SECURITY

Ransomware Study: Two Thirds of Security Professionals Believe Ransomware and Terrorism Threats are Equal

Venafi | December 27, 2021

Venafi, the inventor and leading provider of machine identity management, announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that almost two-thirds (60%) of security almost two-thirds (60%) believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. The study also found that less than one-third of respondents have implemented basic security controls that break the ransomware kill chain.

Other key findings include:

  • Over two thirds (67%) of respondents from organizations with more than 500 employees experienced a ransomware attack over the last 12 months—a figure that rises to 80% for respondents from organizations with 3,000-4,999 employees.
  • Over a third (37%) of respondents would pay the ransom but more than half of these (57%) would reverse that decision if they had to publicly report the payment, as required by the Ransomware Disclosure Act, a U.S. Senate bill that would require companies to report ransomware payments within 48 hours.
  • Despite the rising number of ransomware attacks, more than three-quarters (77%) say they are confident the tools they have in place will protect them from ransomware attacks. Australian IT decision makers have the most confidence in their tools (88%), compared with 71% in the U.S. and 70% in Germany.
  • Twenty two percent believe paying a ransom to be “morally wrong.”
  • Seventeen percent of those breached admitted they paid the ransom, with U.S. respondents paying most often (25%) and Australian companies paying least often (9%).

The fact that most IT security professionals consider terrorism and ransomware to be comparable threats tells you everything you need to know; these attacks are indiscriminate, debilitating and embarrassing. Unfortunately, our research shows that while most organizations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks. Too many organizations say they rely on traditional security controls like VPNs and vulnerability scanning instead of modern security controls, like code signing that are built-in to security and development processes.”

Kevin Bocek, Vice President ecosystem and threat intelligence at Venafi

The study shows that most organizations are not using security controls that break the ransomware kill chain early in the attack cycle. Many ransomware attacks start with phishing emails that include a malicious attachment—but just 21% restrict the execution of all macros within Microsoft Office documents. Less than a fifth (18%) of companies restrict the use of PowerShell using group policy, and only 28% require all software to be digitally signed by their organization before employees are allowed to execute it.

About the research
Conducted by Sapio Research, Venafi’s survey evacuated the opinions of 1,506 IT security officers across the U.K., Australia, France, Germany, Benelux and the U.S.

About Venafi
Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa.

Spotlight

Container-native Virtualization (CNV) is the Red Hat version of KubeVirt to help customers run their virtual machines alongside their containers on the OpenShift Platform which can help with easing the migration path and allow customers to start utilizing and familiarition with OpenShift more rapidly.

Spotlight

Container-native Virtualization (CNV) is the Red Hat version of KubeVirt to help customers run their virtual machines alongside their containers on the OpenShift Platform which can help with easing the migration path and allow customers to start utilizing and familiarition with OpenShift more rapidly.

Related News

VIRTUAL DESKTOP TOOLS

Fungible Storage Cluster Now Supports VMware vSphere

Fungible | June 08, 2022

Fungible Inc., the dynamic composable infrastructure business, today announced the launch of Fungible Storage Cluster® (FSC) 4.1, which adds support for high-performance VMware vSphere settings. In managing complex and dynamic computational environments, virtual machines give unrivaled flexibility. Storage needs for workloads operating in virtualized environments can vary. Fungible's high-performance all-flash array based on NVMe/TCP is now vSphere certified and available for VMware virtualized environments for demanding applications. Customers can now enjoy the improved management of vSphere paired with the excellent performance of Fungible's Storage Cluster thanks to the newest version (4.1). Marc Fleischmann, Cloud CTO, VMware said that "NVMe/TCP enables vSphere customers to accelerate their storage performance while leveraging existing investments and lowering complexity. Through collaboration with innovative companies such as Fungible, VMware continues to build a world-class ecosystem of technology partners that offer our customers flexibility and choice to meet their business requirements.” Customers can use NVMe/TCP to connect FSC storage into their ESXi hosts and obtain what looks to be local storage. Even though it is a shared resource, the resultant performance is essentially comparable to local storage, and the cost advantages mirror the performance benefits. Eric Burgener, Research Vice President, Infrastructure Systems, Platforms and Technologies at IDC said that “VMware vSphere is the virtualization infrastructure of choice for a variety of mission-critical, performance-sensitive workloads in the data center. As IT organizations deploy more workloads that require accelerated compute and storage, the use of composable, disaggregated infrastructure (CDI) like that available from Fungible will be deployed more often to enable the more efficient use of these types of resources in VMware environments. IDC expects that the CDI market overall will top $4.8 billion by 2025.” “VMware has long led the drive to improve flexibility and utilization of data center infrastructure. Now with the latest release of our vSphere certified Fungible Storage Cluster, VMware users can further enhance their ability to tune demanding workloads to get the utmost performance and flexibility. Trade-offs of flexibility versus performance are no longer required. Pairing VMware with NVMe/TCP for storage access with our DPU-powered Storage Cluster allows VMware customers to address the performance requirements of today's modern applications.” Pradeep Sindhu, Co-Founder and CDO of Fungible FSC may also result in storage cost reductions for vSphere users since its erasure coding offers comprehensive data protection at a lower cost than typical RF1 or RF2 replication. Moreover, Fungible's composable data architecture allows for the flexibility to compose storage to suit current demands and recompose it to adjust to the changing needs, giving exceptional investment protection.

