BlueVoyant CEO Jim Rosenthal and Conquest Cyber President Jeff Engle (Images: BlueVoyant)

BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber

Michael Novinson • November 29, 2023

BlueVoyant purchased a risk management vendor led by an Army veteran to expand its SaaS footprint with U.S. government and defense industrial organizations. Buying Conquest Cyber will allow BlueVoyant to provide cyber risk maturity and compliance assessments to both federal and commercial customers.

Email Security & Protection

Proofpoint Snags Former VMware President Sumit Dhawan as CEO

Cybercrime

Police Bust Suspected Ransomware Group Ringleader in Ukraine

Securing the Future: Defending Against AI-Generated Threats

Latest

Information Sharing

Okta Delays New Products, Projects 90 Days to Boost Security

Michael Novinson • November 30, 2023

Okta has paused product development and internal projects for 90 days to beef up its security architecture and operations for applications, hardware and third-party vendors. Okta will move to strengthen its cyber posture, including a security action plan and engaging with third-party cyber firms.

Fraud Management & Cybercrime

Capital Health in NJ Is Responding to a Cyberattack

Marianne Kolbasuk McGee • November 30, 2023

New Jersey-based hospital group Capital Health is dealing with a network outage, caused by a cyberattack earlier this week, which is affecting some patient services. Capital Health is at least the second healthcare provider in the Garden State responding to a cyberattack this week.

Fraud Management & Cybercrime

NY AG Warns of ID Theft Risk in Medical Transcription Hack

Marianne Kolbasuk McGee • November 30, 2023

New York regulators are warning millions of individuals of identity theft risks involving a data theft at a medical transcriber that has now affected patients of at least two major healthcare groups, including Crouse Health and Northwell Health in the state. Lawsuits in the case are also piling up.

Governance & Risk Management

Good Governance: 'It's All Hygiene'

Steve King • November 30, 2023

In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."

Government

Experts Urge Congress to Establish Clear SBOM Guidance

Chris Riotta • November 29, 2023

Procurement experts testified to the House Subcommittee on Cybersecurity, Information Technology, and Government Innovation on Wednesday that government requirements leave too many unanswered questions and ambiguities for federal agencies when it comes to implementing SBOMs.

Artificial Intelligence & Machine Learning

ChatGPT Turns One - and the Future of Generative AI

Tom Field • November 29, 2023

Nov. 30 marks the one-year public birthday of ChatGPT. Gartner's Avivah Litan shared insights on the current state and future of generative AI, as well as the potential market after-effects of the pre-Thanksgiving drama involving OpenAI, its board and fired/reinstated CEO Sam Altman.

Breach Notification

Okta Says Hacker Stole Every Customer Support User's Details

Mihir Bagwe , Mathew J. Schwartz • November 29, 2023

Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.

Cloud Security

Stopping Cloud Workload Attacks

Steve King • November 29, 2023

In this episode of "Cybersecurity Insights," Eyal Fisher discussed Sweet Security's Cloud Runtime Security Suite, which helps CISOS and security teams defend against all stages of a cyberattack by gathering data, generating insights, baselining the normal environment and looking for deviations.

Security Information & Event Management (SIEM)

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

Michael Novinson • November 28, 2023

Discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk have driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering. LogScale hit the $100 million ARR milestone last quarter thanks to its search speed, data gravity and cost efficiency.

Government

Second Front Raises $40M to Support More Classified Networks

Michael Novinson • November 28, 2023

A vendor focused on fast-tracking government access to commercial software closed its Series B funding round to support more classified and regulated environments. The $40 million will allow Second Front Systems to support additional bespoke networks in the U.S. Defense and National Security space.

Business Continuity Management / Disaster Recovery

Insights From Israel: Guy Shafir, WideOps

Tom Field • November 28, 2023

DDoS and other cyberattacks against media outlets and critical services are what Guy Shafir, CTO of Israeli tech vendor WideOps, has been dealing with since the start of the terrorist attacks in Israel on Oct. 7. Shafir shared details about the response to these intense attacks.

Security Operations

Mapping Access - and Attack - Paths in Active Directory

Steve King • November 28, 2023

A directory service should be a "source of truth," said Justin Kohler, vice president of products at Spector Ops. But when users are overprivileged or misconfigurations occur, that creates attack hubs. Kohler discusses BloodHound, a solution he says is like Google Maps for Active Directory.