Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the update for Wednesday, June 27, 2018.
9. Email Subpoena vs. Privacy: Tesla on Monday won a Nevada federal judge's approval to subpoena Apple, Google and Microsoft to preserve email and cloud storage content belonging to a former process technician the automaker has accused of stealing confidential company data and trade secrets and siphoning them to third parties, Law360 reports. The former employee claims he is a whistleblower against the electric car company.
8. Funding: Breach prevention startup Balbix has raised $20 million in Series B funding from investors led by Singtel Innov8 and Mubadala Venture. Former Cisco CEO John Chambers also invested in the round.
7. IoT Security: Kaspersky Lab's latest survey results reveal some rather interesting IoT security trends and concerns...
6. SOAR and AWS Security: Demisto, which specializes in security orchestration, automation and response (SOAR) technology, now integrates with Amazon Web Services (AWS). The connection allows users to unify workflows across their cloud and on-premise infrastructure, from one console, in a secure manner, Demisto claims.
5. Research - Data Risk Monitoring: ISACA and SecurityScorecard announce a joint research paper titled "Continuous Assurance Using Data Threat Modeling." The research provides enterprises guidance in adopting an attacker’s point of view to help account for data. It also features a step-by-step guide to apply application threat modeling principles to data. The result: Enterprises can now establish a baseline for monitoring ongoing data risk over time, the firms say.
4. Training - Identity Protection: Symantec has trained more than 16,000 law enforcement personnel to fight identity theft. The training involved FBI-LEEDA – the LifeLock Identity Theft Training Summit program.
3. Training - SMB Employees: Nearly 100 percent of small businesses now perform employee cybersecurity training, but 79 percent of those SMBs say they aren't completely ready to manage IT security and protect against threats, a Webroot survey says. What triggered such high training figures? I'm not sure. Perhaps Webroot's survey base involved the company's own tech-savvy customers rather than the general SMB population. We're checking.
2. Password Testing: KnowBe4 has released a new tool called Breached Password Test (BPT). The tool searches nearly two billion records to identify passwords that are currently in use in a domain but have been exposed in a previous data breach. Password Test is designed to help IT quickly isolate password security vulnerabilities and at the same time streamline the process of identifying high risk passwords being re-used, the company says.
1. New Cylance Conference: Cylance Prevent 2018, the cybersecurity company's inaugural user conference, is confirmed for September. We're checking to see how channel partners, MSSPs (and aggressive bloggers...) will be represented at the conference.