Emerging risks and trends need to be monitored, but cybersecurity challenges can be fixed with a focus on the fundamentals.

With reports that more than half of US states have banned or restricted access to TikTok on government devices, many cybersecurity professionals are asking, "How can you take a well-intentioned policy from vision to execution?" The answer is operational governance.

Cybersecurity tends to focus on preventing ransomware and advanced persistent threats. This is essential work, but it can overshadow the foundation of an effective cybersecurity program. Fundamentally, cybersecurity is about enforcing corporate policies. Yet enforcement falls flat far too often because organizations lack visibility into what is happening on their network.

Many policies are intended to prevent attacks, but other traditional examples include preventing access to gambling websites and other illicit content. Governance, risk, and compliance (GRC) programs are intended to demonstrate compliance for audits or to assess the security posture of another organization during a corporate merger or acquisition.

TikTok is just one recent example of banning access to an app. New York City public schools have banned ChatGPT. And there are ongoing concerns that a rogue employee could install cryptomining software on a corporate network. Of course, preventing and detecting these risks and threats has become substantially harder since cloud computing, mobile devices, and the Internet of Things have radically transformed the network perimeter.

The network perimeter has been atomized by decades of digital transformation, which means it has become dispersed, ephemeral, encrypted, and diverse. Mobile and remote workers are accessing data and applications scattered across multicloud, hybrid-cloud, and on-premises infrastructure. Legacy application appliances have been retrofitted to interoperate with cloud environments. IT/OT convergence is enabling applications to access physical environments as easily as IT networks.

**A Paper Tiger: Policy Without Enforcement**

As organizations have moved to adopt zero-trust security, network security and identity-based access controls have been lagging behind endpoint and detection and response (EDR) deployments. Unfortunately, identity-based threats can elevate endpoint privileges to disable EDR agents and to access the network, where threat actors can hide between the gaps of disconnected technologies and the teams that manage them.

Furthermore, many endpoint and network devices, such as IoT devices, serverless platforms, routers, switches, and SCADA systems are incapable of running EDR agents in the first place. And all of this assumes that the cybersecurity team is aware of every endpoint connected to the network and has a way to control them, which is not always the case.

Entire classes of devices may be left unprotected, so having an effective network security architecture beyond access control and access brokering is even more important. However, the chaotic nature of network traffic makes visibility difficult. Traditional solutions usually don't support the cloud, and cloud-based approaches tend to focus on specific cloud environments. Detecting and stopping attacks is incredibly difficult, given the opacity and gaps.

One major concern with TikTok and other apps is the potential for unauthorized access to the network and devices through excessive permissions or embedded spyware, which may be used for espionage. To address these concerns, it is important to categorize the types of infrastructure and the traffic that needs to be monitored. By mapping out the infrastructure and analyzing real-time data, it is possible to identify and alert on policy violations and to integrate these alerts into existing workflows.

**Invent the Universe: Comprehensive Visibility and Real-Time Verification**

The famed astrophysicist Carl Sagan once quipped, "If you wish to make an apple pie from scratch, you must first invent the universe." The same goes for enforcing cybersecurity. Without comprehensive visibility of the network and real-time verification of governance policies, it can be difficult to know if they are being enforced. This is especially true when relying on outdated technologies or host-based monitoring, which may not provide a comprehensive view of network activity.

For example, I recently spoke with a company that discovered one of its factory machines — which was in production and should have been isolated from other networks — was browsing TikTok and Facebook. This was a clear indication that policy enforcement had failed, leaving the machine compromised.

And just as you cannot bake without precisely measuring your ingredients and knowing the temperature of the oven, you cannot enforce cybersecurity policy without comprehensive and real-time visibility into endpoint devices and network traffic. Visibility is a foundation of cybersecurity, which is why so many compliance frameworks, such as SOC 2 and ISO 27001 include the creation of an asset inventory among their first requirements.

It can be easy to be drawn in by the allure of shiny new solutions — and certainly cybersecurity professionals do need to monitor emerging risks, threats and trends like these recent TikTok bans — but I would contend that the majority of cybersecurity challenges can be fixed with a focus on the fundamentals: enforcing corporate policy with the visibility needed to do so.

With TikTok Bans, the Time for Operational Governance Is Now

A tax variable in the software implementing the Dingo Token allows the creators to charge 99% in fees per transaction, essentially stealing funds, an analysis finds.

The originator of the Dingo Token — a cryptocurrency with a purported market capitalization of $11 million — has included a backdoor in the code to charge each transaction a fee of up to 99% of the worth of the token.

That's according to cybersecurity firm Check Point Software, which has issued an advisory warning potential investors of what the company calls "a scam." 

