Author: rescue@crimefire.in

Carrier says no personally identifiable info leaked, blames outside vendor
When it comes to telecom companies and consumer data breaches, you'll most likely have seen T-Mobile in the headlines way too many times in recent years. The self-titled Un-carrier has been attacked time and again with disastrous results. But now, the carrier (and its customers) won't be alone in victimhood this year — newly-released intelligence alleges millions of Verizon subscribers have had their information leaked out into the open internet.
The assessment comes from SafetyDetectives which picked up on a Verizon database posted to an open forum this January. Entries contained within date between sometime in 2021 and January 2022.
Analysis indicates approximately 7.5 million wireless subscribers have had some data points exposed including what kind of devices they had connected to Verizon service, what rewards they were signed up for, and what auxiliary subscription services like Apple Music, Disney+, YouTube TV, or Verizon Cloud they were signed up for. Each entry also contained a hash-obscured customer ID — potentially using a SHA256 key as the original forum post notes. The dump also contains customer ID hashes, first names, usage and speed metrics, router specifications, and contract statuses of about 1.5 million home internet subscribers. Besides the first names, it seems no unencrypted personally identifiable information has leaked, but the exposure of those hashes still presents a threat if the right key or keys are found.
Verizon was notified by SafetyDetectives's research team on February 8. The company has yet to respond on this matter. We've reached out for comment and will let you know if we hear back.
Big Red had a more concrete security scare back in 2017 (via BankInfoSecurity) when personally identifiable information from about 6 million wireless accounts was mishandled. The company apologized, stating no data was lost or stolen and that the incident was the responsibility of an outside vendor.
Statement from Verizon
Richard J. Young, a spokesperson for Verizon, has told us the SafetyDetectives piece refers to an issue the company already addressed back in January regarding another outside vendor that provided video guides for customer service questions, pointing us to an early article from The Cyber Express.
The company never gave access to personally identifiable information such as social security numbers, addresses, or credit card numbers besides first names to the vendor. Verizon has since conducted a review of the vendor and has severed ties.
"Since then, there's been an effort to recirculate this issue and material as if it's new," Young goes on to say. "The fact is that there’s nothing new here. The bad actor's findings are being reposted, but it's all recirculated material."
We've decided to keep this story up for transparency's sake on our part, but have changed the headline which was originally titled "VerizonVerizon data breach exposes millions of customers' account data"
Jules joined the Android Police team in 2019. He currently manages weekend news, our newsletter, and our podcast. Before that, he was at our now-sister site, Pocketnow. He loves public transportation, podcasts, and people in general. He also likes to take views from the bigger picture in technology from how people are attracted to it to how it’s utilized across every other industry.

source

American fast food restaurant chain Five Guys has announced a data breach in a recent letter to customers from COO Sam Chamberlain.
According to the letter, the security incident occurred in September 2022 and exposed sensitive customer data by an unauthorized party who accessed a file server.
Stolen data would include employee personally identifiable information (PII) such as names, social security numbers and driver's license numbers.
"This is yet another incident where attackers have managed to breach an organization's network, and the victims whose data was stolen were not informed until months later, offering attackers ample time to use that information to commit credit and identity fraud," said Julia O'Toole, CEO of MyCena Security Solutions.
Further, according to Casey Ellis, founder and CTO at Bugcrowd, what was breached was likely Five Guys' recruiting system, where candidates upload their resumes.
"Having these sorts of systems available to the internet makes sense when you consider the recruiting and job application process, but if something is more available to a public user, it's also more available to a potential attacker," Ellis told Infosecurity.
"Common web coding flaws like Indirect Object References (IDOR), authentication flaws, and even injection flaws can enable this type of attacker outcome without the need for lateral movement."
John Bambenek, principal threat hunter at Netenrich, added that the most immediate use of this data is to realize there are a handful of people on the lower end of the economic scale who are looking for jobs.
"I imagine there will be scams and mule recruitment lures sent to those people in the near future," Bambenek added. "Considering the industry, I can't see a viable attack path towards Five Guys itself unless some of those resumes represent 'back office' type staff."
In the letter, the company said it has arranged for affected customers to receive free credit monitoring and identity protection services through IDX as compensation.
"These identity protection services include one year of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services," the company wrote.
The data breach, though only disclosed now, took place weeks before KFC and McDonald's customers were targeted via phishing campaigns across Saudi Arabia, UAE and Singapore last October.

