Security

Feature - Reducing the impact of cyber attacks with rapid detection

By Eric Herzog, CMO at Infinidat. There are constant headlines reporting cyber attacks on enterprises and preparing for the inevitability of cyber crime is absolutely critical. Yet despite such a widespread expectation of cyber attacks, there's a concerning lack of preparedness. Research conducted by the Ponemon Institute in 2023 suggests that only 35% of enterprises say they feel properly prepared to deal with a cyber security incident. And even among the ones that are prepared, there’s a general acceptance of vulnerabilities within their defences and reactions that they are not fully prepared for. Hackers will exploit this to the maximum. Three major costs of a cyber attack When a cyber attack does occur, and enterprise data becomes compromised, huge costs, operational disruption, and reputational damage are incurred. Let’s examine these impacts individually. The financial impact of data breaches is substantial and continues to rise. According to the Ponemon research, the global average cost of a data breach increased by 10% to $4.88 million, which is the highest ever recorded. Cyber attacks, as we all know, also significantly disrupt business operations. According to Statista research, it took an average of 64 days to contain a breach in 2024 and in cases where stolen or compromised credentials were involved, this increases significantly. Such an extended period of disruption can severely impact a company's ability to function normally, potentially leading to lost productivity, lost revenue, and lost profits. And let’s not overlook the reputational impact of data breaches, which leads to loss of business in the longer term. This is, perhaps, the most costly aspect of a cyber attack, because the intangible values of customer trust and loyalty are significantly affected. Depending on the industry, this cost can vary significantly, with the healthcare, financial services, technology and service sectors being the most expensive to recover from. In the UK, the Ponemon research cites the average cost of recovery within these industries was £5m. What enterprises need to properly prepare for and counter these attack threats is powerful, easy-to-manage data protection and backup storage solutions, combined with guaranteed cyber storage resilience. This is because the speed at which a cyber attack occurs requires immediate and coordinated responses - from all levels of an organisation. A need for ‘baked in’ cyber storage resilience Using a software-defined storage architecture with integrated cyber storage resilience technology is one good way to minimise these impacts. When cyber storage resilience is embedded into enterprise storage, it allows for sub-second protection response and recovery times. This is critical because, when confronting a cyber attack, losing time can cost tremendous amounts of money. Ultra-fast response times will significantly reduce a cyber event's potential cost and recovery impact. For instance, a backup repository involving multiple petabytes of storage could be fully recoverable in just a few minutes. Here's an actual, real-world use case example to illustrate this. To protect the client’s confidentiality, I will just call them ‘Fortune Global 500 company’. This actual customer needed to improve its restore times for their Oracle databases without impacting on service. They were able to achieve an average seven-times improvement to the backup time of their databases using Infinidat. They also achieved a 97% reduction in recovery time for full copies and a 95% reduction to full physical back up times. In addition, backup integrity was fully verified and, after verification, could be converted to an immutable copy to protect against cyber attacks. The five cyber essentials What core cyber storage resilience capabilities were essential for this enterprise to have in place? There are five: • Logical air-gapped protection: Leveraging the ability to isolate data sets logically, fully, and completely, without requiring secondary environments.• Immutable snapshots: Completely hardened and unchangeable data set protection, helping ensure your business is following a proper set of best practices.• Fenced forensic network: Dedicated networking resources activated only to surface a copy of the data to be inspected, tested, or recovered from, within a fully isolated, tightly managed network environment.• Near-instantaneous recovery of any size backup repository.• Data centre-wide cyber security integration, where enterprise storage is seamlessly integrated with data centre-wide cyber security software applications. AI powered scanning To extend their cyber prevention further, advanced cyber detection capabilities can validate the integrity of immutable snapshots using powerful, AI-based scanning engines. Comprehensive machine learning technology can detect ransomware and malware attacks with up to 99.99% accuracy, enabling enterprises to quickly and easily identify a last known good copy for rapid, intelligent recovery. This provides complete reassurance that the data has not been compromised. A new standard for cyber resilient storage What enterprises need from their storage platform today are outstanding performance levels, guaranteed availability, cyber storage resilience, ease of use, and cost savings - at scale and for any backup/recovery data protection use case. By their very nature, backups are the last resort for protecting and recovering critical data. The storage location for this critical data should embody enterprise-calibre reliability and resilience. It should come with SLA-based guarantees for performance, 100% availability, and cyber storage recoverability. This sets the standard for enterprise storage and backup use cases, ensuring the utmost safety and recoverability for critical, backed-up data. Infinidat allows customers to choose the solution that best fits their use case or environment, with a consistent and easy-to-manage set of solutions to save them time and money. Action is critical Extensive research clearly indicates that preparing for cyber attacks is not just advisable, but critical for business survival in the digital age. The inevitability of cyber threats means companies must invest in comprehensive preparation strategies to mitigate their risks, protect their assets, and ensure rapid response capabilities. This proactive approach is essential for maintaining business continuity and safeguarding against potentially devastating financial and reputational damages. To read more from Infinidat, click here.

