Categories
Uncategorized

Introducing the BarracudaONE™ AI-Powered Cybersecurity Platform

Introducing the BarracudaONE™ AI-Powered Cybersecurity Platform

CAMPBELL, Calif., June 2, 2025 — Barracuda Networks, Inc., a leading cybersecurity company providing complete protection against complex threats for all sized businesses, today unveiled the BarracudaONE AI-powered cybersecurity platform. BarracudaONE maximizes threat protection and cyber resilience by unifying layered security defenses and providing deep, intelligent threat detection and response for managed service providers (MSPs), other channel partners and end users.

Barracuda today also announced the findings of a global survey highlighting the growing risk posed by security tool sprawl. According to the study conducted by Vanson Bourne, 65% of IT and security professionals say their organizations are juggling too many security tools. More than half (53%) of respondents also say their security tools cannot be integrated – creating fragmented environments that are difficult to manage and secure. Based on responses from 2,000 senior security decision-makers, 80% of respondents report that this lack of integration increases the time required to manage security, while 81% cited higher overall costs. Additionally, it significantly weakens threat defense capabilities, with 77% saying it hinders detection and 78% citing challenges in threat mitigation. Only a minority (32%) of respondents are fully confident their tools are properly configured, leaving organizations vulnerable to breaches caused by hidden misconfigurations.

“This research serves as a stark wake-up call for organizations still relying on disconnected, siloed security tools,” said Neal Bradbury, chief product officer at Barracuda. “Managing a patchwork of solutions drives up costs and complexity while creating blind spots that attackers are quick to exploit. Security teams simply cannot afford to waste time switching between systems while critical threats go undetected. The path forward is clear: consolidation and integration are essential for cyber resilience. That is exactly why we built BarracudaONE – to improve security operations, reduce risk and enable teams to secure their environments faster and more effectively. We are cutting through the complexity, closing critical gaps and empowering organizations with the confidence and control they need to stay ahead of evolving threats.”

BarracudaONE simplifies and strengthens security operations by unifying Barracuda’s comprehensive portfolio of solutions into a single, integrated platform. It delivers layered threat protection, managed through a centralized dashboard, reducing operational complexity and improving visibility. By consolidating key security functions, BarracudaONE minimizes the administrative burden and enhances overall cyber resilience.

Advanced, battle-tested AI – integrated across Barracuda’s solutions and fine-tuned over years of real-world application – enables precise threat detection, rapid response and intelligence automation. At the core of this AI-driven platform are robust reporting capabilities that deliver clear, actionable insights. These reports help security teams and channel partners demonstrate the effectiveness of the AI threat layer in identifying and neutralizing attacks, while also highlighting ROI and operational impact. By making threat data easy to interpret and communicate, the platform empowers organizations to validate their cybersecurity posture and make informed decisions with confidence.

“BarracudaONE is a shields-up force multiplier that helps us safeguard critical municipal services – including our police dispatcher center, police and fire departments, as well as wastewater, finance and other essential operations,” said William Mann, chief information security officer (CISO) at the Borough of West Chester, Pennsylvania. “The ability to manage multiple security modules through a single, centralized dashboard is transformational. Barracuda Email Protection’s incident response capabilities are mission-critical, and with BarracudaONE, they’re more accessible, faster and easier to manage. The streamlined experience of having fewer clicks and faster insights enables us to prioritize threats and respond with the speed and precision our first responders, government teams and community depend on.”

“As an MSP, BarracudaONE isn’t just another tool – it’s a strategic differentiator for our business,” said Tyler Bracken, director of network operations at OpX Networks. “We’re already using BarracudaONE as a powerful sales asset to clearly demonstrate the value we deliver and make ROI tangible for our customers. Cybersecurity can sometimes be a challenging sell, clouded by misconceptions around complexity and cost. BarracudaONE helps shift that narrative. Its rich telemetry and real-time insights enable us to show exactly what threats we’re neutralizing and the protection we’re providing. That level of transparency builds trust with our customers and gives us a strong advantage in a crowded market.”

“BarracudaONE brings all our Barracuda solutions into a unified, powerful platform – delivering centralized visibility, real-time alerts and actionable reporting,” said Adam Butler, principal cyber solutions architect at ARO. “It represents a major step forward for our customers, and an even greater advantage for us as an MSP overseeing thousands of customer environments. With BarracudaONE, we can pinpoint security gaps faster, prioritize alerts with greater accuracy and generate high-value reports in seconds.”

 

Availability

BarracudaONE is now available at no additional cost to MSPs, other channel partners and customers already using Barracuda Email ProtectionBarracuda Cloud-to-Cloud Backup and Barracuda Data Inspector. The platform provides a centralized interface for MSPs and partners to easily manage solutions and licenses.

MSPs, partners and end users can further strengthen their security posture with Barracuda Managed XDR, a 24/7 service that delivers expert threat detection and response backed by Barracuda’s award-winning security operations center (SOC).

About Barracuda   

Barracuda is a leading global cybersecurity company providing complete protection against complex threats for all sized businesses. Our AI-powered platform secures email, data, applications, and networks with innovative solutions, managed XDR and a centralized dashboard to maximize protection and strengthen cyber resilience. Trusted by hundreds of thousands of IT professionals and managed service providers worldwide, Barracuda delivers powerful defenses that are easy to buy, deploy and use.

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Fortinet Named a Challenger in the 2025 Gartner® Magic Quadrant® for Security Service Edge

Fortinet Named a Challenger in the 2025 Gartner® Magic Quadrant® for Security Service Edge

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced it has been recognized as a Challenger in the Gartner® Magic Quadrant™ for Security Service Edge (SSE). This recognition follows Fortinet’s recent placement as a Leader and the highest in ability to execute in the 2024 Gartner® Magic Quadrant™ for SD-WAN for the fourth consecutive year — we believe this further validates Fortinet’s vision and execution in delivering a unified SASE platform.