While the documents describing the Dingo Token claimed that the scheme charged 10% per transaction, Check Point researchers found 47 transactions where the total fee per transaction had been increased to 99%. The creator had also set the fee to 99% for future transactions, essentially stealing the funds of any traders of the cryptocurrency, according to the analysis published this week.

The Dingo Token creator has already transferred previously collected funds to other accounts, leaving no money for anyone holding Dingo tokens, says Oded Vanunu, head of products vulnerabilities research at Check Point Software.

"The function was called many times by the owners to prevent users from selling their holdings," he says.

Cryptocurrencies are heavily based on mathematics but also on good marketing, a dose of libertarian ideals, and an influx of gray market cash. Overall, hundreds of cryptocurrencies have been created, and not all will be legitimate, nor will they be free of fraud. In a 2019 report, for example, Alameda Research uncovered significant fraud in many crypto exchanges. That's ironic, given that two years later the firm and its sister company, cryptocurrency exchange FTX, had both declared bankruptcy, and their executives, including FTX and Alameda co-founder Sam Bankman-Fried, have been charged with numerous financial crimes.

While those efforts may have started as legitimate businesses, the Dingo Token scheme likely started as fraud from the start, Check Point stated in its analysis.

"We examined the Dingo smart contract and quickly found it seemed like a scam," the company stated. "The project website contains no real information about the owners of the projects."

**A Quick Jump in Popularity**

While the Dingo Token is far down the lists of popular cryptocurrencies — No. 774, at the time Check Point released its advisory — transactions using the currency had jumped 8,400% in the past year, according to the cybersecurity firm. The meteoric rise in popularity, along with the fact that the description of the cryptocurrency was limited, raised suspicions, leading to Check Point analyzing the digital smart contract on which the token is based.

The analysis uncovered systematic theft of traders' funds, using a variable called "TaxFee" to set the amount to take from each transaction. 

"We don’t believe that it was a mistake due to the nature of crypto-scam projects," Vanunu says. "In this case, \[the\] _setTaxFeePercent_ function code...operates as a backdoor, \[allowing\] the owner to change the fee dynamically, which is not best practice for legitimate projects."

The fake cryptocurrency scheme may be the most technical attack yet, but fraud is increasingly a hazard for cryptocurrency investors and users, surging after a hiatus following numerous cryptocurrencies plunging in value by more than 60%. In 2022, for example, the FBI warned that cryptocurrency scams had once again targeted businesses and consumers, this time with fake investment apps that led to the theft of more than $40 million.

**Know Your Code**

The Dingo Token incident highlights the fact that companies need to conduct due diligence on any cryptocurrency in which they plan to use or allow customers to use. Security gaps, such as the backdoor code used by Dingo Token, need to be identified and cryptocurrency investors need more education on the risks, Vanunu says.

"We recommend that users only use known exchanges and buy from a known token that has several transactions behind it," he says. "In the near future, we believe that more preventative solutions will be available for users to deal with these cyber threats."

The Dingo Token creators did not respond to a request for comment sent to their contact email address by publication time. Check Point believes the creators are gone, but more scams will likely appear to take its place.

"It is important for consumers to be careful with the tokens they buy," the company stated in the analysis, adding that "cryptocurrency is a volatile market. Scammers will always find new ways to steal your money using cryptocurrency, and new forms of crypto are constantly being minted."

Backdoor in Dingo Cryptocurrency Allows Creator to Steal (Nearly) Everything

**WESTMINSTER, Colo.****,** **Feb. 7, 2023** **/PRNewswire/ --** Global cybersecurity pioneer Coalfire announced today major innovations to its Compliance Essentials solution, including advanced automated evidence collection plug-ins, enabling faster time to compliance and greater visibility for clients. In partnership with anecdotes, one of the world's leading security technology engineering firms, Compliance Essentials now enables customers to manage compliance workflows and risks, automatically collect evidence, and execute audits all within the platform – making it one of the most comprehensive compliance and risk management automation solutions in the market.

Introduced in 2022, Compliance Essentials is the next-generation compliance management solution that bundles audit services with its leading Software-as-a-Service (SaaS) compliance platform. Compliance Essentials' newly enhanced automation capabilities enable clients to reduce manual evidence collection by up to 50% and cut internal compliance costs by up to 40%.

"We have true continuous compliance with this solution," said Prabhath Karanth, global head of security & trust at TripActions. "Having anecdotes' automation within Compliance Essentials allows organizations to identify control effectiveness and demonstrate to both leadership and customers the status of our maturing security program."

