When the world changes to a remote working model around the Covid19 pandemic, some new threats, technology and new business models appear in the field of network security. The lack of network limits in this new world has accelerated the application of Sase Safe Access Service, Zero Trust and XDR (discovered and expanded feedback) to ensure remote and evil users. They are protected.
Attackers used the complexity that has been introduced by the new remote worker used theft to identify legitimate users and increase their advantages by providing guests of guests in the victim’s supply chain. The ability to achieve profit of ransomware attacks by threatening public open victim data makes it more advantageous, while employers continue to use the agenda to protect themselves for the inside. The company acquires a special purpose
(SPAC) has participated since 2021 on network security. Three suppliers agree to consolidate or acquired from SPAC, and a well-known security risk fund has set up its own SPAC. In the first four months of 2021, many companies start starting network security with a unicorn rating of at least $ 1 billion compared to 2019 and 2020.
Continue 10 leading mains control trends in the year 2021.
Identity test: EOS Crewssrike George Kurtz said that hackers from the Russian Foreign Intelligence Service (SVR) in the SolarWinds event architectural restrictions in the identity verification processes from Microsoft from the benefit of Used client applications on clouds and cloud applications. Kurtz announced that the specific attack vector, which was used by hackers solar winds, was first recorded in 2017.
In a hearing in the US Senate on February 24, Kurtz said: “Create wrong information that specify a legitimate user and to ignore multi-mail authentication.” Microsoft Chairman Brad Smith in the US Senate heard in the US Senate, an answer was performed at the meeting, said the wrong identity that the fake identity contains 15% of the attacks of solar winds. According to Smith, in all these cases, the Golden SAML susceptibility is used to increase accessibility only after SVR is available online and gives more access to the privilege.
Cyber Insurance: years 2020, Cyber Premium independence has risen by 29%, as a penetration of networks, data theft and ransomware incidents have increased significantly in the last two years, and companies in all sizes requires one Insurance cover. The extensive change in remote workers at the start of COVID19, along with the increase in penetration of phishing emails, was exposed to the company with more risks. According to Fitch ratings,
Cyber incidents have globally in the amount of Cyber, and Canadian insurance companies report that Cyber Cyber’s requirements in 2020 are 105% in 2020, higher than 39% last year. In the fourth quarter of 2020, these losses have led to a sharp increase in network coverage, and the premium rose annually by 11%. According to Advisorsmith, the most common reasons for online reporting requirements are chopped, ransomware, frauds and employees phishings. Advisorsmith said bookkeeping, doctor, office and residential buildings with the number of customers, date of birth and financial information, or other persons who often pay the highest premium for online insurance, their.
Discovery and Feedback Expanding (XDR): Detection and Feedback (XDR) Concentration Safety Data from Expand (XDR) by combining security information and event management (SIEM); Security Orchestra, Automation and Feedback (Increase), Network Transport Analysis (NTA) and Endpoint Response and Feedback (EDR). Achieving the ability to display networks, clouds and endpoints and intelligence The correlation threat between security products can facilitate detection and reaction.
According to the Gartner research firm, the XDR system must be able to react concentrated incidents as part of the remedy process that can change the status of a single security product. According to Gartner, the main objective of the XDR platform is to improve recognition accuracy by correlation and threat signals from many security products and improve the efficiency and productivity of security activities. According to Gartner, XDR products will attract practical buyers from medium-sized companies without resources and skills to integrate the best portfolio of security products. Improved XDR providers focus on stacks by integrating identity, privacy, cloud access security and edge Secure Access service to approach the value of the company.
Internal threats: The internal threats have returned in the summer of 2019, as Peppa Thompson, a former Amazon Web Service employee, visited the personal information of card card balances and customers and data of more than 30 other companies. Entering the Configuring the False Firewall Thompson to access folders or data stores on the AWS storage space of the capital.
Capital One announced in July 2019 that Thompson in the United States and Canada in the United States and Canada could access personal information. McLean’s Financial Service Gigants, Virginia-based said that capital has finally violated 1 million Canadian social security numbers, 140,000 American social security numbers and 80,000 associated bank accounts.
In addition to capital, prosecutors Thompson have charged to steal terabyte data from companies, educational institutions and other companies. Even if you have no other copy of [Capital One Data], Thompson’s technical complexity means that it can implement additional network entries that can cause hundreds of millions of dollars in additional losses, “said the prosecutor.
Ransomware Attacks: Since 2020, the image of ransomware victims has entered the high-end market. The victims are no longer small MSPs managing IT for local dentists and law firms, but well-known technology companies managing data and network traffic for Fortune 500 companies. Despite funding to hire elite IT professionals and Installing top-notch security, these channel giants are also riddled with ransomware. Since 2020, 5 of the world’s 50 largest solution providers – Cognizant, CompuCom, Conduent, DXC Technology, and Tyler Technologies – have been caught in 4,444 malicious ransomware infections. The total revenue of the five channel giants that have succumbed to ransomware since 2020 is US $ 42.78 billion, and the combined market value is US $ 54.36 billion.
