Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the daily business update for Thursday, April 4, 2019.
15. Facebook Data Leak on AWS: Facebook on Wednesday that it removed public databases containing its user data on Amazon's cloud servers after cybersecurity firm UpGuard discovered millions of exposed records, Reuters notes. The exposure raises fresh questions about Facebook's data security and privacy procedures.
14. Bayer Cybersecurity Attack: Bayer, Germany’s largest drugmaker, has mitigated a cyberattack allegedly hatched in China, Reuters says. Bayer said the infection also bore the hallmarks of a hacker group known as Winnti, an umbrella term for groups that are believed to include Wicked Panda, the report adds.
13. President Trump - Physical Security and Cybersecurity: The arrest of a Chinese woman who carried a malware-laced device into Mar-a-Lago, President Trump’s Florida resort, has exposed porous security at the private club and escalating tensions between Secret Service agents and the resort’s staff members, who vet guest lists and allow people onto the sprawling grounds, The New York Times reports.
12. MIT Ends Huawei Relationship: The Massachusetts Institute of Technology (MIT) has severed ties with Huawei Technologies and ZTE Corp as U.S. authorities investigate the Chinese firms for alleged sanctions violations, Reuters reports..
11. Back Door Access -- Huawei Laptops: Microsoft has found a back door in Huawei laptops that could give hackers access to the computers, The Epoch Times reports. Huawei faces security concerns from numerous countries -- especially as a potential supplier for 5G network equipment. Some countries and organizations are boycotting the equipment amid concerns that Huawei might spy for its home country -- China. Huawei has strongly denied such claims.
10. Huawei Banned List: Here's a list of countries and companies, and their current stance toward Huawei technology deployments.
9. Cybersecurity Debate: Consumer advocacy group Public Citizen has filed a protest over Duke Energy's request to recover $137.4 million in capital investments from ratepayers for cybersecurity upgrades, Utility Drive reports. The timing of Duke's request has raised suspicions considering the utility earlier this year received a $10 million fine from the North American Electric Reliability Corporation (NERC) for cybersecurity violations, the protest asserts, according to Utility Drive's report.
8. Venture Capital - IAM: Okta has unveiled Okta Ventures, a $50 million venture fund focused on early-stage identity and access management (IAM) startups that have artificial intelligence, machine learning and blockchain expertise.
7. Funding - Bot Attack Mitigation: Intechnica has raised funding from Mercia Equity Finance. Intechnica will use the funding to grow its cybersecurity division, Netacea, in the UK, North America and other international markets, and expand its consultancy services, the company said. Netacea's technology mitigates bots attacks and automated threats. Key Mercia leaders include SolarWinds MSP and LogicNow veteran Alistair Forbes.
6. Funding: AppOmni, which seeks to mitigate the risk of SaaS application data leaks, has emerged from stealth mode and raised $3 million in seed funding.
5. Funding - Security Operations Center as a Service: CyberHat has raised $6 million to expand its SOC, prediction , detection and defense services. The company has 60 people in Tel Aviv and New York. Early adopters include such MSPs as Milestone Technologies and SilverSun Technologies.
4. Grand Opening - Security Operations Center: ECS has opened a Cybersecurity Innovation and Technology Operations Center (CITOC) in northern Virginia. The location essentially is a SOC for U.S. public sector and Fortune 500 customers.
3. Research - Managed Security Services Market Forecast: The global managed security services market will reach $63.01 billion by 2025, up from $18.08 billion in 2016, according to Research Reports Inc. That's a 14.88 percent compound annual growth rate (CAGR) during the forecast period. Still, MSPs and MSSPs should proceed with caution and careful planning. Despite all the hype, we continue to hear from service providers that are struggling to charge a premium for cybersecurity. Even perceived market leaders such as SecureWorks, a Top 100 MSSP, suffer from challenges like customer churn.
2. Fake CIA Sextortion Scam: Trustwave uncovers details here....
1. Top 100 MSSPs – 2019 Survey: The survey is now open. Participate and your company could be honored when we unveil the resulting Top 100 MSSPs list and research in September 2019.