Company's Dynamic Deception Platform ups the Anti for Attackers Looking to Breach OpenStack Networks
FREMONT, Calif. – Attivo Networks®, the award-winning leader in deception for cyber security threat detection, today announced that its deception platform architecture now integrates with OpenStack, providing organizations with efficient and effective detection of inside-the-network threats for virtualized software defined data centers (SDDC). Building upon its current Dynamic Deception Platform, Attivo now offers support for OpenStack environments in addition to its current support for VMware EXSi, Amazon Web Services, SCADA, and user networks.
Tweet This: @AttivoNetworks ups the ante for attackers looking to #breach @OpenStack networks
Data center virtualization has achieved large-scale deployment based on its inherent cost and performance benefits; however with a SDDC there also comes a challenge of decreased visibility, which raises the risk of a network intrusion. With the explosion of server-server or what is also referred to as east-west traffic, traditional IDS/IPS and sandboxing solutions become unsuitable given their cost and the large amounts of resources and personnel required to manage and deploy these devices. A new, scalable approach is needed for increased network visibility and the ability to promptly and reliably detect the growing number of complex and malicious attacks targeted at the high value information stored within a data center.
The highly scalable Attivo Deception Platform is designed for friction-less deployment and efficient inside-the-data center threat detection for environments of large server workloads and widespread adoption of virtual machines (VMs) that are typically seen in data center and cloud networks. Using dynamic deception based on highly efficient luring techniques, Attivo does not rely on the compute and log intensive processes of monitoring traffic for known signatures or attack patterns. Instead, deception and decoys are used to lure in and deceive an attacker into revealing themself. These deception techniques are a highly effective approach for promptly detecting zero day, stolen credential, insider, and ransomware attacks. Once the attacker is engaged with the BOTsink® engagement server, the attack and its lateral movement can be studied, alerts raised, and forensics provided for prompt incident response. Integrations with firewall, NAC, SIEM and other security solutions are also available to automate the process and improve the time to remediation.
With the majority of a company's data passing through their data center it is critical to have clear visibility into threats that are inside the network. The Attivo solution integrated with the OpenStack Platform will support deployment of engagement VMs in production subnets.
Attivo is also working with Criterion Networks and its Criterion SDCloud Platform to implement security groups and quarantine infected VM's in Criterion SDDC solution architecture, which will contain an attacker from moving to other VMs to maintain persistence.
"With large scale SDDC comes challenges in security both in terms of visibility and detection of attackers," said Srinivas Vegesna, CEO, Criterion Networks. "The integration between Criterion Networks' quarantine solution with Attivo Networks provides organizations real-time detection of threats and the ability to promptly quarantine infected VMs. This is critical to protect against cyber threats, which can rapidly spread within a data center environment. This integrated solution will also be available on Criterion SDCloud platform so that our customers can see the solution in action instantly."
"Cloud and software defined data centers are growing at unprecedented rates and there is an unquestionable need for visibility into and the protection of these environments," said Tushar Kothari, CEO of Attivo Networks. "Attivo provides an inside the network breach detection solution that is massively scalable, complementary and seamless to integrate with OpenStack installations. The combination creates a powerful defense against attacks."
"By 2019, OpenStack enterprise deployments will grow tenfold, up from just hundreds of production deployments, due to increased maturity and growing ecosystem support," notes Gartner analyst Matthew Cheung in his February 5, 2016 report, "Competitive Landscape: OpenStack Distributions and Support Service Market."
Attivo Networks is also a member of the OpenStack Foundation and will be participating at the OpenStack Summit in Austin, TX on April 25-29, 2016. Attivo will be speaking on April 28th at 11:50 AM and will be providing an overview on deception benefits based on customer use cases.
Criterion Networks: www.criterionnetworks.com
Attivo Networks: www.attivonetworks.com
About Attivo Networks
Attivo Networks® is the leader in dynamic deception technology, which in real-time detects intrusions inside user networks, data centers, cloud, and SCADA environments before the data is breached. Leveraging high-interaction deception techniques, the Attivo BOTsink® Solution lures BOTs and APTs to reveal themselves, without generating false positives. Designed for efficiency, there are no dependencies on signatures, database look up or heavy computation to detect and defend against cyber threats. Attivo solutions capture full forensics and provide the threat intelligence to shut down current and protect against future attacks. www.attivonetworks.com
OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a datacenter, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface. The OpenStack Mission is to produce the ubiquitous Open Source Cloud Computing platform that will meet the needs of public and private clouds regardless of size, by being simple to implement and massively scalable. OpenStack is open source, openly designed, openly developed by an open community.