source

January 4, 2023 | Microsoft Stories

To deploy CyberShikshaa and Ready4Cybersecurity programs across 30 NIELIT training centers in Tier 2 and Tier 3 towns across India with a focus on North-East states, Jammu & Kashmir and Ladakh.
New Delhi, January 4, 2023: Upholding its commitment to bridge the cybersecurity skills gap in the country, National Institute of Electronics & Information Technology (NIELIT) and Microsoft today announced a collaboration to increase access to skills for jobs through CyberShikshaa and Ready4Cybersecurity programs. Aiming primarily at underserved youth, women and jobseekers from remote areas, National Institute of Electronics & Information Technology (NIELIT) and Microsoft will deploy CyberShikshaa and Ready4Cybersecurity programs in 30 training centers of NIELIT in Tier 2 and Tier 3 towns, with a special focus on Jammu & Kashmir, Ladakh and states in the North-East region of India. These programs would be scaled in subsequent years to integrate cybersecurity training programs in all the training centers of NIELIT.
The global cybersecurity skills gap and the lack of diversity in the workforce are among the urgent issues facing today’s digital economy. Studies show that 3.4 million people are needed to fill the global cybersecurity workforce gap. The collaboration between NIELIT and Microsoft will help reduce the talent deficit for cybersecurity professionals and provide employment opportunities for 1100 underserved youth in the pilot year of deployment.
Nearly 3,500 learners will undergo training and receive internship or employment opportunities for in-demand cybersecurity jobs. Besides providing grants for training, Microsoft’s support will include curriculum content, certifications, and mentorship opportunities. Current program partners Data Security Council of India, Tata Strive, ICT Academy and Quick Heal Foundation, will partner with NIELIT to carry out the deployment of CyberShikshaa and Ready4Cybersecurity training program. As the country’s premier institution for examination and certification in the field of Information, Electronics and Communications Technology (IECT), NIELIT aims to develop skilled professionals and provide support to learners and trainers both through design and development of curriculum and acquisition of content.
Combined with 90 hours of business English curriculum, CyberShikshaa will provide more than 400 hours of cybersecurity curriculum for underserved women engineering students and will be deployed in the NIELIT in Tier 2 and Tier 3 towns. Including NIELIT’s Information Security curriculum, Ready4Cybersecurity is a 120-hour virtual instructor-led training program delivered by the NIELIT Centers for beginners in rural colleges and higher education institutions to be employable for in-demand job roles in cybersecurity industry. Learners receiving industry certifications will also have access to internship opportunities through partner recruitment platforms of the Future Ready Talent Program. Both the programs will be deployed through NIELIT centers, with a focus on the Northeast States, Jammu Kashmir and Ladakh enabling access to latest technology courses for underserved youth and job seekers from remote regions.
Dr Madan Mohan Tripathi, Director General, NIELIT, said, “Recognizing the challenges owing to the lack of trained cybersecurity professionals, NIELIT is committed to training people for in-demand jobs, especially in remote regions, so that they can participate in today’s digital economy. This will enable a robust pool of skilled professionals who can help protect organizations from cyber threats. NIELIT welcomes this collaboration with Microsoft, which will not only multiply the skill sets through these training programs but also provide opportunities in terms of employment to the youth of the country.”
Dr Rohini Srivathsa, National Technology Officer, Microsoft India, said, “The threat landscape is becoming more sophisticated, and we need more diversity in our workforce to solve cybersecurity challenges swiftly and innovatively. Since its inception in 2018, the CyberShikshaa program has driven tremendous impact in skilling for employability of women and underserved youth – and is now expanding to reach 45,000 learners over the next three years. We are delighted to partner with NIELIT and enable greater access to skills for jobs through this collaboration.”
About NIELIT
NIELIT is a scientific society of MeitY, engaged in Training, Education, Skill Development and Capacity Building activities in the area of IECT and endeavored to establish standards for Examination and Certification in the field of IECT. It has a large training delivery network with direct presence at 47 locations in country with 850+ Accredited Institutes and 4,200+ Facilitation Centers for training and skilling. In the last 11 years, NIELIT has trained more than 84 lakh candidates.  NIELIT envisages to create a pool of one crore skilled manpower in IECT in the next five years and to achieve this ambitious target, NIELIT is having end-to-end training system including online mode in place through web portals which works 24X7. The state-of-art facilities of NIELIT include high-end labs in emerging areas and future skill technologies. Existing digital capability of NIELIT includes Digital Content- LMS, Virtual Training Academy, VTE for Cyber Security, Online Remote Hardware Lab, Cyber Forensic on Virtual Platform, National Level Examination, Certification and Accreditation Body with services in online mode all targeted towards skilling of students, working professionals, government employees, scholars and as per specific needs of public and private sector firms along with technical manpower strength which includes scientists, faculties and managers.
About Microsoft India
Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more. Microsoft set up its India operations in 1990. Today, Microsoft entities in India have over 20,000 employees, engaged in sales and marketing, research, development and customer services and support, across 11 Indian cities – Ahmedabad, Bengaluru, Chennai, New Delhi, Gurugram, Hyderabad, Kochi, Kolkata, Mumbai, Noida, and Pune. Microsoft offers its global cloud services from local data centers to accelerate digital transformation across Indian startups, businesses, and government organizations.
Follow us:
Share this page:

source

Chick-fil-A has confirmed a data breach of their mobile app that potentially exposed personal information of users.
Chick-fil-A has confirmed a data breach of their mobile app that potentially exposed personal information of users.
In a statement, the restaurant chain said the break impacted less than 2% of its customers but added it has taken steps to prevent further breaches.
“We never want our customers to experience something like this and have communicated directly with those impacted to resolve these issues, while taking necessary efforts to protect our systems and our customers in the future,” the statement said.
“We are grateful for our customers’ patience while we worked to resolve this issue and sincerely apologize for any inconvenience caused.”
WSOC-TV reported Chick-fil-A noticed unusual login activity on a specific Chick-fil-A One account and then launched an investigation. The investigation determined a cyberattack had been launched on the restaurant’s website and app between December 2022 and February of this year. The attack was launched using email addresses and passwords from a third-party source.
The information taken from customers includes names, email addresses, Chick-fil-A membership numbers, mobile payment numbers, QR codes, money saved on Chick-fil-A accounts and other personal information. The hackers also had access to credit and debit card numbers but only the last four numbers of whatever card was used to pay.
WSOC reported the company has taken several steps to prevent future issues, including increasing online security, monitoring and fraud control and sending alert to customers to reset their passwords. The restaurant also reimbursed mobile accounts that were impacted by the cyber-attack.
Chick-fil-A has information on what to do if you suspect your account has been compromised. You can see the steps you should take here.
What to do if fake mobile orders have been made using your account or if your points were used to redeem or gift rewards fraudulently.
If you purchase a product or register for an account through one of the links on our site, we may receive compensation.
Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookie Statement, and Your Privacy Choices and Rights (each updated 1/26/2023).
Cookie Settings/Do Not Sell My Personal Information
© 2023 Advance Local Media LLC. All rights reserved (About Us).
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Advance Local.
Community Rules apply to all content you upload or otherwise submit to this site.
YouTube’s privacy policy is available here and YouTube’s terms of service is available here.
Ad Choices

