A pioneer of LogRhythm’s Asia Pacific operations, Joanne Wong’s appointment reinforces LogRhythm’s commitment to employee advancement through strategic internal promotions
LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy insights, today announced the appointment of Joanne Wong as Interim Chief Marketing Officer.
Wong brings a wealth of experience to her new role, proven over nine years of driving successful marketing initiatives at LogRhythm. She will lead all aspects of LogRhythm’s global brand and marketing strategy, with a key focus on partnering with sales to grow pipelines, elevate brand visibility, and empower customer satisfaction. Wong will join the executive leadership team and report directly to Christopher O’Malley, President and CEO of LogRhythm.
“Joanne’s strategic mindset and proven ability to deliver growth at scale will be critical assets to a revitalised LogRhythm,” said Christopher O’Malley, President and CEO at LogRhythm. “As we continue to innovate, Joanne will play an integral role in leading the future of LogRhythm’s brand and connecting us with our customers in meaningful ways that drive accelerated growth for our security solutions.”
“I am both thrilled and proud to step up as the Chief Marketing Officer. LogRhythm is a company with both a strong legacy and great potential in the SIEM market, as well as a great culture where every professional can thrive. It is an honour to lead the charge in shaping our brand’s story globally, and I look forward to working with our talented teams across the world in our pursuit of making security easy for our customers,” said Joanne Wong, Interim Chief Marketing Officer at LogRhythm.
As one of the pioneers who started LogRhythm’s operations in Asia Pacific via its regional headquarters in Singapore, Wong most recently served as Vice President of International Markets, Asia Pacific and Japan (APJ) and Europe, Middle East and Africa (EMEA) regions. A lawyer by training, Wong built much of her career in the technology sector, with over 25 years in the industry.
Beyond her role, Wong is a keen advocate for gender equality and diversity in the technology sector. She was a pioneering member of LogRhythm’s Global Diversity Council, where she led initiatives that ensure workplace inclusivity and diversity within the company. Her contributions and achievements earned her recognition as the finalist for the Women in Security ASEAN Region Awards and the Channel Asia Women in ICT Awards under the Achievement Category in 2023.
Wong’s appointment not only strengthens LogRhythm’s executive team but also underscores the company’s commitment to fostering a workplace culture where individuals from diverse backgrounds are valued and given equal opportunities to thrive. As LogRhythm celebrates International Women’s Day, the company remains committed to fostering an environment that values and harnesses the unique perspectives and contributions of all its employees. To explore professional opportunities at LogRhythm, visit logrhythm.com/careers.
Founded in 2016, NSTA Central is unlike any other training facility in Melbourne and possibly the leading training facility of its kind in Australia outside of government-run facilities.
Located in Footscray in Melbourne’s West, NSTA was built in direct response to demand from the industry for a full-service training facility that could cater to a wide range of environments.
According to co-founder and CEO Eleni Yannacaros, “The challenge that we wanted to overcome was a lack of realistic training.
So we’ve created a facility here that caters for a wide range of different environments. It’s not just the security industry that we’re catering for; we’re trying to cater for as many as possible, from hospitality to retail, customer service and, of course, security.”
According to co-founder and director of training Ray Parmenter, “What sets us apart is not only the trainers and the expertise that we bring to our training, along with over 20 years of knowledge and experience, but it’s the venue, it’s the facilities. There’s nothing else like it.”
The facility has been built with the express goal of offering students and organisations alike, unparalleled realism through the simulation of a variety of real-world environments, all under one roof in a single training environment: from critical response, first aid, transport screening and traffic management, to a wide array of hospital environments, including conflict management, code grey and code black scenarios. The facility even offers live-fire simunition, force-on-force firearms training.
Ken Marks, Vice President, Global Channels at SentinelOne
New solution provides comprehensive endpoint control in one centralised view and single-click visibility, protection, and response, revolutionising endpoint protection
NinjaOne, LLC, a leading IT platform for endpoint management, security, and visibility, andSentinelOne, Inc. (NYSE: S), a global leader in AI-powered security, today launched a bi-directional product integration that redefines endpoint protection through the merging of IT operations and security. The cutting-edge solution provides enterprise security teams with leading levels of control and simplicity, while revolutionising the management and security of digital environments.
“The combination of SentinelOne and NinjaOne introduces a paradigm shift in how we approach cybersecurity and IT operations,” said Ken Marks, Vice President, Global Channels at SentinelOne. “Our integration leverages state-of-the-art, AI-driven security solutions to provide IT, MSPs, and security teams with real-time insights and threat correlations. This strategic union is designed to improve threat detection, streamline response efforts, and elevate both endpoint protection and IT operations to unprecedented levels of efficiency and effectiveness.”
The integration combines NinjaOne’s award-winning Endpoint Management and Remote Monitoring and Management (RMM) platforms with SentinelOne’s best-in-class endpoint protection platform (EPP) Singularity™ Control as well as its endpoint detection and response (EDR) and threat hunting solutionSingularity Complete. The joint solution empowers teams with:
One-click Threat Visibility and Response: Teams can immediately view threat alerts in NinjaOne for cyber threats detected by SentinelOne and, with a single click, go directly to that affected device in the SentinelOne console to investigate and remediate.
Immediate Threat Alerting: NinjaOne can notify technicians via SMS, Slack, Microsoft Teams, PagerDuty, or email as well as in the platform.
Automated Deployment and Easy Migration: NinjaOne can easily deploy the SentinelOne agent to endpoints using policies. Customers who already have SentinelOne instances can quickly utilise the integration to centralise security management within NinjaOne.
“Integrating SentinelOne with NinjaOne makes it easier than ever for our joint customers to protect themselves and their most valuable data,” said Rahul Hirani, Senior Vice President of Product Management at NinjaOne. “In automating endpoint protection deployment and providing seamless one-click integration between our platforms when a threat is detected, we are effectively consolidating IT and security into a single view and empowering them to work more proactively and efficiently,”
Phillip Mariscal, Director of IT at California Truck Centers, is already taking advantage of the integration, and agrees.
“The SentinelOne integration with NinjaOne is seamless. The deployment process was so quick and easy. When an alert comes in, my technicians can confirm its legitimacy through NinjaOne, which saves so much time,” said Mariscal. “The SentinelOne integration gives security visibility to all my technicians regardless of scope. We can see everything in one pane of glass which increases my team’s productivity.”
