Managed Security Services Provider (MSSP) Market News: 13 April 2023 -

Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. Cyber Education: (ISC)², a nonprofit association of certified cybersecurity professionals, announced that the (ISC)² Certified in Cybersecurity certification has received accreditation from the ANSI National Accreditation Board (ANAB) now meets the ANSI/ISO/IEC Standard 17024. This achievement follows the latest growth milestone of more than 15,000 Certified in Cybersecurity holders worldwide since the certification was introduced seven months ago, the organization said.

2. Leadership Move: Fenix24, a cyber disaster recovery firm, has appointed Marko Polunic as managing director for EU operations. Polunic, who will be based out of Munich, Germany, will spearhead efforts to expand Fenix24's offerings into the EU and foster relationships with ecosystem partners, such as law firms, insurance brokers and cyber insurance carriers.

3. Industry Recognition: TXOne Networks, an industrial cybersecurity specialist, has been named a Gold award winner in three 2023 Cybersecurity Excellence Awards categories.

4. Cybersecurity Partnership: Ontinue, a managed detection and response (MDR) provider, and Carahsoft Technology, a government IT solutions specialist, have announced a partnership. Carahsoft will serve as Ontinue's "Master Government Aggregator," making the Ontinue ION managed extended detection and response (MXDR) service available to the public sector through Carahsoft's reseller partners, National Cooperative Purchasing Alliance (NCPA) and OMNIA Partners contracts.

5. CISA News: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, Netherlands and New Zealand have published “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default.” This joint guidance urges software manufacturers to take urgent steps necessary to ship products that are secure by design and default.

6. Leadership Move: The National Cybersecurity Center (NCC) has named three new board members, appointing attorney and author Mark D. Rasch, State of Colorado CISO Ray Yepes, and Gretchen Bliss, director of Cybersecurity Programs at the University of Colorado.

7: Hacker Alert: Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors distributing malware to unaware visitors. The campaign has been underway since November 2022, and in February expanded its targeting scope to cover users who speak Japanese, Korean and Spanish. The attack starts by compromising websites to inject malicious JavaScript code that executes scripts when a user visits them. These scripts will download additional scripts based on whether the visitor is the targeted audience. (Source: Bleeping Computer)

8: Product Launch: Redwood Software, a specialist in full stack automation and secure file transfer, has released Cerberus FTP Server. The latest version of Cerberus FTP Server has features that support an organization’s ability to quickly get up and running with a simple, reliable and secure file transfer solution, the company said.