Managed Security Services Provider (MSSP) News: 06 July 2021
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), Extended Detection and Response (XDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe@AfterNines.com.
A. Today’s MSSP, MDR and Cybersecurity News Alerts
1. Kaseya Cyberattack Recovery Efforts: The latest details directly from Kaseya are here. Plus, MSSP Alert’s ongoing timeline tracking the Kaseya Supply Chain Cyberattack is here. For those who missed it, the REvil Ransomware gang attacked Kaseya’s on-premises VSA software on July 2. As a precaution, Kaseya shut down the SaaS version of the software. Still, the attack spread to roughly 40 MSPs and then extended to roughly 800 to 1,500 businesses worldwide.
2. Funding – Secure Access Service Edge (SASE): Versa Networks has raised $84 million in a Series D funding. The round was co-led by investors Princeville Capital and RPS Ventures, with additional participation from existing investors, including Sequoia Capital.
3. MSSP Rebrands: WhiteHat Security, an application security provider owned by NTT, has formally changed its name to NTT Application Security.
5. Ransomware Mitigation – Healthcare Vertical: Panzura and Datatility have partnered to help hospitals and healthcare systems improve clinical outcomes and recover from ransomware attacks. The effort involves Panzura’s global file system service optmized by Datatility’s managed services capabilities.
6. Ransomware Readiness Tool: CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks.
7. Salesforce Security Monitoring: Datadog now integrates with Salesforce. The result: Salesforce admins and security teams can detect and respond to suspicious behavior through visibility into user, platform and API activity, Datadog says.
8. Security Orchestration, Orchestration and Response (SOAR): Swimlane’s SOAR software platform has gained three enhancements to protect security analysts from alert overload. The features include:
- Swimlane QuickStart Service: Standardized, out-of-the-box applications to alleviate common security operations pain points including analyst burn-out, executive visibility, audit support, and data actionability, the company says.
- Swimlane Collaboration Hub: Integrates Swimlane with ticketing systems, chat, email, and file sharing applications to collaborate with the security team’s business partners.
- Swimlane Dashboard and Report Publisher: Allows SPOC teams to share dashboards, reports and metrics across SOC and non-SOC staff.
9. British Airways Data Breach Settlement: British Airways has settled a case brought by customers and staff affected by a massive 2018 data breach that led to personal information being leaked, Reuters reports.
10. Kroger Security Breach Fine: Supermarket chain Kroger Co has agreed to pay $5 million to resolve claims related to the recent data breach of Accellion’s file transfer service, Reuters reports.
11. Data Breach: Denmark’s central bank was compromised in the SolarWinds Orion hack, leaving a “backdoor” to its network open for seven months, Reuters says.
B. Cybersecurity Talent: Executive Hires and Promotions
1. eXtended Detection and Response (XDR): Fidelis Cybersecurity has hired Stephanie Broyles as chief marketing officer (CMO).
2. Open XDR: ReliaQuest has named Mike Burkland, John Spiliotis and John Fernandez to its board of directors.
3. Insurance: At-Bay, an insurance company, has hired Sunil Sekhri as Head of Security Services.
4. Security Analytics: Devo Technology, a cloud-native logging and security analytics company, has hired Gunter Ollmann as chief security officer (CSO); Jennifer Grunebaum as chief financial officer (CFO) and Adrianna Gugel as vice president (VP) of product management, security operations.
C. Cybersecurity Partner Programs, Strategic Alliances and Integrations
2. Partnership – U.S. Government IT Services: Carahsoft Technology will partner with investment firm NightDragon’s portfolio companies to promote specific cybersecurity solutions for government agencies. The announcement did not mention whether NightDragon is investing in Carahsoft.
3. Password Management – PSA Software Integration: LastPass now has provisioning integrations with ConnectWise Manage and Datto Autotask. With this integration, MSPs can add all or a selection of their clients to LastPass “in minutes – allowing MSPs to simplify LastPass provisioning and minimize the time required to set-up a LastPass account,’ the company says.
4. Integration – SOAR: Flashpoint has adopted and supports Palo Alto Networks’ Cortex XSOAR Threat Intelligence Management (TIM) 2.0. Joint customers gain “a complete 360-degree threat visibility,” Flashpoint asserts.
5. Integration – Security Engine: Kaspersky Scan Engine now integrates with ownCloud. The integration offloads scanning to a separate server to maintain performance of the platform, as well as to allow scalability, easy set-up and maintenance, the companies say.
D. MSSP, MDR and Cybersecurity Virtual Events and Conference Calendar
- Black Hat USA (July 31-August 5, Las Vegas)
- CMMC Con 2021 (September 29, Virtual Event)
- FireEye Cyber Defense Summit (October 4-8, Hybrid – virtual and face to face)
- InfoSec World 2021 (October 25-27, Orlando, Florida)
- @Hack Cybersecurity Conference (November 28-30, Saudi Arabia)
- Bonus: MSSP Alert’s complete event calendar