Zimperium Named ‘Most Innovative Cybersecurity Company’ by Cybersecurity Excellence Awards

Most InnovativeWhile our team is proud of every accolade we’ve received, it is especially humbling to be honored by a group of our cybersecurity professional peers. That is why we’re thrilled to announce that Zimperium was voted Most Innovative Cybersecurity Company in the 2016 Cybersecurity Excellence Awards.

The awards program is produced in cooperation with the Information Security Community on LinkedIn, employing the experience of more than 300,000 cybersecurity professionals to honor the world’s best cybersecurity individuals, products and organizations demonstrating excellence, innovation and leadership.

Recognition of successful cybersecurity efforts is especially significant at a time when the risk of targeted cyberattacks has increased significantly as more enterprises conduct business on-the-go and mobile devices become a preferred entry point for attackers.

Zimperium Mobile Threat Protection is the only enterprise mobile security solution delivering continuous in-app and on-device threat detection to stop mobile cyberattacks. Our patented machine-learning algorithms protect against the broadest array of network, device and application mobile attacks. We work to provide intelligent mobile threat forensics and vulnerability risk reports to enterprise security teams to identify who at the company is being attacked, where, when and through what method.

“Congratulations to Zimperium for being recognized as the winner in the Most Innovative Cybersecurity Company category of the 2016 Cybersecurity Excellence Awards,” said Holger Schulze, founder of the Information Security Community. “With over 430 entries, the awards are highly competitive and our winners reflect the very best in product innovation and excellence in the cybersecurity space.”

Thank you for your vote and congratulations to the other winners and finalists! See the full list here.

Follow Us

Women In Security: What Are You Missing?

For security jobs, men outnumber women by a long shot. It’s time to start thinking and recruiting differently.

In an industry facing a significant shortage of experienced people, it is remarkable that only 11% of the security workforce is women, according to the Women’s Society of Cyberjutsu. This is not a job that should be thought of as predominantly or traditionally male. The image of a socially inept male wearing a hoodie and working in a windowless room late at night is best left to Hollywood. Today’s cybersecurity teams are at the forefront of corporate thinking. They are increasingly made up of highly educated and experienced professionals who work in the same environment as most other office workers, just with more screens.

However, if you look around the security operations center, it is still made up of mostly men. The women missing from your team are costing you more than just extra pairs of hands and eyes. Teams with greater gender and ethnic diversity tend to outperform more homogeneous teams, especially in innovation and financial metrics. They are more likely to foster open communication and identify previously unknown issues. The rate of innovation in cyberattacks suggests that we need every advantage we can in our defenses.

This is the part where I will play up the stereotypes a little, so let’s acknowledge that these are generalizations that have exceptions in any group. However, multiple studies support these differences between women and men: Women tend to be more empathetic, are more concerned about privacy, and react more strongly to bad things.

Empathy Helps With Relationships

Women score higher in certain areas of emotional intelligence and awareness such as interpersonal relationships and social responsibility. As a result, they tend to be more empathetic, or sensitive to the feelings of others. How does this help your security team? Empathy helps develop closer relationships among the team, with key vendors, and with customers. More empathetic individuals tend to be better listeners, more open to others’ ideas, and more understanding of the issues they face. Whether dealing with an internal or external customer, greater empathy helps build trust when things are going well, and really helps when things go wrong. Building trust with your key partners and customers can also lead to more revenue.

Privacy Concerns Help With Security Design

For a wide range of cultural and societal reasons, women are more concerned about their privacy than men. Combined with their emotional awareness and empathy, this has obvious benefits for cybersecurity. When designing or enhancing a security solution or business process, ask a woman (or several) how they would use it and whether it makes them feel secure, and pay attention to their issues and concerns. After all, half of your customers are women.

Strong Reactions Help With Incident Response

An interesting review of gender differences and emotion in Psychology Today found significant differences in the reactions of men and women to unpleasant or negative experiences. Women tended to react more strongly across the entire sampled age range, from 20 to 81. This stronger emotional reaction is especially valuable during the vital early moments of incident response. The women on your team will likely consider a breach to be more serious and encourage a more significant response than if there were no women.

Where Can You Find Security Women?

If after reading this you want some or more women on your team, where can you find them? Start by thinking about how you represent the job. Don’t position it as scary and militaristic, but instead appeal to women’s empathy and talk about protecting others. Then look for women inside your organization and those with outside technology organizations such as Girls Who Code to work with.

And finally, don’t forget to deal with your work environment. You may not want to admit it, but one of the primary reasons there are few women in technology in general is not that the jobs are uninteresting, but that many leave the field due to the workplace culture, according to a recent study by the Society of Women Engineers. Changing this aspect of your company could be a real competitive advantage to attracting and retaining security personnel.

Lynda Grindstaff creates the future for Intel Security as the Senior Director of the Innovation Pipeline. In this role, Lynda leads a global team that brings the future to life for Intel Security through innovative strategies and prototypes. Her tenure with Intel spans two … View Full Bio

More Insights

8 Microsoft Office 365 Security Tips To Reduce Data Loss

Even with a slew of new security tools and compliance guidance, there are still things you can do to protect this critical business system.

Previous

1 of 9

Next

Image Source: imsmartin

Image Source: imsmartin

More than four in ten organizations are in the process of implementing Office 365 or are already using it. It thus comes as no surprise that revenue for Microsoft’s flagship cloud-based email and collaboration solution has increased nearly 70% year-over-year in Q2 2016 compared to 2015. The solution appears to continue to be growing in popularity—with signs of further traction in the large enterprises.