 

We continue to demonstrate strong momentum, innovation, and growth in the SSE market. We believe Fortinet’s placement in the Challengers quadrant is a testament to our growing adoption, positive customer feedback, aggressive roadmap execution with monthly releases, and ever-expanding market share. Our focus is on delivering real outcomes through flexible deployment models, seamless integration with existing infrastructure, and consistent AI-powered security wherever users connect.

– Nirav Shah, Senior Vice President, Products and Solutions at Fortinet

A Differentiated SSE Experience

With FortiSASE, Fortinet delivers the most unified, flexible, and intelligent solution on the market today, enabling secure access from anywhere while reducing complexity, enhancing user experience, and strengthening security across hybrid environments. Key differentiators include:

  • Unified solution: Unlike many fragmented offerings, FortiSASE is built on a single operating system, FortiOS, a unified management console, endpoint agent, and centralized data lake. This cohesive architecture ensures consistent security policy enforcement and streamlined operations across all environments from on-premises to the cloud. The integration of Fortinet Secure SD-WAN with cloud-delivered SSE, and digital experience monitoring (DEM) under one platform provides comprehensive visibility and control, reducing complexity and potential security gaps. 
  • Flexible connectivity: FortiSASE offers unparalleled flexibility to accommodate a wide range of organizational needs by supporting BYOD, contractors, agent-based, and agentless devices, as well as third-party SD-WAN solutions, facilitating seamless integration into existing infrastructures. Fortinet is also investing in building its own global cloud infrastructure, further enhancing performance, scalability, and control across its SASE services. Fortinet Sovereign SASE gives organizations flexibility and control over their data, especially in regulated sectors like finance and healthcare. Organizations can also integrate FortiSASE with Fortinet’s WLAN/LAN portfolio to secure thin edge locations without the need for additional appliances or agents, ensuring comprehensive protection even in resource-constrained environments. 
  • Intelligent innovation: FortiSASE, powered by FortiGuard AI-Powered Security Services, delivers broad protection through integrated capabilities like secure web gateway (SWG), universal zero-trust network access (ZTNA), cloud access security broker (CASB), Firewall-as-a-Service (FWaaS), and remote browser isolation (RBI), all managed from a single unified console. Security teams can enforce zero-trust policies to manage access and data flows to generative AI (GenAI) apps, gaining visibility into usage patterns, destinations, and enabling enterprise-wide AI governance.

What Customers Are Saying About FortiSASE

In addition to this latest Gartner acknowledgement, Fortinet was the only vendor to be recognized with the Gartner® Peer Insights™ Customers’ Choice Recognition two years in a row for Security Service Edge. In the 2025 Gartner® Peer Insights™ Voice of the Customer, security service edge (SSE), FortiSASE customers had this to say:

“Elevating user experience with FortiSASE: perfect features and functionality”

We use SIA (secured internet access) and SPA (secured private access) functionality of FortiSASE and the overall experience is exceptionally great.

“Reliable SSE with ZTNA solution with breadth of design options”

Secure and reliable internet access for all hybrid users. Secure users regardless of their access location. Our overall experience with the solution is great and users are happy from the day we deployed this endpoint on their machines.

“Best of the breed cloud delivered security solution to secure hybrid workforce”

This solution allows us to accommodate growing user count without compromising performance. The solution provides robust security features, which include web filtering to provide protection against web-based threats. The Solution provides secure access to users irrespective of their location, Users are allowed to access the internet or servers post compliance checks. Our overall experience is highly positive.

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Perfect Time to Switch DLP: Why Companies Choose Forcepoint

Perfect Time to Switch DLP: Why Companies Choose Forcepoint

In today’s rapidly-evolving digital landscape, businesses face the challenge of protecting their most valuable asset—data. With remote work, cloud-based applications, and AI-driven innovations like GenAI becoming more widespread, legacy DLP solutions are falling behind. They struggle to adapt to new business models, leaving organizations vulnerable to data breaches, evolving compliance issues, and inefficiencies.

With so many vendors entering and exiting the market, it’s the right time to take a closer look at what new data security solutions can offer. Forcepoint, with a data-first approach and decades of expertise, provides comprehensive and future-ready data security needed to meet today’s challenges. Read on to explore why businesses are making the switch to Forcepoint DLP.

Why Switch Now?

The simple answer: Because legacy DLP solutions aren’t keeping up. Whether it’s because of complex administration, difficulty extending policies to additional channels like cloud apps and web, or the high cost of maintenance, traditional DLP solutions can end up hindering your business more than helping it. In fact, many enterprises find themselves overwhelmed by fragmented systems that don’t communicate with each other, creating security gaps and inefficiencies.

  • Legacy DLP Solutions Are Falling Behind: Traditional systems struggle to keep up with modern business needs.
  • Complex Administration: Managing outdated DLP solutions can be time-consuming and difficult.
  • Limited Cloud Capabilities: Limited support for cloud management options restricts business agility, reduces security flexibility, and introduces potential security gaps.
  • Fragmented Systems Cause Inefficiencies: Disconnected tools result in inefficiencies and increased risk.

Forcepoint addresses these challenges by offering a unified, full-lifecycle approach to data security. This approach, which we call Data Security Everywhere, not only protects your data across different access channels but also future proofs your business against emerging threats.

The Forcepoint Advantage: Why Companies Are Switching

  1. Proven Legacy Replacement: Forcepoint seamlessly replaces outdated DLP solutions with minimal disruption, ensuring a smooth transition without compromising security.
  2. Trusted Industry Leader: With decades of experience and a customer-focused approach, Forcepoint is an award-winning recognized leader in data security trusted by thousands of organizations.
  3. AI-Powered and Future-Ready: Forcepoint data security solutions are enhanced by AI and ML to increase security efficacy and the ability to easily extend across new channels when you need it, providing continuous, robust protection—even when offline—to secure how people work today.
  4. Simplified, Unified Policies: No more managing multiple DLP solutions. Forcepoint provides unified policies across endpoints, SaaS apps, web, and email in one intuitive console, reducing complexity and saving time.
  5. Flexible Deployment Options: Forcepoint stands out as a vendor that offers flexible deployment models to fit your business needs — on-premises, cloud, or hybrid—allowing seamless integration and agility as your organization evolves.