Read More

SERVER VIRTUALIZATION

ADVA Expands Multi-Vendor Network Functions Virtualization Program

ADVA | December 14, 2020

ADVA (FSE: ADV) today reported the proceeding with development of its Ensemble Harmony Ecosystem. With the expansion of 20 individuals, the business' driving organization capacities virtualization (NFV) accomplice program includes a considerably more extensive scope of virtualized applications and upheld administrations. New increments to the multi-merchant environment incorporate cloud, virtualization, systems administration and security pioneer, VMware. Correspondence specialist organizations (CSPs) would now be able to profit by open arrangements created by more than 65 individuals, including in excess of 50 virtual organization capacities (VNFs) and in excess of 40 white box workers. “We’re excited to be joining the Ensemble Harmony Ecosystem, helping it accelerate the pace of NFV innovation and generate new value for our customers. This program is key to creating the openness and interoperability needed in the new age of software-based telecommunication networks,” said Mark Vondemkamp, VP, Products, SD-WAN and SASE Business, VMware. “For us, the Ensemble Harmony Ecosystem enables comprehensive virtualized solutions. It enables CSPs to choose from a wide variety of commercial VNFs and effortlessly realize the promise of NFV. Ensemble Harmony also makes it easy for us to deliver a consistent cloud architecture all the way from the public cloud to the network edge.” ADVA's Ensemble Harmony Ecosystem is an alliance of equipment, programming and administration accomplices cooperating to drive virtualization and softwarization in media transmission organizations. The program conveys all CSPs need to tackle the full advantages of NFV and mechanization. It cultivates close joint effort between accomplices to guarantee interoperability and gives the capacity to choose from industry-driving arrangements, including the most famous SD-WAN, firewall and WAN advancement items. Beside VMware, the latest increments to the Ensemble Harmony Ecosystem are CASwell, flexiWAN, IEI Integration Corp, NEXCOM and Lanner. “Lanner continues to work with ADVA on CSP adoption of NFV. And our support and promotion of Ensemble Harmony is another great example of how we together provide solutions that outperform purpose-built platforms in every way,” said Sven Freudenfeld, CTO, Lanner Inc. “Lanner’s Whitebox Solutions™, coupled with Ensemble and VNF partners, provide solutions that are available off-the-shelf, with the best technology, pre-validated, and fully homologated.” “This ongoing growth means our Ensemble Harmony Ecosystem provides more options and delivers more value. By welcoming industry leaders like VMware into the program, we’re enabling our customers to transform their operations with some of the best available cloud solutions,” commented James Buchanan, GM, Edge Cloud, ADVA. “Today’s CSPs demand the freedom to choose the most advanced virtualization technology from a variety of leading innovators. They expect tech suppliers to cooperate with each other to ensure interoperability and reduce complexity. That’s what our Ensemble Harmony Ecosystem is all about. It creates an environment that fosters close cooperation, accelerates new initiatives and enables true multi-vendor solutions.”

Read More

VMWARE

Polte and VMware To Unlock 5G Precise Positioning for Open Radio Access Networks

Polte | October 08, 2021

Polte, the innovator of Cloud Location over Cellular (C-LoC) technology, announced a partnership with VMware to enable an Open Radio Access Network (Open RAN) solution for global "5G Precise Positioning," leveraging Polte as an xApp on VMware's RAN Intelligent Controller (RIC) platform. This partnership aims to address the challenges of security, accuracy, and seamless cellular continuity that previously created barriers to access for 5G Precise Positioning within use cases ranging from Industry 4.0 to 5G Critical IoT. Together, through the augmentation of Open RAN architecture, Polte and VMware endeavor to stimulate innovation while subsequently offering systems integrators more RAN vendor choice. "Together, Polte's and VMware's 5G Precise Positioning solution aims to meet the increasing demands for enterprise security while providing accuracy down to the sub-meter level with private networks, We plan to unlock a plethora of new global asset tracking use cases, especially within 5G Industrial and Critical IoT." said Stephen Spellicy, vice president of product marketing and business development, Service Provider and Edge, VMware. The RIC, as introduced by the O-RAN Alliance, is a core element of Open RAN architecture that allows operators to launch and optimize new cloud-native services and xApps, uninterrupted. VMware's RIC offers a software development kit (SDK) for third parties to develop new innovative applications for Open RAN, and enables operators to seamlessly integrate such applications into their networks. It will enable Polte's location xApp to not only democratize 5G Precise Positioning, but offer a foundation for other xApps that benefit from location awareness. "Solutions providers should think of location as a system, not a feature. Taking a holistic approach to location at the earliest stages of any 5G deployment is fundamental to the success of offering value in 5G to enterprises." said Polte CEO Ed Chao. As a leading provider of cellular location, Polte's domain expertise and 70 global patents and patents pending are key to unlocking the full potential of 5G positioning for enterprises. 5G allows Polte to transform the utility of cellular location, bringing the optimum level of accuracy for macro networks and 5G private networks. Polte's and VMware's Open RAN RIC-based 5G Precise Positioning solution will provide enterprises with more secure communication to all devices and to their own cloud architecture, required for the most advanced, mission-critical communications. Polte and VMware are both contributing members of the O-RAN Alliance, as well as participants in the 5G Open Innovation Lab, a collaborative ecosystem bringing together leading enterprise partners with cutting-edge startups harnessing the power and potential of 5G and edge computing to build what's next. About Polte: Polte, the innovator of Cloud Location over Cellular (C-LoC) technology, provides disruptive, low-cost indoor and outdoor IoT location solutions that empower enterprises with unprecedented, real-time visibility into all the things that matter. Leveraging global 4G and 5G cellular signals, Polte transforms what is possible with asset tracking by driving heightened accessibility and greater speed to ROI for supply chain, logistics, manufacturing, and a wide range of other sectors

Read More