For more information on the NinjaOne and SentinelOne integration, click here.
Web DDoS attacks relentlessly continue throughout the year
DNS query flood vectors increase more than three fold
Government, business/economy, and travel websites face the most hacktivist claimed DDoS attacks worldwide
“The technological race between good and bad actors has never been more intense,” said Pascal Geenens, Radware’s director of threat intelligence. “With advancements like Generative AI,
inexperienced threat actors are becoming more proficient and skilled attackers more emboldened. In 2024, look for attack numbers to climb and attack patterns, like the shift in Web DDoS attacks, to continue to evolve.”
Radware’s comprehensive report leverages intelligence provided by network and application attack activity sourced from Radware’s Cloud and Managed Services, Global Deception Network, and threat intelligence research team during 2023. In addition, it draws from information found on Telegram, a public messaging platform often used by cybercriminals.
Radware’s report reveals key themes about the emerging threat landscape.
DDoS Attacks Surge Unprosecuted
“With almost two years of illegal denial of service left unprosecuted following Russia’s invasion of Ukraine and the unfettered rise of hacktivism, the threshold into a life of cybercrime has reached a new low,” said Geenens. “We have yet to see DDoS attacks used as a mainstream vehicle to settle disagreements or differences, but plenty of groundwork has been laid by proficient hacktivists.”
Between the close of 2022 and 2023 DDoS attacks rose worldwide:
Globally, the average number of DDoS attacks per customer grew by 94%. On a regional basis, the increase in the number of DDoS attacks targeting customers varied:
EMEA rose 43%
The Americas grew 196%
APAC climbed 260%
The Americas were targeted by almost half of all global DDoS attacks. The EMEA region, accounting for 39% of the DDoS attacks, mitigated 65% of the global DDoS attack volume. The APAC region accounted for almost 12% of global DDoS attacks.
Hacktivists Attack with Unrelenting Conviction
“In 2023, geopolitical conflicts and ideological and religious motivations fueled cyber operations and online campaigns,” explained Geenens. “New hacktivist tactics first introduced in 2022 after Russia invaded Ukraine spread and accelerated. Hacktivist-driven DDoS activity peaked in October of 2023, reaching record levels, following the conflict between Israel and Hamas.”
According to data gathered from Telegram:
Number of attacks: In the first half of 2023, threat actors claimed 5,606 attacks. During the second half, this number increased by 24% to 6,971 claimed DDoS attacks.
Geographic targets: In 2023, Israel was the country most targeted by hacktivists with 1480 DDoS attacks, followed by India (1242 attacks) and the United States (1164 attacks).
Top claiming actors: With 3,391 claimed DDoS attacks, NoName057(16) was by far the most active hacker group in 2023, followed by Anonymous Sudan (793 attacks) and Executor DDoS v2 (765 attacks).
Websitetargets: Globally, the most targeted web category in 2023 was government with 2,694 claimed attacks. Business/economy and travel websites ranked second and third, with 1793 and 1624 attacks
Web DDoS Attacks Emerge as a Threat
“Throughout 2023, we observed a global shift in DDoS tactics as attacks grew more sophisticated, catching companies off guard and hitting where it hurts most,” reported Geenens. “Increasingly, DoS attacks progressed to Layer 7, giving rise to damaging Web DDoS threats. Layer 7 attacks target not just online applications and their APIs, but also essential infrastructure, such as the Domain
Name System.”
In 2023, almost 95% of the attacks targeting DNS services leveraged DNS-A query
DNS query flood vectors increased more than three-fold from fewer than 9 out of every 1,000 attack vectors before the fourth quarter of 2022 to 28 out of every 1,000 during the fourth quarter of 2023.
The total malicious web application and API transactions increased by 171% in 2023 compared to 2022. A significant part of this increase in activity can be attributed to layer 7 encrypted web application attacks or Web DDoS
Industries Face Disproportionate Assaults
“In 2023, finance, retail and research and education saw the highest share of cyber attacks among leading industries worldwide,” said Geenens. “These high-value targets attract malicious actors because of the lucrative and sensitive data they store, the widespread disruption and publicity they generate when breached, and the tactical advantage they serve in hybrid warfare.”
GlobalDDoSattackactivity:
Finance and technology organizations bore 29% and 22% of the attacks respectively, approximately half of which were encrypted web
Healthcare experienced 14% of the attacks, with 92% of the attack activity consisting of TCP attack
The government had to fend off 12% of the attacks, with the most aggressive attacks (45%) coming in the form of DNS-A query
Globalweb application and API attack activity:
Retail (37%) and transportation (19%) were the most attacked industries. Software as a service (8%), carrier (8%), and utility (4%) rounded out the top five most attacked industries.
Organizations in research and education (32%), telecom (25%), technology (19%), finance (10%), and healthcare (6%) were most targeted by DNS flood attacks.
Radware’s complete 2024 Global Threat Analysis Report can be downloaded here.
Integrate and the Security Exhibition & Conference, the premier events for the AV technology and security industries, are set to take place at the International Convention Centre (ICC) Sydney from August 21st to 23rd. This year’s edition promises to be a groundbreaking collaboration as BICSI South Pacific – the local ‘arm’ of the global association for advancement in the information and communications technology (ICT) community, announces its participation.
Soren Norgaard, Event Manager, Commercial Product Manager for Integrate and the Security Exhibition & Conference expressed his excitement about this significant development. “We are thrilled to announce that BICSI will be joining us at the ICC Sydney this year. The synergy between our events and BICSI’s commitment to advancing the ICT industry makes this collaboration truly impactful.”
BICSI South Pacific’s decision to run its conference alongside Integrate and the Security Exhibition & Conference marks a first in the industry. This strategic alignment is seen as a natural fit, fostering an environment where professionals from various sectors can converge to exchange insights, explore cutting-edge technologies, and cultivate meaningful connections.
Paul Stathis, CEO of BICSI South Pacific, shared his perspective on this collaboration. “Bringing the BICSI conference alongside Integrate, and the Security Exhibition & Conference is a pioneering move, and we believe it’s a perfect fit for our respective industries. Most, if not, all building services are digital and connected to the Internet, so it makes perfect sense to co-locate our event with the AV and Security industries’ main event in Australia – Integrate & Security Show. This unique combination will provide attendees from all three industry sectors with unparalleled opportunities for networking, learning, and staying at the forefront of industry advancements.”