Netskope Achieves Agility, Availability, and Performance Across Its Network With Infoblox DDI
SANTA CLARA, Calif. – Infoblox Inc. (NYSE: BLOX), the network control company, today announced that Netskope has deployed Infoblox solutions to achieve its mission of delivering secure cloud-based services to its customers. Through an integrated DNS, DHCP, and IP address management (DDI) solution utilizing Infoblox Grid™ technology, Netskope has the scalability and control to ensure always-on, automated network functionality with minimal operational support. Infoblox provides an essential component for Netskope's popular service where its customers' end users, on average, access over 750 applications and cannot afford disruptions to their business processes.
Netskope is a leader in enabling organizations to safely employ cloud-based applications while protecting sensitive data, which is crucial in a world where almost 50 percent of data lives in cloud applications outside the reach of traditional network security. Netskope delivers a cloud-based service that enables IT organizations to manage usage of sanctioned and unsanctioned cloud applications, protect sensitive data, and ensure compliance in real time on any device, including native applications and mobile devices, on-premises or remote.
As with other cloud service providers, Netskope's ongoing business challenges include providing an optimal customer experience. This not only includes overcoming concerns about operational efficiency and risk management, but also providing a high degree of visibility into network operations that take place outside the corporate firewall. Delivering on these lofty expectations required Netskope to find a centralized solution for managing core network services, including configuration changes and updates, as well as providing a high degree of redundancy throughout the network.
To meet these goals of agility, availability, and performance, Netskope integrated the patented Infoblox Grid technology into its network infrastructure. The Infoblox solution enables Netskope to link distributed appliances throughout the network using a central database to ensure consistent information availability, as well as to provide a centralized view of network data for simplified monitoring and reporting.
"Because we provide services to businesses of all sizes, flexibility in our network is of utmost importance," says Abhay Kulkarni, vice president of engineering and operations at Netskope. "Infoblox gives us the flexibility to maximize our resources and the tools to see exactly what is happening across our network at any moment. In turn, that allows us to focus on the customers and give them granular control of their applications and data -- all with a fraction of the operational headcount required by other enterprises with similar network scale. In fact, with the automation Infoblox provides, our two-person operations team can launch new services and spin up new machines, while monitoring workloads and adding capacity, without the need for manual intervention."
The Infoblox solution has improved productivity for Netskope's distributed network by monitoring conditions before additional resources are necessary, adding capacity automatically to support new product launches, and reducing the manpower needed for daily operations. It also redistributes traffic in the event of a data center outage, preventing service interruptions. Its visibility functions deliver crucial insight into subnets to allow scaling for enterprise clients, and Anycast support increases performance by routing users to the nearest data center.
"For companies providing software as a service, their network is their livelihood," said Ashish Gupta, chief marketing officer at Infoblox. "Our goal is to give businesses like Netskope deep visibility into current network conditions and the agility to fulfill moment-to-moment needs without compromising availability or performance. As in the case of Netskope, this provides an important competitive advantage in today's 24/7 marketplace."
Read this case study and more at https://www.infoblox.com/resources/case-studies.
Infoblox (NYSE: BLOX) delivers critical network services that protect Domain Name System (DNS) infrastructure, automate cloud deployments, and increase the reliability of enterprise and service provider networks around the world. As the industry leader in DNS, DHCP, and IP address management, the category known as DDI, Infoblox (www.infoblox.com) reduces the risk and complexity of networking.
SUREedge® Now Supports DR of Containers Across All Popular Platforms
SANTA CLARA, CA--(Marketwired - April 20, 2016) - Sureline Systems, a leader in cloud migration, datacenter consolidation and Disaster Recovery solutions, is pleased to announce the addition of support of containers to its flagship SUREedge product line. Containers running on all popular platforms are supported along with physical servers and virtual machines so that the entire infrastructure can be migrated in case of a disaster. Additionally, Containers along with data volumes can also be migrated and restored in Google Container Engine managed by Kubernetes.