Infinidat's 2024 year in review

By Eric Herzog, Chief Marketing Officer of Infinidat, reflects back on 2024 - a year of awards, cyber storage innovation, and the next-generation InfiniBox family. 2024 will be remembered as the year that Infinidat took enterprise storage to the next level with the launch of the InfiniBox G4 family of next-generation storage solutions for all-flash and hybrid configurations. Not only has the new enterprise storage solution raised the bar for the performance of a high-end storage array, but it also delivers ground-breaking cyber storage resilience capabilities that are game-changing, coupled with the practicality of hybrid multi-cloud support. In 2024, Infinidat also revolutionised enterprise cyber storage protection to reduce ransomware and malware threat windows. Infinidat’s InfiniSafe Automated Cyber Protection (ACP) was introduced as a first-of-its-kind cyber security integration solution, enabling enterprises to seamlessly integrate with their Security Operations Centers (SOC), Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR) cyber security software applications, and simple syslog functions for less complex environments. With InfiniSafe ACP, a security-related incident or event triggers immediate automated immutable snapshots of data, providing the ability to protect InfiniBox and InfiniBox SSA block-based volumes and/or file systems and ensure near instantaneous cyber recovery, while reducing the threat window. It’s an innovative solution that clearly differentiates Infinidat in the storage space and emphasises the importance of incorporating cyber storage resilience into an overall cyber security strategy. This is just one example of the innovation that Infinidat delivers – and we’ve been getting noticed on multiple fronts. Equipped with an extremely strong value proposition for large enterprises, Infinidat keeps on winning. We have garnered a slew of awards in 2024. The past year has been a time when Infinidat won major industry recognition to set us apart from the competition in the storage industry. Indeed, we are on track to surpass a record number of awards in a 12-month period by the end of 2024. Some of the 35 awards to date include: 2024 Gartner Peer Insights Customers’ Choice in the Gartner Peer Insights “Voice of the Customer” ─ Gartner; the xixth time that Infinidat has been identified as a Gartner Peer Insights Customers’ Choice; the “Best of Show Award” at 2024 FMS ─ InfiniBox G4 family ─ FMS: The Future of Memory and Storage trade show; and “Best Enterprise Storage Array of the Year” (Gold Medal winner) ─ InfiniBox SSA – TechTarget. What all these accolades and recognitions have done is give Infinidat substantial momentum heading into 2025. As a company, we are well-positioned to enable our enterprise customers and cloud provider/managed service customers to reap the superior benefits of the next generation InfiniBox G4 in the new year. Many enterprises are up for a refresh of their enterprise storage – and the InfiniBox G4 has become the new obvious choice in the enterprise market. The combination of the business value and technical value of the G4 is unparalleled. The year of GenAI 2024 is also the year that Infinidat ventured into generative AI (GenAI), making a move to unlock the business value of GenAI applications. We unveiled our Retrieval-Augmented Generation (RAG) workflow deployment architecture to enable enterprises to fully leverage GenAI. This dramatically improves the accuracy and relevancy of AI models. With Infinidat’s RAG architecture, enterprises utilise Infinidat’s existing InfiniBox and InfiniBox SSA enterprise storage systems as the basis to optimise the output of AI models, without the need to purchase any specialised equipment. Infinidat also provides the flexibility of using RAG in a hybrid multi-cloud environment, with InfuzeOS Cloud Edition, making the storage infrastructure a strategic asset for hereby unlocking the business value of GenAI applications for enterprises. Infinidat will play a critical role in RAG deployments in 2025 and beyond, leveraging data on InfiniBox enterprise storage solutions, which are perfectly suited for retrieval-based AI workloads. Vector databases that are central to obtaining the information to increase the accuracy of GenAI models run extremely well in Infinidat’s storage environment. Our customers can deploy RAG on their existing storage infrastructure, taking advantage of the InfiniBox system’s high performance, industry-leading low latency, and unique Neural Cache technology, enabling delivery of rapid and highly accurate responses for GenAI workloads. Three keys to success across the board for Infinidat To harness this success in 2024 and then drive success