training. Active Protect regularly monitors and reports the status of a device by running through a series of security controls, identifying any vulnerabilities and providing simple step-by-step walkthroughs on how to fix them.
Jamie Ahktar, CEO at CyberSmart said, “We’re excited to expand into the Australian market with HAT Distribution. Cybercrime is a worldwide business, and the interconnected nature of global commerce in 2024 means that the more geographies we are able to offer SMBs complete cyber confidence in, the better. Almost half of Australians reported experiencing cybercrime in 2023, and we believe that the comprehensive protection we’re bringing to the Australian market will be able to limit both the success and impact of these incidents moving forward.”
Josh Gammer, General Manager of HAT Distribution said, “Amidst the ever-evolving cyber threat landscape, we are thrilled to partner with CyberSmart, a leader in cybersecurity innovation, to help more Australian businesses comply with the government’s endorsed Essential Eight framework.
“With CyberSmart, even smaller players gain access to the tools required for assessment, and for MSPs, the partnership is a consultative business opportunity to guide their clients on a transformative journey toward stronger cyber defences.”
For more information about CyberSmart’s cybersecurity solution for Australia, please visit https://www.cybersmart.com/au

The post CyberSmart announces expansion into the Australian market with HAT Distribution partnership first appeared on IT Security Guru.

The post CyberSmart announces expansion into the Australian market with HAT Distribution partnership appeared first on IT Security Guru.

In today’s digital age, where technology is deeply ingrained in our daily lives, ensuring the cybersecurity of our educational institutions has become paramount. K-12 schools are increasingly becoming targets for cyberattacks, highlighting the urgent need for robust cybersecurity measures. With hackers constantly evolving their tactics, it is imperative for schools to deploy intelligence-powered cybersecurity solutions to protect against these threats.

Over the past few years, there has been a significant increase in cyberattacks targeting K-12 schools. For example, in 2023 80% of K-12 schools fell victim to ransomware attacks. Hackers view schools as lucrative targets due to the vast amount of sensitive information they hold, including student records, financial data, and confidential communications. Additionally, the shift towards digital learning platforms has further increased schools’ vulnerability to cyber threats. 85% of U.S. educational institutions have reported an increase in cyber threats since moving to digital learning.

K-12 schools face significant challenges in deploying cybersecurity technology due to budget constraints. With limited funding, schools often struggle to invest in robust cybersecurity measures, leaving them vulnerable to cyber threats. This lack of resources can hinder the implementation of essential security tools, such as firewalls, antivirus software, and security training programs for staff and students. Additionally, maintaining and updating these technologies require ongoing expenses that many schools simply cannot afford. A solution has been developed by local company LANRover with cybersecurity company Centripetal to provide proactive real-time intelligence powered cybersecurity protection against all known threats for K-12 schools titled CleanINTERNET®.

Traditional cybersecurity measures are no longer sufficient to protect against the sophisticated tactics employed by hackers. Schools need to elevate their defenses without major costs or expanding their security team. By implementing intelligence powered cybersecurity, schools can harness real-time threat intelligence from a global network, which allows schools to have visibility into potential threats long before they can impact the network. This technology acts as a shield, safeguarding the network against any malicious activity.

Several schools have successfully implemented intelligence-powered cybersecurity solutions and have seen significant improvements in their security posture. This solution works as it includes having a team of dedicated analysts who have extensive threat hunting expertise, watching the network 24x7x365. Normally, such services would be cost prohibitive for a school district but LANRover’s solution is able to be deployed at a reasonable price point.

CleanINTERNET® allows school districts to:

  • Protect their valuable IT assets and applications in a cost-effective manner. Centripetal analysts provide an additional monitoring layer, tracking any unusual behavior.
  • Monitor and protect personal information such as student records, health records and faculty information. It also helps prevent attacks on intellectual property and sensitive research results.
  • Safeguard the institution, its partners, and stakeholders. The reputation of the institution is at stake and protection in both breadth and depth is paramount.
  • Reduce the overhead of malicious and reconnaissance traffic in the network which has the effect of reducing overall IT costs around collection, storage, and analysis of security event data.