Containers are becoming an integral part of a new generation of software solutions, and can now be protected in the same way as existing applications, using SUREedge. "With many applications being a mix of containers and traditional virtual machines or physical servers running parts of the complete application, it is important to have a single solution that works with the entire application and ensures it is protected at a remote site or in a Cloud and can be up and running quickly in case of a disaster," said Kuldeep Nagarkar, VP of Engineering at Sureline Systems.
"Sureline Systems is taking a lead in cloud migration aligning product capabilities with business requirements around performance and security when migrating to the cloud," according to a 451 report by Agatha Poon.
SUREdge supports all of the standard Linux environments where containers are developed and deployed, including Docker containers 1.10.2 running on Ubuntu 12.04, Ubuntu 14.04, CentOS 7 and RHEL 7.
About Sureline Systems:
Sureline Systems, is headquartered in Santa Clara, CA, with offices in Japan, India and Dubai. Sureline's award winning SUREedge® is a proven enterprise-class software platform for Cloud Migration, Cloud Disaster Recovery, Datacenter Consolidation and Application Mobility.
Sureline Systems has announced partnerships with Google Cloud Platform (GCP), Century Link Cloud, Nutanix, Tintri and several large Channel Partners. SUREedge reduces risk through secure data transmission, efficient data movement, and reliable movement of the entire application including containers, and its data. It is easy to deploy and manage through a single UI, with automated discovery, no agents to install, and is completely non-disruptive. SUREedge is source and destination agnostic working from any physical server, any hypervisor, any cloud, and any storage including hyperconverged to any other environment. Customers worldwide trust SUREedge® to meet their application mobility, disaster recovery, business continuity and application mobility objectives. For further information, please visit the Sureline website at www.surelinesystems.com.
Red Herring Top 100; Red Herring Global 100, CIO Review Top 100 Twitter: @SurelineSystems
DURHAM, NC – Principled Technologies (PT) worked hands-on to assess the big data processing capabilities of the Scalable Modular Server DX2000 from NEC powered by Intel. The DX2000 found patterns in a sample data set in about two minutes and cut analysis time in half when PT added server nodes. With this compact, scalable solution, companies could combat datacenter sprawl and quickly find the moneymaking facts in their big data.
To learn more about how the DX2000 from NEC can help businesses use big data, read the full report at http://facts.pt/p7bReD, see the infographic at http://facts.pt/LtsWnv, and watch the video at http://facts.pt/aBpWKh.
About Principled Technologies, Inc.
Principled Technologies, Inc. is the leading provider of technology marketing and learning & development services.
Principled Technologies, Inc. is located in Durham, North Carolina, USA. For more information, please visit www.principledtechnologies.com.
Image Available: http://www.marketwire.com/library/MwGo/2016/4/19/11G094086/Images/DX2000_scalability_0416-489f5b81a1ef8b1282b83264f51c3936.jpg
Image Available: http://www.marketwire.com/library/MwGo/2016/4/19/11G094086/Images/DX2000_scalability_Infographic_0416-bdfc4b7f298fb69b837b85d0870e1d70.jpg
Image Available: http://www.marketwire.com/library/MwGo/2016/4/19/11G094086/Images/DX2000_scalability_video_0416-63404c84151584f4b526b998f9e71ca8.jpg
CHARLOTTE, NC – Velocity Technology Solutions, a global leader in enterprise application cloud managed services, has announced the release of the Velocity Cloud Application Management Platform™ (VCAMP™) 6.1, the only cloud management platform specifically engineered to simplify the complexity of managing enterprise applications in the cloud.
Velocity's Cloud Application Management Platform provides intelligent software to deploy and manage enterprise applications in a private, public or hybrid cloud environment. The unified software platform is ideal for enterprise IT users and managed service providers to deliver improved flexibility and service quality to business entities and application end users. VCAMP 6.1 includes unique features such as one-click application provisioning and decommissioning, a comprehensive service catalog for enterprise applications and PaaS, orchestration across multiple cloud end-points, real-time visibility of service entitlements and SLAs, as well as advanced analytics that enable dynamic scaling of application resources based on user interaction and usage patterns.
"We designed VCAMP to address the inherent challenges with managing enterprise applications such as SAP, Oracle, JDE, Infor and Kronos in cloud infrastructures. Our experience managing these applications over the past two decades, leveraging our advanced analytics, are key elements of the intellectual property embedded in VCAMP," said Sal Jamil, Executive Vice President of Technology for Velocity Technology Solutions.
