Managed Security Services Provider (MSSP) News: 24 May 2018
Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Thursday, May 24, 2018.
13. Data Breach Lawsuit: JP Morgan Chase Bank is suing Landry’s for $20 million in costs related to a 2015 credit card data breach affecting several of the company’s restaurants and entertainment venues, according to The Houston Chronicle. Chase and Paymentech claim Landry’s failed to comply with credit card data security standards. Hackers in 2014 and 2015 compromised point-of-sale systems at more than than 40 Landry’s properties, including Bubba Gump, McCormick & Schmick’s, Rainforest Cafe and Saltgrass restaurants, the Chronicle notes.
12. U.S. Government & Kaspersky Lab: Federal agencies are so far unable to comply with a law banning Kaspersky Lab software from U.S. government networks by October 2018, The Daily Beast has learned. Multiple divisions of the U.S. government are confronting the reality that code written by the Moscow-based security company is embedded deep within American infrastructure, in routers, firewalls, and other hardware—and nobody is certain how to get rid of it, the report claims.
11. Comcast Data Leak: A bug in Comcast’s website used to activate Xfinity routers can return sensitive information on the company’s customers, ZDnet reports. The website, used by customers to set up their home internet and cable service, can be tricked into displaying the home address where the router is located, as well as the Wi-Fi name and password, the news service says.
10. NASA Cyber Issues: NASA’s cybersecurity “nerve center” is failing to properly address cyberthreats, an agency watchdog said in a report Wednesday, a day after the U.S. Government Accountability Office also criticized the agency for weaknesses in both its information technology management and cybersecurity programs, Law360 reports.
9. Ransomware Triggers Cyber Insurance Claims: A wave of ransomware attacks on European companies is causing a boom in cyber insurance claims. AIG’s businesses in Europe, the Middle East and Africa received as many cyber claims in 2017 as in the previous four years combined, far higher growth than that for the number of policies sold, according to Financial Times. Ransomware attacks accounted for just over a quarter of claims last year, up from 13 per cent between 2013 and 2016.
8. Talent: RANE (Risk Assistance Network + Exchange) has expanded its network of cyber risk experts to over 6,000 professionals as of May 2018. The network spans professionals across six areas of expertise: Cyber/Information, Safety/Security, Legal/Regulatory, Diligence, Business and Geopolitical Intelligence, Governance, Risk/Compliance, and Medical/Psychological.
6. Funding: Threat Sketch, a cybersecurity firm focused on SMB customers, has raised a funding round and inked a strategic partnership with Strategic Focus Group of Lewisville, N.C. Financial terms were not disclosed.
5. Partnership: Centrify has unveiled an app for the Palo Alto Networks Application Framework to integrate logging and analytics information for stronger identity and access security, the companies say.
4. University Fined: The U.K. Information Commissioner’s Office fined the University of Greenwich 120,000 pounds (US$161,000) after a “serious” security breach of nearly 20,000 individuals’ personal information, according to Big Law Business. The university did not have appropriate measures in place to protect its systems from hackers under the Data Protection Act of 1998, the report alleges.
3. SMB Breach Costs: The average cost of a data breach globally is on the rise – with breaches now amounting to $1.23 million on average for enterprises (up 24% from $992,000 in 2017) and $120,000 on average for SMBs (up 36% from $88,000 in 2017), Kaspersky Lab says.
2. Momentum: Webroot says annual recurring revenue grew 14 percent for its third quarter ending March 31, 2018. This marks the seventeenth consecutive quarter of double-digit, year-over-year revenue growth for the company, Webroot says. The firm also added more than 1,100 MSPs to its partner base in Q3, lifting total MSP engagements to 12,000 partners.
1. FBI Raids Botnet: The FBI is seeking to shut down a massive VPNFilter botnet involving malware on 500,000 devices worldwide. Russia allegedly planned to use the botnet to launch a massive cyberattack on or before Saturday, but Kremlin officials deny any ties to the malware system.