Content, Governance, Risk and Compliance

MSSP News Alert: Thursday 13 April 2017

Each morning MSSP Alert offers readers a quick lineup of news, analysis and chatter from across the MSSP (managed security services provider) ecosystem.

Here’s the lineup for Thursday, April 13, 2017:

10. SD-WAN Security: VeloCloud Network has launched an SD-WAN Security Technology Partner Program. Kick-off members include IBM Security, Check Point Software Technologies, Fortinet, and Zscaler.

9. Data Center Security - Docker: The global data center security market will grow 10.51 percent annually from 2017 to 2021, according to a new report. Among the key growth drivers: Docker and container security.

8. HIPAA Fine - Phishing: Metro Community Provider Network, has agreed to pay $400,000 and to implement a corrective action plan to settle potential noncompliance with the HIPAA Privacy and Security Rules, Health Informatics reported. According to OCR’s investigation, MCPN filed a breach report with OCR on January 27, 2012 indicating that a hacker accessed employees’ email accounts and obtained 3,200 individuals’ ePHI through a phishing incident, the report said.

7. IoT Infections: The Mirai botnet infected roughly 2.5 million Internet of Things devices by Q4 2016, according to a McAfee report. Mirai is a malware that turns networked devices running on obsolete versions of Linux into remotely controlled “bots” that can be used for a large-scale network attacks, BGR reported.

6. DDoS Attack - Australia: Domain name registrar, Melbourne IT, and its subsidiaries, Netregistry and TPP Wholesale, fell victim to a “large” distributed denial of service (DDoS) attack on 13 April, which took down their domain name system (DNS) servers for over an hour, ARN reported.

5. DDoS Attack - Brexit Issues?: What caused a Brexit voter registration website crash? The answer may involve a DDoS attack, according to a report by the Public Administration and Constitutional Affairs Committee (PACAC). If true, it's the latest example of cybersecurity attacks that could be designed to influence major political decisions.

4. Threat Intelligence CenterNTT Security, the specialized security company of NTT Group, has formed a Global Threat Intelligence Center (GTIC) to replace what was known formerly as the Security Engineering and Research Team (SERT). GTIC will focus on threat intelligence research and vulnerabilities, detection technologies and GTIC Operations.

3. Cybersecurity Regulation: Under Senate Bill 395, The State of Nevada may require utilities, telecommunication systems and mission-critical infrastructure providers to develop and submit cybersecurity plans to the Nevada Commission on Homeland Security. Also, infrastructure owners would need to disclose "significant cybersecurity incidents to homeland security officials," Las Vegas Review-Journal said.

2. MSSP Momentum: Thirty-one percent of major IT organizations now partner with a managed security services provider (MSSP) to help compensate for lack of skilled security professionals, while 26% of respondents are involved in a partnership between in-house teams and an MSSP, according to a new Trustwave research report. We'll share more details soon.

1. Countdown to Launch: Yup. We wrote this blog on Thursday, April 13 — quite a bit before MSSP Alert’s anticipated launch day in mid-2017.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.