Trusted Approach by CISOs Worldwide

91% of CISOs in a global IDC survey believe having unified DLP policies across cloud, web, and endpoint would enhance overall data security. Respondents estimate a 31% cost savings due to simplified management, increased staff productivity, and streamlined reporting.

IDC study, ‘The Quest for a Single Set of Unified DLP Policies’

Ready to see it in action?

Don’t let legacy systems hold you back. It’s time to upgrade to a data security solution that aligns with today’s needs. Get a free demo today and see how Forcepoint can transform your approach to data security.

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Cortex Copilot – Another Step Forward in SOC Transformation

Cortex Copilot - Another Step Forward in SOC Transformation

When Incidents Pile Up, You Need A Way Out

Security operations is hard. End-to-end attacks—from compromise to impact—happen in a matter of hours. This requires security analysts to quickly identify and remediate threats before significant impact can happen. However, the time it takes to respond highly depends on an analyst’s skills and experience with the tools they use. Even for experienced analysts, the need to collect various artifacts and navigate different capabilities across a security tool can eat away precious time.

When analysts are on their own, figuring out where to start and which actions to take can significantly slow incident response times. Incidents pile up and analysts get stuck in a reactive vortex that is hard to escape. This vortex is the reality for the majority of security teams, leaving no time for proactive activities that help stay ahead of new threats.

In security operations, analysts need every advantage they can get to remain one step ahead of the attacker. This is why we created Cortex Copilot.

Cortex Copilot – Another Step Forward in SOC Transformation

Back on May 7, Palo Alto Networks announced a wave of new security solutions powered by Precision AI™. These solutions help solve various security challenges for organizations, including how SOCs respond to cyberthreats. To support this, we previously announced the private beta of Cortex Copilot, an advanced security operations AI assistant.

Over the last five months, we have partnered with mature security teams in different industries to test it in real-world scenarios and learn from their experiences. Numerous users at these organizations leveraged Cortex Copilot to investigate incidents, harden defenses, and hunt for threats in their environment. Along the way, they have provided feedback, which we use to enhance capabilities and overall user experience. One theme that immediately became clear is that Cortex Copilot helped streamline security operations for our customers.

Today, we are excited to announce the general availability (GA) of Cortex Copilot to all our customers. This is a key step in transforming how the SOC drives improved security outcomes. With this GA release, Cortex Copilot will be available to all Cortex XSIAM customers, accessible from anywhere in the product, Customers will be notified in-product once this capability has been activated – free of charge.

Empowering the SOC Analyst

Cortex Copilot is an advanced security operations assistant designed to change how analysts work in security tools. This powerful tool empowers security analysts to reenvision threat detection and response by providing context and step-by-step guidance throughout their day-to-day work. And that, in turn, enables them to move faster, resolve incidents sooner, and proactively hunt for threats.

“According to ESG Research, 45% report that Security Operations are more difficult today than two years ago. Despite the many automated security tools in use, the SecOps process is fraught with tedious, time-consuming tasks, as analysts race with the adversary to identify and stop attacks before objectives can be carried out. GenAI assisted tools, such as Palo Alto Networks’ Cortex Copilot, can automate many of these manual activities, accelerating response while helping to guide the investigation and response process for both junior and senior security analysts..” – Dave Gruber, Principal Cybersecurity Analyst at Enterprise Strategy Group

With Cortex Copilot, SOC teams can accomplish three primary objectives:

1. Speed Up Investigations

Analysts can utilize Cortex Copilot within Cortex XSIAM to examine new incidents, explore impacted systems and users, and pinpoint signs of compromise without toggling between screens. Incident details, such as indicators of compromise, are automatically enriched with threat intelligence.

Additionally, Cortex Copilot will suggest investigation and response actions such as running queries or isolating systems. For example, when an analyst asks a question like “What processes are running on client-02?”, Cortex Copilot will automatically provide the recommended appropriate query, saving the analyst valuable time.

Image 1: Cortex Copilot automatically recommends queries based on the question.
Image 1: Cortex Copilot automatically recommends queries based on the question.

 

Image 2: Cortex Copilot automatically recommends the necessary XQL query and prepopulates required parameters, saving the analyst time.
Image 2: Cortex Copilot automatically recommends the necessary XQL query and prepopulates required parameters, saving the analyst time.

 

2. Optimize Analyst Workflow

Cortex Copilot enables analysts to stay more productive by suggesting in-context actions, helping them get the most out of XSIAM’s capabilities. When an analyst provides a prompt, such as asking a question about a system or user name, Cortex Copilot automatically recognizes it and populates relevant details. Additionally, Cortex Copilot will recommend context-appropriate actions based on the prompt. For example, if the question includes a system name, response actions like isolating the system or initiating a live terminal will be presented.

Image 3: Cortex Copilot recommends appropriate response actions based on the system name prompt.
Image 3: Cortex Copilot recommends appropriate response actions based on the system name prompt.

 

Copilot also helps analysts with support issues or product-related questions. Instead of searching through product documentation for answers, analysts can ask Cortex Copilot for summarized information about a topic, reducing the overall learning curve and enabling new analysts to contribute immediately.

Image 4: Cortex Copilot answers a support question and links to relevant documentation from the Cortex Help Center.
Image 4: Cortex Copilot answers a support question and links to relevant documentation from the Cortex Help Center.

 

3. Democratize Threat Hunting

Cortex Copilot empowers analysts of diverse skill levels to conduct comprehensive threat detection by simplifying searches across data sources and guiding them through hunting actions. It suggests potential actions such as enabling the execution of advanced queries, examining attack chains, and enhancing security protections. This empowers analysts to uncover advanced threats and proactively improve overall security effectiveness.

