Mimecast Acquires Elevate Security to Personalize Controls

Mimecast this week announced it has acquired Elevate Security as part of an effort to make it simpler to apply cybersecurity controls based on actual end-user behavior.
David Raissipour, chief technology and product officer at Mimecast, said Elevate Security, a provider of a platform for assessing cybersecurity risk levels, will advance an ongoing effort to enable cybersecurity teams to personalize cybersecurity in an era where cyberattacks are increasingly aimed at individuals based on the role they play with an organization.
The bulk of those attacks are launched via email and collaboration services that Mimecast already protects, so the addition of Elevate Security will make it simpler for organizations to apply cybersecurity policies more narrowly, said Raissipour.
Otherwise, cybersecurity teams are enforcing policies that punish all end users equally despite the level of care they take when, for example, accessing external Web sites or opening attachments, he added.
In general, the weakest link in any cybersecurity strategy is individuals who, no matter how much they are trained, are still liable to make mistakes, especially as social engineering tactics and techniques become more sophisticated because cybercriminals are now leveraging generative artificial intelligence tools to craft them.
It may not be practical to fire employees for falling victim to these attacks, but if cybersecurity teams are aware of which employees are engaging in the riskiest behavior, it becomes possible to apply controls more granularly, noted Raissipour.
Each organization will, of course, need to determine what level of end-user training should be provided based on the roles and responsibilities of employees, but as organizations embrace zero-trust IT architecture, cybersecurity will revolve around verifying the identities of end users, applications and machines.
Applying cybersecurity policies based on risks that are determined using predictive AI tools is a natural extension to any identity-centric approach to maintaining cybersecurity, added Raissipour.
It's not clear how targeted attacks will become in the next year, but given the previous year, it's clear cybercriminals are moving beyond attacks based on spray-and-pray tactics.
Instead, cybercriminals are leveraging stolen credentials to insert themselves into workflows to, for example, redirect invoice payments.
Most of those attacks can be traced back to some initial engagement with an employee that involved some type of request to download a document or click on a URL that brought them to a malicious website.
Most cybersecurity teams are not able to issue edits to prevent that behavior, but they can monitor the online behavior of end users that, from a cybersecurity perspective, are known to be problematic.
One way or another, cybersecurity teams, as part of any forensic effort that occurs after a breach is discovered, will need to trace the origin of a cyberattack back to a specific root cause.
Most of the time, that will involve identifying an end user that inadvertently engaged in an activity that created an exploit that cybercriminals could exploit.
The challenge and the opportunity now is to proactively identify the probability of such events occurring in a way that either prevents them from occurring or, at the very least, minimizes the potential damage inflicted.


This Cyber News was published on securityboulevard.com. Publication date: Fri, 05 Jan 2024 18:14:23 +0000