"The transformation to continuous compliance takes a giant step forward with evidence automation seamlessly integrated into our solution," said Coalfire Chief Product Officer Vineet Seth, who was recently named to anecdotes' advisory board. "Working with the elite anecdotes engineering team, Coalfire Compliance Essentials now pulls evidence automatically from 35+ plug-ins spanning all cloud service providers, including AWS, Azure, and Google Cloud, and maps with more than 40 regulatory frameworks."

"We are excited to unveil a game-changing solution for compliance management from Coalfire with this union of exceptional service and technology providers," said anecdotes CEO Yair Kuznitsov. "The partnership promises to revolutionize how compliance teams operate, bringing a brighter future for compliance programs and setting a new standard in the industry."

In addition to enhanced automation features, Coalfire is also introducing a new risk management module within Compliance Essentials that centralizes an organization's risk management program. The module enables customized risk scoring with robust workflows, empowering organizations to track, manage, and address risks.

Seth added, "Our breakthrough compliance automation solution sets a new standard for organizations with complex environments and multiple compliance frameworks on the path to continuous, automated compliance."

**About Coalfire**

The world's leading organizations – including the top five cloud service providers and leaders in financial services, healthcare, and retail – trust Coalfire to elevate their cyber programs and secure the future of their business. Number one in compliance, FedRAMP®, and cloud penetration testing, Coalfire is the world's largest firm dedicated to cybersecurity, providing unparalleled technology-enabled professional and managed services. To learn more, visit Coalfire.com.

**About anecdotes**

anecdotes is the leading technology provider for Compliance leaders. Powered by data, the anecdotes Compliance Operating System (OS) transforms security Compliance from a box-ticking exercise into a powerful driver of growth. With a variety of applications powered by verified data, Compliance leaders as well as advisory firms and auditors, can turn manual, time-consuming, and siloed tasks into an automated, continuous, and strategic Compliance program. That's why some of the world's fastest growing brands - Unity, TripActions, Amplitude, Babylon and more - use anecdotes. For more information, visit anecdotes.ai.

Coalfire Compliance Essentials Optimized for Automated Evidence Collection

**TEL AVIV, Israel****,** **Feb. 7, 2023** **/PRNewswire/ --** ARMO, creator of open-source Kubernetes security platform Kubescape, announced today that it has integrated ChatGPT's generative AI into ARMO Platform. With ARMO Custom Controls powered by ChatGPT, users can quickly build custom controls based on Open Policy Agent (OPA) to solve their unique security needs. They can then run them to ensure their Kubernetes clusters and CI/CD pipelines are secure, correctly configured and compliant with security policies.

Open Policy Agent (OPA) provides a standard for security policies, which can be constructed using the Rego declarative language. However, Rego is not a widely known language and using it can be complicated and confusing.

ARMO Custom Controls pre-trains ChatGPT with security and compliance Regos and additional context, utilizing and harnessing the power of AI to produce custom made controls requested via natural language. The user gets the completed OPA rule produced by ChatGPT, as well as a natural language description of the rule and a suggested remediation to fix the failed control — quickly, simply and with no need to learn a new language.

Users can then run the new AI-generated control locally to use it live, and will soon be able to save and run it as an ARMO Platform custom control. Custom controls can also be submitted as pull requests to Kubescape's public regolibrary, contributing them to the community so that all Kubescape users can benefit from them.

"We realized that Kubernetes custom controls are a perfect use-case for generative AI," said Shauli Rozen, co-founder and CEO of ARMO. "By giving ChatGPT some important background and context first, ARMO Platform users can harness it to create custom controls and policies in seconds, complete with descriptions and suggested remediations. Users can focus on securing their Kubernetes environments and not on learning new code languages and tools. We look forward to building on new technology like ChatGPT as part of ARMO's mission to make Kubernetes security simple, easy and transparent."

To try ARMO Custom Controls powered by chatGPT, sign up to ARMO Platform for free.

Read more here 

**About ARMO**

ARMO, the creator of Kubescape, is on a mission to create an end-to-end Kubernetes security platform, powered by open source. We cover all Kubernetes security issues without adding to engineers' burden. Our products enforce organizational security and compliance policies without slowing down the business.

ARMO focuses solely on open source based CI/CD & Kubernetes security, allowing organizations to be fully compliant and secure from code to production. Our solution makes security simple and frictionless for DevOps and is embraced by security.

ARMO Platform is the enterprise solution based on Kubescape. It's a multi-cloud Kubernetes and CI/CD security single pane of glass. Features include: risk analysis, security compliance, misconfiguration and image vulnerability scanning, RBAC visualization.

Kubescape is an open-source Kubernetes security platform. It includes risk analysis, security compliance, and misconfiguration scanning. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. It saves Kubernetes users and admins precious time, effort, and resources.