Analysts can proactively search for suspicious activity throughout the environment. For example, an analyst may ask Cortex Copilot to “Show rare new services created in the last 24 hours.” With this analyst prompt, Cortex Copilot will suggest relevant queries that can be executed.

Image 5: Cortex Copilot helps with threat hunting by writing complex queries for the analyst.
Image 5: Cortex Copilot helps with threat hunting by writing complex queries for the analyst.

 

If the analyst finds something suspicious, such as a malicious file, they can immediately take action in Cortex Copilot. This proactively strengthens an organization’s security posture every day.

Image 6: Cortex Copilot enables analysts to add a malicious hash to a block list.
Image 6: Cortex Copilot enables analysts to add a malicious hash to a block list.

 

Cortex Copilot is transforming the way security analysts work in the SOC by changing how they interact with Cortex XSIAM, and helping them to make decisions even faster.

Cortex Copilot Results in the Real-World

During the private beta of Cortex Copilot, we spent five months working with over 100 security analysts. These analysts work for security teams facing the most sophisticated security challenges and represent organizations from high technology, healthcare, and financial services. We asked them to test Cortex Copilot by using it in real-world scenarios, from asking product questions, to getting support, investigating incidents, and crafting complex hunting queries.

We’re excited to see that Cortex Copilot is already delivering on its promise of transforming the way analysts work by allowing them to take security actions in one place.

Cortex Copilot is a great one-stop-shop to quickly investigate and take action on incident artifacts.

– Zachary Ivins, Principal Security Analyst, HealthPartners

 

Cortex Copilot simplifies analyst investigations:

Adopting Cortex Copilot within security operations centers has proven to be a significant step forward in SOC transformation. During the private beta phase, 60% of users used Cortex Copilot to simplify and accelerate security actions, like running advanced queries.

Cortex Copilot accelerates tasks:

Nearly half of the beta users trusted their Copilot to take security actions on their behalf. The data further demonstrated the value of adding Cortex Copilot to the normal workflow, with nearly 70% of users continuing to leverage it week-over-week during the private beta period.

What’s Next for Cortex Copilot?

In the fast-paced world of security operations, early results show that Cortex Copilot is emerging as a true partner for the SOC analyst. Designed to empower security analysts and transform threat detection and response, this advanced AI assistant streamlines investigations, optimizes workflow, and democratizes threat hunting. By providing context, step-by-step guidance, and automating certain actions, Cortex Copilot enables analysts to stay one step ahead of threats and quickly respond to incidents. This further enhances an organization’s security posture in today’s cybersecurity landscape.

As we move forward, Cortex Copilot will continue to integrate into more SOC workflows. The possibilities for future capabilities and use cases are endless – faster response, improved actions with automation, and more. While available in XSIAM today, Cortex Copilot will extend across the Cortex platform, enabling more workflows for endpoint security, automation, attack surface management, and more.

To learn more about Cortex Copilot visit the Cortex XSIAM page, download the Cortex Copilot Datasheet, or speak to your account manager. If you missed it, check out our Prepare for a Brand-New Fight virtual event, where Nikesh Arora, CEO of Palo Alto Networks, details how security professionals should prepare for cybersecurity’s AI inflection point.

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Cisco’s 2024 AI Readiness Index: Urgency Rises, Readiness Falls

Cisco's 2024 AI Readiness Index: Urgency Rises, Readiness Falls

News Summary:

  • Leaders feel the pressure; 98% report increased urgency to deliver on AI and 85% believe they have less than 18 months to act.
  • Networks are not equipped to meet AI workloads; only 21% of companies report having the necessary GPUs to meet current and future AI demands.
  • Only 13% say they are fully ready to capture AI’s potential – down from 14% last year.

SAN JOSE, Calif., Nov. 19, 2024— Cisco (NASDAQ: CSCO), the worldwide leader in networking and security, today announced the findings from the second annual AI Readiness Index. The report explores how prepared organizations are to invest in, deploy and use AI. Nearly eight thousand organizations took part in the report.

Most notably, the report highlights a huge chasm between the urgency companies feel to deploy AI and their readiness to do so. Nearly all companies (98%) report the urgency to deploy AI has increased in the last year. However, the research found that from 2023 to 2024, global AI readiness in the enterprise has actually declined. Only 13% of companies today are fully ready to capture AI’s potential – down from 14% a year ago. Given the rapid market evolution and the significant impact AI is anticipated to have on businesses, this gap between urgency and ability is especially startling. 

“Eventually there will be only two kinds of companies: those that are AI companies, and those that are irrelevant. AI is making us rethink power requirements, compute needs, high-performance connectivity inside and between data centers, data requirements, security and more,” said Jeetu Patel, Chief Product Officer at Cisco. “Regardless of where they are on their AI journey, organizations need to be preparing existing data centers and cloud strategies for changing requirements, and have a plan for how to adopt AI, with agility and resilience, as strategies evolve.”

Key Findings

Alongside the finding that only 13% of companies are fully prepared to implement their AI strategies, some of the most significant findings include:  

