GET EMAIL UPDATES FROM POWERTOFLY
By signing up you accept the Terms of Service and Privacy Policy
BROWSE CATEGORIES
GET EMAIL UPDATES FROM POWERTOFLY
ActZero.ai

Zero Ransom Initiative

Below is an article originally written by Chris Finan and published on March 30, 2021, in ActZeroAI's blog. Go to ActZeroAI's company page on PowerToFly to see their open positions and learn more.

Our goal as a company is to get our customers to zero... zero breaches, zero threats, zero vulnerabilities, zero inadequate cybersecurity controls. We've committed to achieve this by continually investing to outpace the adversary across our technology, people and processes. Today, I'm excited to share insights about one of our highest priority investments: advanced ransomware protection.

The Ongoing Threat of Ransomware

You don't need to look far for evidence of this problem; ransomware (and the business disruption associated with it) is a top concern for IT leaders. My colleagues have spoken previously about the evolution of both the technology and tactics surrounding ransomware as well as measures you can take to combat this growing threat. In this post, I will describe the project, including the measures our threat hunters, data scientists, and security engineers are taking in order to solve this problem. I'll elaborate on the reasons we are 'betting big' on this solution. And, I'll share how we're leveraging these investments to help our customers drive their ransomware risks toward zero.

Priority Initiatives

We're making exciting investments across many facets of our service, including these three we believe will deliver the most impact for our customers in the coming months:

  1. Expanded Coverage for Cloud and Network Attack Vectors

    We've long touted the necessity of gathering telemetry across the entire environment. This wealth of data has enabled new detections and response capabilities for network and cloud detections specifically. We have also created new anomaly detection models that improve the precision and efficiency of our threat hunting; while this is important for us as a service provider, it's even more important for our customers, who benefit from faster detections and response, especially for unknown threats. This is how most ransomware attacks start: through account takeover, phishing and misconfiguration exploits; so expanding our detection coverage to address these vectors drives down ransomware risk.
  2. Self-Service Security Maturity

    We're constantly looking for new opportunities to help our customers stay ahead of increasingly sophisticated attacks that we're seeing target SMB organizations. To that end, we're also continuing to expand our maturity model functionality, which we now deliver through an interactive web portal. The maturity model helps our customers shift into a more proactive security posture while automating tedious compliance tasks. The portal, which serves as a vehicle for our detailed and prescriptive reporting, as well as self-directed evidence repository for customers, helps our customers reduce their attack surface further by removing and remediating vulnerabilities. Exceptional hygiene still plays a role in preventing ransomware - CSO magazine notes that 60 percent of breaches in 2019 involved vulnerabilities for which a patch was available but not applied. Following recovery of key systems after a ransomware attack, many organizations begin hardening their systems with these types of controls. You shouldn't wait until after an attack before you begin hardening your defenses. Our portal makes it easier for our customers to proactively drive down their risks.
  3. A New Prevention Standard

    Unfortunately, proactive hardening isn't always sufficient to stop advanced attacks, so we're complementing that with our newest investment initiative: Creating a new standard for ransomware and data extortion attack prevention. We're training our machine learning models on ransomware specifically, to yield detections that extend beyond what our security engineers could think to look for, and do so faster than our threat hunters could achieve without AI-augmentation. As our Threat Research division ramps up, and as more organizations engage us to help them with ransomware, we gain more data about attacks that enables us to continually raise our own prevention standard.

Collectively, we call these initiatives our Zero Ransomware Initiative because our goal is for customers to lose zero minutes of sleep over the thought of the paralyzing disruption of a ransomware attack. We aim to eliminate cybersecurity anxiety with an application of purpose-built technology and focused human analysis.

How We Will Get There

Our approach delivers an unprecedented detection and response capability for ransomware to SMB and Mid-Market organizations. And we're deploying new capabilities to ensure we deliver, including anomaly-detection based ransomware detections that adapt with dynamic attack techniques to remain effective, as described above. Beyond the aforementioned cloud and network detections, the endpoint remains a critical part of our pursuits. We'll be announcing an exciting new partnership in the coming weeks that will complement our endpoint capabilities with additional visibility, prevention and response capabilities.

Why Ransomware? Why Now?

Why invest so much of our time and money into ransomware protection? Quite simply, it is the category of attack that results in the highest material impact to those in the market we want to serve, small and medium sized enterprises. These organizations face the same threats as larger enterprises, but often without the people, processes and technology to defend against sophisticated attackers. And these types of attacks are growing in both sophistication and reach. According to Gartner, twenty-seven percent of all malware incidents experienced in 2020 can be attributed to ransomware. That's an especially concerning proportion when you consider the average ransom payment in just the second quarter of 2020 was $178,254 according to Coveware.

Now that we've begun deploying our new Zero Ransomware Initiative advanced ransomware capabilities to improve protection for our customers, we'll continue looking for new ways to improve their security posture. Our quest for zero breaches is never done, but we're taking another big leap forward with this initiative. For more on the problem of ransomware, check out The Rise of RaaS white paper.

Automattic

27 Companies with Impressive Mentorship Opportunities

January is National Mentorship Month— the perfect time to focus on growing and building important relationships with mentors that will positively affect your professional career.

Research shows that mentorship greatly improves career outcomes by providing professional guidance, skill development, and support through major work and life transitions.

READ MORE AND DISCUSS Show less
Client

Best Tips for your Interview with CallRail - Get Ready to Apply!

💎 Looking for some tips and tricks to prepare for your job interview with CallRail? You’ve come to the right place! Make sure to watch the video until the end for some valuable insights.

📼 Watch this video to get some tips that will help you prepare for your interview with CallRail. In this video, you’ll meet Kristin Marsicano, Director of Engineering, and Jon Cyprian, Talent Acquisition Manager at CallRail, who will tell you about the application process and give you some tips and tricks to crush the interview!

READ MORE AND DISCUSS Show less
Uber

Top Tips For a Technical Interview with Uber

💎 Get some top tips before your technical interview with Uber! Don’t miss the valuable advice from a company recruiter. And get to the end of the video for the most important tip!

📼 Play this video to get three top tips that will help you ace your technical interview with Uber. You'll hear from Kelly Hay, Senior Technical Recruiter at Uber, who shares everything you need to know if you’re aiming for a technical role with the company.

READ MORE AND DISCUSS Show less
Client

An Inside Look at the World of Pre-Sales with Skedulo’s Cehrin Elyas

Cehrin Elyas spends a few hours each week with the imaginary characters she’s dreamed up. One of them is Donald, a 55-year-old man with dementia. Another is Mia, a support worker who cares for people like Donald and regularly takes him to get coffee or lunch.

Cehrin works in pre-sales at scheduling platform Skedulo, and Donald and Mia are two of the personas she’s built to help her understand her prospective clients. “I think of them like movie characters,” she says. “I put in lots of data relevant to the industries I’m pitching.”

READ MORE AND DISCUSS Show less

© Rebelmouse 2020