ARMO Integrates ChatGPT to Help Users Secure Kubernetes

**WILMINGTON, Del.****,** **Feb. 7, 2023** **/PRNewswire/ --** Intel 471, the premier provider of cyber threat intelligence solutions across the globe, today announced the release of its suite of Attack Surface Protection solutions, specifically designed to scale and grow with the needs of security teams worldwide.

The Intel 471 Attack Surface Protection suite is comprised of three offerings enabling organizations to identify, manage, and protect their digital footprint from the ever increasing and sophisticated cyber threats. Specifically:

*   **Attack Surface Discovery** – maps an enterprise's digital footprint at a single point in time using data from over 200 different OSINT sources, perform scans, probe for vulnerabilities and weaknesses, and identify Shadow IT assets
*   **Attack Surface Management** – builds on Attack Surface Discovery adding continuous monitoring of your attack surface, scan comparisons, automated alerts, and APIs to implement orchestration.
*   **Attack Surface Intelligence** – super charges Attack Surface Management by adding Intel 471 threat intelligence from the cyber underground, which exposes an entire class of threats to your attack surface.

Intel 471 Attack Surface Protection solutions are built upon the company's acquisition of SpiderFoot, a best-in-class open-source intelligence platform purposefully built to assist security professionals in the automation of asset discovery, attack surface monitoring or security assessments. SpiderFoot's CEO, Steve Micallef now serves as Intel 471's vice president of Attack Surface Technology and has been instrumental in developing our Attack Surface Protection solutions. 

"With digital transformation driving an ever-expanding attack surface, enterprises must have best-in-class solutions to identify, monitor, alert and protect their digital footprint and extended third-party attack surface.  As the premier provider of cyber threat intelligence, our solutions are tailored to grow and scale to meet enterprises' business requirements," said Mark Arena, CEO of Intel 471. "Our strategic acquisition of SpiderFoot and the release of our Attack Surface Protection solutions expand our portfolio to meet the specific and individualized attack surface needs of customers worldwide."

**About Intel 471**

Intel 471 empowers enterprises, government agencies, and other organizations to win the cybersecurity war using near-real-time insights into the latest malicious actors, relationships, threat patterns, and imminent attacks relevant to their businesses.

The company's TITAN platform collects, interprets, structures, and validates human-led, automation-enhanced results. Clients across the globe leverage this threat intelligence with our proprietary framework to map the criminal underground, zero in on key activity, and align their resources and reporting to business requirements. Intel 471 serves as a trusted advisor to security teams, offering ongoing trend analysis and supporting your use of the platform. Learn more at https://intel471.com/.

Intel 471 Announces Powerful and Scalable Attack Surface Protection Solution Suite

**MADISON, Wis.****,** **Feb. 7, 2023****/PRNewswire/ --** Infosec Institute, a leading cybersecurity education provider and part of Cengage Group, today announced the launch of a new security awareness training series titled, "Work Bytes" for Infosec IQ, a security awareness and training platform that empowers employees with the knowledge and skills to reduce their cyber risk. Work Bytes fills the void often seen with other cybersecurity training – the content is concise and entertaining, but most importantly it helps employees retain the information they've learned, ensuring a more knowledgeable and security-aware workforce.

Set in the backdrop of a hilarious office comedy, Work Bytes features a colorful cast of creative characters, including vampires, pirates, aliens, and zombies. These fantastical and unlikely co-workers encounter and navigate today's most common and complex cybersecurity threats from phishing emails to social engineering scams.

Cybersecurity threats are more prevalent than ever, and the reality is that employees are the biggest risk factor within an organization, but they can also be an organization's biggest asset with the right training. In fact, 82% of data breaches involve a human element. Aside from the major reputational damage that accompanies a data breach, business continuity post-breach is also greatly affected with experts predicting that by 2025, 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements.

"Cybersecurity threats are constantly evolving so the way companies train employees to recognize, navigate and deter these threats must change, too," said Jim Chilton, GM for Infosec and CTO of Cengage Group. "Lengthy, time-consuming, and stale trainings result in low engagement and a low retention of information which poses a massive risk for businesses. Our award-winning team has researched, developed, and brought to market a fresh content training series that educates, entertains, and engages today's learners so that they don't just 'check the box,' but begin building a strong, always-vigilant cybersecurity culture."

The Work Bytes training series is just the latest addition to Infosec IQ's content library where it joins five other award-winning training series including the highly acclaimed "Choose Your Own Adventure® Security Awareness Games."  One of the key benefits of Infosec IQ and its training platform is the opportunity to choose the type of content that resonates most with a company's culture and employee base. Offering personalized and tailored cybersecurity training ensures security knowledge and awareness – because cybersecurity needs everyone.

For more information on Infosec IQ and the Work Bytes series visit https://www.infosecinstitute.com/iq/work-bytes/ or watch the trailer here.

