SECURITY

Ransomware Study: Two Thirds of Security Professionals Believe Ransomware and Terrorism Threats are Equal

Venafi | December 27, 2021

Venafi, the inventor and leading provider of machine identity management, announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that almost two-thirds (60%) of security almost two-thirds (60%) believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. The study also found that less than one-third of respondents have implemented basic security controls that break the ransomware kill chain.

Other key findings include:

  • Over two thirds (67%) of respondents from organizations with more than 500 employees experienced a ransomware attack over the last 12 months—a figure that rises to 80% for respondents from organizations with 3,000-4,999 employees.
  • Over a third (37%) of respondents would pay the ransom but more than half of these (57%) would reverse that decision if they had to publicly report the payment, as required by the Ransomware Disclosure Act, a U.S. Senate bill that would require companies to report ransomware payments within 48 hours.
  • Despite the rising number of ransomware attacks, more than three-quarters (77%) say they are confident the tools they have in place will protect them from ransomware attacks. Australian IT decision makers have the most confidence in their tools (88%), compared with 71% in the U.S. and 70% in Germany.
  • Twenty two percent believe paying a ransom to be “morally wrong.”
  • Seventeen percent of those breached admitted they paid the ransom, with U.S. respondents paying most often (25%) and Australian companies paying least often (9%).

The fact that most IT security professionals consider terrorism and ransomware to be comparable threats tells you everything you need to know; these attacks are indiscriminate, debilitating and embarrassing. Unfortunately, our research shows that while most organizations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks. Too many organizations say they rely on traditional security controls like VPNs and vulnerability scanning instead of modern security controls, like code signing that are built-in to security and development processes.”

Kevin Bocek, Vice President ecosystem and threat intelligence at Venafi

The study shows that most organizations are not using security controls that break the ransomware kill chain early in the attack cycle. Many ransomware attacks start with phishing emails that include a malicious attachment—but just 21% restrict the execution of all macros within Microsoft Office documents. Less than a fifth (18%) of companies restrict the use of PowerShell using group policy, and only 28% require all software to be digitally signed by their organization before employees are allowed to execute it.

About the research
Conducted by Sapio Research, Venafi’s survey evacuated the opinions of 1,506 IT security officers across the U.K., Australia, France, Germany, Benelux and the U.S.

About Venafi
Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa.

Spotlight

A self-service, policy-based portal with a catalog of custom services provides e¬cient, automated infrastructure. Users simply log in and request a resource using a drag- and-drop interface. Provisioning occurs in minutes, so your business is more agile and your users are more productive.


Other News
VIRTUAL DESKTOP TOOLS

HUMAN Names Climb Channel Solutions as Preferred Distributor

Climb Channel Solutions | July 27, 2022

Climb Channel Solutions, an international specialty technology distributor and wholly-owned subsidiary of Wayside Technology Group, Inc. (NASDAQ: WSTG) was named preferred distributor with HUMAN’s enterprise defense platform enabling resellers to round out their security stack. “With a full suite of products focused on defending customer data and exposure to fraudulent activity Climb Channel Solutions is proud to be named HUMAN’s preferred distributor, The IT channel will soon be leaning on HUMAN’s products and solutions to help detect fraud within security, inventory, account management, and even marketing.” Dale Foster, CEO at Climb Recent reports have indicated that 77% of all digital attacks are bot-based, and bots and cybercriminals become increasingly sophisticated year after year. Today, HUMAN verifies the humanity of more than 15 trillion digital interactions per week, offering enterprises a platform with unmatched visibility into fraudulent activity across the internet. HUMAN achieves this scale with a suite of products to protect the complete digital customer journey: BotGuard for Applications, BotGuard for Growth Marketing, MediaGuard, and Bot Insights Services. As new partners and enterprises leverage the HUMAN Defense Platform, they benefit collectively from HUMAN’s Modern Defense Strategy, which is built on best-in-class visibility and network effect powered by collective protection and disruptions. “We are thrilled to add Climb Channel Solutions as our preferred distribution partner for North America as we continue to build HUMAN’s channel ecosystem,” said HUMAN Vice President of Channel Sales Ron Wagner. “Climb’s expertise as a value-added distributor along with their focus on emerging and disruptive technology makes them an ideal partner. We look forward to working with Climb and their vast network of resellers to realize HUMAN’s mission of safeguarding the integrity of the internet from bot attacks and fraud to keep digital experiences human.” About HUMAN HUMAN is a cybersecurity company that safeguards enterprises and internet platforms from sophisticated bot attacks and fraud to keep digital experiences human. Our modern defense strategy is enabled by internet visibility, network effect powered by collective protection, and disruptions, enabling enterprises to increase ROI and trust while decreasing customer friction, data contamination, and cybersecurity exposure. Today we verify the humanity of more than 15 trillion interactions per week for some of the largest companies and internet platforms. Protect your digital business with HUMAN.