in 2025, we will continue to do three key things: • Be unwaveringly customer-centric, delivering the best white glove-quality customer experience in the industry• Work hand-in-hand with the channel, empowering partners to increase their business• Excel to spread the word about Infinidat through teamwork, unleashing the power of Infinidat employees to achieve new milestones that propel our company forward. The customers We love it when our customers provide feedback that collectively catapults Infinidat forward to acclaim. We’re so proud that Infinidat was named a 2024 Gartner Peer Insights Customers’ Choice in the Gartner Peer Insights “Voice of the Customer”. This special recognition is indeed the sixth time that Infinidat has been identified as a Gartner Peer Insights Customers’ Choice in either a regional segment or overall distinction for enterprise storage. In 2024, CIO Review named Ryan Walker, CIO of Net3 (an Infinidat customer), one of the Top 10 CIOs of the Year. Walker was honoured for his forward-thinking use of the industry’s most advanced storage technology to transform the data infrastructure of Net3, a leading cloud service provider (CSP) in the US. Net3 has become a prime example of how to run a cloud services business efficiently and economically. The channel CRN named Infinidat as one of 2024's 50 Coolest Software-Defined Storage Vendors. Infinidat was also named as a CRN Storage Vendor 100 for the fifth consecutive year. Plus, CRN awarded us with a 5-Star Rating for the Infinidat Channel Partner Program for the third consecutive year. Approximately 90% of Infinidat’s business comes through the channel. Steve Sullivan, Chief Revenue Officer at Infinidat, was named a 2024 Channel Chief by CRN. James “JT” Lewis was named a 2024 Regional Channel Chief for EMEA and APAC by CRN. In addition, CRN named Lynsy Marshall, Senior Field & Channel Marketing Manager at Infinidat, as a finalist in the “Rising Star of the Year – Vendor/Distributor” category of the 2024 CRN Women of the Year Awards. The team In Q4, Infinidat’s global marketing team was awarded a 2024 OnCon Icon Award, being recognised as one of the Top 50 Marketing Teams in the world. Infinidat’s marketing team has been instrumental in catapulting awareness of the company as an innovator, articulating the business value of Infinidat’s broad portfolio of enterprise storage solutions, educating enterprises about how to secure storage infrastructure against cyber attacks, and how to leverage their storage solutions for AI applications and workloads. As an industry, we have evolved to value inclusive leadership, and it’s worth the effort, spurring a diverse set of news ideas and thought-provoking perspectives. For transparent, inclusive leadership that cultivates a culture of belonging within our organisation and with our channel partners, CRN named me as a 2024 Inclusive Channel Leader. As a byproduct of our accomplishments as a team, I was recently given two prestigious awards for excellence in marketing. I was awarded a 2024 Top 10 Marketer / CMO Award from OnCon Icon as one of the top marketers in the world. I have also been named to HotTopics’ 2024 Global B2B CMO 100 list as one of the most innovative and effective CMOs in the technology sector. Looking ahead to 2025 All things considered, we are poised to enable enterprises to accomplish their goals in 2025, including: • Make AI more accurate with a RAG workflow deployment architecture• Recover nearly instantaneously from ransomware and malware attacks• Sustain 100% availability of the storage infrastructure• Simplify hybrid multi-cloud configurations• Lower total cost of ownership for enterprise storage through storage array consolidation and flexible consumption models• Deliver the most comprehensive enterprise cyber storage solution in the market• Our Infinidat solutions are backed by our SLA-driven, enterprise-proven guarantees: performance, 100% availability, cyber storage resilience, and enhanced data services. Infinidat has shaken up the status quo of the storage industry with the innovation we have brought to market in 2024. This is how we roll. Because of it, I predict that the new year will be the year of mass adoption of the InfiniBox G4. There is a sense of urgency in the channel, and those partners who are proactive will score big. The hard work we did in this past year to launch all the new innovations and ground-breaking capabilities and prepare channel partners will pay off over the next 12 months. Leveraging our momentum, I look forward to Infinidat continuing as, to borrow CRN’s term, one of the 'coolest' software-defined storage vendors in the industry. Infinidat is so cool, it’s 'hot, hot, hot'. For more from Infinidat, click here.