Cyber News related to Mimecast Acquires Elevate Security to Personalize Controls

Mimecast Acquires Elevate Security to Personalize Controls - Mimecast this week announced it has acquired Elevate Security as part of an effort to make it simpler to apply cybersecurity controls based on actual end-user behavior. David Raissipour, chief technology and product officer at Mimecast, said Elevate ...
11 months ago Securityboulevard.com
Mimecast Announces New CEO - PRESS RELEASE. LEXINGTON, Mass., January 16, 2024 - Mimecast Limited, an advanced email and collaboration security company, announced today the appointment of Marc van Zadelhoff as CEO, with Mimecast Co-Founder and current CEO Peter Bauer remaining a ...
11 months ago Darkreading.com
Mimecast Announces Acquisition of Elevate Security - In a pivotal move that elevates cybersecurity to a new level, Mimecast, a leading email and collaboration security company, has acquired Elevate Security, a pioneer in human risk management solutions. This strategic acquisition promises a paradigm ...
11 months ago Cybersecuritynews.com
Mimecast Acquires User Education Startup Elevate Security - Email security mainstay Mimecast on Thursday announced the acquisition of Elevate Security, a venture-backed startup working on technology in the user-education and awareness training space. Financial terms of the transaction were not released. The ...
11 months ago Securityweek.com
Cybersecurity Standards vs Procedures vs Controls vs Policies - Four interrelated terms used in cybersecurity are Policies, Procedures, Standards, Guidelines, and Controls. Policies are at the top, Standards and Guidelines add detail to policies, Controls are the measured outcome of standards in use, and ...
10 months ago Securityboulevard.com
How to Set Up Internet Parental Controls - Setting up internet parental controls is a great way to reduce the risk of your child viewing inappropriate content on the web. Parental controls are available on most major internet-enabled devices. Parental controls can prevent and filter a variety ...
1 year ago Pandasecurity.com
An In-Depth Guide to the 11 New ISO 27001 Controls - An effective defense against these threats requires a consistent and comprehensive security posture like the one outlined in the ISO 27001 standard. As daunting as these threats seem, up to 80% can be stopped by adopting security controls. The last ...
10 months ago Securityboulevard.com
Navigating The Cybersecurity Horizon: Insights and Takeaways from Blackhat2023 - We'll examine the rapid proliferation of xIoT devices throughout all industries and the crucial quest in maintaining their security. In a digital landscape where the security of our data remains vital, the emergence of quantum computing poses an ...
1 year ago Cyberdefensemagazine.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
2 months ago Helpnetsecurity.com
The 6 Best Email Security Software & Tools of 2024 - To guarantee full protection against email threats, important features to consider when picking an email security solution include email filtering and spam detection, sandboxing, mobile support, advanced machine learning, and data loss prevention. ...
2 months ago Esecurityplanet.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
10 months ago Esecurityplanet.com
Cloud Security: Ensuring Data Protection in the Cloud - Data Encryption: Protecting sensitive data is a top priority in cloud security. Cloud security is of utmost importance when it comes to protecting and ensuring the confidentiality of data stored and transmitted in the cloud. Data protection in the ...
10 months ago Securityzap.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
11 months ago Feeds.dzone.com
Coming March 2024: How to Prepare for PCI DSS Version 4.0 Compliance - A 2022 Verizon report claims that only 43% of assessed organizations maintained full compliance in 2020. With the March 2024 deadline fast approaching, businesses that process and store card data are racing to implement the 13 new requirements in ...
11 months ago Securityboulevard.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
10 months ago Cybersecuritynews.com
A Practitioner's Guide to Security-First Design - Instead, organizations must proactively fortify their defenses and enter the era of security-first design - an avant-garde approach that transcends traditional security measures. Security-first design is an approach that emphasizes integrating robust ...
1 year ago Feeds.dzone.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
6 months ago Esecurityplanet.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
7 months ago Blog.checkpoint.com
IaaS vs PaaS vs SaaS Security: Which Is Most Secure? - Security concerns include data protection, network security, identity and access management, and physical security. While IaaS gives complete control and accountability, PaaS strikes a compromise between control and simplicity, and SaaS provides a ...
1 year ago Esecurityplanet.com
What Is a SaaS Security Checklist? Tips & Free Template - SaaS security checklists are frameworks for protecting data and applications in cloud-based environments. These checklists include security standards and best practices for SaaS and cloud applications, and B2B SaaS providers use them to guarantee ...
8 months ago Esecurityplanet.com
$22 Million Wake-up Call to Improve Security - A former Jacksonville Jaguars staff member is facing the possibility of a 30-year prison sentence after admitting guilt to financial crimes, including embezzling over $22 million from the NFL team. Insufficient Internal Controls: In many cases, a ...
11 months ago Securityboulevard.com
What Is Security Service Edge: All You Need to Know - Security service edge is a security technology that secures access to assets outside of the corporate network. Security service edge introduces a control that connects to remote users and assets before they connect to each other. All SSE tools borrow ...
6 months ago Esecurityplanet.com
Understanding the 2024 Cloud Security Landscape - As we swiftly move towards the second quarter of 2024, predictions by cloud security reports highlight the challenges of cloud adoption in the cloud security landscape. This growing reliance on cloud infrastructure raises the critical issue of ...
9 months ago Feeds.dzone.com
What is Security Posture? - Security posture is a term often mentioned in cybersecurity, with businesses often told to improve or maintain a robust security posture. With the onset of 2024, now is a better time than ever to take stock of your company's security posture and plan ...
11 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)