**About Infosec**

Infosec, part of Cengage Group, is a leading cybersecurity education provider helping IT and security professionals advance their careers and empowering employees to be cyber-safe at work and home. Its mission is to equip individuals and organizations with the knowledge and skills to confidently outsmart cybercrime. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent and teams, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness and phishing training.

SOURCE Infosec Institute, part of Cengage Group

Infosec Launches New Office Comedy Themed Security Awareness Training Series

**LOS ALTOS, Calif.****,** **Feb. 7, 2023** **/PRNewswire/ --** Contrast Security (Contrast), the code security platform built for developers and trusted by security, today released its Cyber Bank Heists report, an annual report that exposes the cybersecurity threats facing the financial sector.

Authored by Contrast's Senior Vice President of Cyber Strategy Tom Kellermann, the report is a warning to global financial institutions (FIs) that security must be a top-of-mind issue amid rising geopolitical tensions, increased destructive attacks utilizing wipers and a record-breaking year of zero-day exploits. Financial sector security leaders from around the world - in a series of interviews - revealed specific trends when it comes to notable cyberattacks, e-fraud and cyber defense. Some of the most eye-opening results from the report include:

*   60% were victimized by destructive attacks
*   64% saw an increase in application attacks, while 50% experienced attacks against their APIs
*   48% experienced an increase in wire transfer fraud
*   50% have detected campaigns to steal non-public market information
*   54% of the banks were most concerned with the cyber threat posed by Russia
*   72% plan to invest more in application security in 2023

"The increase of online threats, phishing, ransomware attacks, account takeovers and business email compromises impacting the financial sector is growing every day and we can see in real-time the damage this is doing to the longevity of businesses and the impact it's having on our economy," said Derek Booth, Assistant to the Special-Agent-in-Charge, U.S. Secret Service and Head of the Mountain West Cyber Fraud Task Force. "I applaud Tom Kellermann for speaking with some of the most influential people within the sector to determine solutions that can better protect FIs against vulnerabilities in banks and methods of commerce through industry-wide transparency."

"The complexity of securing financial digital systems and the need to develop new ways to guard against sophisticated cyberattacks has increased exponentially in the last year. In response, FIs are fighting to evolve and create more effective prevention, detection and response to these damaging attacks," said Booth.

"Cybersecurity can no longer be viewed as an expense but rather a functionality of conducting business. Trust and confidence in the safety of FIs depend on effectively mitigating and responding to cyberattacks," said Kellermann.

The report provides helpful guidance, and specific defensive countermeasures to defend against growing cybercrime conspiracies and cyberespionage including:

1.  Deploy intelligent runtime protection
2.  Conduct weekly threat hunting
3.  Deploy AppSec for serverless platforms
4.  Defend your APIs
5.  Add a cybersecurity specialist to your board

"The financial sector needs to shift its thinking when it comes to attacks, as geo-political tensions manifest via cyberattacks. Cybercrime cartels are modernizing their criminal conspiracies so as to steal non-market information and destroy the integrity of sensitive data within financial institutions," said Kellermann. "This is no longer a question of duty of care but rather a duty of loyalty to the digital safety of customers. That is why the Cyber Bank Heists report not only highlights these trends but depicts countermeasures that can help institutions defend from within."

Booth will be joining Kellermann for a LinkedIn Live roundtable discussion at 9:00am PST on Tuesday, February 7 and a live webinar at 9:00am PST on Thursday, February 23 to discuss their reactions to the report and the financial security risks impacting organizations this year. Contrast also published a three-part blog series that dives deeper into cyberattack trends, e-fraud, and defensive shifts. 

To download the Cyber Bank Heists report, please visit https://www.contrastsecurity.com/cyberbankheistsreport. FIs can also request a demo of Contrast's financial capabilities by visiting https://www.contrastsecurity.com/solutions/financial-services. 

**About Cyber Bank Heists report:** 

Authored by Contrast's Senior Vice President of Cyber Strategy Tom Kellermann, the annual Cyber Bank Heist report includes findings from interviews conducted with global financial sector leaders focusing on the current state of security threats and the defensive shifts made by cybercriminals. The report provides an analysis of geopolitical tensions, destructive attacks and zero-day exploits from the previous year. It also offers specific defensive countermeasures that should be employed by FIs to protect against growing cybercrime conspiracies and cyberespionage. To learn more about the annual Cyber Bank Heists report, please visit https://www.contrastsecurity.com/cyberbankheistsreport.