It’s time to reconsider your approach to defending your school against cyber threats. Traditional methods are insufficient against today’s rapidly evolving threats, making it crucial to reassess your defense strategies. By adopting a proactive stance rather than a reactive one, school districts can outpace cybercriminals.

School districts need to embrace a solution that effectively protects against both current and future threat actors, safeguarding digital assets and ensuring uninterrupted learning and collaboration – intelligence-driven cybersecurity.

The post Guest Blog: Securing K12 Schools with Centripetal and LANRover first appeared on IT Security Guru.

The post Guest Blog: Securing K12 Schools with Centripetal and LANRover appeared first on IT Security Guru.

Coro, the leading cybersecurity platform purpose-built for small and medium-sized enterprises (SMEs), today announced it has secured $100 million in Series D funding led by One Peak, with participation from existing investors Energy Impact Partners and Balderton Capital. This funding round brings the total funds raised to $255 million in the last 24 months. The new investment will reinforce Coro’s market dominance and accelerate its mission to empower SMEs and their service providers with enterprise-grade cybersecurity that’s accessible to all.

Coro is an all-in-one cybersecurity solution offering an enterprise-grade security software platform to SMEs covering endpoint protection, email & user protection and network & cloud protection. SMEs are facing increasing volumes and complexity of cyber attacks, and lack affordable solutions to help them adequately protect their tech stack. Coro’s easy-to-use platform enables IT teams and their partners to be protected 24/7 in an automated and affordable way.

Coro’s dedication to protecting and empowering SMEs has been a cornerstone of its success, driving remarkable growth and catapulting Coro to a market leadership position within a few short years. In 2023, Coro expanded its customer base across every industry vertical, achieving 3X year-over-year growth for a record fifth year in a row. Coro was named to the inaugural Fortune Cyber 60 and to the 2023 Deloitte Technology Fast 500, in recognition of its achievements as one of the fastest growing cybersecurity companies in North America.

The new funding will be used to:

  1. Fuel product innovation: Coro will continue to develop industry-leading security solutions tailored specifically for the SME market through both organic growth and strategic acquisitions, following the successful acquisition of Privatise in 2023.
  2. Empower channel partners: Coro will further strengthen its channel partner program, providing additional support and resources for its North American MSP and reseller network.
  3. Accelerate global expansion by establishing local marketing and channel teams and investing in brand awareness to support Coro’s international partners.

 

“As a growth investor, we look for companies that target large, underserved markets and are in prime position to dominate that field,” said David KIein, Co-founder and Managing Partner, One Peak. “Coro has already achieved phenomenal growth and success in the SME market. We are convinced that Coro has the right tech stack, a world class management team, and unlimited potential to scale the business to the next level. We’re excited to partner with Coro to help them execute on their vision and support the team in their next leg of explosive growth.”

“Now that Coro is established as a cybersecurity powerhouse for the SME market, the next step on our journey is to offer this radical approach to as many organizations as possible,” said Guy Moskowitz, CEO, Coro. “The best way we can enable this is through our world-class global network of partners, who can launch Coro’s ease of use and simplicity at scale, bringing the current chaos of managing cybersecurity to a halt.”

“As the founding investor of Coro, we at JVP have been fortunate to collaborate with Guy and the management team on building a true category leader in cybersecurity for SMEs. We aim to turn Coro into a multi-billion-dollar company, as we’ve done multiple times before,” stated Yoav Tzruya, General Partner at JVP, and Coro’s Board Member. “We look forward to collaborating with OnePeak, EIP and Balderton in building Coro as a disruptive company in the cybersecurity market.”

“We are delighted to continue to support Coro as the leader in providing cybersecurity solutions to SMEs,” stated Rana Yared, General Partner, Balderton Capital.  “We believe that providing protection and peace of mind to this segment of the market is critical to economic growth.”

