Managed Security Services Provider (MSSP) News: 21 January 2020
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe@AfterNines.com.
A. Today’s MSSP Alerts
1. M&A – Cyber Consulting: Deloitte has acquired boutique cyber advisory firm SecurePath with the Symantec specialist joining the consultancy giant’s Risk Advisory practice in Malaysia, ChannelAsia reports.
2. M&A – Risk Management: Wolters Kluwer Legal & Regulatory is acquiring CGE Risk Management Solutions B.V., a provider of risk management software such as BowTieXP.
3. Talent – Systems Integrator: FlexITy has hired Brad Riddell as VP of CyberSecurITy.
4. Ransomware Attack Recovery – Travelex: More than two weeks after a crippling ransomware attack forced Travelex staff to use pen and paper to calculate foreign currency exchanges, the company said the first of its customer-facing systems in Britain was up and running again, Insurance Journal reports.
5. Ransomware Attacks New York Town: The Town of Colonie, New York, suffered a ransomware attack on January 15, a local news outlet reports. This is the third major ransomware attack in the New York Capital Region. One hit the city of Albany in March, 2019, and the other hit Albany International Airport on Christmas Day, the local report notes.
6. Ransomware Attacks New Orleans Convention Center: Ransomware attacked the New Orleans Ernest N. Morial Convention Center’s computer networks on January 15, but data protection safeguards apparently minimized the damage, according to local news reports.
7. Facial Recognition & Privacy: The European Union’s proposal for a temporary ban on facial-recognition technology won backing from Alphabet Chief Executive Sundar Pichai on January 20 but got a cool response from Microsoft President Brad Smith. Pichai did not provide specific proposals, according to Reuters and Associated Press.
8. Ransomware Attack Recovery – New Hire: Tennessee’s Johnson City is hiring a cybersecurity expert months after it was the victim of a ransomware attack, a local NBC News affiliate reports. The city is currently interviewing candidates for a senior technology security engineer, a new position, at an annual salary of just over $63,000, the report says.
9. Hacker Leak: A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) “smart” devices, ZDNet reports.
10. Security Operations Center (SOC): Redscan, a penetration testing, threat detection and response specialist, has achieved accreditation from CREST for its Security Operations Centre (SOC), the company says.
11. Windows Ransomware Warning: SafeBreach describes the Windows EFS (Encrypting File System) ransomware threat here.
12. Windows Upgrade Scam: The U.S. Better Business Bureau is warning Microsoft customers not to fall for a Windows 7 upgrade scam.
13. FDIC Cybersecurity Warning: The Federal Deposit Insurance Corporation (FDIC) has issued a letter to U.S. all FDIC-supervised institutions. The FDIC warning outlines heightened cybersecurity risk considerations amid “increased geopolitical tensions.”
14. U.S. Cybersecurity Policy: A bipartisan group of senators on January 17 introduced legislation that would establish a federally funded program to put in place state cybersecurity leaders nationwide, increasing the ability of states to respond to cyberattacks, The Hill reports.
B. MSSP Partnerships and Strategic Alliances
1. Integration – Endpoint Protection: BlackBerry Cylance and SafeBreach have announced an integration to help organizations improve their overall security posture with continuous enterprise endpoint security validation, the companies say.
2. MSPs – Security License Management: Kaspersky License Management Portal (LMP) is a new self-service portal for MSPs and resellers to help them streamline Kaspersky license ordering, management and reporting, according to this report. ChannelE2E has reached out to Kaspersky for more details.
3. Partnership – SOAR (Security Orchestration, Automation and Response): Stellar Cyber‘s Open-XDR security application platform now integrates with Check Point Security Software‘s Open Platform for Security APIs. The result: Stellar’s platform can now deliver automated responses to security incidents by commanding Check Point solutions to block ports or perform other protective measures.
C. Next Five Cybersecurity Conferences
- CPX 360: Check Point 2020 Conference (January 27-29, New Orleans)
- PerchyCon 2020 MSP Security Conference (January 29-31, Tampa, Florida)
- RSA Conference 2020 (February 24-28, San Francisco)
- Women in CyberSecurity (WiCys) Conference 2020 (March 12-14, Aurora, Colorado)
- OKTA Oktane 2020 Cybersecurity Conference (March 30-April 2, San Francisco, California)
- Bonus: The complete MSSP Alert calendar