The post Happy New Year 2023 from your friends at CISOs Connect™ and Security Current® appeared first on Security Current.

The post Season’s Greetings from your friends at CISOs Connect™ and Security Current® appeared first on Security Current.

The post Fireside Chat: Best Practices for Optimizing Your LinkedIn Profile appeared first on Security Current.

The post Fireside Chat: Best Practices for Optimizing Your LinkedIn Profile appeared first on Security Current.

Popular question-and-answer website Quora said it believes it has identified the root cause of the hacking of as many as 100 million user accounts as the company quickly dealt with the effects of a major hacking breach.

“We’re very sorry for any concern or inconvenience this may cause,” said Quora CEO Adam D’Angelo.

Quora sent out emails to its users warning them of the hacking, apologizing and assuring them that the company was investigating the matter.

“We’re in the process of notifying users whose data has been compromised,” Quora told its users in an email. “Out of an abundance of caution, we are logging out all Quora users who may have been affected, and, if they use a password as their authentication method, we are invalidating their passwords.”

Quora is a social media question-and-answer website where questions are asked, answered, edited, and organized by its community of users in the form of opinions. It was founded in 2009 and has its headquarters in Mountain View, California.

Among the data that may have been compromised are account names, email addresses, encrypted passwords, data imported from linked networks when authorized by users, public content and actions (questions, answers, comments and upvotes).

Non-public content and actions – answer requests, downvotes, direct messages are also included in the breach.

Meanwhile, account users have been advised to change their passwords and directed to a help center. D’Angelo said they would issue periodic updates on developments in the probe. 

He added: “It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility.”

The post Quora implements crisis management playbook to manage major data breach by hackers appeared first on Security Current.

Israeli startup Medigate today announced $5.35 million in seed funding from YL Ventures, with additional funding from Blumberg Capital. The Tel Aviv-based company says it will use the investment to advance development of its dedicated medical device security platform.

Medigate says its solution is a dedicated platform for securing networked medical devices that are connected to electronic medical records, device servers, other enterprise systems and the internet. It is said to fuse the knowledge and understanding of medical workflow and device identity and protocols with the reality of today’s cybersecurity threats.

Medigate claims it can provide visibility into all the medical devices connected to the network, fully identify these devices by type and personality and analyze and understand their specialized protocols, communications and behaviors. By using this knowledge to detect anomalies and suspicious activities, Medigate says it protects connected medical devices from network attacks and data exfiltration attempts.

“Sophisticated cyberthreat actors are increasingly targeting the ubiquitous medical devices used by healthcare providers. Recent examples include attempts to extort money by paralyzing healthcare delivery, but soon, attackers may seek to directly harm patients. In parallel, the installed base of connected medical devices lacks effective defenses as they implement limited and hard-to-update security capabilities and have long service lives. Protecting these medical devices requires solutions that speak their proprietary or unique languages with native fluency and block attacks without disrupting critical care delivery,” Tom Baltis, CISO of Delta Dental Insurance, said in a press release.

According to Jonathan Langer, Medigate CEO and co-founder, “It’s an imperative to connect devices to the network, both to manage and monitor devices in real time and to understand and analyze the large amounts of data generated from these devices. At the same time, we see backdoor attacks like MEDJACK and ransomware attacks like WannaCry and NotPetya successfully targeting healthcare providers. Connected devices are a ripe target for cybercriminals. The Medigate solution is designed to effectively protect medical devices from these attacks and eliminate this pandemic risk.”

The Medigate Security Platform is currently in limited availability. General availability will be in mid-2018.

The post Medical Device Security Startup Medigate Secures $5.35 Million in Seed Funding appeared first on Security Current.

The data security company Enveil today announced it has raised $4 million in strategic funding from key partners, including Thomson Reuters and a USAA affiliate as well as additional investment from Bloomberg Beta and DataTribe.

The company, based in Washington, D.C., says it will leverage this capital to enhance its platform, expand operations, and execute a go-to-market strategy that will increase availability of Enveil’s Never Decrypt computation capability.

According to Enveil, existing encryption capabilities have traditionally focused on protecting data while at rest or in transit, ignoring the security posture of users’ interactions with data, or data in use.

Enveil was founded in September 2016 to address what it claims is a security blind spot. Using technology initially spearheaded inside the National Security Agency, Enveil says it is the only scalable commercial solution specifically engineered to protect data while it is being processed. Enveil allows enterprises to securely operate on both encrypted and unencrypted data in the cloud, on premise, or anywhere in between.

