Author: rescue@crimefire.in

Tony Fyler
@more__hybrid
fyler@hybrid.co
So much for cybersecurity. Protect your historical data too.
When people think of a data breach in 2023, they tend to imagine the data that’s attacked will be modern, up-to-date, and potentially of immediate use to the cybercriminals. But British sportswear retailers, JD Sports, has just amply demonstrated the need for a robust cybersecurity policy that deals with historic data too. A cyberattack on the chain’s systems has potentially compromised the data of 10 million customers who bought from it between 2018-2020.
The company, which is contacting affected customers, but which might understandably take a while to get around all 10 million, said the data that had been accessed could include its customers’ names, addresses, email addresses, phone numbers, order details and the final four digits of their bank cards.
While apologising to its compromised customers, the company also said it believed the data that had been affected was “limited” – the last four digits of card numbers, rather than the whole card numbers.
The type of data involved still allows significant potential activity by cybercriminals though.
JD Sports, which also owns several subsidiary brands, said it was working with both “leading cyber-security experts” and the UK’s Information Commissioner’s Office (ICO) to minimize the impact of its extensive data breach, while insisting that “Protecting the data of our customers is an absolute priority for JD Sports.”
Several cybersecurity experts almost immediately contacted Tech HQ to take some issue with the use of the phrase “absolute priority” in this case.
Muhammad Yahya Patel, Security Engineer at Check Point Software, said:
“In this case we see historic data has been affected, which raises questions regarding the volume of information being stored and what security is being implemented around it. As consumers, we trust retailers to secure our sensitive details. A breach of this size, or indeed any size, erodes that trust, which can be hard to recover.
“Transparent reporting is critical. Without all the information, it’s impossible to learn and improve security measures at a macro level.”
Meanwhile, Darren Guccione, the CEO of Keeper Security, explained that incomplete data could still be considered an effective haul.
“Even in cases where customer data is stolen but their passwords are not, the threat to their passwords and other sensitive information from the data breach remains. Bad actors sell this valuable information on the dark web and in this instance, will often compare the JD Sports customer information to information from data breaches at other organizations that did compromise passwords or use the information for a targeted phishing attack.
“In phishing attacks, bad actors often tailor scams using aesthetic-based tactics such as realistic-looking email templates and malicious websites. The aesthetics users recognize, such as the logo or color scheme of the site, are used to lure them into a malicious link or form field. The key to avoiding falling victim to this type of attack is to ensure users check that the URL matches the authentic website. In any case, emails containing links must always be subject to greater awareness and vigilance.  A password manager that can automatically identify when a site’s URL doesn’t match is a critical tool for preventing the most common password-related attacks, including phishing.
“Even though JD Sports says passwords were not part of the stolen information, its customers should immediately update their passwords to be unique from any other passwords they’ve used in the past, while ensuring each new password or passphrase is strong, with uppercase and lowercase letters, numbers, and symbols. Passwords should also be paired with a strong MFA option as an added layer of security in the event their password is discovered.”
That was advice echoed by JD Sports’ Chief Financial Officer, Neil Greenhalgh, who acknowledged that even with the “incomplete” dataset being compromised, affected customers – or anyone who thought they might be affected, ahead of having it confirmed by the company – should be “vigilant about potential scam emails, calls and texts.”
That will be of little comfort to the potential 10 million customers – especially as they now know the company is actively trying to get in touch with them. In a supreme irony, the ground has been laid for a perfect scenario in which cybercriminals with some of the customers’ private data – email address, name, home address, last four digits of a card, say – could actively communicate with the customers in an attempt to make them give up some crucial other elements of their data, while pretending to be a representative of JD Sports, advising of the breach of their data.
That’s a second-wave threat acknowledged by Vonny Gamot, Head of EMEA at McAfee. “Unfortunately, the data of over 10 million customers may now be at risk. A high-profile attack like this is often followed by cybercriminals launching further rounds of phishing attacks, usually via email or SMS, that direct people to bogus sites designed to steal more personal or financial information. Always double check the sender looks legitimate and watch out for any spelling or grammar errors.”
Meanwhile, for not being “sufficiently” protective of its customers’ private historical data, JD Sports may feel the scourging effect of the law.
Jonathan Compton, a leading legal expert on data protection from London law firm DMH Stallard, outlined how serious that could be for the compromised business.
“The aggravating factors here are the numbers involved, the personal data accessed, and the length of time since the infringement.
“JD Sports can expect fines up to the higher maximum permitted under Part 6 of the Data Protection Act 2018.
“The higher maximum amount is £17.5 million or 4% of the total annual worldwide turnover in the preceding financial year, whichever is higher.”
 
This just in: historic user data is valuable too – companies need to protect it all from compromise, not just the most recent data generated.
How is your company’s historic data safety profile?
 
Tony Fyler
@more__hybrid
fyler@hybrid.co
3 March 2023
3 March 2023
2 March 2023

source

source

Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.