UK organisations buckling under huge data security strain

Over a quarter (29%) of European organisations have been unable to fully utilise data within their organisation due to challenges with data security, according to an IDC InfoBrief, sponsored by Immuta.   This data security “gap” is a result of organisations grappling with increasingly complex IT and data infrastructures internally, leading to huge siloes of sensitive data. Businesses must manage this alongside the external risk of rising cyber attacks in Europe, as 58% of UK organisations experienced an increase in cyber attacks in the last 12 months, followed by 49% in DACH and 47% in the Nordics.    According to insights from 108 European organisations, data security is rising rapidly to the top of the CEO’s agenda, 45% will prioritise spend on data security, risk and compliance this year to enable trustworthy data collaboration and sharing, followed by workplace solutions (36%), application development and deployment platforms (35%), infrastructure and operations (33%) and automation technologies (31%).  Organisations must also address a new blind spot caused by shadow data - a side effect of data sprawl in the cloud - with only 42% of European businesses selecting 'confident' or 'highly confident' in their ability to discover and classify sensitive data, both known and unknown, in the public cloud.   Meanwhile, evolving privacy regulations are creating tension between digital innovation and data sovereignty, only 15% of organisations in Europe are highly confident in their ability to discover and classify sensitive data in order to protect it. Additionally, when managing compliance with GDPR, the biggest challenges facing organisations stem from identifying and mapping personal data (41%), creating data protection by design (40%), data retention and deletion (38%) and data security (35%).  In the UK, organisations cited working from home and hybrid work as the top operational security priority for 2023, followed by cyber resilience of systems and data privacy and regulatory compliance. 58% described their organisation as 'confident' or 'highly confident' in its ability to discover and classify sensitive data, both known and unknown, in the public cloud - a significant increase on the European average (42%). 56% of UK organisations will expand or upgrade technology related to data access and governance in the next 12 months. “The reality is that organisations are typically operating with data spread across multiple platforms and locations, all whilst navigating a rapidly evolving privacy and regulatory landscape,” says Colin Mitchell, General Manager, Immuta. “Data is a critical asset for organisations, enabling collaboration, innovation and informing decisions. However, as data usage increases, businesses need to manage unauthorised access, breaches and misuse. This creates a complex dynamic between data utility — the usefulness and accessibility of data — and the security and compliance measures in place to protect data from risks.”   Looking ahead, organisations are exploring ways to build trust in data by streamlining their security operations and rationalise their existing security tool environment, 49% of respondents all working within security plan to expand or upgrade implementation of data access controls in the next 12 months. Nearly a third of European organisations (32%) also intend to increase spend on data discovery and classification to overcome challenges of complexity.  The IDC InfoBrief sets out how convergence to a data security platform enhances sensitive data protection across hybrid multi-cloud environments, while enabling authorised users to effectively utilise the data for business purposes. The full findings of the IDC Data Security Infobrief can be found here. 

