Security Update: SEC Fines $10M for Failure to Report Cyber Breach
- Splunk, Cisco Unveil AI Strategy, Products at .conf24
- NYSE Parent Hit with $10M Fine for Failure to Report Cyber Breach
- Cybersecurity Consolidation Ahead: Tool Sprawl Rolls Up to Platforms
- Barracuda Networks Stakes AI as Key Need for MSPs, Partners
Every week on ChannelE2E we strive to bring you the most important cybersecurity news that MSPs need to know. As part of that, we’ve created this regular feature that compiles the top stories from our affiliate site, MSSP Alert.
This week includes news from the Splunk .conf24 as the company made announcements fulfilling the promise of Cisco’s acquisition of the observability and cybersecurity giant in September 2023 for $28 billion. In data breach disclosure news, the SEC has fined the NYSE’s parent company for failure to report a data breach.
We’ve also got an analysis of how some of the tool sprawl that MSPs have seen in recent years, particularly in cybersecurity, is rolling up into platforms. Plus, we spoke with Barracuda MSP about the company’s channel program, its work with MSPs and some new research it has published around the MSP business in particular. Here’s what you should read this week.
Splunk, Cisco Unveil AI Strategy, Products at .conf24
Splunk and Cisco went all in on AI at Splunk .conf24 this week in Las Vegas with strategy statements and a slew of product announcements and partnership initiatives that demonstrated the trajectory and focus of the newly converged company.
The company’s announcements along these lines during the opening keynote address begin to flesh out the promise of Cisco’s acquisition of observability and cybersecurity giant Splunk, announced in September 2023 for $28 billion.
Cisco go-to-market president and Splunk GM Gary Steele was joined on stage by Cisco CEO and chair Chuck Robbins to establish a key message to “Splunkers” in attendance. The message is that AI will have an enduring presence in everything Splunk and Cisco will do together to protect data, networks and more. Proclaiming a “new AI era,” Steele described AI as “the most transforming technology we’ll see in our lifetime” and exulted its “limitless potential.”
“If you think about the fact that Cisco has visibility to a billion endpoints, we see 400 billion security events a day,” Steele said. “We’ve got massive information coming out of the network. We see everything going on in the internet everywhere. We can actually predict where they’re going to be outages. So when you talk about digital resilience, and you take all the insights that Cisco had before, and we feed it into what you already do with Splunk, that just makes it better.”
NYSE Parent Hit with $10M Fine for Failure to Report Cyber Breach
The New York Stock Exchange’s parent company has been slapped with a $10 million fine by the Securities and Exchange Commission (SEC) for failing to properly notify the regulatory body of a cyber breach.
The Intercontinental Exchange (ICE) and SEC settled charges that ICE caused nine wholly owned subsidiaries, including the NYSE, not to comply with its Regulation Systems Compliance and Integrity (Regulation SCI) reporting rules.
Under the SCI, companies are required to inform the Commission immediately of any SCI-related incidents and file notification within 24 hours of an event unless they “immediately concluded or reasonably estimated” that the intrusion would have no or minimal effect on their operations or “market participants,” the SEC’s Order said.
It was a third party, according to the SEC, that in April 2021 told ICE that it was “potentially impacted” by a zero day attack in which a previously unknown vulnerability in its virtual private network (VPN) was exploited by hackers. ICE subsequently determined that a threat actor had inserted malicious code into a VPN used to remotely access ICE’s corporate network.
Cybersecurity Consolidation Ahead: Tool Sprawl Rolls Up to Platforms
For years, MSSPs and MSPs have been assembling cybersecurity defenses for business clients by piecing together a wide range of individual security applications from multiple vendors to fortify strong, armored walls against cyberattacks.
But that may be changing as more cybersecurity vendors themselves are looking to simplify and improve their outward-facing defense products by creating and offering integrated, all-in-one, single-vendor cybersecurity platforms that are pre-assembled to bolster the security of business customers around the world.
For MSPs and MSSPs, a benefit of this platform approach is that they can deal with just a single vendor instead of working with products from multiple vendors and having to assemble them for business customers to fit their individual requirements. Other benefits include tighter and better product integration, as well as giving MSSPs and MSPs additional services to offer and sell to their clients, allowing them to potentially grow more revenue without adding new customers.
With all these changes happening around them, it is a good time for MSSPs and MSPs to take a hard look at this new trend and how it will affect them as well.
Barracuda Networks Stakes AI as Key Need for MSPs, Partners
Partnerships may be the life’s blood of Barracuda Networks’ MSP business focus — the importance of such relationships borne out in its new global MSP report.
Barracuda’s previous partner programs were based on partner type and geography, but the company unified the programs a year-and-a-half ago into a single global partner success program, Jason Beal, the company’s Global Technology Channel & GTM Operations Executive, told MSSP Alert.
Beal emphasized that unifying the partner programs was a top request from partners.
To correlate Barracuda’s partnership moves with fresh research data, The Evolving Landscape of the MSP Business 2024 report shows how MSPs around the world are embracing marketplaces and AI to better meet customer needs. But they worry about their lack of knowledge about AI and its applications. While providers are embracing marketplaces they also continue to worry about competition.