source

A joint operation conducted by DHS, FCEB, and CISA Identified multiple attempts of a cyber attack on the U.S. Government IIS Server by exploiting a .NET deserialization Telerik Vulnerability.
Multiple hackers group initiated this attack, including APT actors. The successful exploitation of the vulnerability lets attackers execute an arbitrary code remotely on the federal civilian executive branch (FCEB) agency network where the vulnerable Telerik user interface (UI) is presented in the IIS webserver.
The IOC identified by the federal agencies belongs to the exploit that triggers the Telerik UI for ASP.NET AJAX builds before R1 2020 (2020.1.114).
The attack was conducted from November 2022 through early January 2023, targeting the .NET deserialization vulnerability (CVE-2019-18935) in the RadAsyncUpload function, leading attackers to exploit the exposure when the encryption keys are known due to the presence of CVE-2017-11317.
FCEB agency’s Microsoft IIS server is configured with Telerik UI for ASP.NET AJAX Q2 2013 SP1 (version 2013.2.717), and the vulnerability, upon the successful remote code execution, lets attackers gain interactive access to the web server.
FCEB agency has an appropriate plug-in to detect this vulnerability CVE-2019-18935. However, the detection failed due to the Telerik UI software being installed in a file path that doesn’t have access to scan and find the vulnerability.
CISA and the other joined agencies identified scanning & reconnaissance activities from multiple threat actors known as cybercriminal actor XE Group and the other group TA2. The successful attempt of scanning led to exploiting the vulnerability.
Once the vulnerability gets triggered and exploited, Threat actors upload malicious dynamic-link library (DLL) files to the C:WindowsTemp directory.
The files mimic PNG and are executed with the help of w3wp.exe process—a legitimate process that runs on IIS servers to handle requests sent to web servers and deliver content.
“CISA and authoring organizations confirmed that some malicious files dropped on the IIS server are consistent with a previously reported file naming convention that threat actors commonly use when exploiting CVE-2019-18935.”
In this case, CISA observed that TA1 named XE Group, started their system enumeration beginning in August 2022 and they were able to upload malicious DLL files to the C:WindowsTemp directory and then achieve remote code execution, executing the DLL files via the w3wp.exe process.
CISA received 18 files for analysis from a forensic analysis engagement conducted at a Federal Civilian Executive Branch (FCEB) agency.
In order to minimize the threat of other attacks targeting this vulnerability, CISA, the FBI, and MS-ISAC recommend a number of mitigation measures:-
Malicious actors exploited a vulnerability in the Microsoft Internet Information Services (IIS) web server used by a federal civilian executive branch agency (FCEB) and were able to execute remote code on the server successfully.
As a result of this advisory, the CISA, FBI, and MS-ISAC encourage you to continuously test your security program in a production environment for optimum performance versus the MITRE ATT&CK techniques.
Network Security Checklist – Download Free E-Book

