Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
Here’s the daily business update for Wednesday, June 26, 2019.
A. Today’s MSSP Alerts
1. Ransomware - Another U.S. City Pays Hackers: Officials in Lake City, Florida, have voted to pay hackers $460,000 to recover data from a ransomware attack. The move is part of a disturbing trend, including:
- An MSP that paid hackers $150,000 to recover data after a ransomware attack.
- Riviera Beach, Florida, paid hackers $600,000 to recover data after a ransomware attack.
2. Ransomware Payment Trends: Recent SentinelOne research shows us that 45 percent of U.S. companies hit with a ransomware attack paid at least one ransom, but only 26 percent of these companies had their files unlocked. Furthermore, organizations that paid the ransoms were targeted and attacked again 73 percent of the time as attackers treat paying companies like ATMs, according to Chris Bates, VP, security strategy at SentinelOne.
3. U.S. City Cybersecurity: Atlanta Mayor Keisha Lance Bottoms on Tuesday told the U. S. House of Representatives Committee on Homeland Security that the federal government should provide more resources to help cities prevent cyberattacks like the one that struck Atlanta more than 14 months ago, according The Atlanta Journal Constitution.
4. U.S. Government - File Sharing Security: U.S. federal employees need best practices and standards for secure file sharing over the Internet, Senator Ron Wyden said in a letter sent to the National Institute of Standards and Technology (NIST) on Wednesday, Naked Security reports.
5. NSA Surveillance: The National Security Agency collected records about U.S. calls and text messages that it wasn’t authorized to obtain last year, in a second such incident, renewing privacy concerns surrounding the agency’s maligned phone-surveillance program, according to government documents and people familiar with the matter, The Wall Street Journal reports.
6. SIEM: Elastic has unveiled Elastic Stack 7.2.0, the company's latest SIEM upgrade.
7. Identity and Access Management: Ping Identity updated its multi-factor authentication (MFA) solution, PingID, providing new methods to mitigate risk and strengthen security for enterprises, the company says. PingID’s new features include ways to evaluate user and device risk before access is granted, as well as support for Fast Identity Online (FIDO) standards to increase resistance to advanced phishing attacks, the company adds.
8. Research - Security Operations Talent: Only 20 percent of enterprises and MSSPs indicate that their SecOps programs have reached the highest maturity level, according to Siemplify research. The majority reported that they are just starting their maturity journey or only midway through it. Of verticals, MSSPs expectedly ranked highest in terms of SecOps maturity, while not-so-predictably the traditionally regulated industries of healthcare and finance rated near the bottom.
9. Research - Malware: The Internet Security Report for Q1 2019 from Watchguard reveals a "massive 62% increase in overall malware detections" compared to Q4 2018, the company says. Hackers are doubling down on well-known tactics like credential theft and ransomware by utilizing fake Office documents and other attack avenues that require organizations to deploy advanced defenses to combat a wider variety of threat vectors, Watchguard asserts.
10. Fraud Prevention: Kount, a fraud prevention specialist, has launched a "next-generation AI-driven solution that changes the way payments fraud prevention is delivered." Kount’s AI emulates an experienced fraud analyst, as both take into account three things when protecting against digital fraud: historic data, anomalies, and business outcomes, the company says.
11. Funding - Vulnerability Remediation: Israeli startup Vulcan Cyber has raised $10 million in Series A funding. The company's technology is designed to close the vulnerability remediation gap – the time from initial discovery and reporting until enterprise organizations actually deploy a fix to remediate the risk. Vulcan Cyber will use the funding to expand North American operations. The Vulcan Cyber partner program appears to focus mostly on product and technology integrations. We're checking on potential MSSP and MSP partner program plans.
B. MSSP Partner Programs and Strategic Alliances
1. Risk Management: CyberGRX, which runs a global cyber risk exchange, has launched the CyberGRX Global Partner Program.
2. Palo Alto Networks - MSSP: Vandis has been recognized by Palo Alto Networks as a Prisma Public Cloud Managed Security Service Provider, or MSSP, Partner. Vandis services enable customers and in-house engineers to identify risks, compliance adherence, and CMDB changes in AWS, Azure, and Google Cloud, the company says.
3. Vulnerability Management: Coalfire, a provider of cybersecurity assessment and advisory services, has partnered with Qualys, a provider of cloud-based security and compliance solutions. The effort integrates Qualys’ vulnerability management and continuous monitoring capabilities into Coalfire’s Secure Cloud Automation Services (SCAS). Qualys will also be a leveraged partner – both internally and by independent third-party assessors – to validate system inventory, configuration compliance, and secure maintenance of the underlying systems, the companies say.
4. Integration - Endpoint Protection and ServiceNow: Malwarebytes, a provider of endpoint protection and remediation software, now integrates with ServiceNow Security Incident Response. The integration allows joint partners and customers to take action from the Now Platform in response to security threats, Malwarebytes says.
C. Next Five Technology Conferences
- AWS re:inforce Cloud Cybersecurity Conference 2019 (June 25-26, Boston, Massachusetts)
- MSSP Accelerator: Sales and Marketing Summit (July 10-11, Cedar Rapids, Iowa)
- Cyber:Secured Forum 2019 (July 29-31, Austin, Texas)
- Black Hat USA 2019 (August 3-9, Las Vegas)
- EnergySec Security and Compliance Summit 2019 (August 19-21, Anaheim, California)
- Bonus: The complete MSSP Alert calendar
Email me your news, rumors and tips for potential coverage here on MSSP Alert.