Palo Alto Networks 🤝 @IBM

We’re excited to announce our expanded partnership with IBM to deliver AI-powered security and consulting services across platforms.

What does this mean? Details 🧵 pic.twitter.com/ZXovG07Gjd

— Palo Alto Networks (@PaloAltoNtwks) May 15, 2024

IBM QRadar Goes to Palo Alto Networks

Palo Alto Networks’ acquisition of IBM’s QRadar SaaS is a cornerstone of the partnership. QRadar, long respected for its sophisticated threat detection and compliance capabilities, transitions to Palo Alto Networks. Palo Alto Networks will migrate existing QRadar SaaS clients to Cortex XSIAM, its next-generation SOC platform leveraging advanced AI-powered threat protection capabilities. To facilitate this transition, IBM and Palo Alto Networks will offer no-cost migration services to qualified customers, ensuring a seamless transition experience.

IBM will continue to provide ongoing support for clients using the on-premises version of QRadar. This includes security updates, usability enhancements, and critical bug fixes. These clients can remain on the existing QRadar on-premises platform or transition to Cortex XSIAM, with incentives provided for the latter.

Watsonx: AI Enhancing Cybersecurity

A vital part of the deal is the integration of IBM’s watsonx LLMs into Palo Alto Networks’ Cortex XSIAM platform, bringing IBM’s models to Palo Alto’s AI capabilities to enhance its cybersecurity solutions. This integration will improve the platform’s ability to detect and respond to threats by leveraging advanced machine-learning models that can analyze vast amounts of data quickly and with high precision.

Watsonx’s advanced AI algorithms are designed to process and analyze vast amounts of data much more efficiently than traditional methods. This enables faster, more accurate threat detection and automated incident responses, which are critical in managing sophisticated cyber-attacks. Watsonx can also help automate the analysis of security logs, incident reporting, and response strategies, making the overall security response faster and more efficient.

A Stronger IBM Consulting

One of the deal’s most exciting elements is its impact on IBM Consulting. By leveraging Palo Alto Networks’ cutting-edge cybersecurity solutions, IBM Consulting can expand its cybersecurity services portfolio and provide more comprehensive solutions to its clients. This includes everything from initial security assessments and system implementations to ongoing management and compliance monitoring.

By integrating Palo Alto Networks’ leading security platforms, such as Cortex XSIAM and Prisma SASE, into its offerings, IBM Consulting can offer more advanced, AI-powered security solutions to its clients. This boosts IBM Consulting’s capabilities and appeal as a full-service cybersecurity provider.

As part of the agreement, IBM Consulting will become a preferred Managed Security Services Provider (MSSP) for Palo Alto Networks’ customers. This will allow IBM Consulting to increase the volume and quality of engagements it secures, boosting its market share and visibility in the cybersecurity domain.

IBM plans to train over 1,000 security consultants to specialize in deploying and managing Palo Alto Networks’ products. This initiative not only enhances the skill set of IBM’s workforce but also ensures that IBM Consulting can offer highly demanded expert services, thereby driving growth and strengthening its market position in cybersecurity consulting.

The collaboration also brings enhanced DevSecOps capabilities to the market by integrating Prisma Cloud with IBM’s existing cloud and DevOps offerings. This will help IBM Consulting address the growing demand for secure cloud-native applications and infrastructure, particularly in environments built on IBM’s Red Hat OpenShift and Ansible platforms.

Industry Insights

The new alliance between IBM and Palo Alto Networks is a transformative moment in the cybersecurity industry. Both companies are setting a trajectory towards enhanced security innovation and AI integration.

Palo Alto Networks’ purchase of QRadar aligns with the company’s ongoing platformization strategy while accelerating the expansion of AI and machine learning capabilities across its security platforms. By integrating QRadar’s established technologies and customer base, Palo Alto Networks enhances its SOC solutions, providing more comprehensive and efficient security offerings to a broader audience.

The acquisition of QRadar also reflects the growing trend in the cybersecurity industry towards consolidating and integrating technologies to offer end-to-end solutions that effectively manage and neutralize threats in increasingly complex IT environments.