**About the Author Tom Kellermann:** 

Tom Kellermann is the Senior Vice President of Cyber Strategy at Contrast Security, Inc. Previously, Tom held the positions of Head of Cybersecurity Strategy for VMware, Inc. and Chief Cybersecurity Officer for Carbon Black, Inc., wherein he authored the "Modern Bank Heist report" for the past five years. In 2020, he was appointed to the Cyber Investigation Advisory Board for the United States Secret Service. On Jan. 19, 2017, Tom was appointed the Wilson Center's Global Fellow for Cybersecurity Policy. Tom previously held the positions of Chief Cybersecurity Officer for Trend Micro, Inc., Vice President of Security for Core Security and Deputy CISO for the World Bank Treasury. In 2008, Tom was appointed a commissioner on the Center for Strategic & International Studies' (CSIS') Commission on Cyber Security for the 44th President of the United States. In 2003, he co-authored the Book "Electronic Safety and Soundness: Securing Finance in a New Age."

**About Contrast Security (Contrast):**

A world leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete software development life cycle (SDLC) with Contrast to protect against today's targeted application security (AppSec) attacks. Contrast also makes security testing available to all developers for free with CodeSec.

Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today's pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of common vulnerabilities and exposures (CVEs). This allows security teams to avoid spending time on focusing false positives and remediate true vulnerabilities faster. Contrast's platform solutions for code assessment, testing, protection, serverless, supply chain, APIs and languages help enterprises achieve true DevSecOps transformation and compliance.

Contrast protects against major cybersecurity attacks for its customer base which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, SOMPO Japan and American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM Cloud, Guidepoint Security, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers.

The growing demand for the world's only platform for code security has landed the company on some of the most prestigious lists including the Inc. 5000 List of America's Fastest Growing Companies and has designated Contrast as one of the fastest growing companies on the Deloitte Technology Fast 500 List.

Financial Institutions Are Suffering From Increasingly Sophisticated Cyberattacks, According to Contrast Security

**SANTA CLARA, Calif.****,** **Feb. 7, 2023** **/PRNewswire/ --** Valtix, the industry's first multi-cloud network security platform as a service, today announced findings from its 2023 Multi-cloud Security Report, which found that 95% of companies are pushing toward a multi-cloud environment, but only 58% believe they have the security architecture to support it. Respondents in the survey of more than 200 U.S. IT leaders cited complexities, gaps and other challenges between the overall strategy and the infrastructure they ultimately create.

The survey found that multi-cloud activity continues to rise with 93% of respondents currently having workloads and data on more than one cloud. Of those not yet in a multi-cloud environment, a full 94% expect to be multi-cloud within 12 months. Companies are embracing multi-cloud twice as fast this year compared to Valtix's year-ago survey. At that time, only 62% of organizations were multi-cloud, with 84% expecting to get there within two years.

"Multi-cloud continues as a strategic priority for most organizations in 2023—yet it also remains a concern for nearly all organizations," said Vishal Jain, co-founder and CEO of Valtix. "Very few companies have the tech, talent and confidence they need to put in place a comprehensive security infrastructure across multiple clouds. While many companies are still unintentional in their cloud choice, leaders are increasingly looking for proactive ways to leverage multi-cloud to benefit the business."

According to the survey, organizations cited several 'unintentional' factors that have accelerated their journey to a multi-cloud environment, including (1) shadow IT (51%), (2) different ISVs that support different clouds (48%), and (3) mergers and acquisitions (47%).

Even as adoption accelerates, 28% of IT leaders surveyed strongly believe multi-cloud is a "bad idea," citing issues such as (1) difficult to consistently secure (38%), lack multi-cloud security and management tools (35%) and (3) lack of multi-cloud reference architectures (32%). Only 57% of IT leaders are sure that multi-cloud security is achievable with current resources and technology, but admit they need to embrace it anyway, as 95% consider multi-cloud a "strategic priority" this year.

**Other findings:**

*   **Cloud Service Providers (CSPs) fail to define portability standards:** As businesses increasingly leverage CSPs for this cloud transformation, IT leaders surveyed were not hopeful CSPs will define portability standards anytime soon. A full 97% of IT leaders believe that CSPs should help define standards to enable better multi-cloud portability. However, 58% surveyed believe security standardization in a multi-cloud environment is a 'myth' and never achievable. Nearly all (90%) of organizations surveyed evaluate third-party security technology in addition to the security tools CSPs provide.
*   **Multi-cloud is a budgetary drain:** Managing multiple distinct security architectures with multi-cloud security is prohibitively expensive for 86% of organizations.
*   **The rise of the cloud security architect:** The Cloud Security Architect is growing as a common role with 86% of organizations currently employing an in-house cloud security architect. Moreover, 89% of organizations require every cloud project to adhere to a cloud security reference architecture.
*   **Cloud security posture management viewed as a commodity:** 67% of IT leaders view CSPM technology provided by the cloud providers as being critical to their success. Only 53% of organizations are looking to make a new CSPM technology investment in 2023.

