Managed Security Services Provider (MSSP) News: 30 June 2020
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
A. Today’s MSSP Alerts
1. Research – Security Response Plans: More organizations have adopted formal, enterprise-wide security response plans over the past five years of the study; growing from 18% of respondents in 2015, to 26% in this year’s report (a 44% improvement), an IBM Security research report finds.
2. Research – Firewall Security: According to a Neustar study, four in 10 security leaders say half or more attacks have bypassed their web application firewall (WAF) in the last 12 months. The survey, which comes from the Neustar International Security Council, also found:
- 30% have had difficulty altering WAF policies to guard against new web application attacks;
- Over 40% do not have a WAF that is fully integrated into other security functions; and
- 50% of network requests have been labelled as false positive by their WAF in the last 12 months, according to 30% of security professionals.
3. Research – Phishing Attacks: IronScales researchers have identified a trending fake login attack spoofing two leading email delivery service providers, Mailgun and SendGrid. This phishing attack was discovered just weeks after our researchers disclosed a massive phishing attack targeting PBX voicemail integrations, the company says.
4. Insider Threat Management: Proofpoint has launched the ObserveIT Insider Threat Management (ITM) platform to provide insider risk detection, incident response, and unified visibility across user activity, data interaction, and threat context, the company says.
5. Funding, Talent: Area 1 Security has raised $25 million in growth funding led by ForgePoint Capital, along with current investors Kleiner Perkins, Icon Ventures and Top Tier Capital. Moreover, Dell and SonicWall veteran Patrick Sweeney has joined the email security startup as CEO.
6. Talent – Application Protection: Virsec has named Dave Furneaux as CEO.
7. Application Security: WhiteHat Security, an independent subsidiary of NTT, has announced a discounted Web + Mobile Application Security bundle, the company says.
8. DNS Protection: OpenText has updated its Webroot DNS Protection filtering service, which “delivers a secured internet connection that enables both privacy and security for businesses and end users.” Webroot DNS Protection leverages DoH — specifically, the service encrypts data using HTTPS to securely convey DNS requests to Webroot resolvers, preventing eavesdropping, manipulation or exploitation of data by third parties and malicious actors, the company says.
9. Endpoint Detection: Attivo Networks has upgraded its Endpoint Detection Net (EDN) solution that improve file protection against human-operated ransomware by concealing and denying access to production mapped shares, cloud storage, and selected files or folders, the company says.
10. Government Cybersecurity Spending: Australia will spend A$1.35 billion (US$926.1 million) over the next 10 years to boost its cyber security defenses, Prime Minister Scott Morrison said, according to Reuters.
B. MSSP Partnerships and Strategic Cybersecurity Alliances
1. Funding & Partnership – Breach Detection: Telekom Security, the cyber security unit of Deutsche Telekom, has invested in Cynet — an autonomous breach detection platform. Cynet raised $18 million overall from multiple investors. Telekom is using Cynet’s technology to address the small and midsize enterprise market.
C. Upcoming Cybersecurity Conferences
- List: Tech Conferences Canceled, Postponed or Online Only (Source: ChannelE2E)
- Bonus: MSSP Alert’s complete event calendar