Read More

VIRTUAL DESKTOP TOOLS

VNET Announces Changes to Leadership Team

VNET Group | September 26, 2022

VNET Group, Inc. a leading carrier- and cloud-neutral Internet data center services provider in China, today announced that Mr. Samuel Yuan-Ching Shen decided to resign from his positions as the Company's Chief Executive Officer and Executive Chairman of Retail IDC Business Group due to personal reasons, and he will remain with the Company as a senior advisor to the senior management. Mr. Jeff Dong, the Company's president, has been appointed to succeed Mr. Shen as the Company's Chief Executive Officer, effective immediately. "I would like to thank Samuel for his contributions and dedication to our success throughout his tenure. His leadership has been instrumental in driving value and growth for VNET. We look forward to his ongoing guidance in his new role as our senior advisor." Mr. Josh Sheng Chen, Founder and Chairman of VNET "Meanwhile, I am pleased to welcome Jeff to the executive leadership team. We are confident that Jeff's extensive industry insight and deep investment expertise, acquired over a long and illustrious professional career, will continue to drive our dual-core growth strategy and fuel our ongoing commitment to achieving sustainable growth and long-term shareholder value." Mr. Jeff Dong has served as president of the Company and chief executive officer of VNET Capital since June 2022. Prior to joining the Company, Mr. Dong served as the head of the real assets investment department of Taiping Capital Asset Management, a subsidiary of China Taiping Insurance Group, from June 2020 to June 2022. Mr. Dong has extensive experience in real assets investment in infrastructure, TMT and new energy sectors. Mr. Dong's related experience spans more than 15 years, including over a decade serving in various roles at China Investment Corporation, a sovereign wealth fund of China. Mr. Dong received his Ph.D. from Manchester Business School. About VNET VNET Group, Inc. is a leading carrier- and cloud-neutral Internet data center services provider in China. VNET provides hosting and related services, including IDC services, cloud services, and business VPN services to improve the reliability, security, and speed of its customers' internet infrastructure. Customers may locate their servers and equipment in VNET's data centers and connect to China's internet backbone. VNET operates in more than 30 cities throughout China, servicing a diversified and loyal base of over 6,500 hosting and related enterprise customers that span numerous industries ranging from internet companies to government entities and blue-chip enterprises to small- to mid-sized enterprises.

Read More

VIRTUAL DESKTOP TOOLS

Exoprise Customers Achieve Significant ROI With SaaS and Digital Experience Monitoring

