Once again named a ‘Leader’ and ‘Outperformer’ for best-in-class BaaS experience, strong integrations, and crucial cyber resiliency features

Enterprise data protection leader Commvault^® has announced that GigaOm has named the company a “Leader” and an “Outperformer” in its most recent report, the GigaOm Radar for Hybrid Cloud Data Protection for Large Enterprises.

An assessment of competing solutions, the GigaOm Radar report places Commvault in the Leaders circle of the Innovation/Platform Play quadrant, highlighting its platform-driven approach with strong integration across the portfolio, a best-in-class BaaS (Backup-as-a-Service) experience, exceptional data management capabilities, and cyber resiliency features.

“Commvault’s strong position in GigaOm’s latest Radar report reaffirms our commitment to delivering secure, efficient, and scalable data protection,” said Param Kumarasamy, Vice President of Product Management, Commvault. “With AI-driven anomaly detection, threat mitigation, and risk analysis capabilities, we help customers improve their security posture across any hybrid cloud environment.”

The GigaOm Radar Report is a forward-looking analysis that plots vendor solutions’ relative value and progression  based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering, highlights the key hybrid cloud data protection vendors and, according to GigaOm, equips IT decision-makers with the information to select the best fit for their business and use case requirements. GigaOm defines large enterprises as organizations with 1,000 or more employees.

GigaOm describes Commvault as having “a comprehensive hybrid cloud data protection portfolio with excellent cyber resiliency capabilities and a very broad workload support across clouds,” deeming it “well-suited for organizations with advanced data management requirements.”

“Commvault delivers a best-in-class BaaS experience with Metallic. The solution offers broad services, including excellent cyber resiliency features and regulatory compliance,” said Max Mortillaro, Analyst, Data Analytics and AI, GigaOm. “[Commvault] supports an extensive range of platforms, including multicloud, databases, unstructured data, Kubernetes, and SaaS applications, making it capable of replacing a traditional on-premises data protection solution for most use cases.”

In addition to vast support for distributed cloud workloads, GigaOm also calls attention to Commvault’s robust security capabilities, including insights and posture management tools, malware scanning, threat detection and alerting, immutable data backups, and more.

To find out how Commvault stood out versus the competition, read the full report here: GigaOm Radar for Hybrid Cloud Data Protection for Large Enterprises.

Skilled cybersecurity talent is in tight supply. It’s challenging to recruit, hire and retain skilled professionals: trends that are expected to continue into the near future.

According to the (ISC²) 2022 Cybersecurity Workforce Study, the 2022 global cybersecurity workforce gap stood at 3.4 million people, an increase of 26.2% from 2021. In Australia alone there were nearly 40,000 unfilled cybersecurity jobs in 2022, an increase of 57.6% over 2021.

Eyal Arazi, senior security solutions lead for Radware, says couple this gap with the surge in cyberattacks and the result is the perfect storm for organisations doing their best to protect their data and assets, including infrastructure and applications.

The threat is real. According to Radware’s recent First Half 2023 Threat Analysis Report, the number of malicious web application transactions alone skyrocketed by 500% compared to the first half of 2022.

Yet according to the company’s Application Security in a Multi-Cloud World Report, less than half of organisations indicate they trust their security staff to configure and maintain a strong application security posture across the public cloud platforms they currently use for hosting applications.

Given the shrinking cybersecurity talent pool and surge in cyberattacks, organisations must adjust their approach to managing their cybersecurity programs. To help reduce the reliance and load on internal teams that are already overstressed and understaffed without compromising security programs, organisations should consider the following three strategies.

#1 — Consolidate security tools

One of the most effective and efficient ways for organisations to address the cybersecurity staff shortage is to consolidate their security tools. The mathematics are simple: The fewer tools there are to manage and maintain, the less time and energy is spent switching between systems and management consoles.

As part of the consolidation process, organisations should replace individual tools and defences that provide piecemeal protections with one-stop-shop, best-of-suite solutions that cover a wide range of attacks and threat vectors. And it should all be managed with a single tool that includes a comprehensive reporting dashboard.

Consolidation has several important benefits. It enables security teams to maintain the same level of protection while speeding up processes with centralised management and reporting. In addition, it minimises the time spent on integrating separate products.

