Monthly newsletter March 2024: Supply Chain Cybersecurity, a pressing requirement for any organization

In February, a staggering 105 hospitals across Romania fell victim, directly or indirectly, to a ransomware attack targeting the eHealth platform provider—a system integral to all these institutions. Exploiting a vulnerability, hackers successfully encrypted data on the production servers of 26 hospitals, prompting preventive disconnection measures for the remainder.

This incident serves as a stark reminder of the critical imperative to secure the entire ecosystem of an organization, encompassing partners, subcontractors, and suppliers alike. Indeed, such vigilance is expressly mandated by Directive NIS 2, slated to take effect in October 2024.

The following article not only provides pertinent statistics on supply chain attack incidents but also offers a series of pragmatic recommendations for fortifying security within a business ecosystem.

Cybersecurity of suppliers and subcontractors emerges as an urgent mandate for Romanian organizations.

We recommend that you consider cyber security beyond the perimeter of your own organization and ensure that it is a priority for all service providers, especially digital ones.

Technology news

Check Point Harmony SaaS: The Cutting-Edge Solution for SaaS Threat Prevention

Check Point Software introduced Harmony SaaS, one of the most advanced solutions for safeguarding against SaaS-based threats. With Harmony SaaS, organizations can safeguard their SaaS ecosystem against threats such as data theft and account takeover. Unlike traditional solutions, Harmony SaaS installs within minutes, continually reduces your attack surface, and automatically prevents threats as they arise.

Key Harmony SaaS Features include:

• Automatic Threat Prevention, leveraging behavior-based machine learning and the most complete repository of SaaS-related threat indicators and attributes.
• Continuous Attack Surface Reduction and insights into an organizations’ SaaS ecosystem, prioritizing recommendations, and remediating security gaps to reduce the attack surface.
• 100% cloud solution that requires no additional hardware or expertise.

Bitdefender Introduced Cloud Security Posture Management: The Key to Configuration Control

• 比特梵德 started the Early Access Program (EAP) for a new functionality within Bitdefender GravityZone, Bitdefender CSPM+ (Cloud Security Posture Management +). This new module is part of an ongoing project that enhances the multi-layered security strategy and extends the prevention layer for all organizations with public cloud infrastructure footprints by defeating attacks before they cause damage. Bitdefender CSPM+ includes not only Cloud Security Posture Management (CSPM) functionality, ensuring the secure and compliant configuration of cloud resources and services to identify and mitigate potential security risks and misconfigurations, but also Cloud Identity and Access Management Security (IAM). The IAM – sometimes referred to as CIEM (Cloud Infrastructure Entitlement Management) – functionality manages user identities and access permissions within the cloud environment. These integrated functionalities provide security and precise control over cloud resources, creating a comprehensive and secure cloud computing environment.

One Identity Cloud PAM is just become available

One Identity announced the general availability of One Identity Cloud PAM Essentials. This innovative SaaS-based solution will simplify privileged access management (PAM) across the enterprise, with a specific focus on cloud applications and infrastructures.

The surge in cloud migration, coupled with the expansion of the attack surface and the growing sophistication and frequency of cyberattacks, underscores the critical need for effective PAM solutions. By tightly controlling and auditing access to privileged accounts, PAM plays a pivotal role in bolstering an organization’s security posture and mitigating identity-based attacks.

Key features of PAM Essentials include:

• Cloud-native PAM functionality: Remote and hybrid security teams can access cloud applications and resources with ease.
• Sessions-based privileged access: User sessions are monitored, controlled and recorded with remote access via SSH and RDP.
• Privileged session recording: Structured audit logs, protocol proxy session recordings and isolation of user sessions create a strong forensic trail tracking potential threats.
• Secured credentials management: Central orchestration of auto-login, timely rotation of passwords and vaulting of local server accounts passwords reduce the risk of unauthorized access.
• Secure tunnel technology: Eliminates the complexities of traditional network access solutions - with no VPN needed - by being built on zero-trust architecture.
• Native integration with OneLogin: Extended unified access management via centrally managed PAM Essentials is enabled for OneLogin customers.
• Flexible: Users can quickly and effectively integrate existing directories and authentication controls.?

Tenable One platform enable customers to directly query AI engine and quickly reduce risk

Tenable? announced innovative enhancements to?ExposureAI, the generative AI capabilities and services within its?Tenable One Exposure Management Platform. The new features enable customers to quickly summarize relevant attack paths, ask questions of an AI assistant and receive specific mitigation guidance to act on intelligence and reduce risk. The platform’s generative AI-powered search and chat applications are fueled by Google Cloud – including Gemini models in Vertex AI.

These new AI capabilities enable virtually anyone in the security team to digest and take action on the most complex attack paths across various exposures to?stay steps ahead of attackers. Added functionality includes:

• Attack Path Summary: Security practitioners can view a summary generated for each attack path in a single pane of glass that provides comprehensive descriptions of the entire attack path and gives direction on how an attacker can leverage a live attack path within the environment.
• AI Assistant: Users can ask Tenable’s AI assistant specific questions about the summarized attack path, as well as each node along the attack path. Questions like: What can you tell me about this asset? How many domain admins have access to this asset? Which patch can I apply to mitigate the vulnerability in this attack path?What is the number of attack paths this patch mitigates?
• Mitigation Guidance: This feature automatically provides specific mitigation guidance for each attack path. Security and IT practitioners no longer need to spend time sifting through options to determine which patch or version number to apply, or which user group has unauthorized access.?

Corero Network Security Launches Corero DDoS Intelligence Service

Corero Network Security unveiled its latest innovation in the fight against DDoS attacks – the Corero DDoS Intelligence Service, an automated, AI-assisted subscription service for Corero SmartWall ONETM customers that delivers pre-emptive, predictive attack mitigation, before the first attack is even seen.??

The DDoS Intelligence Service works hand in glove with SmartWall ONE – a top-tier, automated DDoS protection solution capable of handling existing, new, and zero-day DDoS attacks – to fortify its defenses, ensuring maximum protection for customers. Powered by the Corero Threat Research Team, the DDoS Intelligence Service is available as an annual subscription for all SmartWall ONE customers that are subscribed to the Corero SecureWatch Attack-Time assistance service.