  • URGENCY: Companies feel they only have 18 months to showcase the impact of AI. Nearly all (85%) companies say they only have 18 months to start demonstrating the impact of AI. More than half (59%) give it only 12 months.
  • STRATEGY: Companies agree that AI cannot be deployed effectively in an organization without a clear strategy. Cybersecurity is the top priority for AI deployment with 42% of respondents having achieved advanced security deployment. Infrastructure follows at 40%, and data analysis and data management tied for third at 39%.
  • INVESTMENT: Companies are doubling down on AI despite lukewarm results from current AI projects. In the next five years, respondents anticipate that roughly 30% of IT budgets will be dedicated to AI, nearly double what it is today. Close to half of companies say AI implementations across top priorities have fallen short of expectations this year, yet 59% believe the impact from AI investments will surpass expectations after five years.
  • INFRASTRUCTURE: Networks are not equipped to meet AI workloads. The largest decline was in infrastructure readiness, with gaps in compute, data center network performance, and cybersecurity, amongst other areas. Only 21% of organizations have the necessary GPUs to meet current and future AI demands and 30% have the capabilities to protect data in AI models with end–to–end encryption, security audits, continuous monitoring and instant threat response.
  • DATA: Companies report feeling less ready to manage data effectively for AI initiatives, compared to a year ago. Nearly a third (32%) of respondents report high readiness from a data perspective to adapt, deploy and fully leverage AI technologies. Most companies (80%) report inconsistencies or shortcomings in the pre-processing and cleaning of data for AI projects. This remains almost as high as a year ago (81%). Additionally, 64% report that they feel there is room for improvement in tracking the origins of data.
  • TALENT: A lack of skilled talent is a top challenge across infrastructure, data, and governance, underscoring the critical need for skilled professionals to drive AI initiatives. Only 31% of organizations claim their talent is at a high state of readiness to fully leverage AI. Twenty-four percent say their organizations are under resourced in terms of in-house talent necessary for successful AI deployment. Twenty-four percent of all respondents also say that there is not enough talent available in their sector with the right skillsets to address the growing demand for AI.
  • GOVERNANCE: Effective AI governance is more crucial than ever, yet respondents feel that it has become more difficult. When asked about the comprehensiveness of their organizations’ AI policies and protocols, 31% of the organizations said they are highly comprehensive. Fifty-one percent of respondents identified “the lack of talent with expertise in AI governance, law and ethics in the market” as a challenge in improving their readiness from the governance perspective.
  • CULTURE: There has been a noticeable reduction in cultural readiness to embrace AI. A lack of receptiveness to AI’s changes has contributed to the decline in cultural readiness: boards have become less receptive to embracing the transformative power of AI, with 66% of them being highly or moderately receptive, down from 82% last year while 30% of organizations report employees are limited in their willingness to adopt AI or are outright resistant.    

Cisco AI Readiness Index:

The Cisco AI Readiness Index is conducted by an independent third-party and based on a double-blind survey of 7,985 senior business leaders, with responsibility for AI integration and deployment at organizations across 30 markets with 500 or more employees. The Index assessed respondents’ AI readiness across six key pillars: strategy, infrastructure, data, talent, governance and culture.

Companies were examined on 49 different metrics across these six pillars to determine a readiness score for each, as well as an overall readiness score for the respondents’ organization. Each indicator was assigned an individual weightage based on its relative importance to achieving readiness for the applicable pillar. Based on their overall score, Cisco has identified four groups at different levels of organizational readiness – Pacesetters (fully prepared), Chasers (moderately prepared), Followers (limited preparedness) and Laggards (unprepared). 

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Fortinet Achieves the Highest Possible “AAA” Rating on the Industry’s Only Independent, Third-Party Security Service Edge Test

Fortinet Achieves the Highest Possible “AAA” Rating on the Industry’s Only Independent, Third-Party Security Service Edge Test

News Summary

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced its Security Service Edge (SSE) offering, FortiSASE, received a “AAA” rating from CyberRatings.org, the industry’s only independent third-party cybersecurity testing nonprofit.

“SSE is growing in importance as more organizations embrace Unified SASE to protect all devices, edges, and users within their hybrid networks,” said Nirav Shah, SVP Products and Solutions, Fortinet. “CyberRatings’s third-party testing provides customers with the transparency they need to make informed product decisions, including selecting the best SSE solution for their needs. Fortinet’s high-performing score for SSE showcases our continued commitment to delivering advanced and effective security for the hybrid workforce and support for independent, unbiased third-party testing.”

Superior Performance Across All Test Categories  

FortiSASE delivers comprehensive, cloud-based security with the industry’s most flexible connectivity options. During CyberRatings testing, it received the highest “AAA” rating across all four categories: Exploits, Malware, Evasions, and TLS/SSL Functionality. These results illustrate the solution’s strong threat protection, seamless TLS/SSL decryption, and minimal performance impact.

  • Evasions, Exploits, and Malware: FortiSASE achieved a perfect score in the Evasion category (100%) and a near-perfect score in both the Exploit (99.02%) and Malware (99.5%) categories against a sophisticated threat repository. FortiSASE leverages AI-powered threat intelligence, sandboxing, and behavioral analysis to identify and block known and unknown advanced attacks.
  • TLS/SSL Functionality: FortiSASE demonstrated full compatibility and decryption capabilities with prevalent TLS/SSL configurations, including TLS 1.2 and 1.3 cipher suites. This enables secure communication and allows for deep inspection of encrypted traffic to prevent data leakage and identify threats hidden within encrypted channels without complex configurations.
  • Performance: Throughout testing, FortiSASE had minimal impact on network throughput, even under high load conditions, for both clear text (HTTP) and encrypted (HTTPS) traffic. FortiSASE leverages high-performance hardware and optimized software architecture to minimize latency and maximize throughput, ensuring it has little impact on network performance and delivers a smooth user experience even with robust security features enabled.

Recognized in Cloud-Delivered Security

FortiSASE provides secure access to websites and applications for all users and devices no matter their location through comprehensive cloud-delivered security services, including Firewall-as-a-Service, secure web gatewaycloud access security broker, universal zero-trust network access, and FortiGuard AI-Powered Security Services. Because it’s built on the unified Fortinet operating system, FortiOS, and is a part of the Fortinet Security Fabric, FortiSASE integrates seamlessly with Fortinet Secure SD-WAN to provide Unified SASE.

Fortinet was named a Challenger in the 2024 Gartner® Magic Quadrant™ for SSE and was recognized for the second time in the 2024 Gartner Peer Insights™ Customer Choice for SSE. We believe these third-party recognitions further highlight the strength and efficacy of the FortiSASE solution.

Supporting Quote

 

We pride ourselves for putting solutions through the wringer and conducting the most thorough testing available today. FortiSASE detected and blocked thousands of exploits, malware, and evasion tactics while securing traffic and maintaining efficient performance. We have no doubt that FortiSASE is an effective solution with robust security features and recommend it to any organization in need of a comprehensive SSE solution.

