Managed Security Services Provider (MSSP) News: 11 December 2019
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe@AfterNines.com.
A. Today’s MSSP Alerts
1. City Successfully Fights Ransomware Attack: Finally, some good government news in the war versus ransomware. The Town of Each Greenwich, Rhode Island, successfully battled a ransomware attack in recent days. The city’s director of IT rapidly shut down the municipality’s network when the attack began. From there, the city activated its disaster recovery plan — which leverages regular data backups. Restoring the network involved extensive weekend hours by the IT team — but no ransomware was paid and no data was lost.
2. Office 365 Phishing Attacks: A phishing campaign has been discovered that doesn’t target a recipient’s username and password, but rather uses the novel approach of gaining access to a recipient’s Office 365 account and its data through the Microsoft OAuth API, BleepingComputer reports.
3. NotPetya Ransomware Impact: Perhaps it was worse than most folks realize…
4. Talent – Healthcare MSSP: CynergisTek has hired Symantec veteran Tony Douglas as senior VP of sales. Douglas’s hire comes on the heels of the recent appointment of Benjamin Denkers, senior vice president of security and privacy services, and the acquisition of Backbone Consultants with their three partners – Nikhil D’Souza, Jacob Carroll, and Walter Zuniga, the company notes.
5. Talent – Container Security: NeuVector has hired former White Hat Security CEO Stephanie Fohn as president and CEO. Fohn succeeds Fei Huang, who shifts to chief strategy officer at NeuVector. NTT acquired WhiteHat Security, a leading application security provider, earlier this year.
6. Identity and Access Management (IAM): ForgeRock has announced new identity governance capabilities, including access requests, access reviews and reporting to the ForgeRock Identity Platform to help companies satisfy governance requirements, the vendor says.
7. MDR and Microsoft Azure: Paladion, a provider of AI-Driven Managed Detection and Response, is expanding service offerings to include fully automated zero-touch onboarding with Microsoft Azure, the company says. The effort involves a Paladion product called AI.saac.
8. Network Detection and Response (NDR): Lastline Defender 9.0 has launched to secure public cloud workloads, improve AI-powered threat detection and expand threat visibility for workloads across all environments, the company says.
9. Security Orchestration, Automation and Response (SOAR) – Part One: Siemplify has upgraded its SOAR platform with improved investigation, automation and response capabilities. The new version extends Siemplify’s ability to manage SOAR across multiple customer environments – addressing the unique needs of MSSPs, as well as enterprises with multiple discrete business units, the company says.
10. SOAR- Part Two: LogicHub has announced new dashboards and analytics capabilities for its SOAR and Threat Detections dashboard. The updates allow partners and customers to leverage the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and technique, as the threat hunting standard, the company says.
11. Funding – Autonomous Cloud Workload Protection: Rezilion, which develops an autonomous cloud workload protection platform, has emerged from stealth mode with $8 million in seed funding led by Jerusalem Venture Partners (JVP).
B. MSSP Partner Programs and Strategic Alliances
1. MSP Software Integration: EventTracker, a SOC as a Service (SOCaaS) platform from Netsurion, now integrates with Kaseya’s IT Glue. The move provides Netsurion’s MSP partners with “easy access to streamlined reports designed to demonstrate security and compliance posture to customers,” the company says.
2. Intellectual Property Protection: Tech Data has joined the AGMA, a non-profit organization solely focused on intellectual property protection. Tech Data is the first distributor to join the AGMA. The mission: Hinder threats to IP and render these activities more difficult, undesirable and unprofitable, the organizations say. Apollo Global Management, a private equity firm, is in the process of acquiring Tech Data for $6 billion.
3. Distribution: Ingram Micro has agreed to distribute Atos cybersecurity solutions in the United States. The offerings include the Atos Evidian identity and access management products along with management tools for data encryption and digital identities.
C. Next Five Cybersecurity Conferences
- Gartner Identity and Access Management (IAM) Conference (December 10-12, Las Vegas)
- CPX 360: Check Point 2020 Conference (January 27-29, New Orleans)
- PerchyCon 2020 MSP Security Conference (January 29-31, Tampa, Florida)
- RSA Conference 2020 (February 24-28, San Francisco)
- Women in CyberSecurity (WiCys) Conference 2020 (March 12-14, Aurora, Colorado)
- Bonus: The complete MSSP Alert calendar
Email me your news, rumors and tips for potential coverage here on MSSP Alert.