Our punishment for looking eagerly toward spring during February is a late winter blast. The Tennessee Valley and Appalachia may see 1-3 inches of snow this weekend. Flakes could drift down into Georgia. That’s nothing like the upper Northeast, which is suffering whiteout conditions. Don’t worry, February will be gone soon.
RSA news. The big RSA security show was THE place this week for cyberfolks. Why? News like the new Fortinet AI-enabled FortiAI on-premises appliance, which uses Deep Neural Networks (DNNs) to provide sub-second threat detection. The FortiAI Virtual Security Analyst, meanwhile, puts mature cybersecurity AI in a box on your network.
As all the workloads (it seems) move to the cloud, the now available SentinelOne Container and Cloud-Native Workload Protection upgraded offering might help. Autonomous Runtime Protection, Detection, and Response for cloud workloads is ready to go, along with ActiveEDR (endpoint detection and response).
Hello to the BlackBerry Spark platform, which intertwines a new Unified Endpoint Security layer with BlackBerry’s Unified Endpoint Management for zero trust security across desktop, mobile, server, and IoT endpoints, including automotive devices.
Facing an overflowing email inbox is bad enough, but not knowing if you can trust all those messages adds an extra layer of aggravation. Maybe Proofpoint‘s integrated, end-to-end tool to address Business Email Compromise and Email Account Compromise attacks can help. Plus, new goodies in the Proofpoint Cloud App Security Broker (CASB).
Some security tools protect against everything except sticker shock. Perhaps the new Forcepoint Advantage enterprise licensing program can help. Forcepoint offers a single per-use subscription across endpoint, network, cloud, and entity behavior analytics. Aim is a 30% reduction in total cost of ownership.
Palo Alto Networks introduced Cortex XSOAR. The extended security orchestration, automation, and response platform provides instant capabilities against threats across the entire enterprise. Cortes XSOAR relies on the Demisto platform, acquired by Palo Alto Networks about a year ago.
Malware trying to sneak in using encryption may not like the new Juniper Networks Advanced Threat Prevention Cloud and SRX Series firewalls. These tools, along with the integration of SecIntel to the Mist platform for wireless access, can detect malicious botnet traffic trying to hide using encryption.
Certificate lifestyle management can be time-consuming and error prone. Hence the new DigiCert CertCentral Partner, an upgraded TLC certificate and business manager for channel partners. An upgraded API lets partners integrate key features into their own offerings.
The Winter ‘20 release of Talend Data Fabric adds the new Talend Cloud Data Inventory tool to automatically calculate the data intelligence score of all information across an organization. Oh, yes, new AI features and upgrades in cloud connectivity included.
SaaS email security company Trustifi just added a new AI-enabled feature to its OCR technology. The integrated OCR tool now scans email attachments such as images and PDF files. If the system “sees” a credit card or financial statement with sensitive information, it automatically encrypts the attachments.
SMBs too often need specialized help but lack budget. Now the Devolutions Password Server offers enterprise-grade privileged access management (PAM) aimed at SMBs. Integrates in a single pane of glass with the Devolution Remote Desktop Manager.
More RSA news. VMware was busy at the show, with new goodies like:
- New VMware Advanced Security for Cloud Foundation to replace legacy security solutions and deliver unified protection across private and public clouds
- Advancements to the VMware Carbon Black Cloud, including automated correlation with the MITRE ATT&CK framework and upcoming prevention coverage for Linux machines
- New VMware Secure State auto-remediation capabilities to automate actions across cloud environments and proactively reduce risk
An enhancement to the CyberArk Endpoint Privilege Manager helps IT detect and shut down in-progress attacks on endpoints with local admin rights enabled by mistake.
The CrowdStrike Falcon platform now protects workloads across all environments, including workloads and containers running in the cloud and in private, public, and hybrid data centers. But wait, there’s more! New offerings give CrowdStrike MSSPs new features such as improved threat intelligence, alert management, and a self-service portal.