With a focus on innovation, integration, and security, the joint event aims to bring together thought leaders, experts, and enthusiasts from the ICT, integration, and security sectors. The expo will feature an extensive showcase of products and services, along with insightful seminars and networking sessions, creating an immersive experience for attendees. BICSI will be joining longstanding industry associations ASIAL (Australian Security Industry Association Limited)
About Integrate and the Security Exhibition & Conference organised by Diversified Communications Australia: Integrate and the Security Exhibition & Conference are the premier events in the integration and security industries, providing a platform for professionals to discover the latest technologies, exchange ideas, and build valuable connections. With a focus on innovation and industry advancements, these events are essential for staying at the forefront of the rapidly evolving sectors.
About BICSI: BICSI is a global association advancing the information and communications technology (ICT) community. With a commitment to providing education, certification, and standards, BICSI promotes the evolution of the ICT industry and the growth of professionals within it. For more information, visit www.bicsi.com.au.
Cyber security company Exabeam has announced two new features, Threat Center and Exabeam Copilot, adding to its market leading AI-driven Exabeam Security Operations Platform.
A first-to-market combination, Threat Center is a unified workbench for threat detection, investigation, and response (TDIR) that simplifies and centralises security analyst workflows, while Exabeam Copilot uses generative AI to help analysts quickly understand active threats and offers best practices for rapid response. These leading-edge innovations greatly reduce learning curves for security analysts and accelerate their productivity in the SOC.
“We built Threat Center with Exabeam Copilot to give security analysts a simple, central interface to execute their most critical TDIR functions, automate routine tasks, and supercharge investigations for analysts at any skill level,” said Steve Wilson, Chief Product Officer, Exabeam. “These new features amp up the value of our AI-driven security operations platform and take analyst productivity, efficiency, and effectiveness to new heights. Threat Center helps security analysts overcome one of the biggest challenges we’ve heard from them — having to deal with too many fragmented interfaces in their environments. By combining Threat Center with Exabeam Copilot we not only improve security analyst workflows, we also lighten their workload.”
Solving for Lack of Visibility and Automation
Security operations teams are often challenged with managing multiple security tools, which can lead to siloed data and a lack of visibility into threats. This can make it difficult to understand their entire threat landscape and execute TDIR in a timely manner.
According to Exabeam’s recent The State of Threat Detection, Investigation, and Response (TDIR) Report 2023, organizations globally reported that they can “see” or monitor only 66% of their IT environments, leaving ample room for blindspots. Exabeam customers are already using the Outcomes Navigator feature as a driver to know what parts of their environments they are able to monitor for TDIR and where coverage improvement may still be needed. Threat Center streamlines these processes further to remediate threats against covered areas faster.
The report also reveals that only slightly more than half (53%) of global organizations have automated 50% or less of their TDIR workflow. With Threat Center and Exabeam Copilot, the Exabeam Security Operations Platform applies AI and automation to security operations workflows for a holistic approach to cyberthreats, helping companies solve for a lack of automation and ultimately accelerating response.
Powered by AI-driven detection, the Exabeam platform easily pinpoints high-risk threats by learning the normal behavior of users and entities and prioritizing threats with context-aware risk scoring — all now presented through the Threat Center interface — for faster, more accurate, and consistent TDIR. Revealed as the second most identified need in the Exabeam TDIR report — 35% of respondents reported a desire for improved understanding of normal user and entity and peer group behavior within their organization.
More About Threat Center and Exabeam Copilot
Threat Center unifies threat management, investigation tools, and automation to accelerate and efficiently investigate and respond to threats. Powered by an advanced security-trained, generative AI model, Exabeam Copilot supercharges security analyst investigations.
Threat Center with Exabeam Copilot helps analysts:
Understand an entire threat that spans multiple detections to tell a complete story of what happened.
Conduct complex powerful search queries in plain natural language.
Understand a threat, and know how to respond, using generative AI threat explanations for clear cross-organization communication.
Prioritize alerts and cases, with context-aware risk scoring.
Reduce the number of alerts that analysts need to investigate – detection grouping associates related entities and events.
Optimize SOC team collaboration with case sharing, case escalation, and shared notes.
Visualize evidence with interactive threat timelines and instant access to relative data including behavioral models, users, and endpoints.
Author automation rules critical to SOC workflows, such as escalating specific alerts to cases or queues via APIs or webhooks.
Utilize pre-built playbooks with the ability to view, disable or clone for easy customization.
Maximize Microsoft Sentinel Investment with Exabeam
In addition to identifying high-risk threats, providing faster, more accurate investigation and response, and improving threat coverage, the AI-driven Exabeam Security Operations Platform helps security teams realize the full potential of their security investments. Also announced today, customers can now add Exabeam TDIR capabilities on top of existing Microsoft Sentinel deployments. Extending industry-leading Exabeam analytics and automation to Microsoft Sentinel helps organizations realize new potential from their SIEM.
With Exabeam, Microsoft Sentinel users can see new detections with broader insights and automate workflows, ingest data from a wide range of Microsoft and best-of-breed security products, and accelerate the TDIR capabilities of their SIEM deployment. The Collector for Microsoft Sentinel adds to a growing list of supported SIEM products – Splunk and IBM QRadar, to name a few.
Customer Feedback
“The potential of generative AI to drive accuracy and speed within the SOC delivering increased productivity is becoming a reality through features like Threat Center and Exabeam Copilot,” said Colin Anderson, Chief Information Security Officer, Dayforce. “Threat Center will save analysts countless hours by enabling SOC analysts to work from one single interface performing investigations and taking actions against identified threats. The Exabeam Copilot AI virtual assistant will be a force multiplier for SOC teams helping to improve cybersecurity across organizations.”
“We are pleased to see the new detection grouping logic inside Threat Center that will give us the comprehensive context we need in one spot about multiple security alerts without having to pivot to another location –– this will be especially helpful when multiple alerts turn out to be related to a single threat impacting more than one user or entity on the network,” said Lindbergh Caldeira, Cyber Security Operations Manager, SA Power Networks. “We are equally excited to work with Exabeam Copilot, which is like having a subject matter expert right by your side as you investigate and respond to incidents. Exabeam Copilot will help veteran and new analysts alike be far more efficient in the SOC.”