Organizations must plan ahead and invest in people and resources to succeed with zero trust, writes Gartner analyst John Watts.
Editor’s note: This article is from John Watts, a vice president analyst at Gartner. If you would like to submit a guest article, you can submit it here.
Most organizations view zero trust as a top priority when it comes to reducing risk in their environments. However, zero trust at scale across the entire organization is yet to become a reality for many organizations.
Zero trust is a security paradigm that explicitly identifies users and devices and allows them access to operate with minimal friction while still reducing risk. Zero trust requires organizations to think in terms of least privileged access, resource sensitivity and data confidentiality. 
These concepts are not new. Many teams have tried to implement least privileged access controls in the past and experienced challenges as they expanded the scope and increased the granularity of controls.
Zero trust is not immune to these issues. Organizations must plan ahead and invest in people and resources to succeed with zero trust, and not view it as a one time, one size fits all answer to securing their organization.
To initiate zero-trust implementation, organizations can start by defining a strategy and baseline prior to embarking on a wider zero-trust technology implementation.
It is important to tailor zero-trust strategy to the organization and align it to which types of attacks it is best positioned to mitigate such as lateral movement of malware.
Zero trust will not be achieved with one technology, but with the integration of multiple different components. 
Gartner predicts that over 60% of organizations will embrace zero trust as a starting place for security by 2025. However, more than half will fail to realize the benefits — initiating zero trust requires more than technology.
Due to the marketing pressures and hype around zero trust, security leaders are overwhelmed and struggle to translate the technical reality into business benefits. 
There is a common misconception that “zero trust” refers to no one being trusted, but this is not the case. Rather, zero trust refers to trusting the “right” amount needed and no more. Security leaders must understand zero trust will protect them and their organization from any oversights that may happen.  
When it comes to successfully launching zero trust within organizations, cybersecurity leaders must not attempt to execute zero trust programs with only technology controls. Zero trust is not a technology-first effort, but rather a shift in mindset and security approach. 
Once this is understood, cybersecurity leaders will then need to receive executive backing and support. This support will show how zero trust enables new business approaches and a more resilient environment that allows for more flexibility.
Failure to obtain this support will put zero trust programs at risk. 
Cybersecurity leaders must accept the potential for complexity and interim redundancy to occur. Security teams will operate under a new, granular approach, but old controls will still be required. There may be conflicting goals between the old and new controls. These must be reconciled and continuously reviewed to avoid conflicts.
As organizations move from the hype of zero trust into reality, security leaders must pivot their focus from technology and marketing messaging to the cultural and security program of zero trust. Security leaders can set themselves up for success by setting realistic goals that align to both manageability and security objectives.
Position zero-trust programs in terms of desired business outcomes such as risk reduction, better end-user experience or improved flexibility to set realistic expectations about the scope and impact of zero-trust programs.
Currently, the majority of organizations are in the early stages of their zero-trust journey. While organizations are excited about the promise of zero trust, few are focused on its post-implementation realities. 
Organizations that are further along in their zero-trust journey have encountered roadblocks implementing and maintaining least privileged access. To help avoid these roadblocks, invest in resources that will isolate and adhere to least privileged access policies for implemented controls. Investing in these resources will maintain a zero-trust posture after implementation. 
Gartner predicts that by 2026, 10% of large enterprises will have a mature and measurable zero trust program in place, up from less than 1% today.
A zero-trust strategy must be driven by a business decision on how much investment an organization is willing to make in cybersecurity, and the amount of benefit derived from the investment. Zero-trust efforts become less tactical as organizations improve in explaining cybersecurity as a business investment. 
There is no universal standard for measuring zero trust maturity today, however existing maturity models are a useful starting point.
For example, the U.S. Federal Government Cybersecurity and Infrastructure Security Agency (CISA) published a zero-trust maturity model design to assist U.S. Federal agencies as they develop strategies and implementation plans for zero trust.
Using this strategy will track progress against the organization’s internal zero-trust goals and objectives. Prioritize this plan of action rather than adopting relative benchmark assessments from maturity models, as these benchmarks may not be comparable across organizations due to scope and differences in desired outcomes. 
Moving from theory to practice with zero trust is challenging. It is easy to fall into the trap of deploying point zero-trust solutions without developing a strategy. A robust strategy is imperative and the only way to move beyond the marketing noise to ensure successful zero-trust implementation.
Get the free daily newsletter read by industry experts
Rates continue to soar, but Marsh research shows the pace of increases is slowing. 
The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain
Keep up with the story. Subscribe to the Cybersecurity Dive free daily newsletter
Keep up with the story. Subscribe to the Cybersecurity Dive free daily newsletter
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Rates continue to soar, but Marsh research shows the pace of increases is slowing. 
The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain
The free newsletter covering the top industry headlines

