Cybersecurity Roundup: Iran Cyberattacks, Cloud Range Cyber, Darktrace, Zix-AppRiver
… the lack of skilled cyber operators, Gordon said.
“MSSPs that are able to provide leading edge toolsets, IR processes, and are focused on hiring, upskilling and retaining highly qualified and specialized operators can significantly enhance their customers security posture, thus enabling customer organizations to better prepare for future attacks,” he said. “It is imperative that MSSPs have ongoing training programs for their analyst in order to keep them challenged and prepared as well as retain them in the competitive environment.”
Drew Lydecker, Avant‘s president and co-founder, tells us with cyberwarfare there’s not just one silver bullet, but lots of them.
“Trusted advisers are training day in and day out with the latest and greatest technology to provide a level of service that no company can do on their own,” he said. “No company is out there trying to find the bad guys proactively because they don’t have the manpower or capabilities, but MSSPs are doing exactly that. From their breadth of customers, they are able to proactively hunt for threats, seeing the trends and predicting the types of threats that pose a risk to their customers. Having a trusted adviser on standby will help ensure that companies are more proactively preparing their security stack for the inevitable breach and have a strong disaster recovery plan in place to significantly minimize the impact of a breach.”
The biggest mistake in cybersecurity is following the status quo, Lydecker said. The playbook is no longer relevant and old tactics are putting companies and their customers at risk, he said.
“While the trusted adviser and MSSP movements are the smartest and most holistic ways to avoid and prevent cyberattacks, it’s also important to use common sense,” he said. “It’s also time to double down on physical security when hardware is based on-prem. It’s similarly critical to make sure that your teams are fully trained to avoid phishing attempts and other tactics to gain access to your networks.”
Darktrace Expands Email Security
Darktrace has expanded its platform to cover additional email systems including G Suite and Microsoft Exchange.
Antigena Email, launched a year ago for Office 365, has proven a “powerful defense” against a wide variety of digital fakes, as well as account hijacking, email spoofing and targeted email attacks, the company said.
Darktrace’s AI forms an evolving understanding of normal user behavior across a business’ digital infrastructure, combining users’ network patterns and browsing behavior with email communications and identity metrics for each individual in an organization.
Armed with this knowledge, Antigena fights back against email-based threats that bypass tools which only analyze email traffic, the company said. These include supply chain attacks, hijacked accounts, AI attacks, and other advanced forms of targeted attacks.
Mariana Pereira, Darktrace’s director of email security products, tells us this expansion will be a “huge opportunity” for her company’s partners.
“Email security has been the unsolved piece of the security puzzle, with threats consistently bypassing most legacy security tools that rely on rules or signatures, or which are limited in their ability to only analyze email traffic,” she said. “Many organizations are still on the search for an email product that will enable them to stay one step ahead of increasingly advanced attacks. With this offering, our partners can now offer their customers the power of AI-powered threat detection and autonomous response across an entire digital business, including cloud, IoT devices, industrial control systems, Office 365, G Suite and Microsoft Exchange.”
Since Darktrace announced Antigena Email for Office365 at RSA last March, adoption across its customer base has been “tremendous,” Pereira said. Many customers already have expressed interest in G Suite and Exchange offerings following internal customer communications, she said.
“I anticipate our partners will also see …