Nonetheless, it’s important that consolidating tools doesn’t degrade an organisation’s security posture. Selecting a best-of-suite tool that also delivers best-of-breed security will ensure that cybersecurity protections operate at optimal levels.

#2 — Automate! Automate! Automate!

Another way to reduce the workload on cybersecurity staff is to automate as many processes as possible and replace slow and labor-intensive manual configurations. When it comes to cybersecurity, automation falls into two categories:

• Security: Organisations can automate actual cyber defence activities, such as policy configuration, rule configuration, and signature creation.
• Deployment: Organisations can automate the deployment of cybersecurity mechanisms that don’t interrupt existing business or technical processes.

To defend successfully against attacks that are bigger, more frequent and more sophisticated, organisations must embrace security automation. Any type of manual security process becomes vulnerable to evolving attack patterns and new zero-day threats.

Because neither an evolving nor zero-day attack has a protection signature, it presents a particularly difficult problem in today’s staff-constrained world. There simply aren’t enough qualified people with the time and skills to quickly and effectively respond to shifting attacks 24X7X365.

By automating cyber defences, including creating new rules, defining security policies, managing deployment activities and more, organisations can reduce both the direct workload on cybersecurity teams and successfully mitigate attacks. In addition, they can reduce the cascading impact and interruption that incidents create for other teams across the organisation, including DevOps, IT, operations, marketing and others.

#3 — Engage managed security service providers to do the heavy lifting

Managed security service providers offer another resource for addressing today’s shortage of cybersecurity professionals. The idea is to outsource cybersecurity functions to service providers and let their tested and fully managed security services do the heavy lifting.

The term cybersecurity encompasses a massive domain that spans many dedicated sub-domains. Examples include network security (i.e. firewalls, VPNs, secure web gateways), application protection (i.e. web application firewalls, bot protection, DDoS protection), endpoint security (i.e. anti-virus, EDR), email security, public cloud security (i.e. workload protection, CSPM, IAM security), and many, many others.

Each subdomain is distinct in its scope of protection, attack vectors, threat surfaces and mitigation tools. As the threat landscape becomes more complex, these domains require more dedicated, specialised experts.

It is virtually impossible to find cybersecurity staff who possess the specialised skill sets and expertise required to address each sub-domain and understand all the tools that support them. So, even if an organisation has enough personnel, it may not have the right skills on staff to adequately cover all the bases.

It simply makes sense to outsource certain security functions to experts who perform these activities daily. It’s their sole focus.

Just remember, it’s critically important to ensure managed security providers have a proven track record and that they are properly staffed and trained. Engaging a managed security service provider can greatly unburden internal cybersecurity teams while simultaneously enhancing an organisation’s level of protection.

To summarise: Cybersecurity staff and skill shortages affect organisations worldwide, and few companies are immune. While recruiting and retaining trained experts will undoubtedly remain a challenge for the future, organisations are not without options.

Consolidation, automation and outsourcing can go a long way in not only alleviating the strain on security teams but also improving the quality of cybersecurity programs and initiatives.

The healthcare industry has been transforming radically over the past decade with the common goal of improving the way health care is delivered to patients.

Kern Smith, mobile security expert at Zimperium, reportsthat In recent years, we’ve watched as healthcare organisations have quickly become mobile-powered businesses with the migration to electronic health records, patients increasingly using mobile apps to view test results, schedule appointments, contact their care provider and even control their medical devices.

Although this shift has brought many advantages such as more accurate and up-to-date patient information, quick access to patient records, improved patient outcomes and better communication between patients and their providers, it has come with risks, especially to patient security.

The healthcare sector has always been a prime target for cybercriminals. Healthcare organisations store an extensive archive of personal health information (PHI) and their accompanying financial records that, if stolen, can be incredibly lucrative for the attacker and especially detrimental to the victim.

The stolen data is often used to commit fraud, identity and intellectual theft, espionage, blackmail, extortion and more. Sadly, often it cannot be replaced.

While apps and mobile devices are highly effective, affordable and convenient ways for medical facilities to manage a diverse range of components throughout the patient care continuum, unfortunately, the ease of use on mobile devices and apps, as well as the confidential patient  information they store, make healthcare organisations that much more vulnerable to attackers.