source

UPDATED 09:00 EST / AUGUST 02 2022
by Maria Deutscher
Cybrary Inc., a startup with a popular cybersecurity training platform, today announced that it has raised $25 million in funding to support growth initiatives.
The Series C funding round was led by existing Cybrary backers BuildGroup and Gula Tech Adventures. The startup has raised a total of $48 million from investors since launching in 2015.
College Park, Maryland-based Cybrary provides a training platform that enables users to learn cybersecurity skills such as how to remediate a ransomware attack. The platform provides access to a catalog of courses and other educational resources. It also offers cloud-based training environments that enable users to tackle simulated cyberattacks.
The startup offers two versions of the platform. One is designed for individuals, while the other is used by enterprise cybersecurity teams to hone their breach prevention and response skills.
The enterprise version of Cybrary’s platform includes a tool that enables companies to assess their cybersecurity teams’ familiarity with different hacking tactics. The platform can, for example, determine if a firm is not sufficiently prepared to address a ransomware attack. Companies can consult the insights surfaced by Cybrary to determine how they should prioritize internal cybersecurity training efforts. 
As part of its feature set, Cybrary provides cloud-based training environments that help users learn how to detect software vulnerabilities. The platform also promises to help users learn related skills. Cybrary provides training on how to prioritize application vulnerabilities based on severity, apply patches and assess the impact of a hacking attempt.
For companies with more advanced requirements, the startup provides what it calls scenario-based training. Cybrary’s scenario-based training features enable cybersecurity personnel to train for specific breach scenarios. A software-as-a-service company, for example, could use the platform to ensure that it can effectively respond to cyberattacks that target its publicly facing cloud applications. 
Cybrary’s approach is gaining significant traction. On occasion of its funding round, the startup disclosed today that its platform has helped train more than 3 million cybersecurity professionals since launch.
“Our continued investment in Cybrary is a testament to our belief in the important work they’re doing to address the current cyber skills gap and how they plan to evolve their training programs in the future,” said BuildGroup co-founder and Managing Partner Jim Curry.
Cybrary will use the new funding to support its engineering, sales and marketing efforts. The startup also plans to grow its threat intelligence group. The group helps Cybrary detect when new hacking tactics emerge and update its cybersecurity training materials accordingly.
Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.
Click here to join the free and open Startup Showcase event.
MWC 2023 moves beyond consumer and deep into enterprise tech
Carrier equipment maker Ericsson lets go 8,500 employees
Apple reportedly planning second-generation mixed reality headset for 2025
Report: Justice Department plans lawsuit to block Adobe’s $20B Figma acquisition
Galaxy Digital finalizes $44M acquisition of crypto self-custody platform GK8
Meta releases LLaMA to democratize access to large language AI models
MWC 2023 moves beyond consumer and deep into enterprise tech
INFRA – BY DAVE VELLANTE . 11 HOURS AGO
Carrier equipment maker Ericsson lets go 8,500 employees
INFRA – BY MARIA DEUTSCHER . 1 DAY AGO
Apple reportedly planning second-generation mixed reality headset for 2025
APPS – BY MARIA DEUTSCHER . 1 DAY AGO
Report: Justice Department plans lawsuit to block Adobe’s $20B Figma acquisition
POLICY – BY MARIA DEUTSCHER . 1 DAY AGO
Galaxy Digital finalizes $44M acquisition of crypto self-custody platform GK8
BLOCKCHAIN – BY KYT DOTSON . 1 DAY AGO
Meta releases LLaMA to democratize access to large language AI models
AI – BY MIKE WHEATLEY . 1 DAY AGO
Forgot Password?
Like Free Content? Subscribe to follow.

source

“Cybersecurity is much more than a matter of IT.” ― Stephane Nappo.
As we progress in our digitalization, the chances of becoming a target to damaging cyberattacks increases. While there is no way to stop the occurrence, staying vigilant and adopting a holistic security approach is key to surviving the attacks. The evolving threat landscape today emphasizes the need to analyze and dive deep into the core of cybersecurity, its evolution, and its role in preventing cyberattacks. So, what is cybersecurity, and why is it so important today? This article will discuss everything you must know about cybersecurity: what it is all about, its importance and benefits, the best career opportunities in the domain, and more.
Cybersecurity is popularly defined as the practice of implementing tools, processes, and technology to protect computers, networks, electronic devices, systems, and data against cyberattacks. It is adopted by individuals and enterprises to limit the risks of theft, attack, damage, and unauthorized access to computer systems, networks, and sensitive user data. Since its inception in the 1970s, cybersecurity has undergone constant evolution. Today, cybersecurity is no longer restricted to the practice of only protecting computers but also individuals against malicious cyberattacks. The main purpose of cybersecurity is to prevent the leak of sensitive data while simultaneously ensuring cyber resilience to respond and recover from cyberattacks with lesser damage.
As cyberattacks become more innovative and complex, the scope and domains expand to encompass several disciplines. Based on its application areas, cybersecurity can be broadly classified into six distinct types:
To understand cybersecurity better, it is important to know more about various cybersecurity threats and their damaging repercussions on businesses and individuals. While there can be various motives behind cyberthreats, the primary rationale seems to be financial gain. The major types of cybersecurity threats that are widely prevalent today include the following:

With evolving cybercrimes causing havoc to enterprises and individuals, cybersecurity is increasingly important. Cybersecurity is essential to protecting individuals and businesses against diverse cyberthreats (as discussed above). It strengthens an organization’s defense posture and is critical in mitigation and response. The benefits of cybersecurity are not only limited to data protection but also extend to employing cyber-resilience approaches to help organizations recover from a cyberattack as quickly as possible.
As the world continues to rely heavily on technology, online cybersecurity defenses must evolve to cope with advanced cyber threats. While there is no one-size-fits-all solution, adhering to cybersecurity best practices can limit the occurrence of catastrophic cyber attacks. Here are a few recommendations for maintaining good cyber hygiene.
Cybersecurity challenges today have become synonymous with digitalization. Let’s look at some recent challenges the cybersecurity industry faces today.
Cybersecurity is a fast-paced domain and projects huge career growth potential in the future. With cyberattacks growing in leaps and bounds, the number of entry-level, mid-level, and advanced job positions in various cybersecurity domains will rise. The demand for Information Security Analysts alone is expected to grow 35 percent from 2021 to 2031. (U.S. Bureau of Labor Statistics, 2022). One can explore entry-level job roles such as “Information Security Specialists,” “Digital Forensic Examiners,” etc., and consider mid-level or advanced roles such as “Security Engineer,” “Security Architect,” etc., as per proficiency levels and interests.
While cybersecurity professionals are required to have a bachelor’s degree in computer science, additional certifications can prove to be beneficial in enhancing their expertise and landing high-paying jobs. EC-Council offers cybersecurity certifications in various cybersecurity domains to enable professionals to transition to excellence. Candidates leverage hands-on learning to acquire deep knowledge of various cybersecurity aspects, from ethical hacking to cyber forensics, and make an excellent career progression with expert guidance. Some of the renowned certifications by EC-Council include:
Statista. (2022, August 3). Annual number of ransomware attacks worldwide from 2016 to first half 2022 (in millions). https://www.statista.com/statistics/494947/ransomware-attacks-per-year-worldwide
Statista. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/
U.S. BUREAU OF LABOR STATISTICS. Information Security Analysts. https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
Vailshery, L. (2022, November 22). Number of IoT connected devices worldwide 2019-2021, with forecasts to 2030. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/
© 2022 EC-Council
© 2022 EC-Council