“We are excited to continue our journey with Coro. We expect that the unwavering focus on SMEs, the most underserved segment in the cybersecurity market, coupled with the team’s phenomenal execution, will ensure Coro’s dominance in this market,” said Shawn Cherian, Partner at Energy Impact Partners.

2023: Establishing leadership in SME cybersecurity

2023 was a year of immense milestones and achievement for Coro. In October 2023, Coro created a new cybersecurity paradigm with the launch of Coro 3.0, the industry’s first modular cybersecurity platform. Coro 3.0 offers fourteen seamlessly integrated modules – from EDR to SASE to email security – that can be activated on demand to grow with a company’s needs.

Coro’s modular platform consolidates critical security capabilities into a single pane of glass, a single data engine, and most importantly, a single endpoint agent, making deployment and management effortless.

Coro also invested extensively across its North American sales and channel organizations in 2023. The Company added 300 new channel partners, expanded its channel headcount by nearly 500%, and established a business enablement center in Chicago to support its direct sales and channel partner ecosystem. The Company also expanded globally with the opening of its UK R&D Center and data centers in both Canada and Germany to facilitate the regional expansion of both channel partnerships and customers.

Throughout 2023, Coro continued to receive industry accolades for customer satisfaction, product performance, company growth, and best places to work. This recognition includes:

  • Coro’s EDR capabilities scored a perfect 100% accuracy in testing conducted by SE Labs;
  • Named by SC Magazine as one of the Top 5 security solutions for the SME market;
  • Named to CRN’s MES Mid Market 100, recognizing market leaders serving midsize enterprises;
  • Received more than 40 badges from G2 customer peer reviews, including midmarket awards for: Easiest to Use, Easiest to Do Business With, Best Support and Best Estimated ROI;
  • Named 100 Best Medium Workplaces to work in 2023 by Fortune Media and Great Place to Work; and
  • Named 2023 Fortune Best Workplaces in Technology™ for Small and Medium Businesses.

The post Coro Secures $100 Million Funding Round first appeared on IT Security Guru.

The post Coro Secures $100 Million Funding Round appeared first on IT Security Guru.

  • The majority of large enterprises spend an average of 3-5 months integrating and training teams on each new security solution – at the expense of threat hunting, vulnerability scanning and security awareness training 
  • However, major contradictions are rife, with 76% believing more tools equate to better security 

Attitudes to cybersecurity within the UK’s largest organisations are highly contradictory and risk exacerbating existing risks, stress, and inefficiency, new research from SenseOn has today revealed. The research which surveyed 250 IT and Security decision makers at UK and Irish companies with more than 250 people – uncovered that the vast majority still subscribe to the belief that ‘the more cybersecurity tools you purchase the more protected you are’, despite new tools taking an average of 2.4 months to adopt, taking away from other critical activity including threat hunting and security awareness training. The study also found that two thirds of respondents from the largest organisations (5,000-10,000 employees) see third party risk as a primary challenge, presenting a further contradiction to the perception that more tools improves security.

This speaks to a security ecosystem where organisations feel compelled to buy tools to feel better protected, only to find themselves concerned about the necessary exposure of having more suppliers and vendors, and with months in cybersecurity limbo, dedicating even more time to adopting the new tools, rather than using them.

The problem of new tools being hailed as a solution to security problems is further compounded by a chronic lack of staff to adopt – and subsequently manage – these tools. At a time when security professionals are already overwhelmed and under-resourced, new tools can place additional demands on already stretched teams. 

Corresponding to this narrative, the same poll of security professionals also found that 95% of respondents believe that stress is impacting staff retention in their organisation. When polled on what technologies would reduce this stress, 83% of respondents highlighted ‘tools that use AI to automate security activity’ and 81% opted for security awareness training. 

“The research supports something lots of people working in the industry already know: Cybersecurity is broken.” said David Atkinson, Founder and CEO of SenseOn. “Such a large majority of security leaders reporting their companies reliance on tools in place of a security strategy is a huge concern.