source

Hospitality company Sonder has confirmed a data breach that has potentially compromised guest records.
According to a security update published on Wednesday, November 23, 2022, Sonder learned of unauthorized access to one of its systems on November 14.
“Sonder believes that guest records created prior to October 1, 2021, were involved in this incident,” the company wrote. It added that they have no evidence to indicate that accounts created after November 14, 2022, were involved.
“This suggests the company has improved their security since last October, that, or the attacker managed to access an old backup or copy of the data,” explained Mark Warren, product specialist at Osirium.
“‘Unauthorized access could apply to current staff, someone who left a while ago, a vendor, or an attacker,” Warren told Infosecurity.
The data potentially compromised in the breach reportedly include usernames and encrypted passwords, names, phone numbers, dates of birth, addresses and email addresses.
Certain guest transaction receipts, including the last four digits of credit card numbers and transaction amounts, could have also been compromised, alongside dates booked for stays at Sonder properties.
“Additionally, Sonder believes that copies of government-issued identification such as driver’s licenses or passports may have been accessed for a limited number of guest records,” the company added.
Sonder explained that upon discovering the breach, it took steps to contain it, including ensuring that the unauthorized individual no longer had access to systems and that operations were not affected and investigating the scope of the incident.
The company is also reportedly notifying affected users and appropriate regulatory bodies and has contacted law enforcement.
Warren said companies should learn from data breaches like this and improve their security posture by protecting customer databases (and backups) from attackers, disgruntled staff, and accidental damage. The executive also warned against letting staff have direct access to the credentials used to access those systems.
“Not only does that reduce the risk of access being compromised, but it makes life a lot easier when the company needs to rotate credentials,” Warren added.
“Without that control, changing credentials regularly or making them highly complex becomes too expensive, so many end up taking shortcuts or not updating credentials often enough.”
All in all, Warren believes protection always comes back to the fundamentals.
“Know where the sensitive data and systems are, understand who has access and who really needs it, and ensure that access is only possible through secure channels such as privileged access management.”
The Sonder data breach comes weeks after Shein's holding company Zoetop was fined $1.9m after failing to properly inform customers of a hack that reportedly affected millions of users.