source

We use some essential cookies to make this website work.
We’d like to set additional cookies to understand how you use GOV.UK, remember your settings and improve government services.
We also use cookies set by other sites to help us deliver content from their services.
You can change your cookie settings at any time.
Departments, agencies and public bodies
News stories, speeches, letters and notices
Detailed guidance, regulations and rules
Reports, analysis and official statistics
Consultations and strategy
Data, Freedom of Information releases and corporate reports
Minister of State announces £18.9 million investment in NI’s Cyber Security industry.
The UK Government has announced £18.9 million investment in NI’s Cyber Security industry, including £11 million Government funding through the New Deal for Northern Ireland, to develop a pipeline of cyber security professionals in NI as well helping businesses and startups develop new opportunities.
The investment, announced by Minister of State for Northern Ireland, Steve Baker MP, will see the creation of a new Cyber-AI Hub at the Centre for Secure Information Technologies (CSIT) in Belfast, creating jobs and supporting the research and development of AI-enabled cyber security projects.
Following the launch, Minister Baker visited NVIDIA, one of the companies benefiting from the close collaboration at CSIT, to learn more about the work being done in their Belfast
R&D centre to enhance the security and performance of NVIDIA’s networking solutions. The company, a global leader in AI, will engage with the new hub on collaborative research into AI-based cyber threat intelligence.
The funding will help ensure a pipeline of world-class cyber professionals, with the creation of a Doctoral training programme and Masters bursaries helping to deliver on the Government’s pledge of 5000 cyber professionals in NI by 2030, as well as supporting the Government’s £2.6bn National Cyber Strategy.
An additional £3.3 million from the Engineering and Physical Sciences Research Council will support the delivery of the next phase of the UK’s Innovation and Knowledge Centre at CSIT as it continues linking industry, government and academic expertise to promote economic growth.
With £4.6 million from project partners, the funding builds on NI’s impressive track record of attracting investment in its Cyber Security sector, ahead of Belfast hosting the UK’s flagship cyber security event, CyberUK 2023 in April.
This funding will help to create jobs and strengthen Northern Ireland’s economy, ensuring NI continues to lead the way in cyber security.
We have world-class talent and expertise in NI, and the Government is committed to developing cyber security professionals, here and across the UK.
The funding will have an immediate positive impact on NI’s cyber sector, and with Belfast hosting the UK’s leading cyber security conference in April, I’m looking forward to seeing NI’s deserved recognition as a global cyber security hub.
Northern Ireland’s cyber security firms play a huge role in the UK’s thriving and world-leading tech industry.
We’re investing millions so people across Northern Ireland can gain the skills for exciting careers helping people and businesses defend against cyber threats.
This funding boost will have a hugely positive impact on the cyber security sector locally, nationally and globally.
Investing in a Doctoral Training Programme is vital for the future of our society. We are investing in the skills of the next generation of leaders in cyber security, as well as progressing the Northern Ireland economy.
Over the last 15 years, Queen’s University has helped to put Northern Ireland on the map for digital innovation. We are proud of the work that takes place through the Centre for Secure Information Technologies (CSIT) and are looking forward to further developing cutting-edge research through the broader Belfast Region City Deal-funded Global Innovation Institute.
For the past 13 years the Centre for Secure Information Technologies has played a key role in helping the UK to respond to emerging cyber security threats. It is also at the heart of a thriving innovation ecosystem in Northern Ireland involving more than 100 companies and providing 2,300 people.
Together with the Cyber-AI hub this additional funding announced today will build on this success to promote further growth and support further cutting edge research that will benefit us all.
Cyber-AI Hub will see the creation of a UK Government Northern Ireland based cyber engagement lead, joining DSIT colleagues in Northern Ireland. This role, similar to positions in other regions in the UK, will engage directly with the Northern Ireland cyber sector to support the delivery of the government’s national cyber security and levelling up strategies as well as exploring opportunities for further UK government funded innovation and skills initiatives.
The funding will also allow for the continuation of the NI Cyber Security Snapshot by QUB. This will highlight opportunities and challenges for the Northern Ireland Cyber Security sector to be identified on a regular basis, further enabling growth in the sector.
New Deal for Northern Ireland
Cyber-AI Technologies Hub
CSIT Doctoral Training Programme
Masters Bursaries
NI Cyber Security Snapshot
CyberUK 2023
CSIT Innovation and Knowledge Centre
In 2008, the  Institute of Electronics, Communications and Information Technology (ECIT)  was chosen by the  Engineering and Physical Sciences Research Council (EPSRC)  and  Innovate UK  to host The Centre for Secure Information Technologies (CSIT), one of only seven UK  Innovation and Knowledge Centres (IKCs).
IKCs are a key component of the UK’s approach to the commercialisation of emerging technologies through creating early stage critical mass in an area of disruptive technology. They are able to achieve this through their international quality research capability and access to companion technologies needed to commercialise research.
Sharing will open the page in a new tab
Don’t include personal or financial information like your National Insurance number or credit card details.
To help us improve GOV.UK, we’d like to know more about your visit today. We’ll send you a link to a feedback form. It will take only 2 minutes to fill in. Don’t worry we won’t send you spam or share your email address with anyone.

source

or call jsbacContact
or call jsbacContact
By 2025, nearly half of cybersecurity leaders will change jobs, 25% for different roles entirely due to multiple work-related stressors, according to Gartner, Inc. 
“Cybersecurity professionals are facing unsustainable levels of stress,” said Deepti Gopal, Director Analyst, Gartner. “CISOs are on the defense, with the only possible outcomes that they don’t get hacked or they do. The psychological impact of this directly affects decision quality and the performance of cybersecurity leaders and their teams.”

Given these dynamics as well as the massive market opportunities for cybersecurity professionals, talent churn poses a significant threat for security teams. Gartner research shows that compliance-centric cybersecurity programs, low executive support and subpar industry-level maturity are all indicators of an organization that does not view security risk management as critical to business success. Organizations of this type are likely to experience higher attrition as talent leaves for roles where their impact is felt and valued.
“Burnout and voluntary attrition are outcomes of poor organizational culture,” said Gopal. “While eliminating stress is an unrealistic goal, people can manage incredibly challenging and stressful jobs in cultures where they’re supported.”
Humans Are the Chief Cause of Security Incidents
Gartner predicts that by 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents. The number of cyber and social engineering attacks against people is spiking as threat actors increasingly see humans as the most vulnerable point of exploitation.
A Gartner survey conducted in May and June 2022 among 1,310 employees revealed that 69% of employees have bypassed their organization’s cybersecurity guidance in the past 12 months. In the survey, 74% of employees said they would be willing to bypass cybersecurity guidance if it helped them or their team achieve a business objective.
“Friction that slows down employees and leads to insecure behavior is a significant driver of insider risk,” said Paul Furtado, VP Analyst, Gartner.
To confront this rising threat, Gartner predicts that half of medium to large enterprises will adopt formal programs to manage insider risk by 2025, up from 10% today. A focused insider risk management program should proactively and predictively identify behaviors that may result in the potential exfiltration of corporate assets or other damaging actions and provide corrective guidance, not punishment.
“CISOs must increasingly consider insider risk when developing a cybersecurity program,” said Furtado. “Traditional cybersecurity tools have limited visibility into threats that come from within.”
Gartner clients can read more in “Predicts 2023: Cybersecurity Industry Focuses on the Human Deal.”
Learn more about the top priorities for security and risk leaders in 2023 in the complimentary Gartner ebook 2023 Leadership Vision for Security & Risk Management Leaders. 
Gartner Security & Risk Management Summit 
Gartner analysts will present the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summits, February 27-28 in Dubai, March 28-29 in Sydney, June 5-7 in National Harbor, MD, July 26-28 in Tokyo and September 26-28 in London. Follow news and updates from the conferences on Twitter using #GartnerSEC.
About Gartner for Information Technology Executives
Gartner for Information Technology Executives provides actionable, objective insight to CIOs and IT leaders to help them drive their organizations through digital transformation and lead business growth. Additional information is available at www.gartner.com/en/information-technology.
Follow news and updates from Gartner for IT Executives on Twitter and LinkedIn. Visit the IT Newsroom for more information and insights. 
Meghan Rimol DeLisi
Gartner
Meghan.Rimol@Gartner.com
Catherine Howley
Gartner
Catherine.Howley@Gartner.com
Newsroom

