Managed Security Services Provider (MSSP) News: 14 December 2021
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
A. Today’s MSSP, MDR, XDR and Cybersecurity News Alerts
1. Log4J Vulnerability Details for MSPs and MSSPs: Our coverage of the worldwide Log4J software vulnerability includes:
- Log4J vulnerability guidance from the CISA (Cybersecurity and Infrastructure Security Agency).
- MSP software companies make Log4J and Log4Shell statements.
- Log4J vulnerability mitigation guidance from cybersecurity companies such Blackpoint Cyber, Cybereason, Huntress, Qualys and more.
2. Expansion and Executive Leadership – Cloud-based SIEM: Sumo Logic’s Cloud SIEM has expanded to the Mumbai region. Also, Sumo Logic has hired Palo Alto Networks veteran Anant Deshpande as regional director and country manager for the India and SAARC region.
3. Funding – CMMC Managed Services: Lightview Capital has invested in CyberSheath, a CMMC (Cybersecurity Maturity Model Certification) managed service vendor for Department of Defense (DoD) contractors. Financial terms were not disclosed.
4. CMMC: Blancco Technology Group‘s data sanitization offering provides compliance for the Level 1 Media Protection requirement that is part of the DoD CMMC 2.0 framework. Key partners include Carahsoft Technology Corp.
5. Kaspersky Transparency Center: Kaspersky has launched a Transparency Center in Canada. The move is part of Global Transparency Initiative (GTI). Partners that visit the centers can review the company’s source code, access the Software Bill of Materials (SBOM), learn more about the engineering and data-processing practices, and more, Kaspersky said. The GTI effort aims to address allegations that Kaspersky may have ties to Russia’s government. Kaspersky has repeatedly denied the claims, but some governments remain skeptical. The United States, for instance, does not permit federal agencies to run Kaspersky’s software.
6. Cyber Insurance: Coalition has announced a “captive” to begin “taking risk on its cyber insurance programs,” the company said. The result: Coalition will “enhance its ability to manage capacity and its long-term growth objectives while further aligning incentives with its customers,” the company said.
7. Virginia Legislature Ransomware Attack: The information technology agency that serves Virginia’s legislature has been hit by a ransomware attack that has substantially affected its operations, the Associated Press reported.
8. Space War Simulation: The United States is testing satellite resiliency to threats from China and Russia miles above the earth’s surface, just weeks after Russia shot down an aging communications satellite, Reuters reported.
9. FBI Leadership: FBI Director Christopher Wray has named Ryan T. Young as the executive assistant director (EAD) of the Intelligence Branch at FBI Headquarters in Washington, D.C. As EAD, Young will be the “strategic leader of the FBI’s intelligence program and external partnerships, overseeing the Bureau’s intelligence strategy, resources, policies, and functions, an FBI statement said.
B. Cybersecurity Partnerships, Strategic Alliances and Integrations
1. Partnership – XDR and Google Cloud: Cybereason and Google Cloud today announced the availability of Cybereason XDR powered by Google Chronicle. The service allows MSSPs and end-customers to “predict, detect, and respond to cyberattacks at planetary scale and maximum speed across the entire enterprise, including endpoints, networks, identities, cloud, and workspaces,” the two companies said.
2. Partnership – MDR and Cyber Insurance: ActZero and Measured Analytics and Insurance have partnered to “enable businesses to protect themselves against emerging security threats with an integrated risk management approach.”
3. Partnership – OT and IoT: BT, a member of Nozomi Networks’ MSSP Elite Partner Program, will work with and resell Nozomi Networks solutions as part of its Operational Technology Threat Management portfolio, the two companies said.