Managed Security Services Provider Morning News: 22 September 2017
Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Friday, September 22, 2017:
8. Bait and Switch: Rumors about Symantec looking to buy Splunk and then walking away because of valuation concerns sound a bit fishy to me. Splunk is publicly held, so Symantec has known the company’s valuation all along. Instead of buying Splunk, perhaps Symantec was trying to signal to the market that it wants to buy a Splunk alternative that has analytics and SIEM know-how…
7. Cybersecurity Conferences: Keep an eye on Splunk Conference (aka .conf2017) and Structure Security, two key cybersecurity-related conferences next week. We’ll offer updates from both events. Also, track all cybersecurity conferences on our calendar.
6. Kaspersky Lab Hearing Delayed: CEO Eugene Kaspersky says the U.S. Congress hearing, scheduled for September 27, where he was supposed to testify, is being postponed. The U.S. federal government alleges Kaspersky Lab could have ties to Russia’s government, and therefore is removing the company’s security software from U.S. federal networks. The company has repeatedly denied the allegations.
5. McAfee Mud Slinging: McAfee, meanwhile, is accused of slinging mud against Kaspersky and trying to capitalize on fear, uncertainty and doubt (FUD) in ad campaigns against the Russia security company. Related Conference: McAfee MPower Cybersecurity Summit Americas 2017 is set for October.
4. Phishing Sites: Nearly 1.5 million new phishing sites are created each month, according to Webroot. Multiple cybersecurity companies — from Sophos to Webroot and more — have been acquiring training tools to help customers understand how to avoid phishing attacks.
3. Equifax Incompetence: After confirming multiple breaches, Equifax accidentally directed concerned consumers to a spoof site about the breaches. Multiple lawsuits are pending against the credit checking service, and federal regulators have called for investigations into the company and its security lapses.
2. SEC Cyber Weakness: The U.S. Department of Homeland Security detected five “critical” cyber security weaknesses on the Securities and Exchange Commission’s computers as of January 23, 2017, according to a confidential weekly report reviewed by Reuters. Adding insult to injury, the SEC earlier this week disclosed a 2016 breach that may have “provided the basis for illicit gain through trading,” SEC Chairman Jay Clayton admitted.
1. Ransomware Costs: Small businesses paid more than $300 million to ransomware hackers in 2016, a Datto study finds. Moreover, 99 percent of MSPs predict ransomware attacks will continue to escalate over the next two years, the study said. We’ll share more details soon. Related Conference: DattoCon17 London is set for October.