Beyond strengthening Palo Alto’s portfolio, one of the most significant impacts of the deal is the strengthening of IBM’s consulting business, a key strategic driver for IBM. The deal gives IBM’s consulting team greater reach in strategic cybersecurity. By aligning itself with a leading cybersecurity provider and integrating cutting-edge AI technologies into its services, IBM Consulting can more effectively meet global enterprises’ complex and growing security needs.

The relationship with Palo Alto Networks enhances IBM Consulting’s service capabilities and solidifies its position as a leader in the cybersecurity consulting market—significant for an organization doubling down on its consulting business.

What Does This Partnership Mean for the Future of Cybersecurity?

The partnership between IBM and Palo Alto Networks is set to bring substantial benefits to the cybersecurity industry, particularly for enterprise customers. By leveraging AI and advanced cybersecurity solutions, this collaboration aims to provide more robust, intelligent, and capable security measures. As these initiatives unfold, enterprises across various industries will have access to enhanced tools and services to combat the sophisticated threats of the digital age.

What are your thoughts on this groundbreaking partnership? Share your comments below.

Photo by Carson Masterson on Unsplash

The post IBM And Palo Alto Networks Forge Transformative Cybersecurity Partnership first appeared on Tech Insight.

Common Cybersecurity Risks

Digital transformation expands the attack surface of businesses by introducing a multitude of devices and platforms into corporate networks. This complexity provides cybercriminals with numerous entry points.

“The rapid expansion of connected technologies is identified as the top security risk.“

Businesses must recognize these vulnerabilities and implement comprehensive security strategies to protect against potential threats.

In recent years, manufacturing has experienced a digital transformation, fuelling growth, efficiency and profitability. Yet this trend has created a range of #cybersecurity issues.

This new white paper outlines three guiding principles to support #manufacturing and supply chain… pic.twitter.com/g1aN94ll9M

— World Economic Forum (@wef) April 29, 2024

IoT Vulnerabilities

IoT devices are often targets for cyber-attacks due to inadequate security measures like weak passwords, outdated firmware, and unsecured data transmissions. The convenience and efficiency gains from these devices are undeniable, yet their integration brings significant risks. It’s crucial to enforce stringent security protocols to shield networks from unauthorized access through these gateways.

Insider Threats

Not all security risks come from outside; insider threats, either malicious or accidental, are a significant concern. Errors such as misconfigured settings or inappropriate access privileges can lead to severe data breaches. Reports indicate that “30 percent of CISOs view insider threats as a major risk,” highlighting the need for comprehensive training and stringent access controls to mitigate these risks.

Cybersecurity Measures

To combat the vulnerabilities introduced by digital transformation, businesses must adopt proactive and dynamic security measures:

Implement Strong Access Controls

Limiting access based on user roles can dramatically reduce risks. By ensuring employees only access necessary data, businesses minimize potential unauthorized exposures. This strategy is vital as negligent insiders are a primary security threat in many organizations.

Develop a Comprehensive Incident Response Plan

Preparedness is key to mitigating damage from cyber incidents. A robust incident response plan enables a swift action, containing breaches and minimizing data loss. Regular drills and updates to this plan ensure that all team members know their roles in an emergency, making it possible to react quickly and effectively.

Use Network Segmentation

Isolating critical data through network segmentation can prevent the spread of breaches. By creating clear boundaries within networks, businesses can control how data is accessed and shared, significantly reducing the likelihood of widespread cyber attacks.

Secure IoT Devices

Regular firmware updates and the avoidance of default passwords are simple yet effective ways to enhance the security of IoT devices. Such measures ensure that devices are less vulnerable to attacks and that the network remains secure.

Locking Down the Future…

Navigating the cybersecurity landscape in digital transformation is an ongoing journey that requires vigilance and adaptation. By understanding the risks and implementing strategic defenses, businesses can protect themselves from the evolving threats in the digital world. Are there specific strategies you’ve found effective in managing cybersecurity risks? Share your experiences and insights in the comments below to help others fortify their defenses!

Photo by Headway on Unsplash

The post How to Minimize Cybersecurity Threats During Digital Transformation first appeared on Tech Insight.

Bridging the Gap: Technology and Security

In discussing the partnership, Sal Sferlazza, founder and CEO of NinjaOne, highlighted the communication barriers that often exist between security and IT teams.

