Identity is the new perimeter, as the saying goes. And identity threats are growing, whether internal or external. That's one reason identity threat detection and response (ITDR) is an increasingly popular approach to security -- and the basis for a Quest Software survey on ITDR that polled 373 IT professionals across several industries.
There's good news and bad news from the report. The good: ITDR measures are effective. More than eight in ten (84%) of organizations are reaping benefits from their ITDR efforts, even if ITDR has not been fully implemented, the survey found. Over one in three (36%) say their expectations have been fully met or exceeded.
The bad: Implementation complexity remains a significant challenge. The top three hurdles identified by the survey are integration with existing systems (69%), lack of budget (61%) and insufficient expertise (59%). Insufficient expertise leads to low maturity, which is persistent, the survey found. This is attributed to a lack of strategic focus on identity threat prevention, identity disaster recovery, and the involvement of internal IAM teams in ITDR efforts. Only half of companies use an identity infrastructure security solution, according to the survey. Less than a third (31%) test their identity disaster recovery plans, and only 34% cite their access management teams as being primarily responsible for ITDR.
And when it comes to education, executive understanding is a roadblock. Nearly half of organizations point to a lack of executive understanding of the ITDR business case as a challenge, as it leads to inadequate funding of the effort.
Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!
Today's MSSP Update
1. Barracuda's NetSec improvements: Barracuda has launched a new next-generation firewall and a new secure access service edge (SASE) appliance, the company said in a statement. These new devices are equipped to handle the increased volume and sophistication of modern cyber threats and Barracuda claims they offer a 25% to 30% performance increase while reducing power consumption by 19%.
2. Expel CISO becomes its CSO: MDR provider Expel has named its CISO, Greg Notch, as its new CSO. Greg’s role will expand his purview from internal security to include external customer-facing stakeholders. As such, Notch said he believes it’s critical to be able to blend business and technical expertise to execute it effectively as the two cannot exist in silos.
3. Rubrik's Turbo Threat Intel: Cybersecurity company Rubrik this week announced Rubrik Turbo Threat Hunting. This new feature accelerates cyber recovery by enabling organizations to locate clean recovery points across their entire data estate in seconds, instead of days or weeks, leading to extended downtime and revenue loss. With Rubrik Turbo Threat Hunting, organizations can scan up to 75,000 backups in less than 60 seconds, Rubrik said.
4. Rubrik achieves FedRAMP cert: In other Rubrik news, the firm announced it has achieved Federal Risk and Authorization Management Program (FedRAMP) authorization for its Rubrik Security Cloud – Government solution at the 'moderate impact' level. Rubrik Security Cloud – Government is built on zero-trust architecture and secures enterprise, cloud, and SaaS data. The National Nuclear Security Administration (NNSA), an Office of the U.S. Department of Energy, served as the agency sponsor for Rubrik’s FedRAMP authorization.
5. Versa's endpoint DLP solution: Versa Endpoint DLP is an integrated endpoint data loss prevention (DLP) capability delivered by the Versa SASE Client as part of the VersaONE™ Universal SASE Platform. The endpoint DLP feature provides data exfiltration prevention capabilities in an integrated SASE solution, restricting copy/paste, screenshots, and peripheral device (e.g., USB storage) transfers based on zero-trust attributes.