“We are excited to see Exabeam’s generative AI-powered features integrated into their latest technology. You don’t choose your threats. Your threats choose you with little to no warning. We look forward to using Threat Center for a cohesive platform that will allow us to protect our members’ assets and financial data,” said Carl Scaffidi, Chief Information Security Officer, VyStar Credit Union. “Exabeam Copilot will let us ask very specific questions and get immediate actionable answers, speeding up threat hunting, investigation and response times.”
General availability of the new features begins in March 2024.
For more information about the AI-driven Exabeam Security Operations Platform, visit the Exabeam website.
Peter Barker, Chief Product Officer at Ping Identity
Ping Identity, a leading provider of seamless and secure digital experiences, has been named an Overall leader in the 2024 KuppingerCole Leadership Compass for Identity Fabrics. In addition to being named an Overall leader, Ping was marked a leader in the Innovation, Product, and Market categories.
“Ping Identity is in a strong position with the combined portfolio,” said Martin Kuppinger, Founder and Principal Analyst at KuppingerCole. “With strong support for hybrid environments, being very feature rich, and orchestration capabilities that simplify deployments, including hybrid deployments.”
The Ping Identity Platform offers innovative features and robust product capabilities that can be delivered via cloud, self-managed software, or hybrid deployments. Capabilities highlighted include Leading Edge-Access Management, Strong Identity Lifecycle Management and Identity Orchestration.
“Ping and ForgeRock joined together to deliver more choice, deeper expertise, and a more complete identity solution for customers and partners,” said Peter Barker, Chief Product Officer at Ping Identity. “It’s an honour to be evaluated and named a leader by KuppingerCole as a combined product portfolio. This represents the strength of our collective offering and our unique ability to provide solutions to cover virtually any identity type, business need, or deployment model.”
KuppingerCole also named Ping Identity as an Overall Leader for Policy Based Access Management, receiving praise for agile solutioning in diverse corporate environments, features strength in CIAM deployments, and connector capabilities with APIs to source data. To learn more about why Ping Identity was named a leader by KuppingerCole, read the blog.
Partners highly rate WatchGuard for delivering a top partner experience, programs and enablement, and sales engagement.
Michelle Welsh, CMO and senior vice president of business strategy at WatchGuard Technologies
WatchGuard Technologies, a global leader in unified cybersecurity, announced today it has been recognised as a Cybersecurity Channel Champion in the 2023 Canalys Global Cybersecurity Leadership Matrix. The annual report assesses vendor performance in the channel over the last 12 months based on partner feedback, vendor surveys, Canalys shipment estimates, and analyst insight. The recognition marks the second consecutive year that WatchGuard achieved Champion status in the Canalys report.
“As a longtime WatchGuard partner, I’ve witnessed firsthand their commitment to enabling channel partners to succeed by delivering industry-leading security solutions, offering the best technical and sales trainings, and providing first-class customer support,” said Don Gulling, president and CEO of Verteks Consulting. “WatchGuard continually demonstrates what it means to be a partner-first organisation by offering unparalleled support that enables us to grow our business profitably. They’ve shown us time and again that they are truly vested in our success. This recognition is well-deserved.”
To attain Champion recognition, Canalys identified vendors that demonstrated not just the highest levels of excellence in channel management and market performance in cybersecurity but also ongoing momentum. In its assessment of WatchGuard, Canalys reported that “WatchGuard’s commitment to the channel was demonstrated by its continued investment in key product, program, and enablement initiatives over the last 12 months, especially with MSPs in the SMB and midmarket segments. Partners highly rated the ease of doing business and the quality of [WatchGuard’s] account management.”
“We are absolutely thrilled to be honoured once again as a Canalys Channel Champion,” said Michelle Welch, WatchGuard Technologies CMO and senior vice president of business strategy. “This recognition reflects WatchGuard’s partner-first approach and ongoing commitment to enabling MSP success, creating growth opportunities, and increasing partner profitability. Everything we do ‒ from the continuous enhancements to our MSP-focused Unified Security Platform® framework to the industry-leading partner enablement and support benefits we offer in our WatchGuardONE channel partner program ‒ we do with the best interests of our partners in mind.”
Canalys noted that WatchGuard’s Unified Security Platform architecture and the WatchGuardONE channel partner program are designed to help partners reduce costs, improve efficiency, and win business. WatchGuardONE offers three levels of participation for partners to unlock product discounts, priority support, cooperative marketing funds, deal registration, exclusive tools and resources, and other benefits through an engagement-based approach.
The 2023 Cybersecurity Leadership Matrix assessed 30 vendors based on the following criteria: partner feedback, vendor performance, and analyst insights into their vision and strategy, leadership, partner initiatives, and enablement. Inclusion was based on vendors meeting two thresholds: a minimum annual revenue of US $200 million from cybersecurity (excluding professional services), and more than 50% of business going through the channel. The report identifies and positions vendors in one of four quadrants: Champions, Scalers, Contenders, and Foundations.
The security industry will come together on Thursday 24th October 2024 to celebrate excellence and innovation. Award winners and finalists will be recognised at the prestigious 2024 #SecurityAwards Ceremony and Dinner in Melbourne.
Organised by ASIAL, the 28th Australian Security Industry Awards for Excellence will be joined by the 9th Outstanding Security Performance Awards (the OSPAs) and 13th Australian Security Medals Awards. The three security industry awards programs combined into a unified event serve to enhance the industry, fostering a collective celebration of the industry’s accomplishments and excellence throughout the year.
Award recipients will be recognised at a special dinner to be held at the Park Hyatt Melbourne on Thursday 24th October 2024.
Why You Should Nominate!
2024 #SecurityAwards Categories & Nomination Information
Australian Security Industry Awards for Excellence – 14 Awards
Select the desired registration option, Table of 10 or Ticket. It will automatically be added to your ‘itinerary’ depending on the option selected.
If you wish to register more than 1 attendee or need more than 1 table of 10, simply follow these 3 easy steps:
1. Enter the total quantity you want to purchase in the relevant field (i.e., if you want 10 in total, type 10 in the field)
2. Click update. This will then reflect the total price.
(you can add additional individual tickets or tables of 10 at this point if you put the quantity in the field and click ‘Add’)
3. If this is correct, click on ‘Proceed to checkout’.
If you have made an error in the number, simply click on ‘Remove’ in the cart and start the process again.