View all press releases

Reset
March 01 2023
February 28 2023
February 14 2023

Learn More
Learn More
Access the Infographic
Access the Infographic
Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s mission critical priorities. To learn more, visit gartner.com.
©2023 Gartner, Inc. and/or its affiliates. All rights reserved.
©2023 Gartner, Inc. and/or its affiliates. All rights reserved.
Clients receive 24/7 access to proven management and technology research, expert advice, benchmarks, diagnostics and more. Fill out the form to connect with a representative and learn more.
jsbacContactjsbacContact
8 a.m. – 7 p.m. ET
8 a.m. – 5 p.m. GMT
Monday through Friday

By clicking the "Submit" button, you are agreeing to the Gartner Terms of Use and Privacy Policy.
By clicking the "" button, you are agreeing to the Gartner Terms of Use and Privacy Policy.

source

Entrepreneur Jon Miller’s first foray into what would become his career in cybersecurity was attending hacker conventions at age 16. In high school, he was hired to do consulting work as a “penetration tester”—a role that involves testing a company’s security and then helping to fix the breach. Later, working as a hacker for Internet Security Systems, he met Ryan Smith, who was a vulnerability researcher at the firm: basically, prodding at systems like Windows to find out how the software could be exploited. Two years ago, the pair launched Halcyon, a ransomware defense software that helps companies prevent cyberattacks and equips them with defensive software, which is a novel development in cybersecurity tech. 
That “offense to defense” strategy is exactly what Bob Ackerman, founder of AllegisCyber Capital, looks for when he incubates and invests in early-stage cybersecurity startups. Ackerman explained that he seeks out founders that have spent their entire careers in cyber, and particularly have come out of the NSA or the Israeli equivalent, Unit 8200. “All of the innovation in cyber is actually paced by the offense,” he explained. “When you get to seed, there’s no revenue, there’s no product, and there’s no customers, so you’re really relying on [the founding team’s] domain expertise.”
Cybersecurity stands out from other sectors as especially technical and specialized—and right now it’s booming. As Fortune previously reported, the global cybersecurity market is expected to reach $403 billion by 2027—making the compound annual growth rate 12.5% from 2020 to 2027.  VCs are searching for brilliant founders, and they’re often recruited to build tech with little to no business experience. (Many of the startups VCs have their eye on, or have invested in themselves, are incubated in cybersecurity foundries that recruit alums of national intelligence agencies to build cyberdefense tech.) VCs are looking to spot ideas that are differentiated and have a clear market application. “What you have to try to decipher is whether the problem that this business is solving is a feature, or is it truly a business?” says Maverick Ventures investor Matt Kinsella.
For this list, we asked the top VCs in cybersecurity to nominate startups. We asked them for names outside their portfolios, but read all the way to the bottom for some picks inside their portfolios.
Famed venture investor Ted Schlein likes R2C, a San Francisco–based software security startup. The company works with Semgrep technology, which functions as “spell-check for code” and is used by companies like Slack, Dropbox, and GitLab. Semgrep software is unique because it can search through huge volumes of code to find specific lines, which helps companies prevent data breaches and protect against attacks. R2C built a software around Semgrep that makes the technology more accessible and easier for companies to use and build the most up-to-date version of Semgrep. 
R2C was founded in 2017 by Drew Dennison, Isaac Evans, and Luke O’Malley. In July 2021, the startup raised $27 million in a series B round led by Felicis, with participation from Sequoia and Redpoint, bringing their total funding to $40 million. 
Ten Eleven Ventures investor Mark Hatfield pointed to ransomware defense startup Halcyon as a company to watch. Halcyon is an A.I. ransomware prevention software that both detects attacks before they happen and has designed a mechanism to defend against attacks while they are happening. Miller explained that what makes Halcyon unique is the technology’s ability to help software recover from an ongoing attack in real time. “You still have to deliver protection, but resiliency essentially has gone unfocused” in the cybersecurity industry, explained CEO and founder Jon Miller. “These are the best-funded attackers in history. You have to be adaptable and realize that you’re going to get pushed over at some point,” he said. “The question is how do you recover from [the attack] quickly, and reduce the impact from two months or two weeks down to five minutes.”
Founded in 2021 by Miller and CTO Ryan Smith, the company raised $20 million in seed funding from backers such as Syn Ventures. The company is currently in the midst of a another fundraising round.
A.I. is exploding in popularity as chatbots and machine learning-powered products roll out across industries. Yet with A.I. innovation comes the next generation of A.I.-powered cyberattacks. HiddenLayer, the startup nominated by Syn Ventures’ Jay Leek, aims to address the rise in machine-learning cyberattacks with its software. 
The Austin-based A.I. cybersecurity startup operates a security platform that detects and prevents cyberattacks using machine learning. HiddenLayer’s product suite includes monitoring technology to survey software for attacks and security and reporting measures. In July 2022, the startup raised $6 million from backers including Ten Eleven Ventures and Secure Octane. The company was founded by Christopher Sestito, Tanner Burns, and James Ballard. 
