Cyber Security Institute

Sunday, July 10, 2016

Security Industry News - 2016-07-10

Table of Contents

  • Novosco buys UK IT security services firm NetDef
  • Independent Research Firm Cites BeyondTrust as a Leader in Privileged Identity Management Report
  • Thai companies beef up security as malware threats evolve
  • Kaspersky ATM security solution promises big malware defense in a small package
  • Cybersecurity firms step up intel sharing despite issues of trust
  • Skyport interacts with Cisco ACI
  • European tech investors spot safe havens from Brexit worries
  • Why FireEye Is A Toxic Investment
  • UPDATED: Michael Yell joins RSA

Novosco buys UK IT security services firm NetDef
UK IT security solutions and managed services company NetDef has been acquired by Irish cloud provider Novosco for a 7-figure sum.
The deal will expand Novosco's workforce to 140 and expand its UK business.
Link:—1152320 Independent Research Firm Cites BeyondTrust as a Leader in Privileged Identity Management Report 
the leading cyber security company dedicated to preventing privilege
abuse and stopping unauthorized access, today announced it has been
named a Leader in The Forrester WaveTM: Privileged Identity
Management, Q3 2016 report.
According to The Forrester Wave, BeyondTrust
excels with its privileged session management capabilities.
Link: Thai companies beef up security as malware threats evolve 
Spending on computer security in Thailand is expected to resume double-digit growth this year, fuelled by the growing sophistication of malware threats and development of the digital economy and the national e-payment system, says a security software firm. 
The surge follows high-single-digit growth in 2015.
No raw figures are available on computer security spending. 
Khongsak Kortrakul, senior manager for technical service at Trend Micro (Thailand), said the growth of malware threats is boosting demand for automated data protection software. 
Companies in Thailand experience about 10 malware incidents a month, with medium-sized enterprises heavily targeted.
Link: Kaspersky ATM security solution promises big malware defense in a small package 
Kaspersky Lab recently announced the availability of Kaspersky Embedded Systems Security, a targeted enterprise-grade solution designed to defend ATMs, point-of-sale systems and point-of-service machines against malware attacks. 
The solution works to protect a variety of Windows-based platforms that handle sensitive financial operations, a press release said. 
The solution supports Windows versions from XP up to and including Windows XP Embedded, Windows Embedded 8.0 Standard and Windows 10 IoT.
Additionally, it can run on systems with as little as 256 megabytes of memory and just 50 megabytes of available disk space, Kaspersky said.

Cybersecurity firms step up intel sharing despite issues of trust
“We have to win this war together,” said Ben Johnson, chief security strategist of Carbon Black. 
The company is the latest to help pool together security expertise with a new platform called the Detection eXchange. 
In 2014, Palo Alto Networks joined with rivals including Fortinet, Intel Security and Symantec to form the Cyber Threat Alliance.
The vendors are each sharing around 1,000 malware samples each day and using that data to bolster their security products. 
The alliance is still small, with only about eight members, but Howard believes it will be a “game changer” if the group can expand to 50. 
The intelligence sharing fills gaps in what each security vendor knows.
For instance, Palo Alto Networks and Symantec overlap in only about 70 percent of the malware intelligence they share, according to Howard. 
A major fear is that information shared about vulnerabilities or a company's infrastructure may be leaked accidentally to other hackers.
But the pros can outweigh the cons.
Companies Wright has talked to see the benefits of wider collaboration and even expect it from their vendor.
They realize they’re walking a fine line between the risk of sharing too much and potentially stopping the next cyber attack.
Link: Skyport interacts with Cisco ACI 
Skyport's SkySecure converged system brings together zero trust compute, virtualization and a full stack of security technologies.
It logs all traffic at a forensically auditable level, enabling users to see where traffic originates, where it is headed, whether it was allowed or not, what policy allowed or blocked it, and when and who put that policy into action.
Remote management capability allows users to easily secure branch infrastructure without firewalls, proxies, MPLS or other security measures.
Link: European tech investors spot safe havens from Brexit worries 
Technology investors seeking refuge after Brexit are picking companies delivering instant access to services for Web and mobile customers or firms mainly doing business globally which can benefit from the pound's fall. 
They are shying away from hardware makers or e-commerce suppliers with sizeable UK sales, which count for less after currency swings driven by Britain's vote to leave the EU. 
Shareholders are also wary of software and services firms getting caught short by budget freezes by customers scrambling to reassess their businesses and resulting slowing economic growth. 
Two UK-based safe havens are ARM Holdings (ARM.L), which licenses chip technology used in most smartphones worldwide, and Sophos (SOPH.L), driven by demand for its computer security software and services, most financial analysts say. 
U.S. names like (CRM.N) and Red Hat (RHT.N), with long-term subscriptions for Internet-delivered software and little direct exposure to Britain, are safe bets, said Silicon Valley-based analyst Trip Chowdhry. (AMZN.O) and Apple (AAPL.O), while active in Britain, enjoy strong brands and have sticky subscription business models likely to insulate them from any UK slowdown, he said.
Link: Why FireEye Is A Toxic Investment 
FireEye investors who have bought the stock in the hopes of an acquisition should consider selling their holdings as none will buy out the company at its asking valuation. 
FireEye has removed its CEO who used to specialize in selling several emerging companies and was spearheading companies like McAfee and Documentum when they were acquired. 
No buyer will pay a premium for FireEye as its expenses have been rising at a faster pace than the revenue, while the debt is also substantial. 
Due to a rapid growth in expenses, FireEye's operating cash flow has slipped deep into the red, which is why no buyer might pay its $30/share asking price. 
FireEye has made a mistake by not accepting two buyout offers this year, while the management shake-up indicates that the board does not intend to sell the company. 
With expenses increasing at a faster rate than revenue, FireEye's business model is currently unsustainable.
Clearly, the company is bleeding money and will continue to do so as the trend above suggests. 
In my opinion, an acquisition would have been the best possible outcome.
However, due to the reasons mentioned above, the chances of the company getting acquired at $30 per share are next to zero now.
Hence, I think investors should stay away from the stock.

UPDATED: Michael Yell joins RSA
Security vendor RSA has appointed a new head of channels and alliances for Asia Pacific and Japan, naming former TeleSign executive Michael Yell to the role. 
Yell joined the company as of June 2016 and will be based at RSA’s Sydney offices. 
The company has recently moved a number of APJ roles to Sydney including channel, inside sales, business unit leads and marketing. 
As part of the role, Yell will be charged with implementing regional channel strategy in the region and managing the company’s partner base.