When
24/10/2024 6:30 PM – 10:30 PM
AUS Eastern Summer Time
Genetec Inc. (“Genetec”), a leading technology provider of unified security, public safety, operations, and business intelligence solutions, has recently announced Security Center SaaS. Built with cybersecurity and privacy at its core, the new offering is a massively scalable, open, and unified software as a service solution (SaaS). Combining access control, video management, forensic search, intrusion monitoring, automation, and many other advanced security capabilities, Security Center SaaS ushers in a new chapter in the technology evolution of the physical security industry.
“The physical security industry in Australia and New Zealand and globally has not been able to get cloud or software as a service quite right, especially for enterprise customers,” said Christian Morin, Vice President of Product Engineering and CSO, Genetec Inc. “With Security Center SaaS, organisations are no longer beholden to proprietary or feature-poor as a service solutions that needlessly force a choice of either all on-prem or all cloud. The enterprise capabilities and open architecture of Security Center SaaS are designed to enable systems to handle complex workloads where they make the most sense to be deployed. This flexibility addresses a longstanding need of end users and fills an important gap in the market,” he said.
A hybrid SaaS solution built for channel partners
As deployments become increasingly sophisticated, end users rely on trusted security professionals to guide them through their transition to cloud and hybrid environments. To bring this new SaaS solution to the market, Genetec has transformed its entire approach to procurement, deployment, and maintenance without compromising the enterprise-grade capabilities for which its solutions are known.
George Moawad, Country Manager ANZ, Genetec Inc explains, “Current approaches to SaaS have undercut the role of channel partners, whom we see as central to customer and project success. Security Center SaaS represents an important opportunity for our systems integrators. It means better margins and long-term customer satisfaction, with no additional investment in time or resources on the part of partners.
With an automated quoting and ordering process, systems can be fully operational within minutes from when the order is placed. The brand-new Genetec Portal makes it easy to quote, order, deploy, and manage large deployments so that channel partners can continue growing their business and deliver the technology and ownership options that their end users demand.
Enterprise-grade experience in the cloud
With the ability to centralise the monitoring and management of multiple sites, Security Center SaaS is ideally suited to meet the needs of customers in Australia and New Zealand across a wide range of verticals, including retail, education, corporate campuses, banking, healthcare, and governments. It can serve low-density deployments with a handful of direct-to-cloud devices and scale up to thousands of sites and devices with hybrid storage and processing. Operators can manage operations from a SOC (Security Operation Center) or on the go through robust web and mobile applications.
A seamless evolution to the cloud
Security Center SaaS is a deployment-agnostic platform that supports a range of configurations. Based on a hybrid-SaaS architecture, the new solution allows organisations to move components and sites to the cloud based on their needs and requirements using a combination of cloud-native services and cloud-managed appliances, with storage and processing at the edge. Because of its open architecture, Security Center SaaS gives organisations the freedom to choose the devices, cameras, and door controllers that work best for their business.
Security Center SaaS can also connect seamlessly with existing on-premises security devices and infrastructure. Access control devices and cameras that are not cloud-ready can easily be connected to Security Center SaaS using Genetec edge appliances.
Availability
Available In Australia and New Zealand as well as globally in April 2024 from certified Genetec partners, Security Center SaaS is offered in tiered subscription plans based on the number of device connections needed.
In addition to the recent launch of Security Centre SAAS, Gentec yesterday officially opened their new office and state-of-the-art Experience Centre, located in Sydney, Australia.
Named SYXC, the new Experience Centre is located within Sydney’s Tech Central precinct at 477 Pitt Street and features innovative solutions from Genetec and its large ecosystem of industry-leading technology partners. The new facility will serve as a hub for Genetec partners and customers located in the ANZ region. SYXC is the latest addition to the company’s existing Experience Centres in Montreal, Paris, London, Mexico City, Washington D.C., Dubai, and Singapore.
The Hon. Anoulack Chanthivong, New South Wales Minister for Industry and Trade will join Pierre Racz, President, Genetec Inc., Michel Chalouhi, Genetec Vice President of Global Sales, Andrew Elvish, Genetec Vice President of Marketing, Daniel Lee, Genetec Managing Director of APAC, and George Moawad, Genetec Country Manager of Australia and New Zealand, along with Invest Quebec and other dignitaries for the unveiling. Genetec partners at the launch will include Convergint Technologies, Fortis, and ACG Integration.
Mr. Chanthivong congratulated Genetec on the opening of its new Experience Centre and for choosing Tech Central as the base for its Oceania headquarters.
“This is another vote of confidence in NSW as the premier destination in Australia for global businesses to invest and grow. Tech Central is Australia’s largest technology and innovation hub, and we welcome Genetec to its growing community of members.” Mr. Chanthivong said.
“Fostering innovation growth through international collaboration, partnerships, and cutting-edge technology is critical to future proofing the state. We welcome the Genetec commitment to creating jobs and investing in NSW and look forward to working with them to lock in future growth.”
“Genetec is investing significantly and playing a lead role in supporting Australian and New Zealand private sector organisations and government agencies to strengthen and bolster their physical security operations,” says Daniel Lee, Managing Director, APAC, Genetec Inc. “With the opening of the Sydney Experience Centre, Genetec is continuing to expand its global footprint to give channel partners, technology partners, and end users an opportunity to experience first-hand the innovative technology and solutions that Genetec has to offer.”
The state-of-the-art Experience Centre will operate as a fully functioning Security Operations Centre and include an Internet of Things (IoT) wall, providing an immersive experience for customers in any industry to see how Genetec solutions can directly enhance their security and operations. Other features include a training centre and a modern workspace to accommodate the fast-growing Genetec ANZ team.
“Genetec will showcase video management, access control, license plate recognition, security and communications management, and secure cloud services to protect people and places. We encourage organisations interested in viewing the innovative physical security technology and solutions in action to contact us for a personalised tour,” explains George Moawad, Country Manager, ANZ, Genetec Inc.