“This integration will result in better coordination and reduced mean time to resolution for incidents,” – explained Sferlazza.

Daniel Bernard, chief business officer at CrowdStrike, also weighed in, noting the inclusive nature of the threat landscape:

“Smaller organizations face the same threat landscape as their larger enterprise counterparts. They want the real thing. They’re coming in and they’re asking for CrowdStrike.”

Enhanced Security Features

By combining CrowdStrike’s AI-driven threat detection with NinjaOne’s comprehensive IT management tools, the partnership delivers a security solution that is not only top-tier but also easy to deploy and manage. This is crucial for organizations that may lack extensive in-house cybersecurity expertise but still face significant digital threats.

Simplified Management and Operations

The integrated platform offers a significant advantage by allowing IT teams to manage security threats and IT management tasks from a single dashboard. This streamlined approach not only speeds up the response times to security incidents but also enhances the coordination between IT and security teams within an organization.

Cost-Effectiveness and Industry Implications

The collaboration between NinjaOne and CrowdStrike reduces the need for multiple security tools, thereby decreasing vulnerability and security gaps. The consolidation of various security functions into a unified platform not only simplifies the process but also cuts overall costs and efforts involved in maintaining a secure IT environment.

Cybersecurity Made Simpler and Smarter

The NinjaOne and CrowdStrike partnership marks a significant step forward in the cybersecurity industry, offering solutions that are both innovative and accessible. As businesses continue to navigate a complex world of digital threats, partnerships like this one are crucial for developing the tools necessary to protect sensitive data and infrastructure.

We invite you to share your thoughts and experiences with cybersecurity solutions. Have you faced challenges similar to those described here? How do you see integrated solutions impacting your security strategy? Let us know your views!

Photo by Tom Roberts on Unsplash

The post How the NinjaOne and CrowdStrike Partnership Simplifies Cybersecurity first appeared on Tech Insight.

The Scale of the Operation

LabHost facilitated the sending of fraudulent messages that deceived recipients into making online payments or divulging sensitive personal information. The police reported the seizure of “fullz data,” including 480,000 card numbers and 64,000 PIN codes, demonstrating the vast reach of this criminal enterprise. Although the total amount stolen remains unclear, estimates suggest that the LabHost site generated nearly £1 million ($1.25 million) in profits.

Law Enforcement Response

Metropolitan Police Deputy Commissioner Dame Lynne Owens emphasized the ubiquity of the threat:

“You are more likely to be a victim of fraud than any other crime. Our approach is to be more precise and targeted, with a clear focus on those enabling online fraud to be carried out on an international scale.” Adrian Searle, Director of the National Economic Crime Centre, added that technology now allows “crime to be delivered at scale in an almost industrial fashion.”

Impact on Victims

Approximately 70,000 UK victims were tricked into giving away their details. For those identified, the police are sending out warnings about the fake services used to scam them, directing them to official advice. The Metropolitan Police have also secured personal details found in a data dump from LabHost, taking steps to protect the victims from further harm.

Preventive Measures and Future Steps

The arrests mark a significant step in ongoing efforts to combat cyber fraud. The strategy now includes personalized videos to known criminals, a tactic developed with advice from behavioral psychologists to undermine the confidence of those running scam services. “Unless we build a network to defeat a criminal network, we are going to be overwhelmed,” noted an official from the Cyber Defence Alliance.

A Crackdown of Critical Importance…

This landmark operation showcases the critical importance of international cooperation in tackling the sophisticated digital threats that face us today. As cyber criminals evolve, so too must our strategies to prevent and respond to these threats. We invite our readers to share their thoughts and experiences with phishing scams in the comments below. How do you think such crimes can be prevented, and what more should be done to protect potential victims?

Visit our homepage for the latest insights.

The post Global Cyber Gang Busted for Industrial-Scale Phishing Scams first appeared on Tech Insight.

A Global Threat Neutralized

Lockbit, a name that has instilled fear across the digital landscape, has become synonymous with a new breed of cyber extortion. This gang’s modus operandi involved deploying ransomware to encrypt victims’ data, essentially holding it hostage for cryptocurrency ransoms. With over 2,000 victims worldwide and more than $120 million extorted, the scale of their operations was staggering.