“The inconvenient truth of data security is that securing data end-to-end requires meaningful protection at every step, and Enveil is the only company addressing the critical point of exposure that occurs when data is put to use,” Ellison Anne Williams, Enveil founder and CEO, said in a press release.

This new round of funding follows on the heels of $1 million in seed funding from DataTribe in late 2016.

The post Data Security Company Enveil Secures $4 Million in Strategic Funding appeared first on Security Current.

The post Cybersecurity Startup Verodin Wins Security Current’s Security Shark Tank® Palo Alto appeared first on Security Current.

Security Current, the premier information and collaboration community by CISOs for CISOs, selected Verodin as the winner of its Security Shark Tank® Chicago competition. The event brought security solutions providers face-to-face with potential buyers.

Participating vendors were given 15 minutes each to pitch their solution in a rapid-fire question and answer format to a panel of information security executives interested in innovative technologies. The executives scored each vendor based on innovation and vision, ease of use and implementation, value to the industry, and the presenter’s ability to clearly and effectively articulate their solution’s value.

The CISO panel included:
AXA Partners USA CISO Tellis Williams
Beam Suntory CISO Justin Metallo
Dover Corporation Director of Cyber Security Paul Groisman
GATX Corporation CISO Victor Hsiang
HUB International CISO Seth McCallister
Navistar CISO Matthew Memming
Option Care CISO Jill Rhodes
Paylocity CISO Bradley Schaufenbuel
University of Wisconsin CISO Bob Turner
William Blair CISO Ralston Simmons
Wintrust Financial Deputy CISO Jack Burback

“There is nothing out there for CISOs like the Security Shark Tank®. If a security executive is looking to hear insights from their peers while learning about innovative technologies this is the event for them,” said Tellis Williams, AXA Partners USA. “It is truly one of a kind in terms of the information value and enjoyment it delivers. I absolutely look forward to the next one.”

Bradley Schaufenbuel, CISO at Paylocity, said: “I thoroughly enjoyed this event. The ability to interact with and learn from both innovative solution providers and peers made it time well spent.”

Security Shark Tank® Chicago winner, Verodin, is a leading business platform purpose-built to measure, manage and improve cybersecurity effectiveness. By demonstrating the impact of modern threats and malicious activities within the context of an enterprise’s production environment, the Verodin Security Instrumentation Platform (SIP) proves the effectiveness of an enterprise’s investments, proactively identifies configuration issues in the defensive stack and exposes true gaps across a company’s people, process and technology. Verodin has scored the highest in two consecutive Shark Tank® competitions, NYC and now, Chicago. It’s clear that the value of Security Instrumentation is resonating with CISOs across every major vertical.

“I really like the Security Shark Tank® as it’s a fun concept, provides some interesting up and coming cyber companies an opportunity to get noticed and lets me meet with CISOs from around Chicago,” said Jill Rhodes, Option Care CISO.

“The Security Shark Tank® Chicago is a great event,” said Bob Turner, University of Wisconsin-Madison CISO. “I found the interactive pitches highly informative and with additional networking I may be working closely with one of the vendor presenters in the near future. Security Current’s CISO Sharks picked a winner!”

The post CISOs Select Verodin as Winner of Security Current’s Security Shark Tank® Chicago appeared first on Security Current.

Aqua Security has announced that it closed $25 million in a Series B round led by Lightspeed Venture Partners with existing investors TLV Partners , Microsoft Ventures and Check Point co-founder Shlomo Kramer taking part, bringing the total investment in the virtual container company to $38.5 million.

Based in Israel and San Francisco, Aqua said its Container Security Platform enables enterprises to secure their container applications from development to production, accelerating container adoption. It added that it bridges the gap between DevOps and IT security.

“The rapid rise and convergence of DevOps, containers, and microservices-based applications is an opportunity to rethink application security,” said Dror Davidoff, CEO and co-founder of Aqua Security said in a press release. “Aqua’s success in leveraging containers to improve security provides visible customer value, and we are thrilled to have Lightspeed on board as we continue to our next phase of growth.”

Founded in 2015, Aqua said it will use the round to continue to ramp up globally to ensure it’s “Secure Once, Deploy Anywhere” Approach to Application Security for what it calls the cloud-native era can become ubiquitous despite the current complexity. It said that means working hard to become a part of various leading stacks, which is a resource intensive but worthwhile endeavor.

The post Container Security Company Aqua Security Raises $25 Million in Series B appeared first on Security Current.