Crown jewel protection isn’t just the plot of a new heist movie (although that would be fun) but protection for an organization’s most important information. BigID added new capabilities such as discovery-in-depth technology, dark data discovery, automated labeling and policy enforcement, and highlighted vulnerabilities.
Keyfactor and wolfSSL teamed up to provide better security control to IoT device makers from design throughout a product’s lifetime.
Digital Guardian launched its managed detection and response (MDR) service, which includes 24/7 access to a team of cybersecurity experts.
The curtain was pulled on the Exabeam Cloud Platform, with applications including the previously announced Exabeam Threat Intelligence Service and new Exabeam Cloud Archive. All available through the Exabeam Application Marketplace.
Yup, one last batch of RSA news. The Google Cloud Platform had some interesting new goodies at RSA. Threat response integration between Google Chronicle and Palo Alto Networks’ Cortex XSOAR includes intelligent data fusion. General availability of reCAPTCHA Enterprise and Web Risk API were announced and can be purchased separately.
McAfee launched a global MDR platform at the show. DXC Technology will be their first MDR partner to leverage the McAfee MVISION EDR solution to detect and resolve cyberthreats even faster. Speaking of McAfee MVISION, it now includes Unified Cloud Edge, Cloud Native Infrastructure Security, and the aforementioned MDR.
ManageEngine released Access Manager Plus. Goodies include direct, passwordless remote connections.
Secureworks’ new Cloud Configuration Review combines with VMware Secure State to add tighter security and stronger compliance.
Centrify announced it is leveraging the FIDO2 Web Authentication API to enable passwordless authentication for administrators. Forget qwerty1 and rely on fingerprints or facial recognition.
High Wire Networks cut the ribbon on a new international data center in Guernsey, British Isles, to support its Overwatch managed security services globally. It now has a two-tiered sales channel across Europe and the Middle East since its partnership with West Sealand Digital.
At last, news not from RSA. Intel believes there will be a $25 billion dollar market for 5G silicon chips in 2023, and they announced a portfolio of 5G products to address that huge pile of potential profit. Goodies include:
- Launch of the Intel Atom P5900 platform. 10nm SoC for wireless base stations.
- 2nd Gen Intel Xeon Scalable processors.
- The new Diamond Mesa, its first next-generation structured ASIC for 5G network acceleration
- Intro to the Intel Ethernet 700 series Network Adapter with hardware-enhanced Precision Time Protocol. Claims to be the first 5G network-optimized Ethernet NIC.
Other goodies include all types of software investment like the OpenNESS toolkit, ecosystem collaborations, and more.
Lexmark Cloud Print Management is now available to partners. Better print management and document security.
Only in beta right now, but Paessler is looking for feedback on its Node-RED programming tool for hardware devices used in IoT and Industrial IoT.
Expanding its service capabilities, the new ADTRAN Global Services Portfolio hit the streets. Goodies included network implementation services, maintenance services, cloud services, and more.
Take a look (sorry) at four new monitors from ViewSonic. They range from 24 to 27 inches and include a touch-screen model if you like to finger paint your data.
More new stuff: the Agiloft AI Engine, complete with AI capabilities for contract management and an open AI integration, aims to make contract management better. A no-code platform helps, as does AI-enabled contract automation, advanced translations with Google Translate, and more.
IGEL and Teradici teamed up to improve cloud workspaces with the new IGEL UD3 endpoint optimized for cloud connectivity. Incudes the Teradici PCoIP Software Client for Linux, including the PCoIP Ultra feature set.
Is it fun to crawl around under a conference table trying to get meeting room AV up and running as your CEO gets angrier and angrier? Nope. Perhaps the new ATEN Technology AV presentation switches like the VP1420 True 4K Presentation Matrix Switch will keep you above the table your next meeting. Or the VP1421 or VP2120, depending.