Exoprise | September 12, 2022

Exoprise, a leader in Digital Experience Monitoring (DEM) solutions, announced that its customers continue to realize significant Return on Investment (ROI) with Exoprise solutions and achieve positive ROI within six months of implementation. Troubleshooting remote worker issues using traditional tools creates visibility challenges, severely impacting business continuity and productivity. According to the latest Forrester future of work survey, 20% of employees contact the service desk support team weekly, and 10% contact them daily – far too often to remain consistently productive. In current economic conditions, companies have the potential to save thousands to millions in IT costs using features and capabilities offered by Exoprise DEM solutions. As one of the Exoprise customers, a global CRM head at a financial services company, told us, "Upon returning from a weekend, our employees could not access their Salesforce app in the morning. As a result, IT and several other teams spent at least half a day trying to find the root cause, which cost the company about $500K. With Exoprise synthetics, we would have immediately narrowed the problem to a change made by the network team and saved a huge loss to the company." Exoprise customers achieve superior ROI with their DEM investment by: Recovering Service Level Agreement (SLA) credit – IT teams receive Service Level Agreement (SLA) violation credits when Microsoft 365 has downtime. For example, Microsoft services such as Azure, Teams, OneDrive, etc. may not be available due to an outage or technical issue. Service availability less than the SLA of 99.9% requires Microsoft to reward credits to the customer. Exoprise provides actionable availability reports that act as evidence of true downtime, outage length, events, errors, and corresponding service health. Customers quickly verify and claim their credits to recoup the cost of the Exoprise system. Saving Costs on Device Refresh and Upgrades – IT departments often need to upgrade their infrastructure with new hardware or software, so employees remain productive and job satisfaction remains high. However, with a shrinking economy and flat expense budget, businesses struggle to keep up with that mandate. Utilizing Exoprise Service Watch Real User Monitoring (RUM), operation teams are driving upgrade decisions based on hard network and device telemetry data, segmenting different user groups, and auditing remote endpoint devices. The result is an optimized device refresh schedule and cost-effective companywide upgrades. Another Exoprise user, a Microsoft Teams administrator at a manufacturing services company, "We had frequent complaints from users about poor Teams meetings/calls. Initially, we would upgrade the hardware to the latest to fix the problem and spend thousands doing that, but the problems persisted. So, when we started using Service Watch, we could see exactly where the problem was for each user - and avoid upgrading when the problems were due to corporate network or weak Wi-Fi access points." Preventing Network Upgrade Surprises and Downtime – Future proofing the business means frequent network optimization. Enterprises rely on mission-critical services such as Microsoft 365, Salesforce, AWS, and SAP. Delivering these services via ISPs, MPLS, SDWAN, and VPN providers becomes susceptible to performance fluctuations. Exoprise provides end-to-end baseline views of the network for mission-critical applications before, during, and after any network transformation takes place. As a result, network administrators can ensure that the end-user experience is improved and access is more reliable. Delivering Better Digital Experiences Anywhere and reducing MTTR – The Modern Workplace demands remote flexibility along with the freedom to work anywhere. ITOps teams require end-to-end visibility into apps, the network, and system performance for these Digital Nomads, and the Exoprise platform delivers. Once deployed, Exoprise helps customers safely transition to a hybrid work model. Proactive synthetics provide early outage detection while crowdsourced analytics reduce the troubleshooting time in half. Improving Productivity with Less Dropped Calls for Teams, Zoom, and Webex – Today, knowledge workers collaborate using Unified Communication (UC), VoIP, and streaming applications such as Microsoft Teams, Zoom, and WebEx. Customers use Exoprise to proactively test and tune their networks for the collaboration platforms and offer complete coverage with Service Watch RUM. As a result, there is a significant ROI in reduced dropped calls and smoother call quality. "Due to Covid, our IT model has shifted from primarily supporting call center operations to supporting a significantly larger virtual environment. That was when we became interested in better measuring digital experiences from the end user's perspective. Synthetic sensors in our central data centers collect performance data on Microsoft 365, but we wanted an even more complete picture. Together with a real user monitoring on-demand solution, we can better understand the issues of our users at any geographic location," said Kevin Santos, Senior Director of IT, Network Operation Center, BCD Travel. "Exoprise has always been at the forefront of supporting our customers with innovative digital solutions and addressing hybrid workforce challenges with a complete view into the end-user experience, Our Service Watch product rapidly isolates call quality problems with VoIP and streaming apps such as Microsoft Teams, WebEx, and Zoom in real-time and ensures smooth collaboration from anywhere. In addition, our technical ability to deliver synthetics and real-user behavior insights in one platform differentiates us in the market." Exoprise CEO Jason Lieblich Read more about the combination of RUM and synthetics in our latest whitepaper and ensure the best digital employee experience for streaming, collaboration, and VoIP apps such as Microsoft Teams, Zoom, WebEx, and GoToMeeting. Better Together: Combine Real User Monitoring with Synthetics About Exoprise Exoprise enables IT teams to effectively deploy and manage its monitoring solution and mission-critical, cloud-based applications and services. CloudReady provides real-time performance visibility from behind the firewall to the cloud and back with synthetic monitoring. Service Watch provides location-independent end-user experience insights for SaaS and third-party web applications with real user monitoring. By leveraging proactive network path diagnostics, real user experience metrics, actual app usage data, and crowd-sourcing data analytics, organizations now have visibility, speed, and agility to easily assure the best cloud service performance.