source

The old adage “cybersecurity is everyone’s job” is more true than you might imagine. While not every department is tasked with threat hunting or reviewing detailed vulnerability disclosures, each has a role in protecting the organization from fraudsters and cyber criminals alike.
Customer service is uniquely positioned as the face of the company. These departments work with customers to resolve order and service disputes, answer questions, process product returns, modify account information and much more. They form a crucial link between a company and its customers. As such, it’s also important not to underestimate the role customer service plays in cybersecurity.
Depending on the business, a customer service agent may have access to a trove of customer information and company systems. They may even have access to change customer account information or take payments over the phone. Due to the combination of access and a job that requires helpfulness, customer service departments are a ready target for cyber criminals.
Customer service departments are often targeted with social engineering campaigns, tricking them into giving up information they wouldn’t otherwise share. According to the 2022 Data Breach Investigations Report, human actions are a direct factor in 82% of the breaches examined. In fact, social engineering facilitated 2,249 incidents where 1,063 of which resulted in data disclosure. Threat actors most often used phishing and pretexting to facilitate a breach.
The number of communication channels available to the modern customer far outnumber those available just over a decade ago. Depending on the technologies used, a company may interact with customers through live chat, social media, email, phone, SMS text messaging and other direct messaging channels. Some customer communications platforms can transfer conversations from one channel to another while keeping a log of the interaction from start to finish. In other instances, representatives can view detailed customer information in the course of addressing an issue.
Customer service agents must handle multiple competing priorities throughout the lifecycle of customer interaction. They must balance the responsibilities of providing accurate information quickly while verifying they are indeed working with the real customer. The customer service department is also responsible for preventing unintentional disclosures of company and customer data through its communications channels.
Customer service departments often experience high turnover rates and may lack appropriate resources for regular data privacy and cybersecurity training. Despite those factors, these departments function as an essential part of doing business. It’s important for the CIO to consider what resources the department currently utilizes and how they can be improved to ensure every employee has the knowledge and risk awareness necessary to prevent cyber incidents.
Customers entrust their personal data to companies they do business with; they expect every department with access to handle the data properly. Customer identity access management can help, but the human element must also be examined. CIOs are in a position to build a culture that abides by data protection regulations. Policies and procedures outline the company’s standard approach. The CIO lays the foundations for an organizational culture that balances excellent customer service and cyber risk awareness.
The CIO can work with the customer service department to improve security controls, policies and training.
A careful examination of the current support systems and how customer service agents interact with them can reveal important deficiencies in the software itself as well as the security controls in place. CIOs can open a feedback loop with the department to encourage comments about improvements in software and customer workflows.
Adjusting security controls and customer interaction workflows can help eliminate steps that are unnecessary or provide too much information to a support agent who does not need it to perform their duties. Platform tweaks can be very helpful in preventing unintentional access to personal information. However, they do not fully protect employees from potentially urgent and emotional appeals for private information they may encounter.
The CIO should work with the customer service department to tailor a cybersecurity awareness training program to meet their needs. An annual cybersecurity basics training course doesn’t happen often enough nor contain the right information for a busy customer service department which frequently interacts with strangers through multiple channels. Training should happen often, be engaging, be relevant to the employee’s functions and teach risk awareness (rather than focusing only on the multitude of attack types).
In this way, an organization’s customer service department can work hand-in-hand with its cybersecurity team to the benefit of both.
Michelle is a freelance technology writer. She has created technical content for a range of brands and publications, including Business Insider, DICE, GE Dig…
4 min read – Discover how threat actors are waging attacks and how to proactively protect your organization with top findings from the 2023 X-Force Threat Intelligence Index.
12 min read – ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development…
2 min read – According to the Global Cybersecurity Outlook 2023, 93% of cybersecurity leaders and 86% of business leaders think a far-reaching, catastrophic cyber event is at least somewhat likely in the next two years. Additionally, 43% of organizational leaders think it is likely…
The days when email was the main vector for phishing attacks are long gone. Now, phishing attacks occur on SMS, voice, social media and messaging apps. They also hide behind trusted services like Azure and AWS. And with the expansion of cloud computing, even more Software-as-a-Service (SaaS) based phishing schemes are possible. Phishing tactics have evolved faster than ever, and the variety of attacks continues to grow. Security pros need to be aware. SaaS to SaaS Phishing Instead of building…
Understaffed security teams need all the help they can get, and they are finding that help through SOAR. SOAR — security orchestration, automation and response — is defined by Gartner as the “technologies that enable organizations to collect inputs monitored by the security operations team.” Gartner identifies a SOAR platform’s three prime functionalities: Threat and vulnerability management, security operations automation and incident response. The number of threats coming across the network and endpoints each day overwhelms most organizations. Adding SOAR…
In this digital age, it is increasingly important for businesses to be aware of their online presence and data security. Many companies have already implemented measures such as two-factor authentication and strong password policies – but there is still a great deal of exposure regarding email visibility. It should come as no surprise that cyber criminals are always looking for ways to gain access to sensitive information. Unfortunately, emails are a particularly easy target as many businesses do not encrypt…
The finance and insurance sector proved a top target for cybersecurity threats in 2022. The IBM Security X-Force Threat Intelligence Index 2023 found this sector ranked as the second most attacked, with 18.9% of X-Force incident response cases. If, as Shakespeare tells us, past is prologue, this sector will likely remain a target in 2023. Finance and insurance ranked as the most attacked sector from 2016 to 2020, with the manufacturing sector the most attacked in 2021 and 2022. What…
Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

source

The world’s biggest car maker, Toyota Motor released an apology notice stating that nearly 300,000 customer details were leaked. The company said to the users who had signed up for the T-Connect smartphone app, which links to their vehicles.
“The E-mail addresses and customer management numbers of some customers who have signed up for “T-Connect”, 296,019 cases were found to have been leaked”, Toyota.
“We sincerely apologize for causing great inconvenience and concern to our customers”.
Toyota Data Breach
The company’s data leak was due to the company’s source code of the user site of “T-Connect” being posted on GitHub for above three years.
“It was discovered that the published source code contained an access key to the data server, and by using it, it was possible to access the e-mail address and customer management number stored in the data server”, Toyota explains.
They ensured to change of the access key of the data server with other necessary preventive steps. No secondary damage has been confirmed.
The company said personal information such as e-mail address and customer management number were leaked. Other information such as name, phone number, credit card, etc. is not affected.
Toyota also explained that the “T-Connect” website development subcontractor wrongly uploaded part of the source code to their GitHub account while it was set to be ‘public’.
“This incident was caused by the inappropriate handling of the source code by the development contractor company”, Toyota said..
The company further said they would write to users individually in case any illegal activity is detected. 
“In addition, we have prepared a special form on our website that allows you to check whether your email address is subject to this campaign”, Toyota.
In this case, it is possible that spam e-mails such as “spoofing” or “phishing scams” using e-mail addresses may be sent. Therefore, the company requested not to open any suspicious email with an unknown sender or subject.
Thus, there is a risk of virus infection or unauthorized access, so please do not open the attached file and immediately delete the e-mail itself, concludes the report.
Cyber Attack with Zero Trust Networking – Download Free E-Book