“The tools they are purchasing are expensive, time-consuming to launch, and are not built to integrate with each other. This means that despite spending huge amounts of time and money on them, they do not make an organisation safer – particularly when considering the justified concerns many of  these leaders share regarding their supply chain risks. Companies  should look to solve these issues by partnering with vendors that  can unify multiple security disciplines under a single unified product, which can reduce costs, blindspots, and alleviate much of the stress security teams are currently experiencing.” 

The post Fragmented cybersecurity vendor landscape is exacerbating risks and compounding skills shortages, SenseOn research reveals first appeared on IT Security Guru.

The post Fragmented cybersecurity vendor landscape is exacerbating risks and compounding skills shortages, SenseOn research reveals appeared first on IT Security Guru.

For as long as digital systems have exerted control over physical machines and their output, the need, and associated questions in how to proportionately secure them have existed. Manufacturing, agriculture, critical national infrastructure, and healthcare to name but a few, are all industrial verticals which now more than ever have a considered need for cybersecurity controls to protect their Operational Technology (OT) systems and equipment which interact and impact the physical environment.

Historically, in a simpler, less-connected world, industrial control and automation systems were designed to do a limited number of things, within a static decision-making framework. As such, these enabled systems to be isolated, self-contained, and easy to maintain and control.

However, as we have moved forward to integrating more sophisticated computer systems within a variety of industrial environments, extending network connectivity for communication, increasing automation, and applying dynamic data-driven decision making, the levels of interaction and interdependency between computers systems and physical machines, actuators and sensors has increased dramatically. Whilst this digital transformation brings many benefits, it also exposes traditionally isolated Cyber-Physical Systems, often designed without cybersecurity in mind, to a plethora of cybersecurity threats. In heed of the growing threat landscape to industrial OT environments, security incidents such as the Colonial Pipeline ransomware attack and the more recently reported threats to the Sellafield Nuclear facility outline the importance of such conversations across environments and industries which are rapidly digitalising.

Below is a Q&A from an IT Security Guru conversation with Dr Ryan Hartfield, CEO of Exalens, which will work as a guide for any organisations working to secure the cyber-physical.

Can you outline the seriousness of cyber-physical threats for our audience?

They are nothing short of existential. While nobody denies the seriousness of data breaches for an organisation, or the compromise of sensitive documents by a hostile nation state, this damage can pale in significance when compared with the potential physical impacts present in a cyber-physical environment.

The key word is physical. While the threats of many cybersecurity incidents fall into the categories of business, economic or geopolitical threats, these are simply some of the byproducts of a category 1 cyber-physical threat. If a major piece of key national infrastructure (such as the National grid, or key parts of the food supply chain) were to be compromised by a cyberattack, not only would we see widespread economic impacts and geopolitical effects, but we would also risk serious societal unrest and physical danger.

What are the cultural barriers that prevent the adequate securing of cyber physical systems?

The first thing to mention is that companies who need to care about this absolutely do care about cybersecurity, as it pertains directly to business risk. However, asking if they care about cybersecurity is probably the wrong way to approach such conversations.

The key thing to ask instead would be ‘how much would a day’s downtime cost?’. If you can speak to people in senior industrial, manufacturing, or critical infrastructure positions about downtime, and preventing downtime (and therefore the associated reputational and financial losses), and how cyber resilience is now a key aspect of that requirement,  then you are going to have a much more positive conversation.

An issue further down the chain of command is that when you go to the middle management of cybersecurity and IT professionals, and the plant managers of factories, operational friction appears. Cybersecurity teams are given a brief to lockdown and monitor systems to prevent unauthorised system access, and more often than not, this can run contrary and interfere with the needs of plant managers who ultimately are charged with keeping the factory up and running, as well as optimising processes and output. Somewhat paradoxically, engineers may even consider the introduction of increased cybersecurity controls across OT systems as a risk in and of itself to the safe and reliable operation of these systems.

