News Corp relies on third-party providers for certain technology and “cloud-based” systems and services that support a variety of business operations.
In January 2022, the Company discovered that one of these systems was the target of persistent cyberattack activity.
Together with an outside cybersecurity firm, the Company is conducting an investigation into the circumstances of the activity to determine its nature, scope, duration and impacts.
The Company’s preliminary analysis indicates that foreign government involvement may be associated with this activity, and that data was taken.
Based on its investigation to date, the Company believes the activity is contained.
At this time, the Company is unable to estimate the expenses it will incur in connection with its investigation and remediation efforts.
Plus, a Cyber Insurance Warning: In the same filing, News Corp warned that cyber risk insurance has also become more difficult and expensive to obtain, and the Company cannot be certain that its current level of insurance or the breadth of its terms and conditions will continue to be available on economically reasonable terms.
Cloud Security Posture Management for MSSPs
News Corp didn’t say exactly how hackers penetrated the company’s cloud services. But generally speaking, MSSPs seeking to safeguard customers’ SaaS workloads can use a mix of tools that offer cloud security posture management (CSPM), SaaS monitoring and management and Business Email Compromise (BEC) mitigation capabilities.
CSPM tools help MSSPs to ensure that customers have properly configured their Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (CSP) workloads. The need for such tools is clear: Fully 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.
With those risks in mind, annual CSPM spending will reach $9 billion by 2026, up from $4 billion in 2020, according to Markets and Markets. That’s a 14.4 percent compound annual growth rate.
Meanwhile, SaaS security monitoring and management tools are also popping up to help MSSPs, MSPs and end-customers protect Microsoft 365, Google Workspace and other SaaS workloads.
Dozens of SaaS protection options are in the market. But two startups — namely, Augmentt and SaaS Alerts — most directly promote SaaS application protection tools to MSSPs.
Augmentt is led by CEO Derik Belair and Chairman Gavin Garbutt — two N-able veterans. Meanwhile, SaaS Alerts is led by CEO Jim Lippie, a veteran of Kaseya and Thrive.
Meanwhile, MSPs and MSSPs also have dozens of business email compromise (BEC) risk mitigation tools from which to choose. Check in with cloud-centric email security providers and ask about multi-tenant service provider options to get started.