A complimentary copy of the full report can be downloaded at https://valtix.com/lp/2023-multi-cloud-security-report/.

Follow Valtix on Twitter and LinkedIn to learn more.

**About the Survey**

Valtix commissioned an independent research firm to survey 200 IT leaders in the US about the problems they face with multi-cloud security, the tools they're using, the tools they want to use in the future, and the skills they need to scale and secure on multiple cloud platforms. The survey, which was conducted in January 2023, used a random sample of US IT leaders and has a margin of error of +/- 6.9% at the 95% confidence level.

**About Valtix**

Valtix is on a mission to protect every workload, every app architecture, across every cloud. Deployable in just 5 minutes, Valtix was built to combine robust multi-cloud security with cloud-first simplicity and on-demand scale. Powered by a cloud-native architecture, Valtix provides an innovative approach to cloud network security called Dynamic Multi-Cloud Policy™, which links continuous visibility with advanced security controls. The result: security that is more effective, adaptable to change, and aligned to cloud agility requirements. Join 4 of the top 10 pharmaceuticals and leaders across every industry – sign up free in minutes.

Valtix Survey: 95% of Organizations Say Multi-cloud Is a 'Strategic Priority' but Only 58% Have the Security Architecture to Support It

**NEW YORK****,** **Feb. 7, 2023** **/PRNewswire/ --** DataDome, the global leader in advanced bot and online fraud management, today released its inaugural "E-Commerce Holiday Bot & Online Fraud Report" which analyzes bot traffic during fraudsters' busiest time of year – the holiday season. The study identifies and quantifies the proliferation of bots, aggregating and analyzing traffic data of more than 110 billion requests made in Q4, 2022 across a range of e-commerce sites DataDome protects.

"During flash sales events such as Black Friday and Cyber Monday, e-commerce platforms typically face at least five times - and sometimes up to 30 times - more bot attacks than on normal days," said Benjamin Fabre, CEO & Co-Founder of DataDome. "As bad bots become more sophisticated and difficult to thwart, staying ahead of them is imperative. This holds true particularly during flash sales and the busy holiday season, when the impact of these attacks is maximized."

DataDome analyzed the website, mobile app and API traffic of e-commerce businesses it protects, across clothing, footwear, ticket, and electronic retail among other companies located in the United States, Europe, Australia, and Asia. Key observations from the report include:

*   The United States **was the #1 direct source of bot attacks.** The US generated 10 times the number of bot attacks compared to China, the second country of origin for the most bot attacks against online retailers and e-commerce platforms during this period. Attackers tend to choose IP addresses/proxies located in the same country as the website they target in order to appear more human and bypass traditional geo-blocking techniques. Many of the e-commerce sites DataDome protects are in the US, which helps explain why so many attacks appear to have originated from the US.
*   **E-commerce bots are becoming increasingly sophisticated in their ability to mimic human behavior and bypass basic security tools.** The availability of high-quality proxies has made it easy for attackers to leverage IPs from the home location of their target business. And attackers paid premium prices for ISP proxies, proving both the increasing ROI of online fraud, especially scalping, around Black Friday and other limited sales, and the effectiveness of ISP proxies in helping cybercriminals avoid detection by more basic bot mitigation tools and web application firewalls (WAFs).
*   **98% of the attacks were from scraping and scalping bots:** Numbering in the billions, scraping bots, considered a gateway automated threat that often leads to more aggressive and damaging attacks, were used to test the availability of products and target the limited infrastructure resources during the busy holiday season. Scalping attacks followed, as fraudsters tried to snag as much inventory as possible to resell for profit later.
*   **Some industries saw more impact than others:** Industries that saw the most bot traffic include clothing & footwear and electronic goods—especially hot ticket items, such as gaming consoles and luxury or limited edition merchandise. The biggest attack DataDome observed in Q4 2022 targeted a large US retailer with ~66M malicious bot requests in less than two hours.

"Fraudsters are getting easier access to more sophisticated bots and technology every day. As the ease and ROI of online fraud increase, so do the frequency and intensity of bot attacks," said Antoine Vastel, PhD, Head of Research at DataDome. "Yesterday's basic bot mitigation measures are no match against today's evolving threats—especially bots that use ISP proxies and machine learning to mimic human behavior. Now more than ever, it is critical that retailers protect all endpoints from attacks, as threats target the weakest link in their infrastructures."

The full research report, "E-Commerce Holiday Bot & Online Fraud," is available here. On February 16, 2023 at 12:00p EST, DataDome's Head of Research will host a webinar that dives into the report's findings.

