June 7, 2023
by Jim Masters • Mar 24, 2023 s.Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem. The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response…

by Jim Masters • Mar 24, 2023

s.Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

  • The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
  • Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
  • Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. Cybersecurity Education: Tooling U-SME, the workforce training and development arm of SME, and CyManII (Cybersecurity Manufacturing Innovation Institute) have partnered to deliver “CyManII Sealed,” a cybersecurity training program for manufacturers. “Cybersecurity is highly reliant on people,” said Jeannine Kunz, Chief Workforce Development Officer at SME. “Our vision, as two nonprofit organizations, includes a focus on securing manufacturers from threats by equipping the industry with the necessary cybersecurity skills.”

2. Supply Chain Security: MITRE has debuted its System of Trust risk model manager and a community engagement group comprising 30 members. Expanding from its free and open platform, System of Trust now delivers a collaborative community to identify and mitigate threats to supply chains. Leveraging the expertise of researchers and organizations, the community will further develop the framework’s body of knowledge and enhance supply chain security.

3. Industry Recognition: Lone Star Analysis, a provider of predictive and prescriptive analytics and evolved AI, was recently awarded Cyber Essentials certification in the United Kingdom, a mandatory measure for all organizations contracting for or directly working with the UK. government. “The Cyber Essentials certification will provide all of our customers with peace of mind that they are protected against the vast majority of common cyberattacks,” said Robin Adlam, managing director.

4. CISA Announces Ransomware Initiative: The Cybersecurity & Infrastructure Security Agency (CISA) has debuted its Pre-Ransomware Notification Initiative. This effort is coordinated as part of CISA’s interagency Joint Ransomware Task Force. Accordingly, CISA urges organizations to report observed activity, including ransomware indicators of compromise and tactics, techniques and procedures, to CISA or our federal law enforcement partners. More information on reporting is available at stopransomware.gov.

5. Cisco Security Vulnerabilities Noted: CISA announced that Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. CISA said that a remote cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the advisories and apply the necessary updates.

6. France’s TikTok Ban: France will ban the use of Chinese-owned video-sharing app TikTok on the work phones of civil servants, Civil Service Minister Stanislas Guerini said on his Twitter account. “In order to guarantee the cybersecurity of our administrations and civil servants, the government has decided to ban recreational applications such as TikTok on the professional phones of civil servants,” Guerini said in a statement. (Source: Reuters)

7. Data Breach Reported: Intellectual property services provider IPH Ltd. reported that it has established new network infrastructure and restored key system functionality, a week after reporting a data breach that affected a portion of its IT systems. The company detected unauthorized access to document management systems last week, which included administrative documents as well as some client documents and correspondence at its head office and two member firms. (Source: Reuters)

8. Free Cybersecurity Offered: Cybersecurity provider ThreatHunter.ai, a Service0-Disabled Veteran Owned Business that supports U.S. veterans, is offering new customers four weeks of free cybersecurity service and a free cyber readiness assessment, valued at $3,000. This limited-time promotion provides businesses with a unique opportunity to assess their cybersecurity posture and experience the benefits of ThreatHunter.ai’s advanced cybersecurity services, the business said.

9. Cybersecurity Webinar: ESET, a digital security specialist, will hold its upcoming webinar, “Cyber Insurance – How to Meet Security Requirements,” on March 30 at 10 a.m. PDT. Presented by ESET Chief Security Evangelist Tony Anscombe and Sales Engineer Jorge Andino Jr., the webinar will look at how the rise of cybercrime has impacted cyber risk insurance requirements, and what companies must do in order to mitigate their risks and secure coverage.

10. Product Launch: Zenoss Inc., a specialist in AI-driven full-stack monitoring, has released its advanced identity management capabilities, helping ensure maximum protection of sensitive credentials while associated with the Zenoss Cloud platform, the company said. The new Zenoss Cloud capabilities provide enhanced security for user credentials, controlling storage and usage under a central service.

B. Annual In-Person MSSP and Cybersecurity Conferences

v
Source