Since 2020, the emergence of ransomware operators (such as the organization behind Maze) who are eager to promote and seek out ransomware has launched a completely different animal in the IT services industry. It’s not just about encrypting stolen files, this is the core of everything they do.
SASE (Secure Access Service Access): Since Gartner first proposed the term in its August 2019 report, SASE (Secure Access Service Edge) has helped cybersecurity vendors create and enhance new leadership roles. It smashed the industry by making significant acquisitions. Their position in new technology.
SASE works by combining a WAN or WAN with a secure web gateway (SWG), cloud access security proxy (CASB), firewall as a service (FWaaS) and network access zero trust (ZTNA), and other network security features. Security access and business needs are supported. The SASE tool can identify sensitive data and malware, decrypt content at wire speed, and continuously monitor session risk and trust levels. Those who have been involved in various technologies in the SASE market in the past need to provide these functions via the cloud as a service. The goal is to meet future network and security requirements while users, devices, applications, services, and data leave the enterprise data center quickly. Special Purpose Acquisition Companies (SPACs): Some cybersecurity companies seeking to enter the public market for the first time in have avoided going public and instead merged or acquired listed Shell companies. A year after Appgate broke up with data center provider Cyxtera, security access provider Appgate agreed to merge with Newtown Lane Marketing, which was launched in February and is worth $ 1 billion.
In the following month, risk analysis platform QOMPLX agreed to acquire both companies for $ 1.4 billion and merge with SPAC (Special Purpose Acquisition Company) Tailwind Acquisition Corp to become a publicly traded company. Also in March, network detection and support provider IronNet Cybersecurity agreed to list on a $ 1.2 billion value through a merger with LGL Systems Acquisition Corp. On the buyer side, Night Dragon has set up an SPAC for cyber security, security, security and privacy protection, raising more than $ 300 million in an initial public offering (IPO) in early March. SPAC is the founder and managing director of NightDragon, a venture capital firm focused on cybersecurity, and is led by Dave DeWalt (pictured), former CEO of FireEye and McAfee.
Attack on Supply Chain: Passive supply chain attack on Solar Winds’ Orion network monitoring platform sends shockwaves around the world, and hackers from Russia’s Foreign Intelligence Agency (SVR) are betting on nine elite US government agencies and around 100 well-known private entities with malicious or Enterprises through Aeon’s updates. The
SVR first tested the ability to inject code into SolarWinds Orion in October 2019 and actually injected the dock code into Orion updates downloaded between March and June 2020. According to SolarWinds, installing Orion on a server with internet access is even more offensive.
SolarWinds doesn’t know exactly when and how the hackers first accessed the environment, but the company narrowed it down to the three most likely first candidates. The first approach came about in the following way: Zero-day vulnerabilities in third-party applications and devices. Forced attacks such as password spray attacks. Or social engineering like targeted phishing attacks.
Unicorn Rating: The funding environment for cybersecurity startups has undergone major changes this year. 14 startups recorded a value of over $ 1 billion only during the first four months of 2021. According to PitchBook, this is much higher than the five cybersecurity companies that won unicorn status in 2020 and the eight that won unicorn status in 2019. The $ 167.5 million round is over, and in February the Cyber Insurance Supplier Alliance announced $ 175 million. Plume finished the $ 270 million round after the dollar round. Then in April, container security company Sysdig raised $ 188 million and threat detection and response provider Vectra raised $ 130 million.
In March, eight cybersecurity startups gained unicorn status. Acquired by cloud security company OrcaSecurity for $210 million. Feedzai in a $200 million round. $135 million Aqua Security. Invested in Axonius of $130 million in Wiz $100 million round of cloud security company. ID.me in the $100 million round; One dollar football in 100 million rounds.
Zero Trust: COVID19 craze has driven virtually every employee worldwide from defined network perimeters, accelerating the move to a Zero Trust platform and safeguarding end-users working remotely within organizations. And now, a new approach has been revealed and the configuration issue has been fixed. According to Forrester. The Secure Zero Trust method reflects four principles: It cannot be done alone to secure VPN and firewall perimeters. Identities and devices are authenticated across the network, not at the perimeter. Micro subdivisions really help create inner walls and locks to minimize hacker damage. The outstanding ZeroTrust platform integrates security features into an almost invisible tool, allowing users to operate in a more secure way, says Forrester. The most successful zero trust vendors can add new capabilities to their existing security infrastructure components, eliminating the need to remove or replace the security they are already investing in zero trust.