For more information about DataDome's fraud detection and prevention, visit www.datadome.co/.

**About DataDome**

DataDome's bot and online fraud protection detects and mitigates attacks with unparalleled accuracy and zero compromise. Our machine learning solution analyzes 1 trillion data points per day to adapt to new threats in real time. Our 24/7 SOC experts protect hundreds of high-profile brands worldwide, including Reddit, Patreon, and AngelList. A force multiplier for IT security teams, DataDome is fully transparent, easy to deploy, and frictionless for consumers. In 2022, DataDome was named a Strong Performer in the Forrester Wave: Bot Management and ranked the top G2 Leader in Bot Detection & Mitigation for Fall 2022 and Winter 2023.

SOURCE DataDome

DataDome's Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the U.S. as the Top Source of Bot Attacks

Security pros need to look beyond user education to find and disarm fraudulent actors.

The new year celebrations are behind us, and most of us have returned to our daily routines. This is as good a reminder as any that the spring scam season — or rather, tax season — is nearly here.

In all seriousness, the opening of the tax season most often brings with it a new crop of scams to defraud honest, hard-working people.

Of course, it is not just tax season that heralds scams. Nearly all big events, whether they are natural disasters, health crises, economic downturns, major sporting events, or otherwise, seem to bring with them their fair share of scams. Educating our end users as to the dangers of these scams and the potential for fraud losses is necessary but woefully insufficient.

But enterprises need to do even more to effectively combat scams. They need to protect their end users in ways that are not dependent on the end user themselves. Simply put, enterprises cannot rely solely on educating end users to reduce fraud losses.

Though there are undoubtedly numerous ways in which enterprises can combat scams, I'd like to discuss five techniques that enterprises can use to help avoid fraud losses resulting from scams.

**1\. Incorporating the User Layer**

It may sound radical, but the first step to combatting scams is accepting that a certain percentage of them will succeed against end users. Only when enterprises embrace this idea can they begin to reduce fraud losses resulting from scams. If we assume that a certain number of end users will be scammers and/or fraudsters that have taken over or otherwise compromised a legitimate end user's account, that allows us to understand that we need to look at the user layer.

In other words, we need insight into user behavior, device information, and network/environment information in order to add important context and enrich our understanding of who might be interacting with our online application. We can look for unusual activity, suspicious behavioral patterns, and strange device, network, and environment information that might help us realize that it is not the legitimate user who is interacting with the application. That can tip us off to when a legitimate end user has fallen prey to a scam.

**2\. Reducing Noise**

Say that an enterprise needs to look at 50, 100, or 200 suspicious events in a given day — including scam-related events. If those events are found in a work queue of 500 or 1,000 events, this is doable. If, on the other hand, those events are buried in a pile of noise and false positives numbering in the hundreds of thousands or even millions, this is considerably more challenging. Thus, an important component to combatting scams is to get them noticed in the first place.

In other words, it is important to significantly reduce the amount of noise and the volume of false positives that the fraud team needs to wrestle with on a daily basis.

**3\. Tightening Logic**

Related to the above point, a key reason for overabundance of false positives is alert logic that is not tight enough or precise enough. By incorporating the user layer, more precise logic, and more analytically clever rules, enterprises can significantly reduce the volume of false positives and noise that they must contend with. Tightening alert logic is a very effective way to increase the chances that scams will be detected before significant fraud losses have been incurred.

**4\. Performing Post-Transaction Analysis**

It is often the case that enterprises focus on real-time or near-real-time fraud detection and mitigation. This is, of course, extremely important and a noble goal. It would be naive, however, to believe that we are not overlooking or missing significant fraud losses that we are unable to detect in real time.

Analyzing data post-transaction — or "offline," if you will — allows us to identify suspicious or unusual activity that may be buried deep in the data. This allows us to identify reliable patterns, including around scams, that we can turn into real-time or near-real-time detection. This improves our fraud detection capabilities as a whole and helps us to reduce our risk of fraud losses.

**5\. Studying Behavioral Patterns**

An important part of post-transaction analysis that is worth mentioning separately is the study of behavioral patterns. As alluded to above, as careful as scammers and fraudsters try to be, they often leave clues behind that can help us detect that it is them and not the legitimate end user interacting with the online application.

The subtler the clues, the more important it is to study behavioral patterns in depth. Doing so can facilitate the discovery of fraudster "tells" that we can then leverage to more accurately detect scams.

While end-user education is necessary to limiting scam-related fraud losses, it is not sufficient. To truly tackle the scam problem, enterprises must embrace a variety of approaches, some of them outside of the box of conventional wisdom. The investment is most often worth it, however, as it can yield results in the form of significantly reduced fraud losses.

Source

DARKReading