VCAMP has already been deployed for over half of Velocity's customer environments; Velocity's operational teams support and manage customer environments using specific VCAMP modules in the three platform tiers -- Service Management, Service Optimization, and Zoom Analytics. VCAMP is now available for customers, strategic business partners, and re-sellers who can utilize the platform for delivering managed services to their enterprise customers.
"VCAMP technology presents significant potential for mid to large sized enterprises seeking to utilize a hybrid cloud solution for their critical applications," added Paul Mockenhaupt, Senior Vice President, Innovation and Development. "VCAMP provides IT organizations with the unique ability to provision and manage enterprise applications and associated bolt-ons across public and private clouds from a single screen, improving their efficiency and application management capabilities. As IT systems continue to grow in complexity, this platform will simplify the process of managing an ecosystem of diverse applications in any cloud."
About Velocity Technology Solutions
Velocity Technology Solutions (www.VelocityCloud.com), a global enterprise application cloud services leader since 2003, delivers secure, fully managed environments spanning virtual private, public and hybrid clouds. The company's portfolio includes application-focused cloud managed services, professional services, with data analytics and optimization solutions. Velocity's expertise in managing leading ERP applications, leveraging the patent pending Velocity Cloud Application Management Platform, gives customers required availability, security, visibility and control at a reduced total cost of ownership. Velocity is headquartered in Charlotte, NC, with facilities in North America, Europe and Asia. Velocity is a portfolio company of Silver Lake Sumeru, a global leader with private equity investments in leading, growth-oriented technology companies. For additional information on the firm and its entire portfolio, visit www.silverlake.com.
vArmour Takes a Non-Cloudwashing Approach to Securing Clouds
MOUNTAIN VIEW, Calif. – vArmour, the data center and cloud security company and leader in application-aware micro-segmentation with advanced security analytics, today announced "Project Ice Cream," the release of its twelve-months-in-the-making new security architecture built for the requirements of cloud for simplicity, massive scale and economics. Built from core functionality of its flagship product, vArmour Distributed Security System (DSS), vArmour is delivering a new architecture based on of the vision it outlined late last year with "Multi-Cloud Security Architecture" to transform data center and cloud security.
Traditional data center security architectures are not easily ported to the cloud, nor should they be. Their original design was to protect the well-defined perimeter, but that notion faded with the advent of digitalization (including cloud computing, mobile, IoT) and the increasing sophistication of attackers. Traditional security controls to protect the network, applications, and data inside the data center and cloud are out of date and no longer valid. Security has to evolve with this sweeping transformation.
"Digitalization breaks the traditional infrastructure trust model. In the old, hardware-centric silos, assets and individuals outside the network perimeter were considered 'bad' while anyone inside was considered 'good,'" said Peter Christy, research director at 451 Group. "In today's cloud environments, security must adapt to a new architecture where trusted vs. untrusted users or workloads are identified at a much more granular level, and also where policies can scale dynamically with the assets being protected. Organizations cannot simply adapt technologies that were built for hardware and hope to make them work in a high-scale, virtualized world. They need to take advantage of new software-defined, virtually-deployed architectures for compute, and apply them to security."
"Hardware-based perimeter security appliances do not fit in clouds," said Marc Woolward, chief technology officer at vArmour. "Clouds are based on speed, scale and economics, which are the antithesis of these legacy systems. Our Ice Cream architecture harnesses the power of advanced distributed systems principles to deliver a fully capable security solution -- one that scales beyond the wildest dreams of legacy data center security technologies, such as NGFWs, and the abilities of weaker security controls based on agent-based packet filters."
Security vendors have attempted to cloudwash their offerings to be relevant in clouds by taking physical hardware-centric products and making virtualized copies. However, these virtualized versions are not simple to deploy and manage, cannot scale within and across clouds, and are based on hardware-centric pricing.
"As we move to a multi-cloud infrastructure, we need built-in security to remain agile and protect our clients' valuable IP," said Kevin Moore, Chief Security Officer at Fenwick & West LLP. "With vArmour DSS, we not only can detect events, but can also do something about it in a fast, simple and economical way."
Project Ice Cream
To extend vArmour's security leadership in data center and cloud, the company announced today the industry's most simple, scalable and economical architecture. Aptly named after something everyone loves, Project Ice Cream ensures:
Security should be simple and agile. With Project Ice Cream, vArmour DSS can be downloaded, installed, deployed and micro-segmented in one hour. Security controls are independent of the network, infrastructure and workload. Likewise, they can now be delivered at the same speed of the infrastructure or workload being ordered -- something that traditionally takes days or weeks, with hardware-centric approaches or complex SDN deployments.
