Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Security Vendor. Show all posts
IT Security
CrowdStrike CrowdStrike outage Cyber Attacks Cyber Security Vendor Digital Disaster Global IT Outage IT Security

Navigating the Impact of Major IT Outages: Lessons from the CrowdStrike Incident

 

On Friday, a critical software update by cybersecurity firm CrowdStrike led to a massive outage, affecting around 8.5 million Windows machines globally. This incident serves as a stark reminder of the importance of preparedness for IT disruptions. Experts from CIO Journal have shared their insights on how organizations can better prepare for similar scenarios in the future. Understanding vendor practices is crucial. 

IT leaders should hold vendors, like CrowdStrike, to high standards regarding development and testing. Neil MacDonald, a Gartner vice president, emphasizes the need for thorough regression testing of all Windows versions before any update is released. IT managers must ensure that vendors are transparent about their software development processes and offer options for phased updates. With automatic software updates becoming standard practice, the CrowdStrike incident highlights the need for caution. Paul Davis from JFrog suggests prioritizing testing for updates based on their potential impact. 

Although testing every update may not be feasible, automation and AI tools can assist in managing this process efficiently. Jack Hidary from SandboxAQ advocates for AI-driven error detection to enhance software reliability. Developing a robust disaster recovery plan is also essential. Gartner’s MacDonald likens a major IT outage to a natural disaster, advising businesses to prepare similar recovery strategies. Establishing a “clean room” environment for restoring critical systems and conducting regular tabletop exercises can help maintain operational resilience. Regular data backups also mitigate the impact of such outages, as noted by Victor Zyamzin from Qrator Labs. Reviewing vendor contracts and insurance coverage is another vital step. Companies should scrutinize their agreements for clauses that ensure vendor reliability and explore compensation options for outages. 

Peter Halprin from Haynes Boone underscores the importance of cyber insurance, which can provide financial protection against business income losses due to IT disruptions. Finally, organizations may need to reassess their reliance on specific platforms. The CrowdStrike update, which primarily affected Windows-based systems, raises questions about whether businesses should consider alternative operating systems like macOS or Linux. As Chirag Mehta of Constellation Research points out, evaluating the necessity of deeper access provided by Windows might lead some to adopt simpler systems like Chromebooks.

The CrowdStrike outage underscores the importance of rigorous testing, effective disaster recovery plans, careful vendor and insurance management, and a thoughtful approach to platform selection. By addressing these areas, businesses can better prepare for future IT challenges and safeguard their operations.
Read more »
Threat Landscape
Application Security Cyber Security Vendor SaaS Platform Technology Threat Landscape

Check Point to Acquire Cyber Startup Atmosec to Boost Its SaaS Security Offering

 

Check Point Software intends to acquire an early-stage SaaS security business founded by former Armis leaders in order to anticipate and combat malicious application threats. 

According to Vice President of Product Management Eyal Manor, the Silicon Valley-based platform security vendor's proposed acquisition of Tel Aviv, Israel-based Atmosec will give customers a better understanding of what's going on with the SaaS platforms that power their businesses, such as Office 365, Salesforce, and GitHub. Each of these platforms has thousands of apps running in the background, some of which are harmful. 

"We really loved their technology. We loved the demo. This is exactly the share of mind that our customers are looking for. This is the share of mind that is basically part of our DNA. We saw that, and we really liked it," Manor told Information Security Media Group. 

In trading on Wednesday, Check Point's shares rose $0.01, or 0.01%, to $133.86 per share. The acquisition's terms, which are slated to conclude by mid-September, were not disclosed. Check Point agreed to buy New York-based zero trust network access and secure web gateway firm Perimeter 81 for $490 million less than a month ago. 

Atmosec's capabilities, according to Manor, go beyond SaaS security posture management, which concentrates on the configuration surface and can block users from connecting without multifactor authentication. Atmosec handles apps that access SaaS platforms and can promptly, automatically, and autonomously fix any issues with poor, rogue, or untrusted applications. 

Atmosec can integrate with office productivity tools, CRM environments, development environments, and HR platforms to offer customers a picture of what's going on and to stop threat activity. Manor claims that combining Perimeter 81's ZTNA and SWG assets with Atmosec's SaaS security product and Check Point's native SD-WAN tool will enable the company to provide consolidated, single-vendor SASE. 

According to Manor, Check Point has also expanded organic security service edge capabilities as part of its Harmony Connect product, which focuses on identifying, blocking, and understanding known, unknown, and zero-day vulnerabilities. However, Manor said that Check Point had not invested sufficiently in network infrastructure, leaving clients without network-as-a-service capabilities or private network cloud assets. 

Many firms have battled with usability when it comes to adopting and maintaining SASE infrastructure due to the delay associated with routing data across distant locations. As a result, he claims that some organisations have chosen to implement less security protections in order to maintain usability. When properly set, SASE both prevents risks and provides a fantastic user experience, according to Manor. 

Perimeter 81 will ultimately provide CheckPoint clients a native, private virtual network via a variety of providers, with Atmosec supplying the SaaS platform and Harmony Connect supplying the security layer. Manor intends to monitor the extent of SaaS security service uptake by current CheckPoint clients as well as their level of SASE tool usage.
Read more »
Subscribe to: Posts (Atom)