Read More

VIRTUAL DESKTOP TOOLS

Comcast Business Partners with Fortinet to Secure Enterprise Application Access with New SASE and SSE Solutions

Fortinet | August 02, 2022

Comcast Business today announced a strategic partnership with Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, to deliver enterprises a new set of secure access service edge (SASE), and security service edge (SSE) solutions to help enterprises protect their distributed workforces using a cloud-delivered approach to security policy enforcement. This collaboration expands Comcast Business’s managed services expertise, while giving enterprises greater flexibility to choose the cloud architecture and vendor mix that is right for them. In today’s work-from-anywhere world, IT leaders are challenged with balancing employee convenience with securing their networks. New security architectures, such as SASE, which converges networking and security via SD-WAN and cloud-delivered security, and SSE, the security foundation of SASE, enable enterprises to strengthen their security posture while enhancing employees’ experience, regardless of their location. In fact, according to a recent Foundry CIO research study sponsored by Masergy (a Comcast Business company) and Fortinet, the overwhelming majority (98%) of enterprise IT leaders surveyed cited the convergence of network and security as critical or very important, while 94% said their adoption of SASE solutions has accelerated. The new Comcast Business offerings — delivered through Comcast Business Secure Gateways — give enterprises the option to choose from either SASE or SSE solutions backed by Fortinet’s security-driven networking technology and Equinix’s flexible cloud connection Equinix Fabric™ for a complete secure network service. Enterprises wanting to enable safe access to cloud and web services can take advantage of the Comcast Business SSE solution, which brings together multiple cloud-delivered network security technologies in a fully-hosted environment. The Comcast Business SASE solution provides this hosted SSE security architecture combined with zero trust capabilities and any of Comcast Business’s SD-WAN solutions. “In today’s dynamic world, no two companies are alike and very few are the same as they were just two years ago,” said Amit Verma, Chief Technology Officer, Enterprise Solutions, Comcast Business. “By expanding our relationship with Fortinet, we are offering our clients more choice and the flexibility to choose a solution that works for them – while providing some of the latest security solutions to help keep them ready for the day – today and tomorrow.” Comcast Business Secure Gateways provide a fully-hosted set of SASE or SSE services covering a broad range of security networking solutions for Firewall-as-a-Service (FWaaS), Intrusion Prevention (IPS), Data Loss Prevention (DLP), Cloud Access Security Brokers (CASB), and Zero Trust Network Access (ZTNA). Comcast Business Secure Gateways are hosted across the United States at Equinix data centers, offering up to 10 gigabits per second (Gbps) of cloud connectivity for public, private, or hybrid cloud deployments. The Equinix Fabric™ enables support of Amazon Web Services, Microsoft Azure, Google Cloud, IBM and more than 200 SaaS providers. "In order to enhance user experience, reduce complexity, and improve their security posture against today’s most advanced and persistent threats, organizations must adopt solutions that converge networking and security, We’re pleased to work closely with Comcast Business to build SASE services that support customers at any stage of digital innovation with Fortinet’s industry leading security-driven networking technology.” John Maddison, EVP of products and CMO, Fortinet About Comcast Business Comcast Business offers a suite of Connectivity, Communications, Networking, Cybersecurity, Wireless, and Managed Solutions to help organizations of different sizes prepare for what’s next. Powered by the nation’s largest Gig-speed broadband network, and backed by 24/7 customer support, Comcast Business is the nation’s largest cable provider to small and mid-size businesses and one of the leading service providers to the Enterprise market. Comcast Business has been consistently recognized by industry analysts and associations as a leader and innovator, and one of the fastest growing providers of Ethernet services. About Comcast Corporation Comcast Corporation is a global media and technology company that connects people to moments that matter. We are principally focused on broadband, aggregation, and streaming with 57 million customer relationships across the United States and Europe. We deliver broadband, wireless, and video through our Xfinity, Comcast Business, and Sky brands; create, distribute, and stream leading entertainment, sports, and news through Universal Filmed Entertainment Group, Universal Studio Group, Sky Studios, the NBC and Telemundo broadcast networks, multiple cable networks, Peacock, NBCUniversal News Group, NBC Sports, Sky News, and Sky Sports; and provide memorable experiences at Universal Parks and Resorts in the United States and Asia About Fortinet Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 580,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone.

Read More

Spotlight

A self-service, policy-based portal with a catalog of custom services provides e¬cient, automated infrastructure. Users simply log in and request a resource using a drag- and-drop interface. Provisioning occurs in minutes, so your business is more agile and your users are more productive.

Resources