The Biden administration plans to support a cybercrime treaty at the United Nations this week, despite concerns it could be misused by authoritarian regimes, according to a Bloomberg report.
The agreement would be the first legally binding UN agreement for cybersecurity. It could provide a global legal framework for countries to cooperate on preventing and investigating cybercriminals, according to the report. It could make electronic evidence more available to the U.S.
Some opponents worry that it could legitimize efforts by authoritarian countries like Russa and China to censor and surveil internet users. MSSPs will have to wait and see how this and other policies to come in the next presidential administration will impact cybersecurity.
Got news or tips to share with us? Please send them to [email protected].
Today’s MSSP Update
1. Leveraging AI to build cyberskills - Cyber training and resilience provider Immersive Labs is launching AI Scenario Generator. The new capability enables organizations to generate threat scenarios for crisis simulations to ensure their workforces are ready for the latest threats. The tool generates and launches customized cyber exercises to prove and improve individual and team cyber skills against various attack types, such as ransomware and supply chain threats. Organizations can automatically tailor content by attack vector, threat actor, and industry sector.
2. Data security partnership - Fortanix has forged a new partnership with Carahsoft Technology Corp., the public sector IT solutions provider that supports federal, state and local government agencies, as well as education and healthcare verticals in the U.S. and Canada. Under the partnership, Fortanix and Carahsoft will deliver Fortanix solutions to address data security challenges, including advanced cryptography and key management, AI and machine learning, and post-quantum computing preparedness.
3. New security support for Microsoft SaaS tools - Data security SaaS provider Druva will provide support for Microsoft Dynamics 365, enabling enterprises to secure mission-critical data across the Sales and Customer Service CRM modules. The company will also provide support for Microsoft 365 Backup Storage, offering customers expanded protection options for Microsoft 365.
4. Protecting digital designs - Data-centric security solution provider Seclore, has expanded its Seclore Enterprise Digital Rights Management capabilities to support neutral or interoperable computer-aided design (CAD) files for industries that create, manage and share intellectual property (IP).
5. Flutter dev tool targeted - Jamf Threat Labs’ new report provides details about advanced persistent threat actors from the North Korea have been embedding malware within Flutter applications – marking the first time Jamf has seen attackers use this tactic to go after macOS devices. Flutter is a framework developed by Google that simplifies app design across macOS, iOS and Android. Flutter-built applications provide a large amount of obscurity to the code, making it attractive to threat actors.
6. Executive appointments - Browser security company Menlo Security has named Bill Robbins as its new president and has promoted its chief product officer Poornima DeBolle as new chief technologist and security officer. Robbins 30-year career includes executive leadership roles at Mandiant, Sophos and FireEye.
7. Simplifing alert triage for SOC analysts - Network detection and response provider Corelight has unveiled Guided Triage - a new capability in SaaS solution, Corelight Investigator. It is designed to simplify alert triage for SOC analysts via AI-led workflows.
8. Cybercrime statistics - Financial fraud was the most common cybercrime committed over email, accounting for 3 of 5 email claims in 2023 (61%), worsening to more than two-thirds (72%) in the first half of 2024. That’s according to a new report from insurance and cybersecurity provider, At-Bay.
9. Acquisition - Worklyn Partners, an investment firm dedicated to cybersecurity and IT services, has acquired Salem, NH-based IT Management Solutions (ITMS). This acquisition is Worklyn’s fifth as it builds a national network of specialized IT and cybersecurity providers, strategically expanding its reach in New England.