Lakehouses are no longer a weekend retreat. Today they are a mashup of a data lake and a data warehouse, says Databricks. Its new Data Ingestion Network of partners and Databricks Ingest help combine data lakes and warehouses. Easier for Business Intelligence and Machine Learning to work their magic.
Zadara Storage’s new Zadara Object Storage Immutability backup integrity tools integrate with Veeam software to improve data security.
Non-product vendor news. New business cards are needed for Jennifer Anaya (pictured), who’s been promoted to senior vice president, marketing, at Ingram Micro. She will report to Paul Bay, executive vice president and president, Global Technology Solutions.
SolarWinds is adding Chrystal Taylor to its Head Geek team. She becomes Head Geek number 5, or 101 in binary.
Broadvoice has three new faces in strategic channel leadership. Mike Gottwalt joins as Broadvoice’s first vice president of strategic relationships. Jason Shawgo arrives as area vice president, East Coast. Nick Madsen moves up to regional sales manager to area vice president, West Coast.
Roll out the red carpet for Bob Layton, the new chief revenue officer at Digital Defense.
Ditto for Sheryl Haislet, joining the Vertiv executive team as CIO.
CloudOak, player in the business continuity planning and business process automation space, teamed up with Taylor Business Group. Goal is accelerating business growth of its client base.
Welcome to the new Zscaler Summit Partner Program. A focused, merit-based approach will reward partners who invest in customer digital transformation. A select group will be invited to the Zscaler Concierge Service with access to internal teams and resources.
This week’s stats ticker:
More than 2,000 cybersecurity professionals holding ISACA’s Certified Information Security Manager credential, or who have information security job titles, responded to ISACA’s 2020 State of Cybersecurity report. 57% say they have unfilled cybersecurity positions. 62% say they’re understaffed, perhaps because 66% says it’s difficult to retain talent, slightly up from last year. 70% say less than half of cybersecurity applicants are well qualified. A bare majority expect their budget to increase, at 58%. That’s an increase three points from last year but down from the 64% who were optimistic two years ago. Diversity is a goal for about half but reaching some level of gender parity remains tough. 86% says their teams consists of mostly or all men.
Zscaler’s IoT Devices in the Enterprise 2020: Shadow IoT Threat Emerges reports a 1,500% increase in IoT traffic through the Zscaler cloud, which sounds great. Unfortunately, not all that traffic is legit. Unauthorized IoT devices like digital home assistants, smart home devices, and smart TVs are on the rise. Manufacturing and retail industries top the IoT traffic volume list (56.8%). Of those messages, 83% occur over plain-text channels, meaning only 17% are secured via SSL. The 14,000 IoT-based malware attempts per month are more than seven times higher than what was found in the May 2019 report.
Even drug dealers need to backup their data. An Irish beekeeper turned weed grower/dealer has learned the hard way how critical backing up Bitcoin account codes is. Using cash he made growing and selling cannabis, Clifton Collins stashed just over 6,000 Bitcoins in one account a few years ago.
Fearing a single account for all his loot could be disastrous if hacked, Collins split his wealth across 12 different accounts. He printed out the codes on a piece of paper, which he hid inside a fishing rod stored in his rental house.
Alas for Collins, he got pinched and jailed. His rental house was burgled (no honor among thieves?) and shortly after that his landlord sent all his belongings to the dump. Including the aluminum-handled fishing rod with the Bitcoin codes inside.
No problem, right? Collins surely had copied the paper other places. Nope. Over 6,000 bitcoins effectively disappeared. At $8,636.79 per Bitcoin in U.S. currency today, that means at least $51,820,740 U.S. dollars are gone. And 6,000 Bitcoins are the minimum lost.
Irish police confiscated the 12 accounts, but they can’t get into them, either.
At least Collins has come to terms with the loss, he says. He considers it “punishment for his own stupidity.” $60 million or so is a whole lot of stupid.