Organizations require a solution that grows with it, especially at the unprecedented rate of cloud services adoption. With Project Ice Cream, security can scale across the largest data centers and cloud by instantly protecting one to 100,000 workloads across 1,000 hosts from different systems with a single, programmable fabric. One system can secure the approximate size of a Facebook pod. Organizations now have a single pane of glass of visibility to better understand what's happening in their data center and cloud, with their applications and users, to apply appropriate fine-grained controls to prevent threats.
Performance is a key differentiator of effective security. With Project Ice Cream, vArmour's new architecture outperforms the fastest data center security appliances with as much as 10X the throughput while maintaining 100 million concurrent stateful application flows throughout the environment.
Security has to do more, offering a variety of security controls that would be traditionally available in individual point products that do not interoperate well. With Project Ice Cream, vArmour DSS offers a comprehensive, integrated solution that enables organizations to buy fewer products to protect inside their data center and cloud -- there's no more "complexity is the biggest enemy." vArmour's one-click capability enables security analysts to investigate an event and, if suspicious, immediately quarantine it. It's not just about detecting events, but doing something about them.
Security solutions should take advantage of cloud consumption economics, such as pay-as-you-grow -- instead of traditional "buy ahead or buy really ahead" approaches. With vArmour, customers no longer have to bear highly disruptive hardware firewall refresh cycles. vArmour offers its software at less than half the cost** of alternative micro-segmentation approaches that include SDNs and NGFWs.
The need for the capabilities of Project Ice Cream has reached the market at a critical time. As more enterprises adopt a multi-cloud infrastructure, combined with ever increasing attacker sophistication, security professionals must look ahead to build security in via software that trumps existing hardware-based perimeter-centric models.
* vArmour offers up to 9 Tbps of throughput but may be higher based on configuration.
** Pricing based on list pricing of leading SDN providers.
Based in Mountain View, CA, vArmour is the data center and cloud security company, and the leader in application-aware micro-segmentation with advanced security analytics. The company was founded in 2011 and is backed by top investors including Highland Capital Partners, Menlo Ventures, Columbus Nova Technology Partners, Citi Ventures, Work-Bench Ventures, and Allegis Capital. The vArmour DSS Distributed Security System is deployed in a significant number of the world's largest banks, telecom service providers, government agencies, healthcare providers, and retailers, and is leading the industry with a new patented, distributed approach to data security that allows organizations to deliver IT at the speed of business. Along with partners like Amazon and HPE, vArmour secures many of the largest data center and cloud environments in the world. Learn more at www.varmour.com
Ultimate Helps Make It Dead Simple to Build Office-Inspired, Touch-Enabled, Highly Visual Apps for Desktop, Cloud and Mobile
CRANBURY, NJ – Infragistics, a worldwide leader in providing tools and solutions to accelerate design, development and collaboration, today announced the launch of Infragistics Ultimate 16.1, its enterprise-ready web, mobile and desktop user interface development suite. Ultimate 16.1 incorporates a broad range of additions and enhancements designed to simplify and speed development of amazingly visual native iOS and Android applications, cross platform applications with Xamarin, Web apps with the AngularJS and Hybrid Apps with HTML5 targeting Cordova.
Start using the full toolkit free with a 30-day trial today. Infragistics Ultimate is priced at $1995 for a year subscription, with discounts for volume purchases, and the option to purchase individual products.
"At Infragistics, we believe the choice is simple. Your UX design and UI development solutions should be enterprise grade and comprehensive, offering everything you need with no hidden or add-on costs," said Jason Beres, senior vice president of developer tools at Infragistics. "Developers should be able to deliver a great user experience that their organizations and customers expect -- even if they are not a user experience expert. With our latest release, Infragistics Ultimate 16.1, we enable application development teams to create secure, cost-effective, highly adopted desktop, native mobile, Web and hybrid applications and deploy apps securely to scale on premise, in the cloud or hybrid environments."
Beautiful Design: Use Indigo Studio to build interactive, responsive application prototypes without writing a single line of code, then share and collaborate on indigodesigned.com. New usability testing features provide insights on how well the prototype will perform with real people. Test design alternatives remotely and get concise study summaries, task success rates, completion times and a click-map view to find out how well the design meets user's expectations.