As a result, whilst there are shades of grey in this argument, currently cybersecurity and industrial engineering teams view the same systems and environment through different lenses, one of enforcing security, and one of keeping the organisation moving – and crucially, profitable. The challenge here is to shape these lenses so that both sides see how they support each other in achieving their respective goals. This is not purely a technical challenge, but a cultural one between teams and evolving business process.

It is up to cybersecurity teams, and the wider leadership of organisations to ensure that these two strands of the business understand that they are pulling towards the same goal, and that a robust cybersecurity policy in the long term will actually enable and improve efficiency and output, while reducing everyone’s risk. In essence, it can be a simple and clear answer to the plant managers conundrum: “What’s in it for me?”.

What can governments and regulators do to improve cyber-physical security?

The conversations that vendors can have with organisations hoping to secure their cyber physical environments can only achieve so much. It is up to the government to incentivise OES providers (Operators of essential services) The alternative to this is that organisations are forced into making security a priority by their own supply chain, which places them on a reactive, not proactive footing.

Lots of legislation in the US has attempted to drive – arguably even force – some levels of security control in industrial sectors. The UK’s NCSC and Government know and understand this is a problem, and need to continue to build cybersecurity regulatory and compliance frameworks that detail areas of cybersecurity you need to comply with. In fact, this is what the NCSC Cyber Assessment Framework (CAF) and NIS Principles are all about. However, most of the time frameworks are advisory, rather than mandatory. I would love to see similar controls placed on cyber physical industrial systems as we see on financial systems, which mean that if organisation fail to comply with implementing and maintaining standard, best practice security controls and policies, not only will their systems, supply chain, and reputation be at risk, but they will be liable financially for the downstream societal and economic impact, should their environments being compromised and disrupted.

An analogy I like to use often is that of driving a car; we require that our cars are fitted with and have functioning security and safety controls, like door locks, and brakes. And when we drive our cars, we continuously monitor the integrity of these controls, whilst keeping an eye out for threats on the road. In addition, we are required to pass a test proving that we can carry out these activities to a certain standard. Now, we get certified, and carry out best practices when driving, because the risks associated with not doing so are too great. I think it’s crucial that we get to this stage in terms of how we think about investing in and applying cybersecurity measures for cyber-physical systems that keep our critical industrial sectors running, especially as organisations continue to connect and automate these systems to achieve digital transformation across industrial operations.

To find out more about bridging the cyber physical gap, visit: https://www.exalens.com/

The post Q&A – Dr. Ryan Heartfield: 3 things to remember when securing your Industrial OT environment first appeared on IT Security Guru.

The post Q&A – Dr. Ryan Heartfield: 3 things to remember when securing your Industrial OT environment appeared first on IT Security Guru.

Brad Freeman, Director of Technology at SenseOn introduce himself as a security professional with both practical and leadership experience and outlined in his talk the importance of doing the SOC basics right, from a perspective of people and processes.  

Brad began by discussing how in many cases, analysts want to deal with serious security investigations: Compromises, incidents, things generally going wrong. This is something that they can get on a regular basis at a large organisation. However, this is less obviously achievable at a mid-market organisation.  

A solution here is to ensure that the technology deployed at a mid-market company can empower their analysts, by ensuring that they have interesting security investigation to undertake, which can keep them curious and engaged. By enabling curious analysts, they will develop into more senior analysts.  

Another key element in empowering your SOC team is to raise their internal profile: ensure that the security operations centre looks like just that: An operations centre, not just a portion of the office. Then, invite people to come on tours of a SOC, to ensure the entire company knows what is happening there and how important it is.  

Another common trap in terms of empowering security teams which was outlined by Freeman was the total outsourcing of SOC activity to a third-party: Nobody knows your company like someone in your company.  

He hypothesised that the best SOCs deploy a hybrid model, to ensure that internal business processes or activities (such as a potential M&A activity) are accounted for in terms of understanding network traffic within context.  