source

Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.

Bank seizures impose new challenges on vendors in every segment and may spur consolidation.
The banking crisis and nagging suspicion that hardship will spread, even to companies not directly linked to the failed banks, could have an ancillary effect on the cybersecurity market.
The failures and government takeover of Silicon Valley Bank and Signature Bank will impose new challenges on vendors that were already on poor financial footing, and potentially spur vendor consolidation and a near-term impact on innovation flowing from startups.
Plenty of cybersecurity companies were attempting to find an exit strategy or achieve greater stability once economic headwinds became a reality, Jeff Pollard, VP and principal analyst at Forrester, said via email.
The bank seizures aren’t helping matters, but that won’t have as much of an impact and accelerate consolidation as other trends that were already underway, according to Pollard.
Cybersecurity budgets remain robust and recent Hiscox research shows organizations have tripled investments in IT security since 2018.
But where that money is being spent and the pool of cybersecurity vendors claiming those dollars is shrinking. Vendor consolidation and economic uncertainty are reinforcing a need for cybersecurity companies to rein in spending and steady their financial standing.
Three-quarters of organizations were moving to consolidate the number of cybersecurity vendors they used last year, according to a report Gartner released in September.
A lack of efficiency, integration challenges, overlapping tools and a glut of cybersecurity tools that do one thing often do more harm than good, according to cybersecurity experts. Tool sprawl is widespread and not a recent phenomenon.
Mark Sasson, co-founder and managing partner at Pinpoint Search Group, a cybersecurity headhunter firm that tracks vendor funding and M&A activity, said startups that aren’t making measurable improvements and closing in on their cash runway are susceptible to fire sales or closures.
“This is the nature of the game, and the business risks are always accentuated in poor economic situations, which we are clearly in,” Sasson said via email.
Vendors that have achieved a strong market fit and built successful businesses won’t be impacted by a tightening of venture capital or debt financing, Pollard said. “For vendors that were hoping to subsidize growth with investor capital, that didn’t pay attention to fundamentals and just burned cash — this will hit them hard.”
Pollard estimates there’s at least one or two highly exposed vendors across each segment of the cybersecurity market. He expects exits in endpoint detection and response, extended detection and response, endpoint protection, data detection and response and risk qualification platforms.
“In almost all cases the vendors that exit early will be the most successful or the most disastrous,” Pollard said.
The banking crisis could be a tipping point that shifts M&A and private equity deals to the forefront, thereby reducing but not halting investment in innovation, Sasson said.
“If the pendulum swings toward M&A and consolidation now, it’ll swing back at some point toward innovation,” he said.
Get the free daily newsletter read by industry experts
CISOs are up against talent shortages and retention concerns amid an increasingly sophisticated threat landscape.
Enterprise cybersecurity is navigating market turmoil and vendor consolidation. Here’s what experts expect to happen to the industry in 2023.
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
CISOs are up against talent shortages and retention concerns amid an increasingly sophisticated threat landscape.
Enterprise cybersecurity is navigating market turmoil and vendor consolidation. Here’s what experts expect to happen to the industry in 2023.
The free newsletter covering the top industry headlines

source

IT Jobs: How To Become An Information Security Analyst  Information Security Buzz
source