About Genetec
Genetec Inc. is a global technology company that has been transforming the physical security industry for over 25 years. Today, the company develops solutions designed to improve security, intelligence, and operations for enterprises, governments, and the communities in which we live. Its flagship product, Security Center, is an open-architecture platform that unifies IP-based video surveillance, access control, automatic license plate recognition (ALPR), communications, and analytics. Founded in 1997, and headquartered in Montreal, Canada, Genetec serves its customers via an extensive network of certified channel partners and consultants in over 159 countries.
Cyber security and application delivery vendors Radware have released a new business model they say will provide more opportunities to managed security services providers, while reducing the cost of ownership.
Radware® (NASDAQ: RDWR) has announced the new ‘flexible business model’ for MSSPs, stating that ‘the offering enables service providers to enjoy new revenue streams and grow their businesses by extending an innovative line of managed network and application security services to their customers’.
“MSSPs are under constant pressure to evolve their services and deliver an exceptional user experience without eroding their margins,” said Haim Zelikovsky, vice president of Radware’s cloud business. “Our security experts work alongside service providers to not only defend their customers against cyber threats, but also offer them a unique opportunity to create an industry-leading portfolio of security services that can drive new revenue streams.”
Catering to their business needs, Radware’s new offering enables MSSPs to customise, rebrand, and resell the company’s Cloud DDoS Protection and Cloud Application Protection Services. The services are built to defend MSSPs’ customers against advanced cyber threats, including DDoS, DNS, application, and layer 7 Web DDoS attacks.
Leading service providers like US Signal are working with Radware to expand their cyber defence portfolios and strengthen their customers’ experiences.
“Radware understands the unique needs and challenges that service providers face. In addition, to meeting important scale and technology requirements, what sets Radware’s MSSP program apart is the built-in support it offers in standing up a comprehensive security service practice,” said David Humes, vice president of product development for US Signal, a leading provider of cloud solutions, network connectivity, and data centre services. “We selected Radware for their advanced technology, expertise in surgically combating volumetric attacks, and ability to help us fast track a new value-added security offering for our customers.”
Radware’s network and application security solutions are built on AI-powered algorithms to protect legitimate user experiences while minimising false positives and the need for human intervention. The company has received numerous awards for its security solutions. Industry analysts such as Aite-Novarica Group, Forrester Research, Gartner, GigaOm, KuppingerCole, and Quadrant Knowledge Solutions continue to recognise Radware as a market leader in cyber security.
Despite tireless work by IT security teams and large budgets directed to protective tools and services, the threat of damaging cyberattacks remains concerningly high for businesses of all sizes.
While significant progress has been made to combat this issue, the ability of cybercriminals to adapt and make use of new tactics makes staying safe a challenge. When issues such as the rise in remote working and use of cloud platforms is added, the threat landscape becomes even more complex.
According to a recent study by US-based Cybersecurity Ventures[1], an attack took place every 39 seconds in 2023. That translates into more than 2,200 cases each day.
This compares with a similar study in 2022 that found an incident occurred every 44 seconds. This rising attack rate is concerning for IT security teams, who are facing increasingly sophisticated threats designed to circumvent cybersecurity protocols.
For this reason, it is important for organisations to be aware of the types of cyberattacks currently taking place so that they can adapt their strategies to deal with these threats more effectively.
There are currently three attack modes that sit at the top of priority lists for security teams. They are:
Malware attacks:
These attacks involve cybercriminals using malicious software to invade, damage, or disable computers, computer systems, networks, and devices. As a result, they are often able to take control of a target’s IT infrastructure.
Within the malware group, there are different attack types that compromise the security and internal systems of companies. It was one of the biggest threats in 2023 and this is expected to remain the case throughout 2024.
Ransomware attacks:
Ransomware attacks use a form of malicious software that encrypts files or blocks access to a system or device. Ransomware usually affects all types of organisations, regardless of size, but particularly those that use and store critical information.
Once the malicious software is installed, cybercriminals then demand a ransom from their victims in exchange for unlocking access to the system. According to a recent WatchGuard report[2], ransomware attacks were the top threat in 2023, and showed a 95% year-on-year increase in terms of frequency.
Phishing attacks:
These are the widest-known form of attack as they affect the end user and tend to impact everyday online activities. Despite increasing awareness of this threat, new modalities have emerged in recent months that continue to make phishing one of the most common problems.
Thanks to recent technologies and the use of artificial intelligence (AI), cybercriminals have managed to perfect their techniques by simulating the voices of acquaintances through vishing or launching smishing attacks carried out through SMS or services such as WhatsApp.
The risks for SMBs
Given this persistent threat landscape, it is crucial for businesses of all sizes to be aware of the dangers of these increasingly common attacks, as well as their evolution and development.
Small and mid-sized businesses are certainly not immune to cyberattacks. Indeed, many cybercriminals actively target smaller-size organisations because they often operate with smaller cybersecurity budgets and have less protective infrastructure.
The situation was highlighted in a report[3] by the Identity Theft Resource Centre (ITRC) that reveals 73% of small businesses state they have encountered cybersecurity problems during the past year. Given this threat landscape, small and midsize companies need to protect their systems efficiently by using a sophisticated cybersecurity service personalised to meet their needs.
Some key ways SMBs can strengthen their security posture include:
· Engage a professional partner: Smaller-sized businesses do not always have a specialised internal cybersecurity team, so many find benefit in using the services of a managed service provider (MSP). An MSP will carry out effective monitoring and provide a personalised assessment to help a business protect against potential cybersecurity breaches.
· Conduct regular staff training:
Many cyberattacks are caused by employee errors or malpractice when using cybersecurity systems. Developing regular training boosts employee cybersecurity awareness and equips them with the tools they need to help protect internal systems.
· Consider taking out cyber insurance:
While protecting against threats is a must, having support that protects the company in the event of a cyberattack is also very useful. Cyber insurance can mitigate any damage caused by a cyberattack significantly, so it is worth considering putting a policy in place.
· Keep software updated:
While it might sound obvious, ensuring all updates to software are applied can make a big difference. Outdated software can create gaps in a company’s cybersecurity that lead to a security incident.
· Prioritise a unified cybersecurity system:
A comprehensive cybersecurity system is one of the most effective ways a business can shield itself against security breaches. Organisations interested in applying a system that protects each of the different security layers will require a solution that covers any potential gaps.