Modern Web Development Tools: Built to meet the highest standards in ease-of-use, style and speed, these tools will have you creating web apps that can do it all.
- The industry's top performing ASP.NET controls deliver apps with lightning fast processing for massive amounts of data. Flexible and advanced, these controls allow developers to quickly build stylish user experiences with stability and performance.
Mobile App Development: Created with performance and top-notch user experience in mind, these lightweight toolsets will have your application development teams building great apps for smartphones and tablets in no time.
- Infragistics Xamarin Forms UI controls allow you to build native apps backed by Infragistics' own outstanding iOS and Android toolsets. No need to learn a new platform; simply use your existing C# and XAML skills to build cross platform native apps using a single code base.
- Infragistics iOS toolset provides all the essential elements needed to create high performance, highly visual, native iPad and iPhone applications, with an advanced data grid and a powerful set of versatile charts perfect for mobile applications in the enterprise.
- Infragistics Android controls include a Data Grid, Gauges, Barcodes and more, offering a simple, modular API designed specifically for easy access to chart's functionality, including built-in, natural multi-touch gestures for panning and zooming to see your data any way you need.
Stand Out on the Desktop: Desktop Windows Forms and WPF controls for every platform let you break away from boring to create innovative desktop applications. Touch capabilities, bold styling and lighting fast speed will help your apps stand out. With more than 175 Windows Forms and WPF UI controls you can quickly deliver superior user experiences featuring incredible high-volume, high-performance rendering capabilities and animation support for rich data visualizations, as well as pixel-perfect Microsoft Office experiences for Excel, Word and more. This release includes new QR and 128 barcodes in Windows Forms, along with pie and doughnut charts, a new XAML 3D surface chart and new Windows Forms Excel Spreadsheet control, and more.
ReportPlus Developer & SharePlus Come to Infragistics Ultimate & Pro: With ReportPlus Developer, application developers can embed data visualizations and dashboards into desktop, web and native iOS mobile apps. ReportPlus allows them to provide code-free visualizations to meet their user's needs; match the look and feel of their apps; integrate data directly from over 20+ sources outside the application; set refresh schedules that make sense for their users and empowers users to query and filter data within the application.
Today ReportPlus Developer is available in limited private preview and will release this calendar year. Runtime licensing and pricing options for apps being deployed with ReportPlus Developer will also be available at time of the release. Developers wanting to build applications with ReportPlus Developer can request access to the limited private preview at ReportPlusDev@infragistics.com.
Developers can leverage their existing Web development skills to build native iOS and Android SharePlus solutions with a SharePlus developer license included in Infragistics Ultimate and Pro. SharePlus is the platform agnostic collaboration and productivity application for Microsoft SharePoint on premise and Office 365 on mobile devices. The latest release enables creation of custom mobile workspaces, providing business teams a focused environment tailored to their needs or specific job roles. SharePlus extends centralized access to content and data across the cloud with OneDrive for Business, Dropbox and Google Drive, or on corporate network drives.
Infragistics is a worldwide leader in providing tools and solutions to accelerate application design and development, insights and collaboration for any organization. Infragistics enterprise-ready UX and UI toolkits are used by over 1 million developers to rapidly prototype and build high-performing applications for the Cloud, Web, Windows, iOS and Android devices. Infragistics Enterprise Mobility solutions ReportPlus and SharePlus, gives business users the latest advancements in self-service business intelligence and collaboration software. Additionally, Infragistics offers expert UX Services and award-winning support.
For additional information on Infragistics, products and services, please call us in the U.S. at +1(800)231-8588; in Europe, the Middle East, or Africa (EMEA) at +44(0) 800 298 9055; in Japan at +81 (3) 54748034; or in APAC at +61 (3) 9982 4545.
Organisations in the retail sector experienced almost three times as many attacks as those in the financial sector
New research published today in the NTT 2016 Global Threat Intelligence Report reveals that cybercriminals have shifted their focus from traditional financial markets, to targeting the retail sector. Retail organisations experienced nearly three times as many cyberattacks as those in the finance sector which was top of the list of cyberattacks on organisations in the 2015 report. Cyberattacks on financial industry dropped significantly to fourteenth position.
