SECURITY

Ransomware Study: Two Thirds of Security Professionals Believe Ransomware and Terrorism Threats are Equal

Venafi | December 27, 2021

Venafi, the inventor and leading provider of machine identity management, announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that almost two-thirds (60%) of security almost two-thirds (60%) believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. The study also found that less than one-third of respondents have implemented basic security controls that break the ransomware kill chain.

Other key findings include:

  • Over two thirds (67%) of respondents from organizations with more than 500 employees experienced a ransomware attack over the last 12 months—a figure that rises to 80% for respondents from organizations with 3,000-4,999 employees.
  • Over a third (37%) of respondents would pay the ransom but more than half of these (57%) would reverse that decision if they had to publicly report the payment, as required by the Ransomware Disclosure Act, a U.S. Senate bill that would require companies to report ransomware payments within 48 hours.
  • Despite the rising number of ransomware attacks, more than three-quarters (77%) say they are confident the tools they have in place will protect them from ransomware attacks. Australian IT decision makers have the most confidence in their tools (88%), compared with 71% in the U.S. and 70% in Germany.
  • Twenty two percent believe paying a ransom to be “morally wrong.”
  • Seventeen percent of those breached admitted they paid the ransom, with U.S. respondents paying most often (25%) and Australian companies paying least often (9%).

The fact that most IT security professionals consider terrorism and ransomware to be comparable threats tells you everything you need to know; these attacks are indiscriminate, debilitating and embarrassing. Unfortunately, our research shows that while most organizations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks. Too many organizations say they rely on traditional security controls like VPNs and vulnerability scanning instead of modern security controls, like code signing that are built-in to security and development processes.”

Kevin Bocek, Vice President ecosystem and threat intelligence at Venafi

The study shows that most organizations are not using security controls that break the ransomware kill chain early in the attack cycle. Many ransomware attacks start with phishing emails that include a malicious attachment—but just 21% restrict the execution of all macros within Microsoft Office documents. Less than a fifth (18%) of companies restrict the use of PowerShell using group policy, and only 28% require all software to be digitally signed by their organization before employees are allowed to execute it.

About the research
Conducted by Sapio Research, Venafi’s survey evacuated the opinions of 1,506 IT security officers across the U.K., Australia, France, Germany, Benelux and the U.S.

About Venafi
Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa.

Spotlight

Brickken is creating a dApp (decentralized application) which provides the infrastructure needed for companies to bring their assets on-chain and self-fund themselves via Security Token Offerings, and for DAOs to be able to operate in a legally compliant environment. Our goal is to bridge offline to online, and web2 to web3 to prepare the world for a new fully tokenized reality.

Spotlight

Brickken is creating a dApp (decentralized application) which provides the infrastructure needed for companies to bring their assets on-chain and self-fund themselves via Security Token Offerings, and for DAOs to be able to operate in a legally compliant environment. Our goal is to bridge offline to online, and web2 to web3 to prepare the world for a new fully tokenized reality.