In March 2023, for example, Cerebral, a telehealth platform that provides online therapy and medication management to millions of users, reported a healthcare data breach that impacted more than 3.1 million individuals that stemmed from its use of tracking pixels.

Unfortunately, this is not a standalone incident. According to the HHS Office for Civil Rights (OCR) data breach portal, the healthcare sector has already experienced around 295 breaches in the first half of 2023 alone. Additionally, my company’s Global Mobile Threat Report 2023revealed a 187% year-over-year increase in the number of compromised mobile devices.

The movement to mobile has brought a whole new slue of attack methods that cybercriminals are using against healthcare organisations. Some of these include:

• Phishing – Malicious links or attachments shared via email, social media or text message to deliver malware or obtain credentials.
• Mobile Ransomware – Encrypting files on a mobile device and then requiring a ransom payment for decryption.
• Man-in-the-middle (MITM) attacks – Attackers intercepting network communications or data transfers to steal confidential user information.

It’s not too much to say that the use of mobile devices to store, access and transmit electronic healthcare records is outpacing the privacy and security protections on those devices. The threat of data privacy risk will continue to rise in line with new attack surfaces and more advanced attack methods. Organisations should employ mobile-first strategies that can adapt to these new challenges.

How can organisations protect themselves and their patients from future attacks? As the healthcare industry continues to rely on mobile and BYOD devices as means for storing and accessing confidential patient information, one of the core steps they must take is adopting a mobile-first security strategy. To do this, there are a few key areas organisations should keep their eye on:

1. Prioritise risk assessment – Assessing risk as close to the user or point of entry as possible is crucial to defending against attackers. A good first step organisations can take is applying mobile-powered business initiatives across all of their mobile devices and apps.
2. Visibility is your best friend – It’s important to have complete visibility of all mobile assets and their risk levels in order to assess vulnerabilities and address them immediately. Implementing defenses that are quantifiable, auditable, and insurable are key.
3. Address the most critical gaps first – By embedding security across all devices and applications, applying risk-based response and zero trust assessments of mobile endpoints, organisations can enhance their mobile detection and response strategy overall.
4. Establish autonomy – Applying systems that can automatically isolate any compromised devices and untrusted environments will lay the foundation for a strong security posture.
5. Staying ahead – Organisations should keep on top of any regulations, data sovereignty and privacy standards that can put them at risk of compliance failures.

A strong mobile-first approach to security can help you to be proactive and immediately spot suspicious activity, prevent account takeovers, and even stop fraud before it can occur. Organisations need to make the decision to shape their business with mobile users as the priority. This approach is crucial to ensure that their ‘crown jewels’ (i.e. data), and more importantly their patients, remain safe.

Overall, the cyber security challenges faced in healthcare are numerous and complex. Healthcare organisations possess high value data that is highly regulated, and therefore exceedingly valuable for attackers.

Combine this with the use of a variety of complex medical devices and a workforce made up of not just direct employees but a variety of contractors and third party practitioners and it’s easy to see why healthcare organisations have become the main targets of attack. Therefore, providers must remain vigilant, exercising the best security efforts as they embrace mobile devices as part of their operations.

Mandiant Inc., now part of Google Cloud, today unveiled new information on the lineup of keynote speakers and panels for mWISE™ Conference 2023, which will take place September 18-20, at the Marriott Marquis Hotel in Washington, D.C., along with a digital option.

mWISE––Mandiant Worldwide Information Security Exchange––is a portfolio of vendor-neutral event programming that brings together cybersecurity practitioners, industry leaders and visionaries from around the globe to discuss best practices, identify new and emerging trends and convert knowledge into collective action in the fight against persistent cyber threats. The second annual mWISE Conference will feature an impressive lineup of keynote speakers from both the public and private sectors; more than 80 sessions, over 90 speakers, and a showcase of leading cybersecurity vendor innovations on an expanded expo floor.

mWISE mainstage keynotes

mWISE Conference 2023 will deliver engaging and educational mainstage addresses across three action-packed days, purposefully designed by the security community for the security community. Mainstage speakers include highly regarded cybersecurity experts and industry leaders from both the public and private sectors that were selected by a committee of independent experts. 

