Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Leadership Move: Lacework, a cloud security specialist, has appointed Lea Kissner as its new chief information security officer (CISO). As CISO, Kissner will be responsible for leading the development and implementation of Lacework's overall security strategy and programs.
2. Funding Boost: The Center for Assured and Resilient Navigation in Advanced TransportatION Systems (CARNATIONS) at Illinois Institute of Technology was named a new Tier 1 University Transportation Center (UTC) by the United States Department of Transportation. As a Tier 1 UTC, CARNATIONS will receive a $10 million grant for improving transportation navigation systems by making them more resilient to cyberattacks.
3. Leadership Move: Cowbell, a provider of cyber insurance for small and medium-sized enterprises, has appointed Andrea Collins as its chief marketing officer. Collins brings more than two decades of marketing and communications expertise to this newly created role, the company said.
4. Dark Web Research: Searchlight Cyber, a dark web intelligence company, has released its new report, "Dark Web Threats Against the Energy Industry," which examines cybercriminals’ reconnaissance against energy companies. The report analyzes threat actor activity against the energy sector over a 12-month period and provides guidance on how dark web intelligence can be factored into threat models to help organizations improve their security posture.
5. Cyber Insurance Research: Coalition, an active insurance provider, has released the 2023 edition of its Cyber Claims Report detailing the evolution of cyber trends. The report found that policyholders with even one unresolved critical vulnerability were 33% more likely to experience a claim.
6. Security Partnership: To help train and defend against cybersecurity threats, SimSpace has expanded its ecosystem to support Cymulate customers. The SimSpace cyber range will enhance Cymulate customers' ability to perform market-leading team assessments, live-fire exercises and vulnerability exposure.
7. Industry Recognition: Circle Security has formed a joint integration with the ForgeRock Identity Platform. The on-premises node will help businesses stay ahead of evolving threats and achieve their security goals by integrating identity authentication and privacy protection capabilities into customer applications as a single, unified API.
8. Cybersecurity Legislation Proposed: As tensions over Taiwan continue to run high, the United States estimates that the country now faces tens of millions of Chinese cyberattacks each month. A proposed cyber defense bill, which has support on both sides of the political aisle, would authorize the U.S. Department of Defense (DoD) to ramp up training and direct cooperation on defensive measures. (Source: CPO Magazine)
9. Ransomware Gang Strikes: A new ransomware gang known as RA Group has become the latest threat actor to use the leaked Babuk ransomware source code to spawn its own locker variant. RA Group, which has been reportedly operating since at least April 22, is rapidly expanding its operations. (Source: The Hacker News)
10. Data Breach Reported: Pharmacy services provider PharMerica has disclosed a massive data breach impacting more than 5.8 million patients. PharMerica is a pharmacy services provider in 50 U.S. states, operating 180 local and 70,000 backup pharmacies. Hackers reportedly breached PharMerica's system on March 12, stealing the full names, addresses, dates of birth, social security numbers, medications, and health insurance information. (Source: Bleeping Computer)