Cybersecurity Roundup: Bitglass, Kaspersky, Cisco-Jask, Microsoft-AttackIQ
California is the worst state for data breaches.
The California Consumer Privacy Act (CCPA) is less than five months from going into effect, applying pressure on companies to ensure they are prepared to handle new strict requirements such as regulating how businesses collect, use and disclose data related to an individual.
Only 55% of companies plan to be ready by CCPA’s effective date of Jan. 1, with another 25% planning to be ready by July 1, the date California will begin enforcement actions.
California is the worst state for data breaches, suffering nearly 1,500 in the last 10 years and exposing nearly 5.6 billion records, so it’s no surprise that the state is implementing one of the strictest privacy acts.
Bitglass’ Jacob Serpa
To find out more about CCPA and how to prepare for compliance, we spoke with Jacob Serpa, senior product marketing manager at Bitglass, a next-generation cloud access security broker (CASB) provider.
Channel Futures: Does the CCPA create challenges/opportunities for MSSPs and other cybersecurity providers? Can you give some examples?
Jacob Serpa: As we’ve seen previously with the General Data Protection Regulation (GDPR), requirements for regulations can initially be somewhat unclear. As CCPA becomes more refined over time, some cybersecurity providers may find it challenging to keep pace with its updated requirements. Consequently, organizations that rely upon such vendors are likely to find themselves to be noncompliant fairly quickly.
As the requirements evolve, MSSPs have the responsibility to ensure that they are providing their customers with security that protects against the threats of both today and tomorrow. Cybersecurity providers must ensure that they are providing customers with the most advanced solutions; however, not every vendor is able to equip themselves with proactive security tools that can adapt to evolving threats and prevent leaks and breaches in real time.
CF: What are some of the biggest hurdles preventing companies from becoming compliant?
JS: While companies need to reserve funds for general IT purposes, they must also invest in cybersecurity tools that can protect their data — which will prevent even larger costs associated with security breaches. Recently, British Airways was given a $230 million fine for not complying with GDPR. Fines like this can be catastrophic for many organizations; as such, it is essential for companies to have the proper tools and strategies in place so that they can defend against breaches and comply with regulations. Unfortunately, barriers to maintaining cloud security still plague many organizations; for example, justifying additional security spend despite large sunk costs associated with prior investments in on-premises security.
CF: If an organization is in compliance with GDPR, are they almost there in terms of compliance with California’s law?
JS: All regulations are different and must be analyzed separately. While GDPR and CCPA are both designed to keep consumer data secure, there will inevitably be differences. Additionally, companies should not aim to do the bare minimum to be compliant with regulations; instead, they must ensure that they are doing everything they can to attain the maximum level of data security.
CF: Are there options for organizations that don’t make the deadline for compliance?
JS: There is a six-month grace period for CCPA, meaning that enforcement actions cannot be taken until July 1, 2020; however, organizations should still try to meet that deadline, as fines include …
… not less than $100 and not greater than $750 per consumer per incident or actual damages, whichever is greater.
CF: Compliance isn’t just a one-and-done thing, right? How can cybersecurity providers help organizations stay in compliance?
JS: Compliance is not the maximum organizations should do for security; rather, it is the bare minimum that governments and regulatory bodies demand. In other words, we should not view regulations as a ceiling, but as an ever-rising floor. As such, organizations should look for proactive cybersecurity platforms that leverage automation, address evolving threats and use cases, scale with growing enterprise operations, and provide assurance that data is protected around the clock. Additionally, these security tools must be easily deployable, as advanced capabilities are worthless unless they can actually be rolled out across an enterprise. In this way, robust cybersecurity and, consequently, regulatory compliance, can be ensured.
Bitglass provides the following advice for compliance:
Take an accurate inventory of all customer information collected/managed by your company. If you don’t know what data you have, you can’t ensure you’re managing and protecting it according to CCPA. Companies going through M&A deals need to be especially careful to conduct a thorough IT audit.
Carefully map how CCPA-protected information is collected, stored, destroyed, and how it flows through your organization. Companies migrating to the cloud means data can be accessed on countless applications from various devices, including employees’ personal devices, from anywhere in the world. It’s critical to have security solutions in place, such as data loss prevention, that will protect data no matter where it travels. Customers can request to have their data readily available, and companies need to be able to respond in a timely manner.
Be ready for change. Since CCPA was passed, numerous amendments already have been approved by the California State Assembly and are now with the state senate for review. As with all regulations, companies must expect CCPA to evolve over time and must be ready to act quickly to ensure continuous compliance.
Alarming Lack of Cybersecurity Training in Health Care
A new report from Kaspersky finds employees of health care organizations in the United States and Canada are not receiving cybersecurity education and awareness in three main areas: regulation, policy and training.
Of these key areas, the most troubling statistic is that nearly one-third (32%) of respondents in North America said they have never received cybersecurity training from their workplace, but think they should have. The online survey targeted nearly 1,760 employees in a variety of roles ranging from doctors and surgeons, to administrators and IT staff working at health care organizations in North America.
When surveying respondents on health care regulations, the main findings concluded that there’s an obvious lack of awareness of federal regulations in both the U.S. and Canada to keep patient information safe and secure. Nearly one in five U.S. respondents reported they didn’t know what the Health Insurance Portability and Accountability Act (HIPAA) security rule meant. In Canada, nearly one-half of respondents said they didn’t know if Canadian patient health information needed to …
… stay in Canada.