Mandiant CEO at Google Cloud, Kevin Mandia, will deliver the opening keynote on the nation-state threat landscape, followed by remarks from Federal Bureau of Investigation Director, Christopher Wray, Author and Alternative Reality Game Designer, Dr. Jane McGonigal, PhD, and New York Times Best Selling Author and Journalist, Malcolm Gladwell.

mWISE mainstage: industry panels

• Cyber Intelligence in a Rapidly Changing World. CNN Cybersecurity Reporter Sean Lyngaas will moderate a discussion around how major geopolitical events and new technical demands continue to transform the landscape as well as the challenges and the anticipated opportunities with these changes. Participants will include Jackie Burns Koven, Head of Cyber Threat Intelligence at Chainalysis, John Hultquist, Mandiant Intelligence Chief Analyst at Google Cloud, Selena Larson, Senior Threat Intelligence Analyst at Proofpoint, and Maddie Stone, Security Researcher at Google’s Threat Analysis Group (TAG). This panel will feature a thought-provoking introduction by Sandra Joyce, Vice President, Mandiant Intelligence at Google Cloud.

• Defending Against Advanced Adversaries: Lessons Learned. Charles Carmakal, Mandiant Consulting Chief Technology Officer at Google Cloud, will moderate a discussion with Diane Honda, Chief Administrative Officer of Barracuda Networks, Kelly Bissell, Corporate Vice President for Microsoft, and Jeff Lunglhofer, Chief Information Security Officer at Coinbase, to share the lessons learned from overseeing complex cybersecurity attacks by advanced adversaries from the perspective of business leaders who led their company’s response.

• AI and Security Standards: Maximizing Innovation while Minimizing Risk. Moderated by POLITICO Cybersecurity Reporter, Maggie Miller, experts will discuss the immense potential of Artificial Intelligence (AI) and the need for governments, industry and academia to ensure that this profoundly helpful technology works for everyone. Panelists will include Dmitri Alperovitch, Executive Chairman at the Silverado Policy Accelerator and member of the US Government’s Cyber Safety Review Board, Chris DeRusha, Federal Chief Information Security Officer at the Office of Management and Budget (OMB) and Deputy National Cyber Director (ONCD), Trisha Kothari, Chief Executive Officer at Unit21, and Phil Venables, Chief Information Security Officer at Google Cloud. 

“In an evolving threat landscape fraught with challenges, the mWISE Conference equips attendees across the cybersecurity industry with the knowledge and tools to harden their networks against the threats of today and tomorrow,” said Sandra Toms, Head of Global Experience Marketing, Mandiant & mWISE. “Our dynamic lineup of keynote speakers and panels has been informed by attendees to ensure the broader community can best come together with new ideas to effect change as we continue to fight back against cyber threats.”

Breakout Tracks

On top of dynamic mainstage presentations, mWISE Conference 2023 will feature more than 80 sessions, available both live and on-demand. Each session falls under one of six key tracks curated by an independent program committee: Cloud Security, Intelligence, Security Engineering, Security Operations, Security Threats and Exploits and Third Party and Cyber Risk Management. Sample industry sessions include: “China and Russia’s Use of AI: Impacts on Cybersecurity and Geopolitical Shifts,” “Intelligence Driven Threat Hunting & Detection,” and “Intelligence-led Cyber Resiliency Strategy.”

For the latest mWISE 2023 Conference updates, visit mWISE.Mandiant.com/conf23.

Mobile-powered initiatives are critical to profitability, productivity and competitiveness, as mobile devices and apps are how customers interact with organisations and how employees access resources, collaborate and work.

But J.T. Keating, SVP Corporate Development at Zimperium, cautions that in virtually every sphere of our lives, mobile devices are ubiquitous. This ubiquity has created several key implications for organisations:

He says diverse devices are accessing corporate data, including employee-owned mobile phones and other devices that aren’t managed by corporate IT teams.

Threats to mobile apps and devices continue to rise in both volume and sophistication. My company’s global mobile threat report 2023 (GMTR) highlights that 43% of all compromised devices were fully exploited, an increase of 187% year on year.

