Last week Enterprise Times published a podcast where Ian Murphy, Editor, spoke with Greg Keller, CTO of JumpCloud. They discussed the challenges of Active Directory (AD) and Artificial Intelligence (AI). AD is critical to managing identity and access for any company that relies on Windows. Yet very few would describe managing it as easy. If you are an SME, a market that JumpCloud serves, the complexity makes it a difficult beast to manage.
Other stories came from vendors such as BlueVoyant, Egress, Eseye, and JumpCloud. The FBI was busy last week with successful prosecutions and a research report. Noyb highlighted a loophole in Swedish law that could exempt businesses from all obligations under the EU’s strict privacy laws.
BlueVoyant
BlueVoyant Government Solutions, a division of BlueVoyant focused on providing comprehensive cyber defense to governments, has partnered with Carahsoft Technology company. Carahsoft will act as the public sector distributor for BlueVoyants government solutions.
Lonny Anderson, President of BlueVoyant Government Solutions, commented, “Most US Government agencies are managing several different cybersecurity solutions to identify the threats they need to address. With a trusted partner like Carahsoft, we can bring BlueVoyant’s holistic approach to the Public Sector market, providing deep visibility and context into agencies’ cyber risk postures, as well as the tools and services needed to combat active vulnerabilities and threats.”
Carahsoft will offer BlueVoyant solutions, including Managed Extended Detection and Response (MXDR), Supply Chain Defense (SCD), Digital Risk Protection and Professional Services for specialized support on cybersecurity strategy.
Alex Whitworth, Cybersecurity Vertical Executive at Carahsoft, said, “As the Public Sector faces mounting cyber threats to all aspects of operations, it is critical that agencies have access to a scalable, modular solution that meets the demands of today’s cyber threat landscape.
“We look forward to working with BlueVoyant Government Solutions and our reseller partners to supply US Government agencies with a fully managed solution that actively protects Government supply chains from threats, ensuring effective cyber defense and constituent service.”
Egress
Egress announced a partnership with Netskope, a leader in Secure Access Service Edge (SASE). The aim is to enhance behavioural-based threat detection and response, transforming the way organizations manage human risk in cloud email.
The already available integration provides several benefits to existing customers, including:
- Centralized threat intelligence that surfaces meaningful insights from the Netskope One platform to Egress Human Risk Management elevating threat hunting capabilities and dramatically reducing time to response
- Improved detection of suspicious user activity to automate defences against advanced inbound and outbound email threats
- No administrative burden from real-time policy management that dynamically adjusts according to each individual’s risk score via an adaptive security architecture
Tony Pepper, CEO of Egress, commented, “With the rapid adoption of cloud platforms and applications, organizations have struggled to contain cyberattacks and insider threats. Every part of an organization’s technology ecosystem presents risk – with email at the top of the list as the riskiest application. By combining the deep behavioral analytics generated by both Netskope and Egress, joint customers will benefit from unprecedented visibility into human risk and automated defenses that eliminate advanced email threats, tailored to each individual employee.”
David Willis, Vice President, Technology Alliances at Netskope, commented, “Behavioral patterns can disclose indicators of compromise within every platform and application. Enterprises are vulnerable to employees falling victim to inbound email attacks, making cybersecurity mistakes, and knowingly or unknowingly exfiltrating data.
“Today’s announcement marks an exciting development for joint Netskope and Egress customers, who can now enhance their human risk scoring using Netskope One insights and continuously extend their behavioral-based threat detection and response across their cloud environments.”
FBI
The FBI published a considerable number of press releases about convictions and arrests over the last week. Notable amongst them was the guilty pleas of Jonathan Katz, aka “Luna,” 42, of Marlton, New Jersey. He admitted swapping the Subscriber Identity Module (SIM) numbers of cell phone customers into mobile devices controlled by another individual, who was paying the former manager for the unauthorized swaps.
In Rhode Island, Bruno Francis Ragusa, 53, was charged with executing a scheme to obtain tens of thousands of dollars in commissions from an Iowa-based life insurance carrier. By making unauthorized use of his client’s personal identity information to sign them up for end-of-life insurance policies. And draw money to pay for the unauthorized policies from their bank accounts.
In the District of Columbia, Roman Sterlingov, a citizen of Russia and Sweden, was found guilty of operating among the longest-running and most prolific Bitcoin money laundering services on the darknet.
The FBI also released the annual report for 2023 from the Internet Crime Complaint Center (IC3). During 2023 ICS received over 880,000 complaints. With potential losses exceeding $12.5 billion. This is almost a 10% increase in complaints from 2022 and a 22% increase in losses.
The top three crime types most frequently reported by victims were phishing/spoofing, personal data breach, and non-payment/non-delivery. The top three crime types reported by victims of fraud loss are investment scams, business email compromise (BEC), and tech support scams. Victims 30 to 49 years old were the most likely group to report losses from investment fraud. While those over 60 accounted for well over half of losses to tech support scams.
Ransomware continued to be damaging and impactful in 2023. IC3 received over 2,800 ransomware complaints and losses rose to $59.6 million, a 74% increase from last year.
Wayne A. Jacobs, Special Agent in Charge of FBI Philadelphia, commented, “Combatting complex financial fraud schemes remains a top priority for the FBI. While the goal of these crimes remains the same, we continue to see fraudsters evolve in how they leverage technology to execute their scams. In short, fraudsters from anywhere in the world are increasingly leveraging digital tools to target victims at scale.
“FBI Philadelphia encourages all victims to remain vigilant as they live their digital lives and always report suspected internet crimes to the IC3 at ic3.gov. Reporting these online crimes is invaluable in helping us remain agile in the current threat landscape by allowing us to pursue bad actors, share intelligence with our partners, and protect our community.”
JumpCloud
JumpCloud revealed that its open directory platform is now available on Google Cloud Marketplace. Micha Hershman, Chief Marketing Officer of JumpCloud, commented, “After launching our partnership with Google Workspace last year, our customers have told us about how much time they have reclaimed for other important areas of operation thanks to JumpCloud.
“Google Cloud Marketplace availability makes it even easier for organizations to move completely to the cloud, ridding themselves of on-premises Active Directory and device management infrastructure. We’ve expanded JumpCloud’s reach while delivering the same flexibility and simplicity to the broader Google Cloud audience — especially when admins are wrestling with IT tool sprawl and growing external threats. Securing identity and devices together with JumpCloud and Google Workspace provides a cost-effective, best-in-class alternative to legacy single-vendor solutions.”
Dai Vu, Managing Director Marketplace & ISV GTM Programs at Google Cloud, commented, “Bringing JumpCloud to Google Cloud Marketplace will help customers quickly deploy, manage, and grow the open directory platform on Google Cloud’s trusted, global infrastructure. JumpCloud can now securely scale and support customers on their digital transformation journeys.”
noyb
noyb revealed a loophole in Swedish national law. Large data brokers like MrKoll can simply obtain a “media licence”. Exempting their entire business from all obligations under the EU’s strict privacy laws. noyb has now filed a complaint against MrKoll in Sweden that challenges this practice.
Stefano Rossetti, Data Protection Lawyer at noyb, stated, “The business model of data brokers such as MrKoll has nothing to do with journalism. On the contrary, the company puts people at risk by offering their personal data for sale online to anyone who is interested. The Swedish authorities must finally put an end to this abuse of a law originally intended to protect journalists.”