Investor Chenxi Wang, founder of cybersecurity fund Rain Capital, likes startup Graphiant. Graphiant was launched this year by CEO Khalid Raza and CTO Stefan Olofsson, who previously founded networking technology startup Viptela, which was acquired by Cisco in 2017 for $610 million. Graphiant uses a platform that helps businesses securely manage corporate networks. “Users must cross a digital wilderness the enterprise doesn’t control or have visibility into to access resources—paths across this digital wilderness change by the minute,” Raza wrote when launching the company. “Our goal is to solve enterprises’ challenges, connecting resources, clouds, and applications across this digital wilderness,” he added.
In December 2020, the startup raised $33.5 million in funding led by Sequoia and Two Bear. “Network security is built into the infrastructure in that Graphiant allows encryption all the way to the edge, reducing threat surface and delivering data security and privacy along with fast and dynamic connectivity,” explained Wang. 
Cyberattacks are a company’s worst nightmare—so you better believe they’re willing to pay up for technology that prevents them. That’s why Iren Reznikov, investor at S Ventures, likes startup Noname. API security technology, which helps different software and hardware features to communicate, addresses data breaches such as those faced by Peloton, Facebook, and LinkedIn. In December 2021, Noname raised $135 million in Series C funding at an over $1 billion valuation after emerging from stealth in December 2020. Noname’s investors include Georgian, Lightspeed, Cyerstarts, and Forgepoint. “With API attacks on the rise, Noname delivers a complete end-to-end platform for discovery and monitoring of APIs, runtime protection, and API testing,” Reznikov said. 
Startup Wiz, recommended for the list by NightDragon managing director Morgan Kyauk, has made headlines recently for good reason: the cloud security startup, which launched in 2020, scaled from $1 million to $100 million in annual recurring revenue in just 18 months. In October 2021, the company raised $250 million in Series C funding a $6 billion valuation. Wiz’s cloud security platform identifies potential security holes across a company’s network. 
The company was founded in January 2020 by Assaf Rappaport, Yinon Costica, Ami Luttwak, and Roy Reznik, who previously built the company Adallom, which sold to Microsoft for $320 million. Kyauk explained that he is particularly impressed by Wiz because they are dominating an established cloud security market, which includes competitors like Palo Alto Networks and Check Point. “[Wiz] was able to come in and out-execute the legacy incumbent vendors from a go-to-market and distribution perspective,” he said. “Now, they’re the market leader within this space and some of these incumbents are now trying to play catch up,” he added. 
Finally, putting your money where your mouth is does actually speak volumes. So we also asked our VCs to highlight one portfolio company they are particularly excited about. Here’s what they said:
Bob Ackerman of AllegisCyber pointed to Dragos as a startup that is a prime example of founders using the “offense to defense” strategy in the development of cybertechnology. In 2021, Dragos raised $200 million in Series D funding at a valuation of $1.7 billion. Dragos secures industrial control systems like electrical grids, petrochemical facilities, and other critical infrastructure. The company was founded by CEO Robert Lee, chief data scientist Justin Cavinee, and CTO Jon Lavender in 2016 and was incubated in Maryland-based cybersecurity foundry DataTribes. 
Iren Reznikov of S Ventures highlighted Noetic Cyber. The company launched in 2021 with $20 million in total funding, including a new Series A round lead by Energy Impact Partners and including existing investor Ten Eleven Ventures. The company was founded by CEO Paul Ayers, CPO Allen Rogers, and Chief Architect Allen Hadden The platform “provides an easy way to identify and close coverage gaps in the cyber posture of an enterprise,” explained Reznikov. “As investors, we were impressed with Noetic’s strong platform capabilities and coverage for the modern tech stack,” she added. 
Mark Hatfield of Ten Eleven Ventures nominated startup Interpres, a security defense surface platform. In December 2022, the company launched with $8.5 million in seed funding from Hatfield’s Ten Eleven Ventures. Interpres was founded by CEO Nick Lantuh, Mike Jenks, Ian Roth, and Michael Maurer. The company “helps companies turn the chaos of their defense surface into something elegantly engineered and tailored to the company’s particular threat profile,” wrote Hatfield. “With intelligence from the platform, security teams can take a threat-informed perspective to understand exactly what their current tools can detect and defend against, and then consistently and iteratively improve their security posture.”
Ted Schlein of Ballistic Ventures nominated misinformation mitigation startup Alethea from his portfolio. The startup’s machine learning platform analyzes and detects misinformation and social media manipulation across the internet.  In November 2022, the company raised $10 million in Series A funding from Ballistic Ventures. The company was founded in 2019 by Lisa Kaplan. 
Matt Kinsella, investor at Maverick Ventures, recommended behavioral biometrics startup BioCatch, which he described as a unique approach to identity security. The technology developed by BioCatch monitors users’ individual behavioral patterns on their device to detect when there is fraud. The company last raised $145 million in 2020 in a Series D round. The company was founded by Avi Rugemen, Benny Rosenbaum, and Uri Rivner. BioCatch was founded in 2011 and launched in 2020, yet Kinsella emphasized that he thinks the startup will be “one to watch” in 2023 as it gains traction.
Learn how to navigate and strengthen trust in your business with The Trust Factor, a weekly newsletter examining what leaders need to succeed. Sign up here.
© 2023 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information | Ad Choices 
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions.