The Coalition of Cyber Guardians

Drawing parallels to the concerted efforts that brought down historic criminal figures, the operation against Lockbit leveraged the collective strength and expertise of international law enforcement. The United States charged two Russian nationals, pivotal figures within the Lockbit syndicate, for their roles in orchestrating a global campaign of disruption and extortion. This move was complemented by arrests in Poland and Ukraine, signaling a coordinated strike against the network’s operational core.

Turning the Tables

In a dramatic turn of events, the coalition managed to infiltrate Lockbit’s digital stronghold. This maneuver, akin to the tactical brilliance of historic law enforcement victories, saw the agencies “hack the hackers.” By seizing control of the gang’s websites and infrastructure, they effectively rendered Lockbit powerless. This bold strategy not only disrupted the gang’s operations but also provided invaluable intelligence and tools for mitigating the ransomware threat.

The Aftermath and Implications

The success of Operation Cronos heralds a significant victory in the ongoing war against cybercrime. By dismantling one of the most notorious ransomware gangs, the operation sends a clear message: the international community will not stand idly by in the face of digital extortion. The collaborative approach taken here, involving law enforcement agencies from across ten countries, sets a new precedent for tackling cyber threats.

Moreover, the operation’s impact extends beyond the immediate disruption of Lockbit’s activities. By seizing assets, freezing cryptocurrency accounts, and closing thousands of rogue online accounts, the coalition has choked off vital resources for the gang’s operations. This comprehensive strategy highlights the importance of attacking not just the technical infrastructure but also the financial underpinnings of cybercriminal networks.

Looking Forward

As the digital landscape continues to evolve, so too does the nature of threats and the methods needed to combat them. The takedown of Lockbit is a testament to the power of international cooperation and innovative tactics in the fight against cybercrime. However, this victory does not mark the end of the road. Ransomware remains a potent threat, with new groups emerging to fill the void left by Lockbit.

The cybersecurity community must continue to adapt, innovate, and collaborate to stay ahead of these threats. Operation Cronos serves as a blueprint for future actions against cybercriminal networks. It underscores the necessity of global partnerships and the sharing of intelligence and resources in safeguarding the digital world.

The Lockbit takedown is more than just a law enforcement success story. It is a beacon of hope and a call to action for the cybersecurity community. As we move forward, let this operation remind us of our collective strength and the importance of vigilance in the face of ever-evolving digital threats.

Photo by Nahel Abdul Hadi on Unsplash

The post Operation Cronos: The Digital Takedown of Lockbit first appeared on Tech Insight.

In the fast-evolving sphere of cybersecurity, APIs have emerged as a new battlefield. Wallarm’s insightful analysis, published in their recent Q3 report, paints a concerning picture of the current API security landscape, highlighting the urgent need for companies to revamp their digital defense strategies.

Download the Report

Injection Attacks: The Leading Menace

The report’s most striking revelation is the prevalence of injection attacks. Ranked at the top of the “Top 10 API Security Threats,” these attacks exploit vulnerabilities within an API’s structure, allowing attackers to insert harmful data or code. This can lead to unauthorized access and potential data breaches, compromising personal and corporate information.

The Triple-A Concern: Authentication, Authorization, and Access Control

Wallarm’s report further notes that a significant 33% of the 239 new API security vulnerabilities are linked to the foundational security pillars of authentication, authorization, and access control. With incidents at Sentry and WordPress due to OAuth token mishandling and plugin authentication failures, respectively, the imperative for robust AAA protocols is clearer than ever.

Data Leaks: A Rising Threat

Data leaks are another critical concern underscored by the report, especially with incidents involving Netflix, where JWT secret keys were exposed, and VMware’s sensitive data disclosure vulnerabilities. These leaks represent a growing threat that could result in the unrestrained exposure of sensitive data through often negligent practices.

Words from Wallarm CEO

Ivan Novikov, CEO of Wallarm, emphasizes the report’s importance as a call to action.

“We saw in recent months that even major players like Netflix and VMware aren’t exempt from significant data exposures,” Novikov states.

He continues:

“This report is a wake-up call for business leaders and cybersecurity professionals to include protection against threats to APIs and other leaks in their product security programs.”