– Vikram Phatak, Chief Executive Officer of CyberRatings.org 

Download the full 2024 CyberRatings.org Security Service Edge Report on FortiSASE here.

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Bitdefender Enhances its Extended Detection and Response (XDR) Capabilities for Protecting Business Data in the Cloud

Bitdefender Enhances its Extended Detection and Response (XDR) Capabilities for Protecting Business Data in the Cloud

New XDR Sensor Addresses Critical Cybersecurity Challenges of Monitoring, Detecting and Responding to Security Events from Cloud-Based Productivity and Collaboration Applications

BUCHAREST, Romania and SANTA CLARA, Calif. — Bitdefender, a global cybersecurity leader, today announced enhancements to its GravityZone XDR platform with the addition of its new Business Applications sensor, designed to protect corporate data hosted and stored in cloud-based productivity and collaboration applications. The sensor will initially support Atlassian cloud applications including Confluence, Jira, and Bitbucket, with plans to extend to other popular software-as-a-service (SaaS) platforms frequently used in business operations.

“XDR provides organizations with the visibility needed to monitor, correlate, and respond quickly to security events across their entire footprint,” said Mike Jude, research director at IDC. “With its latest advancements, Bitdefender addresses a major challenge—balancing the operational benefits of cloud-based applications and the need to maintain robust security and reduce risks as the attack surface continues to expand.”

global survey of 1,200 cybersecurity professionals revealed that extending security capabilities across diverse and expanding environments is a top challenge for organizations. In addition, over half (56%) of respondents admitted they do not regularly audit or assess risks across cloud infrastructures, potentially leaving business data and critical assets exposed to cyberattacks.

As organizations use cloud-based productivity platforms like Atlassian, Microsoft 365, Google Workspace and others to drive operational efficiency and lower costs, they also increase their exposure to cyber risks. SaaS environments, which store vast amounts of information, have become prime targets for cybercriminals seeking to steal trade secrets, encrypt data for ransom, inject malicious code, or conduct espionage. These incidents often lead to privacy violations, disruptions to business operations, and severe financial losses.

The Business Applications sensor is the latest enhancement for GravityZone XDR, Bitdefender’s native XDR platform built to deliver rich security context, correlate disparate alerts, provide out-of-the-box analytics, and enable rapid incident triage and attack containment through automated and guided responses. GravityZone XDR increases threat visibility across infrastructure, cloud workloads, identities and applications by unifying and associating data from multiple sources into single, actionable organization-level incidents.

Once integrated into an Atlassian cloud environment the Business Applications sensor allows organizations to monitor and analyze security events stemming from Atlassian applications, baseline and detect unusual behavior, and immediately restrict access for suspicious users. With the addition of these capabilities, Bitdefender becomes one of the first cybersecurity providers to offer comprehensive prevention, protection, detection and response across all major attack surfaces covering endpoints, identity, productivity, network, mobile devices and cloud environments.

“Cyberattacks have become complex and multifaceted, with threat actors now targeting widely used business applications to gain a foothold and breach organizations,” stated Andrei Florescu, president and general manager, Bitdefender Business Solutions Group. “With the addition of our new sensor, we have extended GravityZone XDR capabilities to provide to more than 300,000 businesses using Atlassian productivity tools with a robust solution for protecting business data, enhancing security visibility, and maximizing security team efficiency.”

The Business Applications sensor for GravityZone XDR is available now. For more information, visit here.

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Understanding the Microsoft CrowdStrike Outage: Key Insights

Understanding the Microsoft CrowdStrike Outage: Key Insights

In our highly connected world, even the big players in cybersecurity like Microsoft and CrowdStrike can hit a bump in the road. When they face an outage, it’s a big deal because it shows that even top-notch systems have their weak spots. This reminds us all just how crucial strong cybersecurity is for keeping our data and services safe from sophisticated threats.

Let’s break down what happened with the Microsoft CrowdStrike outage, how it impacted the world, and what steps were taken to fix it. By understanding these details, we can better grasp the challenges of managing cybersecurity in our digital age.

What Happened: Understanding the Outage

Overview of the Incident

The Microsoft CrowdStrike outage was a major event that kicked off early on a Friday. The trouble started with a software update from CrowdStrike, targeting their Falcon sensor security software on Microsoft Windows. This update caused widespread “blue screens of death,” those infamous error screens on Windows.

Details of the Affected Updates

CrowdStrike’s update was supposed to enhance the Falcon sensor’s ability to detect new cyber threats. Instead, it had a logic error triggered by a routine sensor configuration update. This update rolled out just after midnight EST on Friday and led to system crashes.

Immediate Impacts Detected

The effects were severe and widespread, hitting various sectors globally. Critical services like air travel faced massive disruptions, with thousands of flights canceled and delays piling up. The healthcare sector was also hit hard, with some surgeries postponed and emergency services experiencing outages. This incident highlighted how essential cybersecurity software is to our modern digital infrastructure.

Global Impact of the Incident

The Microsoft CrowdStrike outage had a far-reaching impact, affecting multiple sectors and regions. Here’s a closer look:

Affected Sectors (airlines, healthcare, financial services)

The airline industry was hit particularly hard, with over 4,295 flights canceled globally, causing chaos at airports. Healthcare systems like Mass General Brigham and Emory Healthcare had to postpone services and revert to manual systems. Financial services also suffered, with disruptions in payment systems and customer access at banks worldwide.

Geographical Spread of the Outages

This wasn’t just a local issue—it affected services across the U.S., Canada, the UK, Europe, and Asia. Major U.S. cities saw disruptions in healthcare and public transportation, while the UK’s National Health Service faced setbacks in managing patient records and appointments.

Operational Consequences on Businesses

Businesses worldwide faced operational hurdles. Amazon warehouse employees struggled with schedule management, and Starbucks temporarily closed stores due to mobile ordering issues. Big corporations like FedEx and UPS reported substantial disruptions affecting logistics and deliveries. This outage underscored how crucial stable and secure IT infrastructures are for modern businesses.