source

Image via Unsplash
Event security remains an ever-growing concern. Public events have been the targets in the past, meaning security leaders have tightened event safety procedures. Large events, such the Super Bowl, often require additional security to keep entertainment, staff and guests safe throughout the event. However, large events can also become targets for phishing and other cyberattacks. As security leaders plan and enforce an event’s physical safety measures, an event should prepare an equally thorough cybersecurity plan. 
Rafal Los, Head of Services GTM at ExtraHop, shared his thoughts on stadium cybersecurity ahead of the Super Bowl:
“As with any big public events, hackers will exploit the event to try and drive users to click on or open malicious links or items. Phishing using Super Bowl themed content will likely be prevalent. Hackers count on people getting caught up in the hype of the sporting event to let their guard down and click on something that looks like it came from a friend or other trusted source, with some tie-in to the event. The inevitable goal is one of the same few — get you to divulge your credentials to something like Office 365 or your bank or install malware or ransomware on your computer.”  
“Always be vigilant, and especially during big events where you’re emotionally involved and want to be part of the hype/group. Always be skeptical of something that comes into your inbox or texts, or even pops up on a web page. Skepticism and knowing attackers are constantly out to get you is key.”
“Event security professionals can cut down on this type of attack by ensuring they’ve monitored their brands carefully and are actively defending against typo-squatting attacks, and monitoring web traffic at their events (where possible) for malicious content and links.”

You must have JavaScript enabled to enjoy a limited number of articles over the next 30 days.
Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company. Interested in participating in our Sponsored Content section? Contact your local rep.
ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe. 
The John F. Kennedy Center for the Performing Arts is home to some of the nation’s largest events, from the Kennedy Center Honors to the Mark Twain Prize and high-caliber theatrical and symphonic performances.
 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 
Copyright ©2023. All Rights Reserved BNP Media.
Design, CMS, Hosting & Web Development :: ePublishing

source

Many cybersecurity professionals, if not all, have experienced that “after the breach” feeling — the moment you realize you’ll have to tell your customers their personal information may have been compromised because one of your vendors had a data breach.
Such situations also involve spending significant amounts of time and resources fixing a problem caused by a third party. No matter how well you clean things up, the reputational hit to your organization will continue to cost you in lost business down the road.
The fact is, the consequences of failing to properly manage third-party risk are far too costly to ignore.
Ransomware attacks, data breaches and widespread IT outages ranked this year as the most significant risk concerns for companies worldwide. More than seven in ten organizations fear third parties have too much control over customer data, including needlessly broad permissions and authorization. Of the 44% of organizations that reported a data breach last year, 75% said the breach stemmed from a third party’s excessive privileged access.

While managing third-party cyber risk is essential to maintaining customer trust, it’s also increasingly important for organizations looking to purchase cyber insurance policies. All it takes is an accidental email containing personal information sent to the wrong customer, and the basic standards for a data breach have been met. Add the various state and federal data laws and costs associated with remediation, and it becomes clear why every organization could benefit from cyber insurance.
As more contracts between businesses contain cyber insurance clauses, it’s important to consider the impact security standards have on obtaining a policy. To put it plainly, the better your security standards are, the better your rates, especially at a time when cyber insurance premiums are soaring.
Cyber insurance providers want to see that you have high standards of security before they issue a policy, so effective third-party risk management could mean the difference between potential insurers offering you a good rate or deeming you ineligible for coverage.
An organization’s ability to handle third-party cyber risk proactively depends on its risk management strategies. According to Forrester, 70% of enterprise decision-makers agree that third-party risk is a business priority, but about 69% use manual processes in their third-party risk programs.

source