Proactive Measures and Key Recommendations

The Wallarm report does not only expose weaknesses but also serves as a guide for fortifying cybersecurity measures. Recommendations include prioritizing AAA principles and incorporating automatic discovery systems for leak protection.

In Summary

As we witness the relentless emergence of new API security vulnerabilities, the Q3-2023 Wallarm API ThreatStats™ report is an indispensable resource for businesses aiming to safeguard their digital frontiers. Addressing these vulnerabilities is not just about preventing data breaches; it’s about maintaining trust in an increasingly interconnected world.

We invite our readers to consider the full scope of these findings and incorporate the key recommendations into their security strategies. Your thoughts are valuable to us – comment below to share how your organization is tackling these API security challenges.

The post Wallarm Unveils Alarming API Security Vulnerabilities in Q3 Report first appeared on Tech Insight.

Unleashing Creative Potential

UIP has proven to be a cornerstone in nurturing and unveiling the potential of young tech enthusiasts, providing a robust platform to innovate, learn, and grow. Participants will be mentored and guided by the experienced hands of Unisys professionals, offering a unique opportunity to transform textbook knowledge into real-world innovative solutions.

This year, UIP is weaving its magic around emerging, solution-oriented technologies. Artificial Intelligence, quantum computing, and data analytics are at the forefront, presenting students with an arena to showcase their creativity and technical prowess.

“India’s digitally skilled talent pool has grown synonymous with tech innovation in recent years, making it the home of some of the world’s most talented youth in IT,” said Sumed Marwaha, managing director of Unisys in India.

The Unisys Innovation Program is a testament to this belief, aiming to equip participants with specialized technical skills for the future.

Themes Unveiled

With ten distinct themes including AI ubiquity, connected world (IoT), zero trust security, and quantum computing, participants are spoilt for choice. Each theme is intricately designed to challenge and inspire, pushing students to the zenith of their creative and technical abilities.

Driving Innovation in India

According to Sumed Marwaha, the program underscores the importance of a platform where young tech minds bring their innovative breakthroughs to the forefront of India’s technology revolution. The fusion of creative thinking, technical expertise, and hands-on learning is the crux of this unique experience.

About the Unisys Innovation Program

With over 76,500 student submissions since 2009, UIP stands as one of the country’s highly anticipated technical competitions. It’s not just a challenge but a nurturing ground for the aspiring innovators and future leaders in the tech world.

In Summary

As the curtains rise for the 15th Annual Unisys Innovation Program, the anticipation and excitement are palpable. Each year, the event morphs into a battleground of innovation, creativity, and technical expertise, and this year is no different. With the inclusion of contemporary and future-oriented technologies, participants are not just competing but are also contributing to the vast world of technology.

We invite our readers to dive deep into this narrative, witness the transformation of ideas into innovations, and be a part of this enriching journey. Do you think programs like UIP are essential in bridging the gap between academic learning and real-world application? What theme excites you the most? Share your thoughts, insights, and anticipations in the comments section below. Let’s weave a tapestry of ideas and perspectives that is as diverse and innovative as the Unisys Innovation Program itself!

The post Unisys’s 15th Innovation Program: AI, Quantum Computing Focus first appeared on Tech Insight.

Getvisibility Earns IMDA Accreditation

Getvisibility’s dedication to data protection and compliance has been officially recognized by the Infocomm Media Development Authority of Singapore (IMDA). This accreditation distinguishes Getvisibility as a trustworthy provider of data security solutions, joining the ranks of elite companies that have met the stringent criteria set by the IMDA.

“We are immensely thrilled about the opportunity to expand our footprint in Singapore and to receive IMDA’s accreditation,” – Mark Brosnan, CEO of Getvisibility.

This acknowledgment underscores their unwavering commitment to empowering organisations in Singapore to protect their data, meeting and exceeding regulatory requirements.

New Regional Headquarters in Singapore

Concurrent with the accreditation, Getvisibility inaugurated its Singapore office, a strategic outpost located in the heart of the city-state’s thriving tech hub. This office is not just a physical space but a symbol of Getvisibility’s determination to support its growing customer base and foster collaborations with local partners.