Responses from CrowdStrike and Microsoft

Statements from CrowdStrike and Microsoft Executives

CrowdStrike’s CEO apologized for the disruption and assured that they had identified and fixed the issue, focusing on restoring customer systems. Microsoft deployed experts to work with affected customers and collaborated with other cloud providers to mitigate the impact.

Technical Steps Taken to Resolve the Issue

CrowdStrike pinpointed the problematic update and reverted changes to stabilize systems. Microsoft provided manual remediation documentation and scripts and updated the Azure Status Dashboard to keep customers informed. Both companies mobilized full resources to address the issue quickly.

Customer Communication and Support Efforts

CrowdStrike used their support portal and official channels to update customers and recommended specific remediation steps. Microsoft shared updates and solutions through official platforms to ensure widespread awareness and swift resolution. CrowdStrike also provided guidelines on their blog and support portal for further assistance.

Challenges and Recovery Efforts

Technical challenges in the recovery process

Recovery was tough due to the need for manual remediation of many devices. A critical issue was the lack of a phased rollout of updates, which would usually help reduce the impact. Companies deployed hundreds of engineers to work directly with affected systems and used specific recovery tools to restore PCs.

Cloud vs. on-premises remediation

Addressing issues in cloud environments like AWS, Azure, and GCP involved unique challenges compared to traditional on-premises systems. Cloud platforms don’t support conventional recovery methods like “safe mode,” requiring administrators to use more complex procedures to resolve issues.

The role of BitLocker in recovery

BitLocker, Microsoft’s disk encryption technology, played a dual role. While it provided essential security, it also complicated recovery efforts by requiring access to the BitLocker Recovery Key to manage disks securely.

Learning from the CrowdStrike Outage: Enhancing Disaster Recovery Plans

The recent CrowdStrike outage teaches an important lesson for all organizations: the need for a solid disaster recovery (DR) strategy. This incident reminded us that in today’s digital world, no system is immune to disruptions. Whether it’s due to cyberattacks, technical issues, or natural disasters, having an effective DR plan is crucial for maintaining business continuity and minimizing downtime.

Here are a few key takeaways for bolstering your disaster recovery plans:

  • Practice Regular DR Drills and Update/Review Plans Continuously: Run simulations of possible outage scenarios to test your response strategies and find any weaknesses and regularly review your DR plans to adjust to new threats
  • Backup Essential Data: Regularly back up all crucial data and store it in multiple locations.
  • Have a Failover Plan: Determine your failback plan to get back to your production environment

Stay Vigilant: Scammers Exploit Chaos During Outages

The outage also shined a light on another big problem: opportunistic scammers. While CrowdStrike was handling the chaos, scammers swooped in to take advantage of the situation, making things even more complicated for businesses. This really drives home the point that we need not only a solid DR plan but also strong cybersecurity measures to protect against these kinds of threats when we’re most vulnerable.

Key Takeaways and Future Directions

This outage showed just how dependent we are on digital infrastructures and the critical need for robust cybersecurity measures. It highlighted the importance of rapid response mechanisms, effective customer communication, and ongoing innovation in cybersecurity practices.

As we continue to navigate the digital world, this event underscores the significance of preparedness and resilience. It’s a call to enhance cybersecurity protocols and collaborate to build a more resilient digital ecosystem, ensuring we’re ready for any future threats.

FAQs

1. What sectors were impacted by the CrowdStrike outage?
The CrowdStrike outage had a broad impact, affecting various major business sectors globally. Notably, it caused significant disruptions at airports, leading to severe delays and cancelations of flights, as the computers essential for these services were compromised.

2. Was the Microsoft outage caused by CrowdStrike?
Yes, the global outage experienced by Microsoft on Thursday was triggered by an issue with CrowdStrike’s Falcon Sensor software. This problem led to widespread disruptions and caused the ‘Blue Screen of Death’ to appear on Windows PCs.

3. What were the effects of the Microsoft outage?
The Microsoft outage led to substantial disruptions across numerous sectors. It resulted in flight delays and cancelations, and affected critical services in hospitals, banks, supermarkets, and millions of other businesses.

4. What does CrowdStrike Falcon® Insight XDR do?
CrowdStrike Falcon® Insight XDR is the Endpoint Detection and Response (EDR) component of the CrowdStrike Falcon® endpoint protection platform. It functions similarly to a DVR for endpoints, continuously recording activities to detect and address incidents that bypassed initial preventive measures.

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Bitdefender Expands Arrow Electronics Collaboration with Powerful Subscription-Based Cybersecurity Solutions for Businesses

Bitdefender Expands Arrow Electronics Collaboration with Powerful Subscription-Based Cybersecurity Solutions for Businesses

Extended Collaboration Delivers Advanced Threat Prevention, Detection and Response Solutions, Including XDR and MDR, to Organizations Across Key European Markets

BUCHAREST, Romania, SANTA CLARA, Calif. – Bitdefender, a global cybersecurity leader, today announced it has expanded its collaboration with Arrow Electronics to deliver a broader range of powerful threat prevention, detection and response solutions to managed service providers (MSPs) and their customers.

Through the extended cooperation Arrow will shift to a subscription-based model with Bitdefender, offering Bitdefender’s full MSP product portfolio on a pay-as-you-go basis to customers in U.K., France, Germany, Luxembourg, Belgium and the Netherlands.

“Businesses must leverage every possible advantage to keep pace with the latest malware and techniques cybercriminals use to exploit systems and breach environments,” said Richard Tallman, senior director, worldwide MSP and cloud at Bitdefender Business Solutions Group. “Our expanded collaboration with Arrow gives their customers an optimal path for stopping cyberattacks through powerful threat prevention, detection and response in a turnkey package and service flexibility they prefer.”

