Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Wednesday, November 15, 2017:
12. IoT Toy Warnings: A UK-based consumer watchdog group is warning consumers that certain IoT-connected toys introduce security and privacy risks to buyers...
11. FallChill Malware: The U.S. Department of Homeland Security has issued a warning about FallChill malware -- driven by the so-called Hidden Cobra hacker group. The malware can trigger network intrusions that have "severe impacts" such as temporary or permanent loss of information.
10. Kaspersky's Installed Base: About 15 percent of U.S. government agencies have detected some trace of Russian company Kaspersky Lab’s software on their systems in a review prompted by concerns the antivirus firm is vulnerable to Kremlin influence, Reuters reported Tuesday. The U.S. government has been removing Kaspersky's software from federal networks. Kaspersky insists that it has no ties to Russia or any other government.
9. GDPR Compliance and Mobile Risks: An overwhelming 84 percent of U.S. security and IT executives agree that personal data accessed on employees' mobile devices could put their company at risk for GDPR noncompliance, according to a survey by Lookout... a mobile security specialist.
8. GDPR Preparations: 36% of IT suppliers and 37% of end users are on the way to GDPR readiness, but only 10% of IT suppliers and 3% of end users are fully prepared for the compliance regulations -- which kick in May 25, 2018, a SolarWinds MSP survey reveals. Companies that fail to comply with GDPR mandates could face fines of up to €20 million—or four percent of annual global turnover.
7. Cyber Insurance: Berkshire Hathaway Specialty Insurance (BHSI) has unveiled the Professional First Network Security & Privacy Liability Policy in Canada. The offering combines cyber liability and breach response coverage with risk management resources for commercial enterprises and financial institutions, the company says.
6. Partner Program - Data Leak Prevention: Safetica has launched a North American partner program for MSPs and MSSPs. GM Luke Walling is driving the effort. True believers include Capaxion, an MSP in New Jersey.
5. Partner Program - Application Security: CYBRIC, which develops continuous application security platform, has expanded its partner ecosystem -- including new integrations with WhiteSource, VictorOps, Snyk and Docker Content Trust tools and products.
4. Managed Security Deployments: RapidFire Tools Inc. has launched Detector SDS 2.0, which gives MSPs and MSSPs the ability to easily roll out a range of high-value, pre-configured, automated, and branded internal IT security services across all their clients – or to use the built-in tools to create their own customized offerings, the company says.
3. Partner Program - Network Security: SonicWall has unveiled new professional security services that are designed and delivered in partnership with the company's channel partners. The offerings include Implementation Services, Solution Services and Architecture Services. SonicWall Chief Revenue Officer Steve Pataky offered clues about the professional services partner push back in September. Even before the pro services initiative arrived, CEO Bill Conner pointed to major partner momentum -- and potential M&A deals -- in a ChannelE2E interview.
2. Talent: Vectra, which automates the hunt for in-progress cyberattacks, has named Scott Collins as director of North America channels. He'll focus the company's partner efforts on security VARs, consultants and MSSPs, Vetra said. Collins previously held key roles at Fidelis Cybersecurity, FireEye, Zscaler and IronPort Systems.
1. SOCs and SIEM: Securonix, which develops a security analytics and SIEM platform, now integrates with Phantom, a key platform in the Security Automation and Orchestration (SA&O) market. This partnership enables security operations center (SOC) analysts to "dramatically improve their mean time to detect and respond to the cyber threats posing the greatest risks to their organizations," the companies claim.