Logpoint appoints Michael Haldbo as CFO

Logpoint has announced the appointment of Michael Haldbo as Chief Financial Officer (CFO). Reporting to Logpoint's CEO, Jesper Zerlang, Michael will be responsible for taking the company successfully through the next step of the Logpoint journey to become a European cyber security powerhouse. “We’re excited that Michael is joining the Logpoint team as we grow beyond scaleup and into an established cyber security company. Michael has extensive experience in taking leadership over transformation projects and M&A,” says Jesper Zerlang. “With our recent acquisition by Summa Equity, we have proven that Logpoint has the capabilities and critical mass to take us to the next level, and as we mature the business model, he is an evident choice to support and protect the business financially.” Michael Haldbo has 20 years of international and nordic experience in financial planning, analysis and strategy execution. He served as CFO at Signicat, Europe’s leading provider of digital identity solutions. Michael has also held financial executive roles at other companies in the IT and payment-related sector, including Nets and Unwire. “Logpoint has such a strong value proposition with world-class cyber security solutions, competitive pricing models, and the agility and flexibility that enable us to challenge the big mastodons in the SIEM market and become the number one vendor in Europe with a global range,” says Michael Haldbo. “From my perspective, Logpoint ticks all the boxes, scaleup, growth market, a strong business model, transitioning into SaaS and private equity owned. The frosting on the cake is that Logpoint solutions address a major societal challenge, namely the ever-growing cyber threat in the wake of COVID-19 and the war in Ukraine.” Click here for more latest news.

GovAssure, cyber security and NDR

By Ashley Nurcombe, Senior Systems Engineer UK&I, Corelight We live in a world of escalating digital threats to government IT systems. The public sector has recorded more global incidents and data breaches than any other over the past year, according to a recent Verizon study. That’s why it is heartening to see the launch of the new GovAssure scheme, which mandates stringent annual cyber security audits of all government departments, based on a National Cyber Security Centre (NCSC) framework. Now the hard work starts. As government IT and security leads begin to work through the strict requirements of the Cyber Assessment Framework (CAF), they will find network detection and response (NDR) increasingly critical to these compliance efforts. Why we need GovAssure GovAssure is the government's response to surging threat levels in the public sector. It is not hard to see why it is such an attractive target. Government entities hold a vast range of lucrative citizen data which could be used to carry out follow-on identity fraud. Government services are also a big target for extortionists looking to hold departments hostage with disruptive ransomware. And there's plenty of classified information in there for foreign powers to go after to gain a geopolitical advantage. Contrary to popular belief, most attacks are financially motivated (68%), rather than nation-state attempts at espionage (30%). That means external, organised crime gangs are the biggest threat to government security. However, internal actors account for nearly a third (30%) of breaches, and collaboration between external parties and government employees or partners accounts for 16% of data breaches. When the cause of insider risk is malicious intent rather than negligence, it can be challenging to spot because staff may be using legitimate access rights and going to great lengths to achieve their goals without being noticed. Phishing and social engineering are still among threat actors' most popular attack techniques. They target distracted and/or poorly trained employees to harvest government logins and/or personal information. Credentials are gathered in an estimated third of government breaches, while personal information is taken in nearly two-fifths (38%). Arguably the shift to hybrid working has created more risk here as staff admit being more distracted when working from home (WFH), and personal devices and home networks may be less well protected than their corporate counterparts. The growing cyber attack surface Several other threat vectors are frequently probed by malicious actors, including software vulnerabilities. The new Freedom of Information data reveals a worrying number of government assets are now using outdated software that vendors no longer support. Connected Internet of Things (IoT) devices are an increasingly popular target, especially those with unpatched firmware or factory default/easy to guess passwords. Such devices can be targeted to gain a foothold in government networks and/or to sabotage smart city services. Finally, the government has a significant supply chain risk management challenge. Third-party suppliers and partners are critical to efficiently delivering government services. But they also expand the attack surface and introduce additional risk, especially if third parties aren't properly and continuously vetted for security risks. Take the recent ransomware breach at Capita, an outsourcing giant with billions of pounds of government contracts. Although investigations are still ongoing, as many as 90 of the firm's clients have already reported data breaches due to the attack. What the CAF demands In this context, GovAssure is a long overdue attempt to enhance government resilience to cyber risk. In fact, Government Chief Security Officer, Vincent Devine, describes it as a "transformative change" in its approach to cyber that will deliver better visibility of the challenges, set clear expectations for departments and empower security pros to strengthen the investment case. Yet delivering assurance will not be easy. The CAF lists 14 cyber security and resilience principles, plus guidance on using and applying the principles. These range from risk and asset management to data, supply chain and system security, network resilience, security monitoring and much more. One thing becomes clear, visibility into network activity is a critical foundational capability on which to build CAF compliance programmes. How NDR can help NDR (Network Detection and Response) tools provide visibility. This kind of visibility will enable teams to map assets better, ensure the integrity of data exchanges with third parties, monitor compliance and detect threats before they have a chance to impact the organisation. Although the CAF primarily focuses on finding known threats, government IT leaders should consider going further, with NDR tooling designed to go beyond signature-based detection to spot unknown but potentially malicious behaviour.  Such tools might use machine learning algorithms to learn what regular activity looks like to better spot the signs of compromise. If they do, IT leaders should avoid purchasing black box tools that don't allow for flexible querying or provide results without showing their rationale. These tools can add opacity and assurance/compliance headaches. Open-source tools based on Zeek may offer a better and more reasonably priced alternative. Ultimately, there are plenty of challenges for departments looking to drive GovAssure programmes. Limited budgets, in-house skills, complex cyber threats, and a growing compliance burden will all take its toll. But by reaching out to private sector security experts, there is a way forward. For many, that journey will begin with NDR to safeguard sensitive information and critical infrastructure. Click here for more thought leadership.