Arrow has incorporated Bitdefender GravityZone Cloud MSP Security Solutions, a dedicated security suite designed specifically for MSPs, into ArrowSphere Cloud, the company’s cloud delivery and management platform which provides on-demand security solutions, including advanced endpoint protection, Extended Detection and Response (XDR) and 24×7 Managed Detection and Response (MDR) services. Once a business submits an order in ArrowSphere Cloud, solutions are provisioned and running in minutes.

Bitdefender security solutions deliver a multi-layered approach to security via system hardening to help stop threats at the door, all the way through threat detection and response, including human-led threat hunting. The company’s products and services are driven by its extensive network of hundreds of millions of sensors continuously collecting threat data worldwide and fed to its array of interconnected Security Operation Centers (SOCs) staffed with highly skilled security analysts, threat hunters and investigators who detect, verify, contain and eliminate threats as they occur.

Bitdefender user and Arrow channel partner Mike Dumange, infrastructure and systems consultant at TDI Services stated, “To help our clients truly achieve digital transformation, they have to trust that their service provider is fully protecting their systems against escalating threats. Working with the professional team at Arrow and integrating Bitdefender’s comprehensive, flexible security solutions into our MDR Managed SOC offering allows us to optimize our clients’ engagements.”

For more information about cybersecurity solutions offered through Arrow and Bitdefender visit https://www.bitdefender.com/business/products/mdr-for-msp.html.  

Copyright © 2023 eLinks sarl. All rights reserved.

Categories
Uncategorized

Palo Alto Networks Unit 42 Named a Leader in Cybersecurity Incident Response Services

Palo Alto Networks Unit 42 Named a Leader in Cybersecurity Incident Response Services

Unit 42 receives highest possible scores in nine criteria including Innovation, Technology, Threat Intelligence, Cloud Environments, and IR Leadership and Team Structure 

SANTA CLARA, Calif.June 10, 2024 /PRNewswire/ — Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced Palo Alto Networks® Unit 42® has been named as a Leader in The Forrester Wave™: Cybersecurity Incident Response Services, Q2 2024.  

Wendi Whitmore, Senior Vice President and Head of Unit 42 at Palo Alto Networks, said:
“As the threat landscape intensifies and attacks increase in speed, scale, and sophistication, organizations need a strategic partner to help them prepare for and respond to incidents; Unit 42 is that and more. As trusted advisors and partners, we guide our clients through some of the world’s most significant cybersecurity incidents, ultimately transforming their security posture by leveraging the full power of Palo Alto Networks AI-powered security platforms and solutions to prevent and reduce the likelihood of future attacks.”

The Unit 42 team includes a global team of threat experts and seasoned IR consultants with a depth of experience ranging from complex ransomware investigations to insider threats, vulnerability exploitation and nation-state attacks. 

In the last year, Unit 42 nearly doubled its number of Incident Response (IR) Retainer customers. This growth is a testament to the team’s relentless pursuit of excellence, enabling them to more effectively navigate complex incident response investigations and help them respond and recover stronger than before. The global nature of the team enables Unit 42 to respond 24/7 to cybersecurity incidents quickly. 

The Forrester report recognizes Unit 42 for the following reasons: 

  • “The combined team and offering under the Unit 42 product name has gone global and launched innovative IR offerings.”
  • “It also brought in top leadership talent, built up its global presence, and expanded its partner network over the last two years to complement its in-house products and services, allowing it to hold its own with the larger IR firms and big consultancies.”
  • “Investigations are enhanced by its threat intelligence capabilities, including embedded analysts for each response and dynamic battlecards guiding response or negotiation activities by specific threat actors.”
  • “[Unit 42 offering is designed to]…streamline the retainer management and IR processes, especially for those one-to-many breaches where a vulnerability in a tech product affects hundreds or thousands of customers.”
  • “Unit 42 recently launched Arcade, an IR client onboarding and retainer management platform designed to establish a customer’s security profile, gain situational awareness of the customer’s environment, and serve as a relationship hub.” 

Unit 42’s incident response approach goes beyond responding quickly and effectively; it’s about transforming an organization’s security posture and enhancing overall cyber resilience. Utilizing Precision AI™ technology, Unit 42 automates detection, prevention and remediation, shifting security from reactive to proactive. Its team of experts helps clients mature their security strategies after an incident to reduce the likelihood of future attacks and ensure business continuity. To better prepare organizations for future threats, Palo Alto Networks leverages Unit 42 threat intelligence derived from thousands of IR engagements to inform a cycle of continuous improvement and technology development across its network, cloud and SOC platforms and solutions.

For more information about Unit 42’s incident response services and to download a complimentary copy of “The Forrester Wave™: Incident Response Services, Q2 2024” visit https://start.paloaltonetworks.com/forrester-wave-incident-response or read the blog

This is the second Forrester Wave this month in which Palo Alto Networks has been positioned as a Leader. In June 2024, Palo Alto Networks was also named a Leader in The Forrester Wave™: Extended Detection and Response, Q2 2024. In total, Palo Alto Networks currently is recognized in 23 cybersecurity product categories by the industry analyst community. 

About Unit 42
Palo Alto Networks Unit 42 brings together world-renowned threat researchers, elite incident responders, and expert security consultants to create an intelligence-driven, response-ready organization passionate about helping you proactively manage cyber risk. Together, our team serves as your trusted advisor to help assess and test your security controls against the right threats, transform your security strategy with a threat-informed approach, and respond to incidents in record time so that you get back to business faster.

About Palo Alto Networks
Palo Alto Networks is the world’s cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we’re committed to helping ensure each day is safer than the one before. It’s what makes us the cybersecurity partner of choice.

At Palo Alto Networks, we’re committed to bringing together the very best people in service of our mission, so we’re also proud to be the cybersecurity workplace of choice, recognized among Newsweek’s Most Loved Workplaces (2023, 2022, 2021), with a score of 100 on the Disability Equality Index (2023, 2022), and HRC Best Places for LGBTQ Equality (2022). For more information, visit www.paloaltonetworks.com.

Palo Alto Networks, Unit 42, Precision AI, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.

Copyright © 2023 eLinks sarl. All rights reserved.