The challenges posed by cybercriminals are only going to increase in the months and years ahead. By taking protective and pre-emptive steps now, businesses can be best placed to withstand potential attacks if and when they take place.
Anthony Daniel, Regional Director – Australia, New Zealand and Pacific Islands, WatchGuard Technologies
Key appointment helps Keeper lead the charge for zero-trust cybersecurity across the government sector
Keeper Security, provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, welcomes Chase Cunningham, PhD to its Public Sector Advisory Board. As an advisory board member, Cunningham will contribute his expertise to bolster Keeper’s ongoing efforts to meet the shifting cyber demands of the US government as it continues to set the pace toward a future of zero trust. Keeper Security’s early adoption of zero-trust architecture has become a model for national security and cybersecurity organizations preparing to invest in and implement zero trust.
Cunningham, also known as ‘DrZeroTrust’, is recognized as a pioneer in zero-trust architecture and market analytics. He founded Forrester’s Zero Trust eXtended (ZTX) framework, guiding hundreds of thousands of organizations into the adoption of zero-trust security. Cunningham’s research has transformed the security industry, illuminating the efficacy of zero trust in a dynamic, hybrid public sector environment. He has 20+ years of experience in cyber forensics analytics including highly technical work centers within the NSA, CIA and FBI.
Moving the nation toward zero-trust is a government-wide initiative to modernize the US federal government’s approach to cybersecurity, as mandated by the 2021 President’s Executive Order (EO) 14028. Civilian federal agencies must implement zero trust by September 2024 and many organizations are scrambling to prepare. As a FedRAMP and StateRAMP Authorized solution, Keeper Security Government Cloud (KSGC) provides a critical password and privileged access management solution for agencies working to meet this goal. KSGC maintains the Keeper Security zero-trust security framework, alongside a zero-knowledge security architecture, so users have complete knowledge, management and control over their credentials and encryption keys.
“The initiatives the federal government is trying to solve for – cybersecurity, zero trust, national security – are moving targets, especially in the digital space. Keeper provides innovative FedRAMP and StateRAMP Authorized solutions that empower public sector organizations to achieve their goals,” said Dr. Cunningham. “Keeper has been a driving force in making zero trust possible for a wide variety of organizations that do business in the public sector, and I’m excited to help them continue and scale that mission.”
“Chase has been instrumental in the development of zero-trust frameworks, and we are thrilled to have him on our Public Sector Advisory Board,” said Darren Guccione, CEO and Co-founder of Keeper Security. “From the start, Keeper has adopted zero trust and zero knowledge as foundational technologies in our cybersecurity platform. The addition of Chase as a new advisor reinforces our vested commitment to protecting the public sector with innovative, next-gen cybersecurity solutions.”
Cunningham is the Vice President of Security Market Research at G2, a former Chief Cryptologic Technician for the NSA and a former Forrester analyst. Cunningham holds a PhD in Computer and Information Systems Security and Information Assurance, a Master’s in Information Security from Colorado Technical University and a Bachelor of Applied Science from American Military University. He brings deep technical expertise, numerous certifications and operational experience in cybersecurity, national security and zero-trust industries.
Cyber security and application delivery solutions vendor Radware has expanded its relationship with NOS, one of the largest communications and entertainment groups in Portugal.
The telecom leader is increasing its Radware security defences to further safeguard traffic across its growing global cloud infrastructure and advance its reseller capabilities.
Leading 5G provider in Portugal, NOS has 5.9 million mobile phone customers, 1.6 million television customers and over 5.3 million households covered with FTTH. NOS chose Radware for its superior technology, technical expertise, and customer responsiveness.
As part of the agreement, NOS increased its investment in Radware’s DefensePro® DDoS protection and emergency response team services. In addition, NOS purchased Radware’s Managed Security Service Provider Portal Solution, enabling the carrier to resell DDoS detection and mitigation to its customers as a managed service.
Radware closed the deal in conjunction with its OEM partnership with Check Point Software Technologies, a leading AI-powered, cloud-delivered cyber security platform provider.
“Not only does Radware offer superior DDoS protection, but Radware’s customer support has been key at increasing the safety of NOS’ infrastructure and its customers,” said Paulo Ribeiro, director of fixed network engineering at NOS.
“Based upon our long-standing, positive experience, we know we can depend on Radware to respond quickly to our requests. In addition to helping us protect our own network, our expanded engagement has created a valuable competitive advantage by enabling us to resell DDoS protection as a service to our customers.”
According to Roberto Neisser, regional director for Radware, “NOS is transforming business telecommunications in Portugal and continues to innovate and invest in technology to support its new services.
“We value our relationship with NOS and are honoured that the company continues to choose Radware for its evolving security needs. The expanded relationship validates the strength of Radware’s people, approach, and technology solutions.”
For two consecutive years, Radware was named the technology leader in Quadrant Knowledge Solutions’ Spark Matrix™ for DDoS Mitigation. Radware’s DefensePro provides automated DDoS protection from Burst, DNS, and TLS/SSL attacks, as well as ransom DDoS campaigns, IoT botnets, and other types of cyber-threats.
Available 24x7x365, Radware’s emergency response team is a group of security experts that provides proactive support for customers facing a broad array of application and network layer attacks.
Radware® (NASDAQ: RDWR) is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally.
Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.
NOS is the biggest communications and entertainment group in Portugal. It offers the latest generation fixed and mobile phone, television, Internet, voice and data solutions for all market segments.
It is a leader in film distribution and exhibition with the greatest number of cinema complexes and cinema theatres in Portugal. NOS has 5.8 million mobile phone customers, 1.6 million television customers, and over 5.3 million households covered with FTTH. For further information, please visit http://www.nos.pt/institucional.
Unveils Cutting-Edge Service to Combat Fake Location, GPS Spoofing and Beyond
Tom Tovar, co-creator and CEO of Appdome
Appdome, the one-stop shop for mobile app defence, has unveiled its new Geo Compliance feature set, allowing mobile brands to trust the user’s location and detect location spoofing, fake GPS apps, VPN use, SIM swaps and other methods used to circumvent geo restrictions in mobile applications. Mobile brands already use Appdome to simplify and accelerate delivery of mobile app security, anti-fraud, anti-bot and other defences in Android & iOS apps. Now, mobile brands can combine Appdome’s new, no-code, no-SDK, Geo Compliance features with any other mobile app defence features on its unified mobile app defence platform.