SentinelOne bolsters India’s cyber defences

SentinelOne has announced the launch of a virtual data centre in Mumbai that will enable the growing number of Indian companies which rely on SentinelOne to shield their business from cyber attacks in a simple, compliant way.  “Cyber criminals are moving faster than ever, and companies must move with even greater speed to thwart their actions,” says Diwa Dayal, Managing Director, India and SAARC, SentinelOne. “At SentinelOne, we understand the stringent reporting requirements that Indian organisations must meet. And with the launch of our local data centre, we are uniquely positioned to help them do it.”Cyber attacks are on the rise. And no industry is immune. But some are more vulnerable than others. With SentinelOne, banking, financial services, healthcare, government and other organisations that are sensitive to data residency and privacy needs can leverage AI-powered protection to keep their assets secure.The company’s Singularity platform is a unified solution that combines endpoint protection, cloud security, identity threat detection and response and data ingestion with analytics in a single console. Using a native backend and the industry’s most performant security data lake, the solution offers complete data localisation and sovereignty with an India-based AWS Point-of-Presence (PoP). It is also the first open XDR solution in India that delivers complete data localisation and sovereignty. Hosted by its strategic partner, AWS, the Mumbai cloud data centre will provide direct, high-performance access to the Singularity platform, while allowing organisations to store their logs within Indian borders.“At SentinelOne, our mission is to defeat every attack, every second, of every day,” says Diwa. “And our new data centre is a testament to our commitment to India and to keeping its infrastructure and citizens safe as the threat landscape evolves.” Click here for more news on data centres.

Schneider Electric launches contractor program

Schneider Electric has announced the launch of a new partner program in the UK and Ireland. The Contractor Program offers online resources and digital tools via mySchneider portal to help contractors quickly and efficiently meet customer demands. It also offers opportunities to generate more business and training to support sales activities, as well as advice on sustainable solutions. In addition to the above, it includes the following benefits depending on whether the contractor is a registered, premier or premier plus customer: Personalised news, information and promotions. Advanced commercial and technical support. Digital platforms and tools. Training and education resources. Invitations to local partner events. Partner locator listing. EcoXpert badge eligibility. Hands-on training. A new world of energy The launch is part of Schneider Electric’s strategy to mitigate the energy crisis by calling on its customers, partners and suppliers to reduce the amount of energy used in their day-to-day operations and buildings and to select more sustainable solutions. In response to the ways in which the energy landscape has shifted dramatically in recent years, it has developed the mySchneider Contractor Program to answer the following challenges: demands for more electrification to reduce the usage of fossil fuels; an increase in cybersecurity; and demands from the market for multidirectional energy supplies. In the long term, the convergence of electric and digital brings disruptive new possibilities for contractors. It enables them to harness the potential for efficiency and sustainability, and more critically, in the near term, to directly impact energy security, an issue that has been front of mind for the UK and Irish governments and their citizens in recent years. David Williams, Vice President of Transactional Business at Schneider Electric, says, “As a global business, we understand the challenges our contractors and partners are facing around the world in light of the economic and political landscape and energy crisis. With the launch of the mySchneider Contractor Program, we are giving our partners priority access to our global partner ecosystem. We hope that by rewarding our contractors in this way that they will be empowered to stay ahead of the competition by offering the latest sustainable solutions to their customers.” Click here for latest updates on Schneider Electric.