Yet, even with a slew of new security tools and security and compliance guidance offered by the Redmond-based software giant, there are still things that should be done to protect this critical business system. A recent announcement of an authentication bypass should be enough to cause some pause on the topic of Office 365 security.

Risk can come in many shapes and forms; compromises can come from many methods and angles. Some we can control — some we cannot. Why leave anything to chance? We have the power to ensure that our reputation does not get tainted as a result of something we could have stopped or at least slowed down.

Organizations shouldn’t shy away from this increasingly popular service; rather, they should just take the time to understand the requirements to secure the environment and protect the users and their data from malicious activity, loss and misuse. To this end, there are a number of baseline security actions to take in Office 365 to help mitigate some of these risks. This slideshow is geared toward highlighting a handful of those actions.

Note: The team at imsmartin thanks BCC Risk Advisory/Edgescan, Centrify, DatumSec and Netskope for their contributions that led to this slide collection.

Sean Martin is an information security veteran of nearly 25 years and a four-term CISSP with articles published globally covering security management, cloud computing, enterprise mobility, governance, risk, and compliance—with a focus on specialized industries such as … View Full Bio

Previous

1 of 9

Next

More Insights

How To Succeed At Third-Party Cyber Risk Management: 10 Steps

Organizations are failing — and badly — assessing the risk of attacks and data breaches from vendors and supply chains, according to a recent Ponemon Institute study. The solution starts at the top.

From corporations to universities and large retail stores to small-to-medium businesses (SMBs), today’s organizations do not always have the structure and appropriate processes necessary to reduce risks associated with third-party vendors and ultimately avoid security attacks and data breaches. In fact, while 75% of senior executives and board members recently surveyed believe third-party risk is serious, and 70% believe third-party risk in their organization is significantly increasing, surprisingly only 26% of respondents believe that their organization’s third-party risk assessment of controls is effective.

The Shared Assessments Program recently sponsored a study conducted by the Ponemon Institute, surveying 617 board members and senior executives. Tone at the Top and Third-party Risk, (Registration required.) looks at the increase in cyber attacks and outlines best practices to reduce risk, which include an involved senior management team and a positive tone at the top. “Tone at the Top” is used to describe an organization’s control environment, as established by its C-suite and board. As tone at the top affects the organization risk appetite enterprise wide, management must be committed to a culture and environment that embraces honesty, integrity and ethics, leading employees to be more likely to uphold those same values. 

Third-party risk is clearly on the rise within a continually changing threat landscape that includes the rapid growth in new technologies, such as IoT and migration to the cloud. Successful assessments and best practices executed by an organization could prevent an enterprise from spending the currently reported, approximately $10 million on average annually to respond to security incidents, in addition to reputation loss, brand damage, theft of assets and loss of worker productivity. 

According to the Tone at the Top and Third-Party Risk study:

  • 78% of respondents believe cyber attacks will have a significant impact on their risk profile, followed by IoT (76%), cloud computing (71%), mobility and mobile devices (67%) and big data analytics (51%).
  • Organizations are failing when it comes to third-party risk assessment. Just 18% of respondents said that their company assesses the cyber risks of third parties.
  • Just 29% of respondents indicate they have a formal third-party risk management program in place, while 44% have an informal program and 27% have no such program.
  • Only 31% say their companies have metrics in place to measure the effectiveness of risk management activities.

So what does all of this data mean? As major security issues stemming from third-party and supply chain relationships continue to grow, those at the highest level of organizations must lead by example. Setting a positive tone and creating formal programs to manage third-party risk will ultimately help companies avoid becoming the next victim of an incident. The following are 10 steps an organization can take to implement a strong third-party risk management program that will not only save time and money, but also improve the effectiveness of risk planning, third-party assessments and improve the overall risk management environment.

Step 1. The CEO and boards of directors should be responsible for establishing a positive tone at the top. As shown in the Ponemon research, a positive tone at the top can improve relationships with third parties and reduce risks.

Step 2. The CEO and boards of directors should become more proactive in the third-party risk program. This should include working with management to establish the vision, risk appetite and strategic direction for third-party relationships.

Step 3. An organization should communicate its values to employees and other stakeholders through training and policies to ensure enterprise wide adoption.

Step 4. Make the business case for dedicating more resources to third-party risk management by estimating the potential costs to your organization due to negligent or malicious third parties.

Step 5. Assess the potential threats posed by technologies such as the use of c.loud and IoT in third parties. The results of such assessments should involve recommendations as to what technologies and personnel are needed to minimize the threats.

Step 6. The risk of cyber attacks is increasing for all companies and third parties. When partnering with third parties with access to sensitive and confidential information, ensure they have appropriate technologies to reduce and mitigate threats.

Step 7. Third-party risk management programs should incorporate metrics that reveal the vulnerabilities created by the third parties in your organization’s supply chain.

Step 8. While companies in the research space have fairly mature risk management programs, it is not clear whether such programs incorporate a strategy for managing third-party risk. Such a strategy should incorporate the people, process and technologies for managing the risk.

Step 9. Assign accountability for the third-party risk management program to ensure the objectives of the risk management program are accomplished.

Step 10. Become involved in a consortium or council dedicated to best practices in addressing third-party risks. 

The state of third-party risk management is only going to continue to rise with the emergence of new technologies, therefore, instilling the importance of a positive tone at the top is crucial for all businesses. Improvement of your organization’s relationship with third parties and educating all employees should be one of the top risk management objectives to protect your company, employees and customers.

Related Content:

Charlie Miller is senior vice president with the Santa Fe Group where his key responsibilities include managing and expanding the Collaborative Onsite Assessments Program and facilitating regulatory, partner and association relationships. Charlie has vast industry experience, … View Full Bio

More Insights