New CompTIA Report Finds Steady Progress on Cybersecurity, but Balancing Act Gets Tougher
Changing approaches to cybersecurity have led to slow but steady progress in defense and protection, but competing interests create a growing challenge for cybersecurity decision makers and practitioners, according to new research from CompTIA, an industry trade association based in suburban Chicago.
A majority of business and technology professionals feel that the overall state of cybersecurity is improving, both generally and within their organizations, according to CompTIA’s “State of Cybersecurity 2024” report. They also acknowledge that the stakes have grown dramatically, with the number of cybercriminals and threats skyrocketing. At the same time, companies are capturing far more data, creating new privacy implications for customers and operational risk for their internal workflows.
“Even small gains in satisfaction are welcome, but there is plenty of room for improvement,” said Seth Robinson, vice president of industry research at CompTIA. “Businesses have begun to consider cybersecurity as a critical function. The next stage requires a multi-faceted approach of processes, policies, people, and products.”
Generative artificial intelligence (AI) is viewed as a tool that can help manage the growing complexity of cybersecurity. There is a heightened commitment to workforce education, including training for all staff and support for certification for technical professionals, according to the report. Risk management and zero trust practices are also gaining a larger footprint.
The challenge becomes even greater as organizations go through digital transformation and tie technology initiatives more closely to business success, according to Robinson.
“Excessive cybersecurity measures can hinder overall progress, but if measures are too relaxed, it can lead to serious incidents, resulting in potentially greater negative impacts,” he explained. “This balancing act is a full-time job. With technology trends evolving and attack patterns changing, true equilibrium may be impossible to achieve.”
Threat focus areas for organizations include malware, cited by 40% of U.S. respondents, ransomware (33%), firmware hacking (31%), IoT-based attacks (31%), hardware-based attacks (31%) and phishing (30%). The potential damage from an attack can be catastrophic. Among U.S. respondents, cybersecurity incidents had a severe impact at 22% of organizations, and a moderate impact at 43%.
CompTIA believes there are four critical variables that must be considered in balancing the cybersecurity equation. These would include capabilities involving product, people, policy, and process.
CompTIA’s “State of Cybersecurity 2024” report is based on a survey of 1,156 business and IT professionals involved in cybersecurity for organizations in six geographic regions around the world.
CompTIA’s “State of Cybersecurity 2024” examines the tug-of-war between security, progress, and convenience.
Corelight Expands Partnership with Mandiant to Strengthen Security
Corelight, a San Francisco-based specialist in open network detection and response, has announced an expansion of their alliance with Mandiant (now part of Google Cloud).
Under the amplified partnership, Corelight will provide its Open NDR technology to support a range of Google Cloud and Mandiant platforms and solutions, including Mandiant Managed Defense. The expanded alliance will also further integrate efforts with Chronicle Security Operations, and additionally, Mandiant Consulting will have the ability to deploy Corelight technology within its Incident Response and Professional Service engagements.
“I’m excited to support our strengthened partnership with Corelight,” said Marshall Heilman, CTO of Mandiant. “Their detection and network analytics capabilities will enable our Managed Defense and Incident Response businesses to identify and resolve incidents faster and more accurately. In addition, Corelight’s integration across our Chronicle SecOps suite helps our customers maximize the value from our mission-focused organizations, with the incorporation of streamlined detections and solutions that are budget friendly for organizations of all sizes.”
Brian Dye, CEO of Corelight, added: “It’s a great honor to be selected as a strategic NDR partner by Mandiant and Google Cloud, organizations that command the highest respect within the security community. We look forward to helping joint customers find and disrupt attacks more quickly and accurately, and to extending the partnership in new ways as Google’s security offerings continue to evolve.”
Corelight plans to continue with the delivery of NDR capabilities through co-delivered solutions and technologies with both Mandiant and the Chronicle SecOps suite. By combining their products and services with Mandiant telemetry, the two companies promise that mutual customers across private and public sectors will have strong cyber defense.
SonicWall Updates its Partner Program for Increased Flexibility and Simplicity
SonicWall has announced the introduction of its newly enhanced SecureFirst Partner Program for North America, based on a variety of feedback secured from channel partners.
“Our primary goal is to empower our partners and help them thrive and excel in their respective industries and business models,” said SonicWall President and CEO Bob Vankirk. “SonicWall’s new partner program allows its partners to determine their level of engagement, it allows for competitive pricing regardless of tier, and it helps increase profitability and efficiency to establish an easier way of doing business with us.”
The Milpitas, California-based company has made several recent announcements, including changes to its executive leadership team, and implementation of new incentives prior to rolling out additional enhancements to its global partner program.
Under the revised program, partners can choose among different procurement options and access partner benefits without making training or business planning commitments. Instead, each partner can tailor the collaboration to suit its specific needs. Two new tiered tracks have been added. “Velocity” will be offered to partners looking to engage with minimal requirements, while “Mastery” partners will receive all incentives, resources, and benefits. New logo discounts are now available to all tiers, incentivizing partners to pursue new business opportunities. Flexible training options focus on how to position, sell, and deploy the SonicWall portfolio with product-specific courseware, specializations, and certifications. Support access is available to level 2 or level 3 agents.
“Our goal is to empower partners to explore new business opportunities and remain competitive in the market,” said SonicWall Global Channel Chief Michelle Ragusa-McBain. “The enhanced program caters to every stage of partnership from brand-new to established, offering benefits regardless of a partner’s business model.”
New North American partners will be onboarded directly into the new partner program effective immediately. Existing partners are urged to reach out to their account management team to understand the new changes and select the appropriate path.
The enhanced, reimagined partner program is expected to attract new partners and improve profitability for existing ones.