VMware unveils research on NHS data storage

VMware has unveiled a research sharing that the majority (87%) of UK consumers believe it is important that their NHS patient data is stored in the UK. The study of more than 2,000 UK citizens has revealed that people still have cyber security concerns when it comes to where their personal and sensitive data is stored. Of those who stated it is important for their data to be stored in the UK, more than a third (39%) think that their data stored within the country’s national borders would ensure it complies with UK data privacy regulations. A fifth (22%) do not trust other countries to safeguard their data as well as the UK, and 21% think it will be less susceptible to foreign cyber threats or access foreign entities. Despite this, the research shares a good level of trust in the NHS when it comes to storing and analysing patient data. For instance, 59% of respondents expressed confidence in the NHS's ability to safeguard their sensitive information. But when asked about where their data is stored, most UK public had doubts on their data residing outside of their national boundaries. Businesses share the same attitude. 42% of business leaders are extremely concerned about their critical data being managed by US cloud providers, and 62% have expressed that their current clouds are not meeting their data sovereignty requirements, according to the latest IDC research. Many NHS and social care providers today use non-national public clouds. This means that patient data is currently hosted in a provider currently deemed adequate by the UK, however, if this is a non-national provider, the data could be subject to external jurisdictional control. “This consumer opinion matters as it echoes business sentiment. These findings demonstrate the increasing importance of data integrity and sovereignty in helping the NHS, among other highly regulated industries, realise and unlock the true value of their sensitive and critical data," says Guy Bartram, Cloud Evangelist EMEA, VMware. “By embracing cloud sovereignty, the NHS can build public trust and assertively maintain governance, fortify data protection and help unlock the true value of critical and sensitive patient data in delivering patient services.” "While there are vast rewards to be harvested through applying AI to healthcare data, we have to remember that each data point relates to a patient, and every patient should trust that their privacy is maintained,” says Darren Adcock, Senior Product Manager, Redcentric. “By harnessing the power of AI and advanced technologies within a secure and sovereign cloud framework, the NHS ensures that groundbreaking advancements in healthcare never compromise patient privacy and trust. Sovereign clouds serve as a pivotal enabler, allowing the NHS to drive progress responsibly, ethically, and with the utmost dedication to patient wellbeing.” Sovereignty extends beyond where data is stored, but also how it is used by platforms such as AI, which analyses the data to feed algorithms. The general public surveyed hold diverse opinions regarding AI in healthcare, with 45% open to its use for improved services and 44% happy with the NHS using the technology to process their patient data, if it helped the NHS to process diagnostic tests faster. However, concerns exist, with 25% saying they are against the NHS using AI to process their patient data. “Ongoing digital transformation and the increased use of emerging technologies such as AI, have spurred both excitement for true innovation to revolutionise our NHS, but also a new urgency for how this boom in data will be securely managed and stored,” says Dr Will Venters, Associate Professor of Information Systems, London School of Economics. “With the increased use of multiple clouds to create, store and distribute apps, which the NHS needs, relies on from frontline clinicians through to optimising operations, it is essential to patient trust that the NHS protects sensitive patient data, and this can be achieved by protecting it with sovereign clouds. AI has created new data opportunities so it is critical the NHS can make better use of its data, to build a resilient and patient-centric healthcare system that the UK needs.”

