Venafi | December 27, 2021
Venafi, the inventor and leading provider of machine identity management, announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that almost two-thirds (60%) of security almost two-thirds (60%) believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. The study also found that less than one-third of respondents have implemented basic security controls that break the ransomware kill chain.
Other key findings include:
Over two thirds (67%) of respondents from organizations with more than 500 employees experienced a ransomware attack over the last 12 months—a figure that rises to 80% for respondents from organizations with 3,000-4,999 employees.
Over a third (37%) of respondents would pay the ransom but more than half of these (57%) would reverse that decision if they had to publicly report the payment, as required by the Ransomware Disclosure Act, a U.S. Senate bill that would require companies to report ransomware payments within 48 hours.
Despite the rising number of ransomware attacks, more than three-quarters (77%) say they are confident the tools they have in place will protect them from ransomware attacks. Australian IT decision makers have the most confidence in their tools (88%), compared with 71% in the U.S. and 70% in Germany.
Twenty two percent believe paying a ransom to be “morally wrong.”
Seventeen percent of those breached admitted they paid the ransom, with U.S. respondents paying most often (25%) and Australian companies paying least often (9%).
The fact that most IT security professionals consider terrorism and ransomware to be comparable threats tells you everything you need to know; these attacks are indiscriminate, debilitating and embarrassing. Unfortunately, our research shows that while most organizations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks. Too many organizations say they rely on traditional security controls like VPNs and vulnerability scanning instead of modern security controls, like code signing that are built-in to security and development processes.”
Kevin Bocek, Vice President ecosystem and threat intelligence at Venafi
The study shows that most organizations are not using security controls that break the ransomware kill chain early in the attack cycle. Many ransomware attacks start with phishing emails that include a malicious attachment—but just 21% restrict the execution of all macros within Microsoft Office documents. Less than a fifth (18%) of companies restrict the use of PowerShell using group policy, and only 28% require all software to be digitally signed by their organization before employees are allowed to execute it.
About the research
Conducted by Sapio Research, Venafi’s survey evacuated the opinions of 1,506 IT security officers across the U.K., Australia, France, Germany, Benelux and the U.S.
Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.
With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa.
Banyan Security | January 24, 2022
Banyan Security, a leading provider of Zero Trust Network Access (ZTNA) solutions, announced it has raised $30 million in financing. The Series B funding was led by Third Point Ventures. Additional new investors include SIG and Alter Venture Partners and current investors Shasta Ventures and Unusual Ventures also participated in this round. The latest round brings the total investment in the company to $47 million.
This new funding comes on the heels of rapid growth for Banyan in the last year, including the addition of Den Jones, who joined as CSO in early December. The investment will fuel and accelerate the company’s trajectory, enabling further investments in sales and marketing and continued enhancements in product innovation, solidifying Banyan’s position as the best-in-breed zero trust remote access solution. It will also help the company expand into new markets and territories. Curtis McKee, Partner at Third Point Ventures, will join Banyan Security’s Board of Directors. Third Point Ventures is known for successful investments with ground-breaking innovators like SentinelOne, Upstart, and Sysdig.
“As an investor across the IT landscape, I’ve looked at several of the up-and-coming remote access vendors who promote ‘zero trust’ and I’m thrilled to partner with Banyan Security, a true market disruptor and innovator,” said Curtis McKee, Partner at Third Point Ventures. “Banyan understands that zero trust is a strategy first and functionality second that, when used properly, serve broader ‘work from anywhere’ business goals. Among Banyan Security’s impressive roster of customers, you’ll find several household names and Fortune 500 organizations, which speaks to their ability to meet the demands of the largest and most demanding enterprise businesses. However, a big part of Banyan’s appeal is the elegance of their incremental ‘deploy-as-you-go’ model which leverages and extends existing security tooling to meet today’s demanding security requirements, and ultimately provides end users with a great experience.”
With remote employees everywhere now working from their homes, airports, coffee shops and more, and accessing critical business applications that run across increasingly complex infrastructure, a new set of challenges has emerged for securing this ever-growing and interconnected access surface. Organizations have been increasingly driven to adopt zero trust models to modernize security, as well as handle the stress that the COVID-19 pandemic has put on their people, processes, and technology, especially on legacy VPNs.
“With our organization shifting to nearly a fully remote workforce, Banyan’s modern approach to Zero Trust has been a game-changer in improving our overall security,” said Upendra Mardikar, Chief Security Officer at Snap Finance. “The SaaS-based solution was quick to deploy and our security and IT teams are now experiencing time savings and a better user experience. We’re extremely happy with our decision to move to Banyan for our Zero Trust network access needs.”
With the rapid shift to remote and hybrid work, traditional network-centric solutions like legacy VPNs are no longer viable options for securing easy-to-use remote access to applications and IaaS resources. At Banyan Security, we strive to help our customers accelerate their zero trust journey by completely reimagining remote access from the user experience and security perspectives, building a comprehensive platform that helps them transform their security models with granular zero trust policy controls. This latest funding reinforces the urgent need for advanced remote access solutions that make effective use of zero trust technology, and our team is looking forward to expanding our market footprint to help meet that demand.”
Jayanth Gummaraju, CEO and Co-Founder of Banyan Security
Banyan Security provides least-privileged access to corporate applications and IaaS resources in real-time, leveraging organizations’ existing enterprise identity and security tool investments. Built on a patented zero trust architecture, the Banyan solution transparently deploys in hybrid and multi-cloud environments, continuously enforcing access policies based on any combination of user, device, and application contexts. In fact, Banyan has the only architecture that leverages and integrates with existing IT and cloud investments while permitting incremental deployment that truly accelerates measurable progress on the zero trust journey. Additionally, with the recent availability of Team Edition, a no-cost version of the company’s powerful Banyan Security Zero Trust Remote Access solution, organizations are provided with one-click, zero trust access to hosted applications, services, and infrastructure without the need for legacy VPNs, opening inbound firewall ports, or managing DNS changes.
About Banyan Security
Banyan Security provides secure, zero trust “work from anywhere” access to infrastructure and applications for employees, developers, and third parties without relying on network-centric solutions like VPNs. Deep visibility provides actionable insight while continuous authorization with device trust scoring and least privilege access deliver the highest level of protection without sacrificing end user productivity. Banyan Security protects tens of thousands of employees across multiple industries, including finance, healthcare, manufacturing, and technology.
IGEL | September 03, 2020
IGEL, provider of the next-gen edge OS for cloud workspaces, announces that Saskatchewan Polytechnic in Canada has adopted virtual desktop infrastructure (VDI) along with IGEL OS to streamline how it delivers, manages and secures its entire end user computing (EUC) environment for over 16,000 students. This comprises 3,200 endpoints in 200 computer laboratories split across four geographically dispersed campuses.