AI-Powered Data Security Solutions

One of the pinnacle achievements accompanying Getvisibility’s Singapore expansion is the development of a product tailor-made to meet the locality’s privacy and security regulations. Edwin Low, Director of Enterprise and Ecosystem Development at IMDA, expressed his enthusiasm:

“With their leading AI and machine learning solution, Government agencies and enterprises can work seamlessly for real-time, accurate data discovery and classification of documents.”

This IMDA-accredited data security solution, underpinned by AI technology, equips organizations to manage and secure sensitive data proactively, a crucial step in ensuring compliance with robust data protection and governance frameworks.

A Trusted Partner for Global Data Protection

Getvisibility’s entry into the Singaporean landscape aligns seamlessly with its global mission – revolutionizing data security and compliance with avant-garde technology. The company is poised to make a substantial impact in Southeast Asia, offering best-in-class solutions for data protection and regulatory compliance, enhancing cybersecurity posture globally.

Concluding Thoughts

Getvisibility’s journey of earning the IMDA accreditation in data security and establishing its stronghold in Singapore is a vivid testament to the company’s prowess and commitment in the realm of data security. As we step into an era where data is as precious as it is vulnerable, such advancements promise a future where security and innovation go hand in hand.

We invite our readers to delve into this discussion – how do you perceive the future of data security with the advent of AI-powered, IMDA-accredited solutions like those of Getvisibility? Share your insights and perspectives in the comments below. Your voice adds invaluable depth and dimension to the unfolding narrative of data security in the digital age.

Please follow us on Linkedin! Visit our homepage for more scoop on the latest Business Tech.

The post IMDA-Accredited Data Security: Getvisibility’s AI-Powered Expansion to Singapore first appeared on Tech Insight.

The post Google Cloud Empowers Log Analysis with Dataform first appeared on Tech Insight.

Welcome to another edition of our Cybersecurity Weekly News, where we bring you the latest developments in the world of cybersecurity. This week, our attention has been captured by an unprecedented event that has sent shockwaves through the industry – ALPHV, also known as BlackCat, a notorious cyber threat actor, has publicly claimed responsibility for a large-scale cyberattack on MGM, a global giant in the resort, sports betting, and gambling sector. The attack, which ranged from halting slot machines to causing systemwide disruptions in hotel reservations, has left MGM reeling, as evident from their recent social media updates.

What makes this incident even more remarkable is not just the audacious claim made by ALPHV but also the unconventional approach they’ve taken in explaining their actions. They have criticized MGM for its response, or lack thereof, and have indirectly engaged in media critiques. Part of ALPHV’s press release reads:

“As they were not responding to our emails with the special link provided (in order to prevent other IT Personnel from reading the chats), we could not actively identify if the user in the victim chat was authorized by MGM Leadership to be present.”

Discovery of a New Malware Family

In other significant news, researchers at Talos have made a groundbreaking discovery – a new malware family they’ve named HTTPSnoop. This malware appears to be primarily targeted at Middle Eastern telecommunication providers, raising concerns about a growing trend of breaches in the communication sector. Fortunately, with this discovery, steps can now be taken to address and mitigate this emerging threat.

A Slew of Updates: From Tech Gadgets to Infrastructure Security

Turning our attention to the world of tech gadgets, Apple has introduced highly anticipated updates to its “Lockdown Mode” to counter the rising threat of spyware attacks. For a more detailed analysis of these updates, you can refer to coverage by TechCrunch and the Electronic Frontier Foundation.

On the infrastructure security front, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new security scanning service aimed at strengthening cyber defences. Further information on this development can be found in a detailed StateScoop article.

Internationally, the Chinese Government has accused the U.S. of infiltrating Huawei servers, a claim that has garnered attention and scrutiny. Reports from Nikkei Asia and The Register provide comprehensive insights into this matter.

The past week has been eventful in the realm of cybersecurity, with evolving threats and persistent challenges. These events serve as a reminder of the critical importance of vigilance and continuous advancements in cybersecurity strategies. We hope this weekly update has provided valuable insights to keep you informed. Please feel free to share your thoughts in the comments section below and join the conversation.

Stay updated with TechInsight on tech and AI’s latest news.

The post ALPHV Claims MGM Cyberattack: Unconventional Revelations first appeared on Tech Insight.