- Thales Leverages Imperva for Data Risk Intelligence
- Darktrace Sees 692% Jump in Black Friday, Cyber Monday Phishing Scams
- MSSPs Critical to Curbing the Expanding BEC Threat
- Cybersecurity Jobs are More Stressful, Report Says, but MSSPs Can Help
Each week, ChannelE2E takes a trip to our affiliate site, MSSP Alert, to bring you the cybersecurity news headlines that matter to your MSP or other channel business.
Cybersecurity has become a key component of managed services businesses and, one could argue, all channel businesses, regardless of the business model. More MSPs are leading their sales conversations with cybersecurity discussions. And cybersecurity services sales continue to be a bright spot in Canalys' analysis of channel business over the last year, even as hardware sales and other sales have slowed.
Here's your roundup of key cybersecurity news this week, including the spike in phishing scams related to Black Friday/Cyber Monday, how MSSPs can help reduce the stress of cybersecurity jobs and curb the growing BEC threat and Thales leveraging of Imperva for data risk intelligence.
Thales Leverages Imperva for Data Risk Intelligence
Thales is adding data risk intelligence functionality to the Imperva Data Security Fabric (DSF) solution, marking the first joint offering that includes capabilities inherited through its acquisition a year ago of Imperva and giving it traction in a growing subset of the larger threat intelligence space.
There is growing pressure on organizations to better protect their data, which is increasingly distributed throughout on-premises, cloud, and edge environments and is increasingly the target of highly sophisticated threat groups. The cost of data breaches also continues to rise and governments are instituting data protection requirements through such laws as the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Managing data security in such a threat landscape and regulatory compliance environment is difficult. In its 2024 data threat report, Thales, an MSSP 250 company, found that 93% of enterprises reported an increase in threats compared to the previous year.
All of this opens opportunities for MSSPs “to leverage data risk intelligence for differentiation and competitive advantage, as well as a growing additional revenue stream,” Krista Case, research director and senior analyst with The Futurum Group, told MSSP Alert.
Darktrace Sees 692% Jump in Black Friday, Cyber Monday Phishing Scams
Cybersecurity firms and MSSPs were busy over the past couple of months tracking myriad online scams aimed at businesses and consumers who were getting ready for the Black Friday and Cyber Monday sales that mark the beginning of the hectic month-long holiday shopping sprint.
It’s an ideal environment for cybercriminals, according to Nathaniel Jones, vice president of threat research at security vendor Darktrace, noting that “consumers are inundated with time-sensitive deals, while retailers handle record-breaking transaction volumes at speed. This environment makes it harder than ever to identify suspicious activity.”
So, how bad was it? According to a Darktrace report this week, during Thanksgiving week, the number of Christmas-themed phishing attacks jumped 327% compared with what was seen between November 4 and 9, and phishing attacks referring to Black Friday and Cyber Monday shot up 692%.
MSSPs Critical to Curbing the Expanding BEC Threat
The sharp rise in business email compromise (BEC) and similar cyberattacks has many organizations scrambling to protect themselves. MSSPs are key to tracking and slowing down these persistent cyberattackers.
Todyl researchers have documented a sharp rise in BEC and similar cyberattacks and detailed a sprawling infrastructure of thousands of hosts in the United States and other countries operated by a threat group dubbed the Söze Syndicate.
The growing BEC numbers and Söze Syndicate case are reflections of the changes in the IT environment and among the bad actors that are fueling the expanding threat, according to David Langlands, chief security officer at Todyl, whose security platform is used by businesses and MSSPs.
They also explained the steps organizations must take to better protect themselves and the reasons MSSPs are key to tracking and slowing down the hackers.
Cybersecurity Jobs are More Stressful, Report Says, but MSSPs Can Help
Being a cybersecurity professional – never an easy job – is becoming even more difficult and stressful, thanks to the increasing complexity of the work, a rapidly expanding attack surface, more attacks, more regulatory requirements, and the growing global shortage of skilled cybersecurity talent.
Those were among the findings in a survey by IT analyst firm Enterprise Strategy Group (ESG) and the Information Systems Security Association (ISSA), an international professional organization for security pros.
Of the 369 ISSA members surveyed for the report – the seventh edition of The Life and Times of Cybersecurity Professionals – 65% said the job of a cybersecurity professional has become more difficult over the past two years, 37% said they’ve considered leaving the profession, and most said their jobs are stressful at least half the time. In addition, the skills shortage is affecting 65% of organizations and 37% of respondents said it has gotten worse over the past two years.
While that’s bad for organizations and their cybersecurity teams, the difficulty finding skilled cybersecurity practitioners is a boon for MSSPs, which often benefit from such crises because organizations need to outsource some of their security functions.