More than one-fifth of respondents in North America admitted they were not aware of their workplace’s cybersecurity policy. When breaking down the results by region, just over one-third of respondents in the U.S. and just over one-quarter of respondents in Canada said they were aware of the cybersecurity policy at their workplace, but have only reviewed it once.
The survey also showed there is a dramatic need and desire from employees for increased cybersecurity training in their organizations.
Rob Cataldo, Kasperky‘s vice president of U.S. enterprise sales, tells us while this does pose serious concerns for patient health information and the safety of the health care industry at large, “we see this as an opportunity for MSSPs and other security partners to leverage these findings to work more closely with health care organizations like hospitals, private practices [and so on] to heighten cybersecurity measures, and ultimately keep their patients and businesses safe from potential cyberthreats.”
Kaspersky’s Rob Cataldo
“As is the case with all jobs, training continues to be the most important part of making sure employees are conducting their jobs without posing a risk to the company, themselves or to the customers/patients they serve,” he said. “Cybersecurity providers should educate their health care customers to realize that the human element is the most probable risk to unraveling a robust security strategy. They need to help their customers empower their employees to create a culture of cybersecurity vigilance in order to keep their patients and organization safe with regular, ongoing cybersecurity trainings specific to a variety of roles. This will allow employees to better understand exactly how cyberattacks can affect them day to day, and, more importantly, procedures to take should they find something suspicious.”
Jask Integrates with Cisco Security Portfolio
Cybersecurity startup Jask has joined the Cisco Security Technical Alliance (CSTA) partner ecosystem, a group of security providers that facilitates open, multivendor product integrations designed to improve security effectiveness through automation and operational simplicity.
Through the partnership, the companies have integrated Jask’s cloud-native security information and event management (SIEM) platform with several Cisco products, including its Cisco ASA next-generation firewalls, Cisco Advanced Malware Protection for Endpoints (AMP4EP) and Cisco Umbrella cloud security services.
In addition, by combining JASK Autonomous Security Operations Center (ASOC) with Cisco’s product portfolio, joint customers get context into how hackers are targeting them and can more quickly respond to, and mitigate, advanced attacks.
Oren Arar, Jask’s senior director of business development, tells us his company’s ability to integrate with different Cisco tools as out-of-the-box integrations is critical as it requires no additional effort by the customer or the partner.
“We are definitely interested in doing more business with channel partners and MSSPs that …
… resell and use Cisco products, and also plan to expand our integrations with Cisco in the near future,” he said. “The fact that Jask provides countless out-of-the-box integrations and also performs that fine-tuning for each customer is one of the most unique things about our partner ecosystem. With traditional SIEM vendors, customers need to hire dedicated engineers to perform the parsing and make sure all the of the data is correctly ingested into the legacy systems. Jask automates the ingestion process and takes that challenge away to solve it seamlessly for customers.”
AttackIQ Integrates Platform with Microsoft Defender ATP
AttackIQ has integrated its platform with Microsoft Defender Advanced Threat Protection (ATP), allowing security teams to run production emulation attack scenarios to validate that ATP is configured properly to detect and prevent malicious post-breach activity in an automated and continuous way.
Organizations that meet the minimum requirements for ATP can install AttackIQ’s sensors in their environment, and run and schedule on-demand assessments covering threat actors such as APT3 and APT29, in addition to standard endpoint detection and response (EDR) attacks. All results show up in the dashboard and reports in an easy-to-digest format for CISOs to SOC analysts.
Microsoft’s Moti Gindi
“Microsoft has been working with partners around the world through the Microsoft Intelligent Security Association (MISA) program to deliver innovative integrations that enhance enterprise security,” said Moti Gindi, Microsoft’s general manager of Windows Cyber Defense. “The integration of AttackIQ Platform with Microsoft Defender ATP helps the security teams of our mutual customers to validate and optimize the effectiveness of Microsoft Defender ATP detection, investigation and response capabilities in their network.”
Acronis Unleashes True Image 2020
Acronis has released True Image 2020, the new version of its personal cyberprotection solution. It allows users to automatically replicate local backups in the cloud.
In addition, the dual-protection replication feature is one of more than 100 enhancements and new capabilities incorporated into True Image 2020 – many of which are designed specifically for Mac devices – that are designed to further improve its performance, control and security.
Acronis’ Gaidar Magdanurov
Gaidar Magdanurov, Acronis‘ cyber strategy officer, tells us all types of Acronis partners benefit from the new True Image version.
“Resellers and cloud service providers selling to corporate accounts leverage the fact that 75% of corporate IT customers that are buying Acronis learn about Acronis from their personal experience with Acronis True Image,” he said.
True Image helps to “quickly demonstrate the power of cyberprotection to a very large customer base, Maqdanurov said.
“One specific example of benefits for partners [is] Acronis Active Protection technology that protects against ransomware and cryptojackers,” he said. “In 2018, the technology prevented 400,000 attacks on Acronis True Image users — and it is the best way to demonstrate that the technology is proven and can be safely used in a corporate environment.”
Read more about:
MSPsAbout the Author
You May Also Like