Related News

VIRTUAL DESKTOP STRATEGIES

Red Hat Helps Enterprises Modernize at Scale with New Migration Toolkit

Red Hat | November 23, 2022

Red Hat, Inc., the world's leading provider of open source solutions, today announced the general availability of Migration Toolkit for Applications 6, based on the open source project Konveyor, aimed at helping customers accelerate large-scale application modernization efforts. The toolkit enables customers to better assess, prioritize and modernize their applications across hybrid cloud environments on Red Hat OpenShift, the industry’s leading Kubernetes platform. Few would disagree that the technology landscape has shifted dramatically in recent years. According to Red Hat’s 2022 State of Application Modernization Report, organizations plan to modernize 54% of their custom applications during the next year, and over a quarter of these workloads during the next six months. In the medium term, respondents also reported that 80% of applications will be modernized in the next two years. It’s clear that the reliance on virtualization, as we currently understand it, has shifted. Organizations are embracing cloud-native technologies to meet heightened user expectations and market competition, but this doesn’t happen overnight. With Migration Toolkit for Applications and related services and offerings, Red Hat is helping customers modernize applications at their speed and on their timelines. Migration Toolkit for Applications is an integrated assembly of tools that support Java application modernization and migration projects at scale across a broad range of use cases. Now designed to help migration leads and developers find the best and most reliable modernization path forward, Migration Toolkit for Applications 6 includes: New application inventory and assessment modules that assist organizations in managing, classifying and tagging their applications while assessing application suitability for deployment in containers, including flagging potential risks for migration strategies. Full integration with source code and binary repositories to automate the retrieval of applications for analysis along with proxy integration including HTTP and HTTPS proxy configuration managed in the user interface. Improved analysis capabilities with new analysis modes, including source and dependency modes that parse repositories to gather dependencies and add them to the overall scope of the analysis. There is also a simplified user experience to configure the analysis scope, including open source libraries. Enhanced RBAC powered by Red Hat Single Sign-On, defining three new differentiated personas with different permissions to suit the needs of each user—administrator, architect and migrator—including credentials management for multiple credential types. Administrator perspective to provide tool-wide configuration management for administrators. Open source community drives containerization leap Kubernetes is fueled by a vibrant open source community and to further drive adoption, Red Hat and IBM Research created Konveyor. Konveyor is an open source project aimed at helping modernize and migrate applications for open hybrid cloud deployments by building tools, identifying patterns and providing advice on bringing cloud-native transformation across IT. The Cloud Native Computing Foundation (CNCF) project forms the foundation for Migration Toolkit for Applications and with this set of tools, organizations can have deeper insight throughout their adoption process—whether they’re making decisions at the portfolio or application level. To learn more about the latest version of Migration Toolkit for Applications, visit the webpage here. “Hybrid cloud isn’t just the future of computing—it’s here now, and Red Hat is determined to give our customers the tools, direction and intelligence to help them bring their applications to this new world. We know that transformation doesn’t happen overnight, which is why Red Hat Modernization Toolkit for Applications is designed to accelerate modernization, not stifle it, by easing the process of bringing traditional applications to a hybrid cloud-ready platform with analysis and automation.” James Labocki, senior director, product management, Red Hat About Red Hat, Inc. Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.

