Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Wednesday, April 4, 2018:
12. Facebook GDPR Compliance?: Facebook CEO Mark Zuckerberg said on Tuesday that he agreed “in spirit” with the European Union's GDPR data privacy law -- but stopped short of committing to it as the standard for the social network across the world, Reuters says.
11. Panera Bread Breach: Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity reported.
10. Gas Pipeline Cyberattack: A supply chain cyberattack has disrupted a customer transaction service for a network of U.S. natural gas companies, according to CyberScoop.
9. Data Protection & Compliance: Dataguise has launched DgSecure SaaS for Amazon Redshift and RDS databases. The offering provides detection, protection, monitoring, and auditing of sensitive information that enables enterprises to comply with a wide range of privacy data regulations – including the General Data Protection Regulation (GDPR), Dataguise claims.
8. Internet of Things: ForeScout Technologies, an Internet of Things (IoT) security company,has bolstered ForeScout CounterACT 8 to enhance device visibility and control to mitigate risk, reduce the attack surface and automate incident response, the company says.
7. Healthcare: Cynerio has launched a tailor made solution to protect connected medical devices -- essentially boosting security while helping healthcare firms comply with HIPAA, the company says.
6. Threat Analytics: Arxan Technologies has launched an application security monitoring and analysis service called Arxan Threat Analytics. This service allows business owners to understand on day one who, how and from where applications are being attacked – while attacks are in progress – and rapidly deploy countermeasures before the attack is completed or becomes more widespread, Arxan claims.
5. Data Center, Cloud Security: Alcide has launched a Data Center and Cloud Operations Security Platform, which protects any combination of container, serverless, Virtual Machine (VM) and bare metal in the modern data center, the company asserts.
4. Security Sandbox: Kaspersky Lab has launched Kaspersky Cloud Sandbox, a subscription service available through the Kaspersky Threat Intelligence Portal. It's designed to help customers and partners improve their investigation and response to complex threats.
3. Research: The 2018 IBM X-Force Threat Intelligence Index found the number of records breached dropped nearly 25 percent in 2017, as cybercriminals shifted their focus on launching ransomware and destructive attacks that lock or destruct data unless the victim pays a ransom. Among the other key findings: An historic 424 percent jump in breaches related to misconfigured cloud infrastructure, largely due to human error. We'll share more details soon.
2. Microsoft Security Portal: Microsoft has unveiled the Microsoft 365 security and compliance center. The center enables data administrators, compliance officers, security administrators, and security operations to discover security and compliance controls across Office 365, Enterprise Mobility + Security, and Windows in a single place, the company claims. We'll share more details soon.
1. Top 100 MSSPs Survey: Our Top 100 MSSPs Survey for 2018 is now open. Participate now and your company could be recognized and ranked among the world’s top MSSPs when we unveil research, results and the complete list in September.