The number of mobile apps an organisation offers to employees continues to increase, and at the same time, the number and type of apps that are active on employee and customer devices is exploding.

Sophistication of risks related to mobile devices are increasing, and businesses want to provide more direct access to mobile devices in zero trust environments, creating new challenges for CISOs and security organisations. The GMTR highlighted that 80% of phishing attacks targeted mobile devices.

Regulations and mandates related to device, application and user data continue to be more onerous, and more difficult to adhere to when addressing the global needs of an organisation – Such as the Australian Cyber Security Centre’s (ACSC) 38 mobile security controls.

Security teams face a new set of challenges and need to be aware of the risk:

Devices:  In a BYOD environment, mobile users are the ‘device administrators’. Rather than operating in a relatively protected corporate environment, devices can be used anywhere, may be left anywhere, and are frequently connected to public Wi-Fi. Many organisations allow mobile devices on corporate Wi-Fi without full security assurance.

Apps for business: Traditional enterprise business applications run in a secure data centre on servers’ organisations control, and mobile apps are deployed to app stores, where they are exposed to reverse engineering and tampering by attackers. It’s imperative that organisations assess this potential risk on a continuous basis.

Apps for consumers: Consumer apps are making their way into the corporate world and pose potential security risks to the business. As security professionals, how do we assess the potential risks of such applications, and have processes to assess and respond at scale?

Five key principles for mobile-first security

1. Prioritise and assess risk as close to the user or point of entry as possible. Organisations need to prioritise securing mobile powered business initiatives across all mobile devices and apps. Such as reviewing the Australian Information Security Manual (ISM), specific to mobile recommendations.

2. Operate in a known state – visibility and vulnerability assessment for all your entry points.  Gain complete visibility of your mobile ecosystem and risk level. Automatically assess vulnerabilities and address them, without throttling productivity. Establish safeguards that are measurable, auditable, and insurable.

3. Enhance your detection and response strategy for mobile. Detect anomalies and prioritise remediations based on contextual intelligence, so the most critical gaps are addressed first. Embed security across the device and application lifecycle, provide risk-based response, and enable zero trust assessment of mobile endpoints.
4. Start the autonomous journey. Dynamically respond to ever-changing threats and mobile ecosystems. Automatically isolate compromised devices and untrusted environments. Establish a proactive, resilient, and scalable security posture.

5. Minimise risk compliance failures. Stay ahead of regulations, data sovereignty and privacy standards, while respecting employees’ work/life boundaries. Such as the ACSC’s mobile security controls.

When developing applications internally, or if applications are developed for an organisation by third parties, consider the following questions:

#  Often organisations are using external services for application review – typically, security flaws are assessed. Knowing that development teams release versions of apps one to four times a month, consider how to deliver assurance of security at scale without impacting development performance?

#  How are you assessing privacy and compliance issues of the applications you are releasing?

#  Are your apps using code obfuscation or integrity checking? How are you attempting to thwart reverse engineering?

#  How well do your app protection approaches score when compared against Open Worldwide Application Security Project (OWASP), Mobile Application Security Verification Standard (MASVS), National Information Assurance Partnership (NIAP), or Mobile Payments on COTS (MPoC) standards?

There’s no turning back. The mobile-powered business is here to stay. Given that reality, what are practical steps that security teams can take? Here are some key questions to consider.

• How are you baselining your initial mobile device risk posture for both managed and unmanaged devices and responding dynamically to elevated risk?

• How many mobile devices are accessing corporate assets that are unmanaged or without visibility?
• What is the strategy for BYO devices and unmanaged applications?

• What are the zero trust initiatives, and where does mobile fit?

• What is the vision for consolidating mobile security telemetry as part of your data lake and extended detection and response (XDR) strategies?

• Organisations often have a solid strategy for email phishing attacks – How does the organisation reduce risk, measure, and respond to mobile phishing attacks?

• What is your strategy for mobile ransomware and spyware?

• How are you assessing the potential risk of publicly available applications on managed and unmanaged devices?

• How are you addressing local privacy and data laws and compliance needs across your mobile assets (devices and apps)? Such as the Australian Privacy Act.