- WatchGuard Buys ActZero to Expand MDR Capabilities for MSPs
- Top 10 Most Read Cybersecurity Stories for 2024
- MSSPs Have a Role in Stopping Cloud Attacks Using Stolen Credentials
- HHS Proposes Mandating MFA, Data Encryption in HIPAA
Each week, ChannelE2E compiles a list of the top stories we’ve covered about what’s going on in the security services market from our affiliate brand, MSSP Alert. Here’s this week’s round-up of news from MSSP Alert.
WatchGuard Buys ActZero to Expand MDR Capabilities for MSPs
Unified security platform provider WatchGuard Technologies bought ActZero to bolster the managed detection and response (MDR) service it provides to MSPs, and which has been in high demand since the Seattle-based company launched it 16 months ago.
ActZero brings with it MDR capabilities that include automated and fast threat response and AI-powered threat analysis and will become the foundation of WatchGuard’s MDR product line, bringing an open architecture and greater that extends beyond WatchGuard and its Firebox appliances and services to third-party services like Microsoft Defender.
No financial details of the deal were released.
Bringing ActZero into the fold will deliver new MDR services and support to WatchGuard’s own offerings and allow it to scale to meet the demand that’s continued to grow since the company launched it in October 2023, according to WatchGuard CEO Prakash Panjwani. With ActZero comes the ability to add capacity and new technology to stretch its MDR service throughout the WatchGuard portfolio and third-party products.
Top 10 Most Read Cybersecurity Stories for 2024
Cybersecurity threats and breaches in 2024 didn't slow down. But MSSPs have been there to detect issues, respond to incidents and protect organizations from cyber criminals.
In 2024, our Top 10 Most Read Stories at MSSP Alert reflect MSSP and security-focused MSPs' concentration on what matters most to the cybersecurity channel — vulnerabilities, breaches, business deals, the cybersecurity marketplace, top cybersecurity certifications and breach liability. Here's a round up of our top stories in 2024.
MSSPs Have a Role in Stopping Cloud Attacks Using Stolen Credentials
Amazon Web Services sits atop an expanding global infrastructure services market that hit $84 billion in the third quarter 2024, up 23% year-over-year, making AWS the biggest target for threat groups. As with other cloud providers, stolen credentials and poor identity management continue to be a significant problem.
SentinelOne researchers, in a column, noted that inadequate identity and access management (IAM) practices were the second most common AWS security issue – behind misconfigured S3 buckets – and in a recent report, Fortinet investigators detailed the latest tactics by EC2 Grouper, an ongoing bad actor that routinely uses legitimate credentials to gain access to victims’ cloud accounts.
EC2 Grouper’s tools include using AWS tools for PowerShell in their attacks, Fortinet cloud threat researcher Chris Hall wrote, adding that “identifying illicit usage of valid credentials in the cloud can be a nuanced and difficult task. This poses a considerable challenge when it comes to detection, as the vast majority of attacks in the cloud involve compromised credentials.”
None of this should come as a surprise to MSSPs and MSPs, which are continuing to add IAM and cloud protection services to their portfolios and are big users of PowerShell for managing Microsoft environments.
HHS Proposes Mandating MFA, Data Encryption in HIPAA
The federal government wants healthcare organizations to better protect the massive amounts of sensitive health information they hold as the industry continues to come under attack by cyberthreat groups.
The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) is proposing an overhaul of the security rule in the almost 30-year-old HIPAA to require healthcare providers and their associates, health insurance companies, and healthcare clearinghouses – which enable the exchange of healthcare data between providers and payers – to adopt such security practices as regular testing of processes and multifactor authentication (MFA) and encryption for electronic health records.
The proposed changes, which are due to be published next week, will help the healthcare industry combat the crippling cyberattacks it’s suffered in recent years and will open up more opportunities for MSSPs that can help organizations navigate the increasingly complex regulatory process and protect against the growing number and sophistication of cyberthreats.
“Cyberattacks continue to impact the healthcare sector, with rampant escalation in ransomware and hacking causing significant increases in the number of large breaches reported to OCR annually,” OCR Director Melanie Fontes Rainer said in a statement, adding that with such major attacks like the one on UnitedHealth Group’s Change Healthcare subsidiary last year, the number of people affected by breaches will grow. “This proposed rule to upgrade the HIPAA Security Rule addresses current and future cybersecurity threats.”