Read More

ENTERPRISE SYSTEMS,VIRTUALIZED ENVIRONMENTS,VPN

Boosting the Signal from Space: MetTel Labs Deploys VMware SD-WAN over Starlink

MetTel | December 15, 2022

MetTel announced today that its Customer Innovation Labs, the research and development unit of MetTel, has deployed its Software-Defined Wide Area Network (SD-WAN) service using the VMware SD-WAN™ solution over SpaceX's Starlink satellite service. These technologies far outpace the growth of the overall IT market which Gartner predicts at 5.1% year-over-year in 2023. According to the 2022 Gartner® Magic Quadrant™ for SD-WAN report, "The SD-WAN market is forecast to generate a compound annual growth rate (CAGR) of 14% in end-user spending from 2020 through 2026." Starlink's service has expanded significantly with more than 3,000 satellites in orbit and over 500,000 customers since 2019, according to research firm Ookla, with an estimated 500% growth in supporting terminals since 2021. Led by MetTel Chief Technology Officer, Ed Fox, MetTel Labs strives to innovate, test, and prove new technologies, services and best practices with enterprise customers. In the case of Starlink, MetTel collaborated with multiple enterprise clients to deploy SD-WAN technology over the satellite network and bring high bandwidth communications to remote locations that would otherwise lack Internet access. Among the active use cases are a large government agency and a leader in the environmental management industry. "Deployment of earth-based SD-WAN over Starlink will bring business-grade connectivity and network management to every remote location where it's needed for our clients," said Fox. "MetTel is thrilled to upgrade the quality of space-based communication while extending the reach of our SD-WAN network to any location worldwide." As an access technology, satellite communication has always been a challenge as signals must travel up to space and back down to earth, introducing latency and eroding performance. Many satellite communication providers use packet manipulation like queuing to provide a better consumer experience, but when using a business-oriented overlay technology like SD-WAN the packet manipulation can inhibit the performance of the network. Starlink's low-earth orbit system provides low latency, high bandwidth transmissions without heavy processing of traditional satellite, enabling the MetTel Labs team to integrate space-based access paths into its existing terrestrial SD-WAN networks. "The promise of space-based communication is limitless.By deploying SD-WAN over the Starlink satellite network, MetTel is bringing the benefits of VMware SD-WAN -- cloud-delivered, resilient networking with embedded security, along with DMPO which will automatically remediate transient satellite link issues -- to anywhere on earth, without the need for terrestrial networks." Craig Connors, vice president and general manager of VMware's SASE business. VMware SD-WAN™ and VMware SASE™ bring cloud-delivered networking, security, and AIOps together with compute to support secure, ubiquitous access to Cloud and SaaS for branch and remote workers as well modern applications at the edge. VMware's SD-WAN solution makes intelligent routing decisions based on network conditions and then steers traffic to the optimal network path to meet customers' service level requirements and provide a better user experience for applications. Working with VMware SASE and SD-WAN solutions, MetTel has built a global cloud network with 19 data centers and points of presence (PoPs) to deliver its secure networking services as a fully managed service. A recognized leader in the Gartner Magic Quadrant for Managed Network Services for 2020 and 2021, MetTel has engineered some of the largest commercial implementations of SD-WAN and cloud firewall in North America, each connecting thousands of locations with high performance and scalable bandwidth in many different verticals such as retail including the largest jewelry retailer in the world, automotive, and waste management. Gartner, Magic Quadrant for SD-WAN, Jonathan Forest, Naresh Singh, Andrew Lerner, Karen Brown, 12 September 2022. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About MetTel MetTel is a leader in communications and digital transformation (DX) solutions for enterprise customers. By converging all communications over a proprietary network, MetTel gives enterprises one, unified view and control point for all their communications and advanced network services. MetTel's comprehensive portfolio of customer solutions can boost enterprise productivity, reduce costs and simplify operations.

Read More

VIRTUAL DESKTOP TOOLS

Tyan Introduces 4th Gen Xeon Server Platforms with Built-in Accelerators

Tyan | January 18, 2023

Tyan, a subsidiary of MiTAC Computing Technology Corporation, has released 4th Gen Intel Xeon Scalable processor-based server platforms with built-in accelerators to improve performance across the fastest-growing workloads in analytics, AI, cloud, storage, and HPC. Tyan's new server platforms leverage the 4th Gen Intel Xeon Scalable processor's advanced core and memory technologies for peak performance and optimized power efficiency, while utilizing built-in accelerators to further reduce the time it takes to run complex AI and analytics. The new platforms support DDR5, PCIe 5.0, and Compute Express Link 1.1. They are also designed to speed up performance for a wide range of workloads, such as high-performance computing, artificial intelligence, and data analytics. Tyan's 4th Gen Intel Xeon Scalable server platforms are equipped with the latest cutting-edge technologies and accelerators, such as DDR5, PCIe 5.0, and Compute Express Link 1.1, to provide users with enhanced performance. Danny Hsu, Vice President of MiTAC Computing Technology Corporation’s Server Infrastructure Business Unit, said, “Greater availability of new technology like 4th Gen Intel Xeon Scalable processors continues to drive the changes in the business landscape.” He further added, “The advances in TYAN’s new portfolio of server platforms with features such as DDR5, PCIe 5.0, and Compute Express Link 1.1 are bringing high levels of compute power within reach of smaller organizations and data centers.” (Source: HPCwire) Tyan's new server platforms are built for smaller HPC workloads that need large computing power at the deskside and are ideal for high-performance in-memory computing and virtualization applications. The platforms also feature built-in accelerators to increase efficiency for the fastest growing workloads such as AI, analytics, cloud storage, and HPC. About Tyan TYAN is a company that designs, manufactures, and markets advanced x86 server and workstation platforms. They have design and engineering centers in the U.S., China, and Taiwan and offer highly stable, space-efficient products that are attractive to OEMs and system integrators. Engineers at TYAN are in a good position to help customers come up with custom solutions that meet their needs. They provide scalable, highly integrated, and reliable platforms for a range of applications and are known for their time-to-market strategies and cutting-edge engineering processes.

Read More