Freeman also suggested a key problem is a lack of direction or strategy in place from leadership: Make the SOC work is the only objective many CISOs will provide. This is not an adequate replacement for a security strategy. Other problems outlined included vanity metrics, poor detection processes, and technology decisions being driven by [purchasing decisions, instead of a strategy.  

Brad’s parting advice for making a SOC work for you was as follows:  

  • Develop people  
  • Show value  
  • Use process  
  • Make tech decisions which solve your problem, not tick a box!  

To find out more about how SenseOn, click here  

The post Cybersecurity Awareness Month: DTX Recap with SenseOn on “Why SOCS Fail” appeared first on IT Security Guru.

Keeper Security has announced the Keeper Password Manager app for iOS, which features a brand new, more modern User Interface (UI). This highly-anticipated release includes improved usability, smart searching and faster sync times for customers with large vaults, such as Managed Service Providers (MSPs). Promoting a sleek new look and a more intuitive user experience, the updates are designed to make it easier to take advantage of Keeper’s powerful password and passkey management features, with enhanced clarity and searchability.

“We are excited about this update for iOS that will enhance user experience without sacrificing our world-class security,” said Keeper CTO and Co-Founder, Craig Lurey. “The overhaul gives a fresh, updated look with modern styling that is consistent with other Keeper solutions and allows our users to take full advantage of Keeper’s powerful features. Our engineering and design team has done an amazing job increasing the performance and functionality of the app while staying mindful of the importance of the familiarity and consistency Keeper users are accustomed to.”

Keeper has also made iOS device-specific improvements to enhance the mobile app experience. Upon logging in, users are presented with friendly elements and a clean design for easy reading and navigation on smaller screens. Most notable may be the performance improvements demonstrated in the initial login to a large vault – enabling users to sync, view and search their vaults with lightning speed – even if they have tens of thousands of records.

Highlights to the updated UI include:

  • Friendlier Interface: Keeper’s streamlined UI reduces grid lines, and introduces cleaner colours and adjustable panes.
  • Streamlined Usability: More efficient user workflows reduce the number of clicks necessary to complete a task.
  • Accessibility and Inclusion: Upgraded UI provides colours, contrast and font/icon sizes compliant with Web Content Accessibility Guidelines (WCAG) standards.

Just like with Keeper’s Web and Desktop apps, iOS users can now choose record and folder colours for improved organisation, while icons in the app have been updated to be friendlier, more informative and consistent across all of Keeper’s platforms.

The post Keeper Introduces Major Password Manager Update for iOS appeared first on IT Security Guru.

Today, Armis released new research identifying the riskiest connected assets posing threats to global businesses. The company’s findings highlight risk being introduced to organisations through a variety of connected assets across device classes, emphasising a need for a comprehensive security strategy to protect an organisation’s entire attack surface in real-time.

“Continuing to educate global businesses about the evolving and increased risk being introduced to their attack surface through managed and unmanaged assets is a key mission of ours,” said Nadir Izrael, CTO and Co-Founder of Armis. “This intelligence is crucial to helping organisations defend against malicious cyberattacks. Without it, business, security and IT leaders are in the dark, vulnerable to blind spots that bad actors will seek to exploit.”

Armis’ research, analysed by the Armis Asset Intelligence Engine, focuses on connected assets with the most attack attempts, weaponised Common Vulnerabilities and Exposures (CVEs) and high-risk ratings to determine the riskiest assets.

Assets With The Highest Number of Attack Attempts 

Armis found the top 10 asset types with the highest number of attack attempts were distributed across asset types: IT, OT, IoT, IoMT, Internet of Personal Things (IoPT) and Building Management Systems (BMS). This demonstrates that attackers care more about their potential access to assets rather than the type, reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.