NTT’s annual Global Threat Intelligence Report contains security threats gathered during 2015 from 8,000 clients of NTT Group security companies including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3). This year’s data is based on 3.5 trillion security logs and 6.2 billion attacks. Data is also gathered from 24 Security Operations Centres and seven research and development centres of the NTT Group.
The retail sector topped the list of all cybersecurity attacks on all sectors at just under 11% in this year’s report, knocking the finance sector out of first place.
Matthew Gyde, Dimension Data’s Group Executive – Security, explains: “The retail and financial sectors process
large volumes of personal information and credit card data. Gaining access to these organisations enables cybercriminals to monetise sensitive data such as credit card details in the black market, which validates that cybercriminals are motivated by the rewards of financial crime.”
Rory Duncan, Head of Security Business Unit at Dimension Data UK, said “Retail companies are becoming increasingly popular targets as most process large volumes of personal information, including credit card data, in highly distributed environments with many endpoints and point-of-service devices. Such diverse environments can be difficult to protect.”
Other highlights in the NTT 2016 Global Threat Intelligence Report include:
- 65% of attacks originated from IP addresses within the US. However, the hackers behind these attacks could be located anywhere in the world. Cybercriminals are adopting low-cost, highly available, and geographically strategic infrastructure to perpetrate malicious activities.
- Cybercriminals are increasingly leveraging malware to breach the perimeter defences of organisations. In 2015 there was an 18% increase in malware across all industries, excluding the education sector.
- The frequency and complexity of malware is becoming more stealthy and sophisticated: while organisations are developing sandboxes to better understand cybercriminal’s tactics to protect themselves from attacks, at the same time, malware developers are aggressively developing anti-sandbox techniques.
- Analysis of honeynet attacks in organisations reveals that attackers are making use of telcos and hosting providers to conduct their operations.
Visit www.dimensiondata.com/globalthreatreport to download the Executive Guide to the 2016 NTT Global Threat Intelligence Report.
sandbox: software that executes suspicious code in a highly protected environment and examines its activities sandboxes
honeynet & honeypot: Honeypot: decoy systems set up to gather information about an attack or attacker and to potentially deflect that attack from a corporate environment. Honeynet: a network containing honeypot systems
About Dimension Data
Dimension Data harnesses the transformative power of technology to help organisations achieve great things in the digital era. As a member of the NTT Group, we focus on digital infrastructure, hybrid cloud, workspaces for tomorrow, cybersecurity, and network as the platform. With a turnover of USD 7.5 billion and offices in 58 countries, we deliver services wherever our clients are, at every stage of their technology journey. Accelerate your ambition. Go to dimensiondata.com
LinkedIn: Dimension Data Security
LONDON, U.K. – My Home Move Ltd (myhomemove), the UK’s largest provider of mover conveyancing services, has chosen to deploy LexisOne™, an enterprise resource planning solution for legal, powered by Microsoft Dynamics® AX, from LexisNexis® Enterprise Solutions, a provider of technology solutions to professional services firms. LexisOne will deliver a modern business management platform enabling myhomemove to adopt best practice methodologies to manage its multi-site and multi-entity operation and support the firm’s ambitious growth plans. myhomemove is building its new headquarters in Leicester and plans are afoot to recruit 100 more staff taking the number of employees to 850 across the firm’s seven offices.
A strategic investment by the organisation, LexisOne will be initially deployed within myhomemove’s finance department, creating a common data structure and seamless environment across its business areas to ensure a ‘single version of the truth’. The department will support doubling in size of business volume in tune with growth plans, with only a minimal increase in headcount. This will be facilitated by the automated processes and advanced, dynamic reporting capabilities offered by LexisOne.
“We need a solution that is more than just an accounts system,” explained Paul Tennant, IT Director at myhomemove. “To support our business expansion plans, we need complete visibility of our operation and to this end it is imperative that all the financial areas are integrated. LexisOne will give us a single business management system to help us streamline the various components of the operation. Additionally, it will give us a development platform to create new applications within LexisOne to help meet evolving business requirements immediately and in the long term.”
myhomemove is already a current user of next generation legal workflow and case management system, Lexis® Visualfiles™. With both Visualfiles and LexisOne integrated, myhomemove will benefit greatly from processing efficiency across multiple business areas and enhanced business continuity.