Acronis releases Mid-Year Cyberthreats Report

Acronis has released its ‘Mid-Year Cyberthreats Report, from Innovation to Risk: Managing the Implications of AI-driven Cyberattacks’. The study is based on data captured from many global endpoints and provides insight into the evolving cyber security landscape. It also uncovers the growing utilisation of generative AI systems by cybercriminals to craft malicious content and execute sophisticated attacks. The biannual threat report highlights ransomware as the dominant risk to small and medium size businesses. And while the number of new ransomware variants continues to decline, ransomware attacks’ severity remains significant. Equally concerning is the growing prominence of data stealers who leverage stolen credentials to gain unauthorised access to sensitive information.  “The volume of threats in 2023 has surged relative to last year, a sign that criminals are scaling and enhancing how they compromise systems and execute attacks,” says Candid Wüest, Acronis VP of Research. “To address the dynamic threat landscape, organisations need agile, comprehensive, unified security solutions that provide the necessary visibility to understand attacks, simplify context, and provide efficient remediation of any threat, whether it may be malware, system vulnerability, and everything in between.” According to the report's findings, phishing is the primary method criminals leverage to unearth login credentials. In the first half of 2023 alone, the number of email-based phishing attacks has surged 464%, when compared to 2022. There has also been a 24% increase in attacks per organisation. Over the same frame, Acronis-monitored endpoints observed a 15% increase in the number of files and URLs per scanned email. Cyber criminals have also tapped into the burgeoning large language model (LLM)-based AI market, using platforms to create, automate, scale, and improve new attacks through active learning.  The cyberattack landscape is evolving Cyber criminals are becoming more sophisticated in their attacks, using AI and existing ransomware code to drill deeper into victims’ systems and extract sensitive information. AI-created malware is adept at avoiding detection in traditional antivirus models, and public ransomware cases have exploded relative to last year. Acronis picks up data about how these cybercriminals operate and recognises how some attacks have become more intelligent, sophisticated and difficult to detect. Drawing from research and analysis, key findings from the report include: Acronis blocked almost 50m URLs at the endpoint in Q1 2023, a 15% increase over Q4 2022.  There were 809 publicly mentioned ransomware cases in Q1 2023, with a 62% spike in March over the monthly average of 270 cases. In Q1 2023, 30.3% of all received emails were spam and 1.3% contained malware or phishing links.   Each malware sample lives an average of 2.1 days in the wild before it disappears. 73% of samples were only seen once. Public AI models are proving an unwitting accomplice for criminals looking for source code vulnerabilities, creating attacks and developing fraud prevention-thwarting attacks like deep fakes.  Cybercriminal gangs phish to acquire credentials, extract data and dollars, of note: Phishing remained the most popular form of stealing credentials, making up 73% of all attacks. Business email compromises (BECs) were second, at 15%. The LockBit gang was responsible for major data breaches. Clop breached a mental health provider’s system, affecting the personal and HIPAA-covered data of more than 783,000 individuals. BlackCat stole more than 2TB of secret military data, which included personal information of employees and customers, from an Indian industrial manufacturer. Vice Society compromised 1,200 servers and the personal information of 43,000 students, 4,000 academic staff and 1,500 administrative staff at the University of Duisburg-Essen in Germany. Breaches demonstrate major security concerns Traditional cyber security methods and lack of action let attackers in, the report shares: There is a lack of strong security solutions in place that can detect zero-day vulnerability exploitations. Organisations often fail to update vulnerable software in a timely manner, long after a fix becomes available.   Linux servers face inadequate protection against the cybercriminals who are increasingly going after them.   Not all organisations follow proper data backup protocol, including the 3-2-1 rule. With these trends in mind, Acronis emphasises the need for proactive cyber protection measures. A sound cybersecurity posture requires a multi-layered solution that combines anti-malware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities. Leveraging an advanced solution that combines AI, machine learning, and behavioural analysis can help mitigate the risks posed by ransomware and data stealers.

Node4 announces the acquisition of ThreeTwoFour

Node4 has announced the acquisition of ThreeTwoFour to strengthen its cyber security offering and expand in the finance and banking sector. This is its third significant growth purchase in the last 18 months, having also bought risual and Tisski. ThreeTwoFour is renowned for its extensive suite of information security services, including programme delivery, cyber strategy, risk and control assessment, and governance. It also brings strong experience across the financial services sector. In addition, its expertise in M&A Cyber Due Diligence adds further capabilities to the company’s solutions and services portfolio.  The acquisition significantly enhances Node4’s security and transformation capabilities, particularly for enterprise-level clients. Drawing on ThreeTwoFour’s capabilities, the company will also be better equipped to meet the increasing requirements in the public sector and government frameworks for effective cyber security solutions.  Alex Coburn, Founder, ThreeTwoFour, along with his leadership team, will remain with the business as it integrates with Node4. The brand will also function as the consultative arm of security practice.   With its core team based in the UK, ThreeTwoFour is also supported by specialists working remotely from all over the world. Alongside its Cyber Essentials Certification, the firm provides expertise in various other sectors, such as data loss prevention, risk management and security architecture.