Mobile application commerce continues to rise rapidly. The geo-location integrity of the mobile end user and transaction data is critical. In many cases, Know-Your-Customer (KYC) policies, regulations like business licensing, advertising restrictions, consumer safety and privacy all rely on valid geographic data and restrictions in mobile apps. On top of that, mobile brands need a greater array of signals to detect fraud. They also need to ensure malicious users are not faking their mobile location to bypass geo restrictions or obtain access to offer inventory and services outside of an approved geography. Putting the quality of the user experience centre stage, these same brands need geo compliance to validate user identities in mobile applications, including in P2P and social-based mobile applications.
“Mobile brands have struggled to deliver true geo compliance,” said Tom Tovar, co-creator and CEO of Appdome. “Geo-compliance products imposed the same problems as legacy mobile app security, anti-fraud and anti-bot products, namely, too many point products, siloed data, complex SDK integrations and too much work for the engineering teams. We’re solving that by bringing geo compliance into one unified, automated platform for mobile app defence.”
Legacy geo compliance, mobile app security, and anti-fraud products are point products, providing narrow detection and defence coverage. Using more than one of these point products in the same mobile app requires complex app-level code changes to overcome compatibility challenges and resolve in-app conflicts from overlapping feature sets. These challenges don’t exist when using Appdome, as all detection and defenses options including the new Geo Compliance features, come fully interoperable with all other 300+ Appdome defences out-of-the-box.
“A breach of geo compliance can lead to negative publicity and damage a brand’s reputation,” said Rik Turner, Senior Principal Analyst at leading market research firm Omdia. “Geo compliance is a key part of any strategy to prevent fraud and stop service and program abuse related to location-based offers and services. Cyber and dev teams can implement geo compliance and other critical security defences in their mobile apps using Appdome’s cyber defence automation system easily.”
With Appdome’s Geo-Compliance Service, mobile brands can detect:
Fake Location: Combat the growing threat of location spoofing, using a method to manipulate or falsify of the geographical location transmitted by a mobile device.
Fake GPS Apps: Detected Fake GPS Apps, used by mobile end users as a location service provider, when your mobile app is in use.
VPN In Use: Advanced techniques to detect attempts to bypass geographical restrictions using Virtual Private Networks (VPNs).
SIM Swaps: Robust SIM swap detection, alerting brands to SIM card or eSIM changes, when other location variables remain unchanged.
Random Locations: Identifies mismatches in location telemetry from on-device settings or components, including manual overrides to on-device location services.
Teleportation: Improbable location changes within timeframes.
Banned Locations: Detect when an app trying to be used in a country/region where the mobile brand does not allow use.
Other Geo-Compliance features: several other geo-compliance features provide data and control to mobile brands with location-based services, offers and promotions.
The new Geo Compliance features can be combined with any of the 300+ mobile app defences in mobile app security, anti-malware, anti-fraud, MOBILEBot™ Defense, anti-cheat, MiTM attack prevention, code obfuscation, and more in Android and iOS apps. All features are fully automated and built on-demand in the language of the mobile app by the Appdome platform, inside the mobile DevOps and CI/CD pipeline.
“Legacy geo-compliance vendors make two mistakes,” said Chris Roeckl, Chief Product Officer at Appdome, “they try to recreate the massive investment Google and Apple have made to ensure accurate geo-location or rely on basic anti-emulator defences to claim geo-compliance feature sets. With Appdome, brands can combine the best of breed in both solution sets and get comprehensive mobile app security and geo-compliance all in the same application with ease.”
Above: Sami Toivonen as ANZ Regional Sales Director
BeyondTrust, the leader in intelligent identity and access security, today announced further expansion in the Asia Pacific region with two key executive appointments reinforcing the company’s regional market acceleration.
Based on the Gold Coast, Sami Toivonen joins BeyondTrust as ANZ Regional Sales Director where he will be responsible for further charting the company’s overall sales growth in Australia and New Zealand.
An industry veteran with more than 15 years of sales and account management experience in the IT industry, Toivonen was formerly Client Director APAC Strategic Accounts at Venafi where he drove the company’s regional business strategy for growth and diversification among both public and private sector organisations.
Prior, Toivonen was APJ Sales Director at SecureAuth where he was responsible for helping organisations across the region with their identity security journey. In addition, he worked at Kordia Solutions where he was a Channel Manager prior to assuming the role of Security Sales Lead for Australia. He also initially launched his career in cybersecurity at McAfee at Cyber Security Account Manager where he held responsibility for the ANZ and EMEA regions supporting both public and private organisations with their cybersecurity posture.
Above: Charlie Wood has been appointed as the company’s Asia Regional Sales Director
In addition, Charlie Wood has been appointed as the company’s Asia Regional Sales Director. Based in Singapore, Wood will be responsible for driving growth across Southeast Asia.
Formerly ANZ Regional Sales Manager for BeyondTrust in Melbourne, Wood has ten years’ experience in the cybersecurity industry, including four years working at Avecto (subsequently acquired by BeyondTrust) as Corporate Account Manager based in the UK. During the past ten years, Wood has worked with end users and channel partners to support successful deployments and outcomes for customer investment and value in the BeyondTrust platform.
Nick Turnbull, Senior Vice President Asia Pacific, BeyondTrust, said, “Both Sami Toivonen and Charlie Wood are dynamic sales leaders with deep knowledge of the identity space and in creating winning relationships with customers and partners. We are committed to delivering an exceptional customer experience and we’re excited to add the combination of their skills and experience to provide customers with unmatched visibility and control against ongoing cyber threats.
“As the Australia, New Zealand and Asia regions continue to take on an increased significance for our global business, we’ll continue to accelerate our growth trajectory driven by strong revenue growth, product expansion, and industry and partner recognition. We’re excited for the year ahead as we continue to help our customers solve their identity security challenges.”
Last year BeyondTrust continued to grow its talented team expanding to more than 1,500 employees globally. At the same time, it accelerated recurring revenue to greater than 80% of total revenue, with approximately 40% YoY subscription ARR growth and adding nearly 1,500 new logos. In addition, the company released advanced capabilities across the BeyondTrust Platform in 2023.