 

Top 10 device types with the highest number of attack attempts: 

–> Engineering workstations (OT)

–> Imaging workstations (IoMT)

–> Media players (IoT)

–> Personal computers (IT)

–> Virtual machines (IT)

–> Uninterruptible power supply (UPS) devices (BMS)

–> Servers (IT)

–> Media writers (IoMT)

–> Tablets (IoPT)

–> Mobile phones (IoPT)

“Malicious actors are intentionally targeting these assets because they are externally accessible, have an expansive and intricate attack surface and known weaponised CVEs,” said Tom Gol, CTO of Research at Armis. “The potential impact of breaching these assets on businesses and their customers is also a critical factor when it comes to why these have the highest number of attack attempts. Engineering workstations can be connected to all controllers in a factory, imaging workstations will collect private patient data from hospitals and UPSs can serve as an access point to critical infrastructure entities, making all of these attractive targets for malicious actors with varying agendas, like deploying ransomware or causing destruction to society in the case of nation-state attacks. IT leaders need to prioritise asset intelligence cybersecurity and apply patches to mitigate this risk.”

Assets With Unpatched, Weaponized CVEs Vulnerable to Exploitation 

Researchers identified a significant number of network-connected assets susceptible to unpatched, weaponised CVEs published before 1/1/2022. Zooming in on the highest percentage of devices of each type that had these CVEs between August 2022 and July 2023, Armis identified the list reflected in Figure A. Unpatched, these assets introduce significant risk to businesses.

Assets with a High-Risk Rating 

Armis also examined asset types with the most common high-risk factors:

  • Many physical devices on the list that take a long time to replace, such as servers and Programmable Logic Controllers (PLCs), run end-of-life (EOL) or end-of-support (EOS) operating systems. EOL assets are nearing the end of functional life but are still in use, while EOS assets are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer.
  • Some assets, including personal computers, demonstrated SMBv1 usage. SMBv1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts have advised organizations to stop using it completely. Armis found that 74% of organisations today still have at least one asset in their network vulnerable to EternalBlue – an SMBv1 vulnerability. 
  • Many assets identified in the list exhibited high vulnerability scores, have had threats detected, have been flagged for unencrypted traffic or still have the CDPwn vulnerabilities impacting network infrastructure and VoIPs.  
  • Half (50%) of pneumatic tube systems were found to have an unsafe software update mechanism.

The post Top 10 riskiest assets threatening global business appeared first on IT Security Guru.

Cato Networks has announced today that Gartner, Inc. has recognised the company as a Challenger in the Gartner® Magic Quadrant™ for Single-Vendor SASE.

“We are SASE. Four years before SASE was even defined, Cato was founded on the vision of converging networking and security into single, global, cloud service,” said Shlomo Kramer, co-founder and CEO of Cato Networks. “We have spent every moment since then building the Cato SASE Cloud, one platform that seamlessly and effortlessly connects and secures any user or location to any application, anywhere in the world, at any scale, with full resiliency. It’s the fulfillment of a vision we call the ‘Cato Experience.’

This recognition comes after an incredible week for Cato.  Cato saw recognition as the SASE “poster child”  and “Leader” by Forrester Research in the Forrester Wave™: Zero Trust Edge Solutions, Q3 2023 Report. Zero Trust Edge (ZTE) is Forrester’s name for SASE.  Cato also announced that it was selected by Carlsberg, the world-famous brewer, for a massive global SASE deployment spanning 200+ locations and 25,000 remote users.

“Cato is so much simpler to deploy and use than competing solutions. We started referring to them as the Apple of networking,” says Tal Arad, Vice President of Global Security & Technology at Carlsberg.  Carlsberg joins Häfele, Vitesco, O-I Glass, and other global multinationals to adopt Cato SASE Cloud.

Cato SASE Cloud: The SASE Platform Loved by IT Leaders

Cato has been relentless in its focus on developing a true SASE platform that enables IT to operate at the speed of business. It’s that focus that has led Cato to fulfil the vision of SASE: Converging the capabilities enterprises require, packaged in a way that can be consumed by every organisation, anywhere in the world, no matter their size, resources, or skill sets.

The Cato Experience  is this commitment to introduce the most sophisticated security and networking capabilities demanded by enterprises but only in a way that they operate seamlessly together, at scale, under all conditions, anywhere in the world.

