Datashield Partner Digest for the Week of July 10, 2020 - Proofpoint explains its remote work solution, RSA Q1 Fraud Report, and the 2020 Gartner Market Guide to Network Detection and Response.
At Datashield, we pride ourselves on partnerships and are always looking for way to highlight what's new in the industry and with our partners. This helps us bring out the latest and greatest trends and key features for the services we use to bring you the best in MDR service.
Check out our latest partner updates:
New Collaboration Delivers Integrated Solution That Secures Remote Work at Scale
Together with these security leaders, we are fundamentally changing the way organizations approach Zero Trust security architecture, bringing a comprehensive, best-of-breed security stack to your organization enabling your team to secure every remote workforce—regardless of app, data, endpoint or location. Our product integrations help keep your distributed workforce productive, collaborative and in compliance by hardening your defenses against today’s sophisticated attacks. Here’s how.
Crowdstrike, Netskope, Okta and Proofpoint make remote work as simple and secure as on-premises work.
- CrowdStrike protects all endpoints that access the enterprise, providing advanced threat hunting, next-generation antivirus protection, and tools for proactive incident response.
- Netskope provides web, cloud and data-centric security to protect enterprise assets anywhere, and delivers contextual understanding that helps you secure proprietary information everywhere.
- Okta establishes Zero Trust that secures frictionless access for remote and on-premises teams, enabled by an intuitive single sign-on backed by adaptive multifactor authentication.
- Proofpoint enables people-centric security by rapidly providing secure remote access to managed and unmanaged devices with Zero Trust Network Access, robust cloud security, cloud account compromise protection, educating employees on risks to the corporate environment, and in-depth visibility into threats targeting organizations.
Read more here.
RSA Quarterly Fraud Report Q1
The RSA® Quarterly Fraud Report presents an analysis of fraud attack and consumer fraud data collected by the RSA Fraud and Risk Intelligence team in the course of its work identifying threats for RSA customers. As such, it provides a glimpse into the cyber fraud landscape for consumer-facing organizations of all sizes and types.
RSA-Observed Fraud Attack and Consumer Trends
For the period starting January 1, 2020, and ending March 31, 2020, RSA observed several global fraud trends across attack vectors and digital channels. The highlights include:
- In Q1 2020, RSA identified a total of 50,119 global fraud attacks.
- Phishing remains the predominant attack vector used by fraudsters, accounting for
54% of all cyber attacks observed by RSA in Q1. - Brand abuse attacks in Q1 were up 12% over the previous quarter, and constituted
22% of total attacks in Q1, an increase of 5 percentage points over the previous quarter. - For the fifth quarter in a row, Canada was by far the most frequently targeted country
for phishing, with 66% of all attacks. (The next most frequently targeted accounted for only 7%.) - The percentage of fraud transactions originating from a mobile app doubled in
Q1 to 26%, from 13% in Q4 2019. - In online banking payments, the percentage of transaction volume from new
accounts doubled.
Read more here.
2020 Market Guide for Network Detection and Response
Network detection and response (formerly known as network traffic analysis) vendors are adding more automated and manual response features to their solutions. Here, we provide an overview of the market and highlight some of the key vendors to be considered by security and risk management leaders.
Overview
Applying machine learning and other analytical techniques to network traffic is helping enterprises detect suspicious traffic that other security tools are missing.
Network detection and response (NDR) remains a crowded market with a low barrier to entry, as many vendors can apply common analytical techniques to traffic monitored from a SPAN port. Customer references, from a broad set of vendors, are generally satisfied with their tools.
Response capabilities fall into two categories: manual and automatic. Vendors have been actively enhancing their manual (threat hunting and incident response) features, and have been adding partners to broaden their automatic response functionality.
Recommendations
To improve infrastructure security and the detection of suspicious network traffic, security and risk management leaders should:
- Implement behavioral-based NDR tools to complement signature-based detection solutions.
- Include NDR-as-a-feature solutions in their evaluations, if they are available from their current security information and event management (SIEM), firewall or other security vendors.
- Decide early on in the evaluation process if they desire automated response versus manual response capabilities. A clearly defined response strategy is valuable in selecting a shortlist of NDR vendors.
Read more here.