Content, Content

Managed Security Services Provider (MSSP) News: 17 December 2018

Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem. Here’s the daily business update for Monday, December 17, 2018. 22. McAfee for Sale?: Private equity firm Thoma Bravo may acquire McAfee from TPG Capital and Intel, multiple sources have said in recent days. 21. Huawei Security Debate: Spy chiefs from Five Eyes -- the West’s most powerful intelligence alliance -- agreed in a July meeting in Canada they needed to contain Huawei Technologies, punctuating years of worry about the Chinese maker of telecommunications equipment, The Wall Street Journal reports. Five Eyes members include Australia, Canada, New Zealand, the U.K. and the United States. Meanwhile, Germany's Federal Office for Information Security says there is no evidence Huawei is using its equipment to spy for China's government, Channel News Asia reports. 20. Facebook Data Exposure, Fines?: Facebook disclosed Friday that a software bug permitted as many as 1,500 apps to access private photos from more than 6.8 million users, Law360 notes. Meanwhile, Facebook could be facing a multi-billion dollar fine after a European regulator announced Friday that it is launching an investigation into the company over failure to protect user privacy, CNN reports. 19. Google Data Breach Lawsuit: The state of Rhode Island is suing Google parent Alphabet for allegedly hiding a security breach that affected 52.5 million users, Rhode Island General Treasurer Seth Magaziner says. 18. Phishing Attack Triggers $1 Million Heist: Hackers penetrated the Save the Children charity's email system with a phishing scam that created fake invoices -- leading to a $1 million theft, according to The Boston Globe. 17. Reformed Hacker for Hire: Vladimir Anikeev, the former leader of the hacktivist group “Anonymous International” (better known in Russia as “Shaltai Boltai” or “Humpty Dumpty”), is forming cybersecurity consultancy, Meduza reports. 16. Alleged Terrorist Cybersecurity: Cloudflare faces accusations that it protects terrorist organization websites from DDoS attacks, Koddos reports... 15. Iranian Hacker Group?: An Iranian hacker group called "Charming Kitten" allegedly targeted nuclear experts and U.S. Treasury officials amid President Trump's decision to restore economic sanctions against Iran, AP says. 14. Missile Defense Concerns: A U.S. Department of Defense Inspector General report released this month outlined the inadequate cybersecurity practices being used to protect the United States' ballistic missile defense systems (BMDS ), Bleeping Computer says... 13. U.S. Government Cybersecurity: The Aerospace Industries Association (AIA), an Arlington, Virginia-based trade association that lobbies on behalf of defense contractors, this month released a set of voluntary standards designed to help U.S. aerospace companies ensure the weapons systems they make for the U.S. military are secure from hackers, The Washington Post notes. 12. More Bomb Threats: Law enforcement agencies in Australia and New Zealand are investigating bomb threat emails received by some residents, cyber security officials said on Friday, after similar threats were made in the United States and Canada, Reuters notes. 11. Talent - CMO: MobileIron has hired Rhonda Shantz as chief marketing officer. Shantz previously held key roles at Centrify, Rocket Fuel and Symantec. Continue to page two of two for today's items 10 to 1.  Welcome to page two of two. Here are items 10 to 1. 10. Talent - CISO: Healogics, a provider of advanced chronic wound care services, has hired David Jollow as Chief Information Security Officer (CISO. He reports to CIO Ty Smith. Jollow previously was CISO at Nemours Children’s Health System. 9. Talent: JASK, which develops an Autonomous Security Operations Center (ASOC) platform, has made three key executive move:
  • Mark Boullie joins as chief revenue officer (CRO). He is responsible for the company’s global enterprise and channel sales teams and other customer-facing aspects of the company, such as business development, customer success and overall revenue operations.
  • Monte Sjobakken joins as VP of business development. He is responsible for JASK’s global MSSP, system integration and technical alliance partnership strategies. He previously held key posts at Carbon Black, Global Technology Resources, Citadel Security (acquired by McAfee) and Juniper Networks.
  • Tom Mitchell joins as VP of sales, West: He previously held key roles at Tanium, FireEye, Bromium, McAfee and ArcSight.
8. Partnership - SIEM: Corelight and Exabeam have inked a strategic partnership that combines network security monitoring (NSM) with behavior analytics and automated incident response capabilities. The combined solution integrates Corelight Sensor data with the Exabeam Security Management Platform. The result: Joint customer can more easily detect, investigate and respond to increasingly advanced threats, the companies claim. 7. Partnership - Incident Response: Drawbridge Partners and CrowdStrike are partnering to provide incident response and proactive services within the Drawbridge Partners Cybersecurity offering. We'll share more details soon. 6. Partner Program: Netwrix, provider of a visibility platform for data security and risk mitigation in hybrid environments, has launched a Partner Sales Certification Program. The program is designed to train VARs, MSPs and distributors to show customers the value of the Netwrix Auditor platform. 5. Vulnerability Management - ServiceNow: RiskSense has updated its risk-based vulnerability prioritization and management platform, including a deep integration with ServiceNow. The RiskSense update features automated vulnerability updates and findings, support for sophisticated workflows, and ease of communicating and validating IT remediation priorities between the security and IT operations teams, the company says. 4. SOAR Offer: DFLabs has unveiled IncMan SOAR Community Edition (IncMan CE), a free version of its Security Orchestration, Automation and Response  platform that allows organizations to test and experience the automated incident response in pre-production environments, the company says. 3. Funding - Container Security: Tigera, a startup that offers security and compliance solutions for Kubernetes container deployments, has raised $30 million in Series B funding. 2. Initial Public Offering - Ping?: Identity and Access Management (IAM) vendor Ping Identity is exploring a potential IPO. Private equity firm Vista Equity currently owns a major stake in the company. 1. Virtual CISO Services: Cylance has launched a  virtual chief information security officer (vCISO) service, a staff augmentation service that aligns with the company's AI-driven cybersecurity software. BlackBerry is in the process of finalizing the Cylance buyout.
Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.