It’s a focus acknowledged by industry leaders and appreciated by our customers. On Gartner Peer Insights™, Cato SASE Cloud has an overall rating of 4.7 out of 5 for single-vendor SASE from 77 verified reviews as of 21st August 2023. Not only is that the highest rating of any single-vendor SASE platform but it’s also based on 10x more reviews than any other vendor in the Single-Vendor SASE market.

“Our experience with Cato has shown that they are a ‘security first’ company that truly listens to their customer base and implements changes based on their feedback. We’ve been very impressed with the continued development of their product, the quality of their service desk, and the assistance from our account team,” writes one VP of Technology Infrastructure Services.

“We’ve had the perfect experience with the Cato project. Product evaluation, final selection, implementation, and support have been first-class. The end result has shown an improvement in the service delivered to our end users of around 200%,” writes an ICT director at a construction firm.

The post Cato Networks: Challenger in Gartner Magic Quadrant for Single-Vendor SASE appeared first on IT Security Guru.

Keeper Security released findings from its Privileged Access Management Survey: Deployment Amid Economic Uncertainty. The report explores global insights from IT and security executives, revealing that while IT leaders consider PAM solutions critical to their security stack, cost constraints and complex solutions are impacting deployment. Fifty-six percent of respondents tried to deploy a PAM solution but did not fully implement it, and 92% cited overly-complex solutions as the main reason. 58% of IT teams have not deployed a PAM solution because traditional platforms are too expensive.

PAM solutions are critical, but high costs and complexity are barriers to deployment

Today’s organisations need agile identity security solutions to protect against cybersecurity threats by monitoring, detecting and preventing unauthorised privileged access to sensitive data and critical resources.

  • An overwhelming 91% of IT leaders say their PAM product has given them more control over privileged user activity, decreasing the risk of insider and external breaches.
  • Despite the benefits, nearly two-thirds of IT leaders (62%) revealed the downturn in economic conditions would likely cause them to scale back their current PAM platform. 

Macroeconomic pressures may tempt businesses to cut back on security as budgets tighten, but it’s more important now than ever for organisations to deploy PAM. 

“Organisations’ risk of data breaches and cyberattacks increases exponentially if they have not deployed a PAM solution,” said Darren Guccione, CEO and co-founder of Keeper Security. “Most successful breaches involve stolen or compromised credentials and the escalation of privileges via lateral movement. Organisations need simple, affordable PAM solutions to stay ahead of cybercriminals. The industry must evolve, providing solutions that include the features modern IT leaders need.”

Survey respondents revealed the need for simpler solutions that are fast provisioning and easy to use, citing complexity as decreasing deployment: 

  • 56% of respondents tried to deploy a PAM solution but didn’t fully implement it
  • 92% said they didn’t because it was too complex to do efficiently

IT leaders need simpler, more powerful solutions

PAM products often require substantial dedicated staff to operate, which is a barrier to adoption for organisations with limited staff and resources. PAM solutions that are easy to deploy and maintain are critical, but the industry lacks these solutions. In fact, 85% of IT leaders surveyed say their PAM requires a dedicated staff to manage and maintain.

Survey respondents indicated a strong desire for a smaller-scale PAM solution, citing the following top three benefits:

  • Easier to manage/maintain (70%)
  • Easier to integrate into existing tech stack (55%)
  • Lower cost/not paying for features the organisation doesn’t need (44%) 

When asked which functionalities are essential, the main PAM features respondents said are most frequently used by their organisations include:

  • Two-factor authentication (62%)
  • Role-based security (58%)
  • Reporting/auditing (51%)

Lower costs and ease of use will drive broad PAM adoption 

Today’s IT leaders are in a challenging position navigating the modern threat landscape and widespread budget and staffing cuts. They need a modern PAM solution that combines password, secrets and privileged connection management capabilities, protecting their most sensitive systems with solutions that are quick to deploy, affordable and easy to understand and integrate.

The post 91% of IT leaders better protected with PAM but want more affordable solutions appeared first on IT Security Guru.