“Organisations today need flexibility to adapt in a changing business environment,” Andy Sparkes, General Manager at LexisNexis Enterprise Solutions commented. “This in turns requires quick decision making based on real-time, accurate business data. Visualfiles and LexisOne will provide myhomemove a compelling and reliable platform upon which to conduct business operation and achieve its business growth goals. myhomemove’s adoption of LexisOne further cements our already long standing partnership with the firm. We are delighted.”
LexisOne is an ERP solution for legal, which goes beyond traditional practice management. LexisOne helps firms proactively manage costs, prepare and track matter budgets, improve control, make informed decisions and optimise resources to deliver greater value to clients. Powered by Microsoft Dynamics AX, LexisOne harmonises financial, human resources, productivity and performance management to provide the insight, flexibility and scalability that firms need to rapidly adapt in an ever changing world.
About LexisNexis Legal & Professional
LexisNexis Legal & Professional is a leading global provider of content and technology solutions that enable professionals in legal, corporate, tax, government, academic and non-profit organisations to make informed decisions and achieve better business outcomes. As a digital pioneer, the company was the first to bring legal and business information online with its Lexis® and Nexis® services. Today, LexisNexis Legal & Professional harnesses leading-edge technology and world-class content to help professionals work in faster, easier and more effective ways. Through close collaboration with its customers, the company ensures organisations can leverage its solutions to reduce risk, improve productivity, increase profitability and grow their business. LexisNexis Legal & Professional, which serves customers in more than 175 countries with 10,000 employees worldwide, is part of RELX Group, a world-leading provider of information and analytics for professional and business customers across industries.
As a leading provider of software platforms, LexisNexis® Enterprise Solutions (www.lexisnexis-es.co.uk) works with customers to drive productive, efficient and reliable business decisions. Its solutions include Lexis® Visualfiles™, for legal workflow and case management; Lexis® InterAction® for customer relationship management; and LexisOne™, powered by Microsoft Dynamics® AX, for enterprise resource planning.
- 57% most concerned about damage to corporate or brand reputation
- 68% unaware of EU General Data Protection Regulation
Cyber risk research carried out by Noddle Protect and YouGov* amongst senior decision-makers in large businesses, has revealed that 51% are being kept awake at night by the threat of a data breach caused by a cyber-attack; and 49% are having sleepless nights about a data breach resulting from data theft or irresponsible action.
Noddle Protect, which launches today, is a data breach solution from Callcredit Consumer Markets, which helps safeguard businesses from the reputational damage of a data breach and safeguard consumers’ digital identity.
Loss of reputation a bigger concern than fall in share price
If businesses were to fall victim to a data breach, 57% say their biggest concern would be damage to their reputation, ahead of a loss of customers (17%), fine by a regulator (8%) or fall in share price (7%).
“Managing strategic risk and reputation has become a high priority for executives operating in today’s digital plc,” said Jacqueline Dewey, Managing Director, Callcredit Consumer Markets. “Noddle Protect can help safeguard businesses from the reputational damage of a data breach and safeguard consumers’ digital identity,” she continued.
Businesses prepared for a data breach
A significant 81% of business decision-makers say their business is prepared to tackle a data breach compared to 12% who say they are not. In order to protect themselves against a data breach, 53% say their business has put in place a business continuity plan, whilst 43% have a crisis management plan; but only 39% have put in place a security monitoring team and only 38% had appointed a board director with responsibility for IT security such as a Chief Risk Officer or Chief Data Officer.
Low awareness of proposed EU General Data Protection Regulation
Changes in EU data protection law mean all organisations at risk of a data breach need to be prepared to safeguard their consumers. The biggest impact on regulation will be seen in mid-2016, when the proposed EU General Data Protection Regulation (GDPR) will be adopted by the EU. From mid-2018, if organisations fall victim to a data breach, under the GDPR, they will have to inform their customers when a serious data breach occurs and could be fined up to a maximum of 4% of their global turnover. Worryingly, 68% of business decision makers surveyed have not heard of the GDPR.
Noddle Protect enables businesses to put in place a fast and effective remediation plan to help safeguard their customers who may have had their personal data compromised following a data breach. The service can be available within 48 hours of a breach occurring and consumers who sign up to the service can identify and respond to fraudulent activity, helping them to mitigate any damage to their credit profile caused by criminals. Noddle Protect allows consumers to review their credit report for free and check that no-one else is applying for credit in their name or using their details fraudulently, giving them peace of mind and ensuring they continue to trust in your brand.