News
Forescout Launches Forescout Assist

Forescout Technologies has launched Forescout Assist for Healthcare and Forescout Assist for OT/ICS, new subscription services that provide organizations’ IT security and engineering teams access to Forescout security experts and new threat detection, investigation, response, and hunting capabilities.
Organizations are grappling with a rapidly evolving digital terrain that requires timely visibility of security risks and threats to their enterprise. However, current staffing, along with financial and technology challenges prevent many from effectively building and maintaining those capabilities and required know-how in-house. With Forescout Assist, organizations gain seamless, remote access to Forescout security experts – including data scientists, engineers, security analysts, threat researchers, and hunters – to identify, investigate, prioritize and mitigate cyber threats.
“Understanding and acting on OT/ICS and medical device security risks is critical but is only now getting the attention it deserves. Organizations don’t want to be caught flat-footed due to staffing and economic dynamics that are out of their control,” said Partha Panda, co-founder of Cysiv, a Forescout company. “Forescout Assist builds on our mission to enable organizations, regardless of their current circumstances, to have access to the specialized security expertise and technology necessary to effectively manage cyber risk.”
Forescout leverages its cloud-native data analytics platform to deliver Forescout Assist. The service, which combines machine automation and efficiency with human expertise and insights, encompasses these key activities carried out by Forescout experts:
- 24/7 Security Monitoring: Monitoring network and device activity to detect, triage, and investigate threats, and initiate incident escalation and remediation actions to contain, stop and recover from an attack.
- Risk Mitigation: Analyzing and triaging asset risks (e.g., compliance violations, exposure, and vulnerabilities) identified by Forescout eyeInspect (for OT/ICS environments), and Forescout Medical Device Security (for healthcare environments) to determine response priority and outlining steps to reduce risks and attack surface.
- Human-led Threat Hunting: Performing threat hunting on critical assets and networks, based on behavioral analysis of prevalent threat actors, real-time threat intelligence, and most exploited vulnerabilities, as well as documenting and escalating malicious findings as security incident cases.
Expert Speak
Don’t Brush It Off – Plan Your Incident Response Now

In business, impermanence is the only certainty. An example is how organizations addressed the COVID-19 pandemic. Within a few weeks, many developed a plan to run their businesses remotely.
More than three-quarters of organizations worldwide don’t have an IT incident response plan in place because most believe they have little risk of becoming a cyberattack statistic. Unfortunately, that’s still likely to happen.
According to africanews, in the past year, Kenya has experienced a concerning rise in cyberattacks, with a remarkable 860 million incidents documented in 2022.
As wisely expressed by Benjamin Franklin, “By failing to prepare, you’re preparing to fail.” Let’s explore a strategic incident response plan for your organization.
Create a Backup
Business networks are complex and large, and oftentimes, a network outage results in financial and reputational repercussions, including disgruntled clients. It’s imperative to create a backup of critical data and systems that you can’t run your business without, and store it in a safe location. When the inevitable breach occurs, your business will be able to recover as quickly as possible.
Never Say Never
While a workforce continuity plan might seem unimportant and nonurgent, the pandemic prompted IT departments worldwide to quickly realize the importance of being able to rapidly change the way their organizations conducted business.
Here are a few steps to help you draft a business continuity plan to address the next disruption:
- Form a team with representatives from each department and understand their workflow.
- Identify critical business functions and find a way to prioritize them.
- Assess the risks for every process in your organization and record them.
- Develop a risk mitigation strategy to protect your critical business functions from those risks.
- Document the entire procedure and keep it up to date.
Train Your Employees
A common hurdle with an incident response plan is ensuring that employees take the plan seriously. To deter the mindset that the plan is “less urgent,” educate employees about its importance and the repercussions that can result from cyber threats and cyber incidents. It’s vital to conduct regular training sessions to address hardware failures, software glitches, network outages, and security breaches so that you efficiently mitigate a cybersecurity incident.
What Doesn’t Kill You Makes You Stronger
Understand the points of failure in your previous incidents and find a way to rectify them. Single points of failure should be addressed by establishing a backup, not just in terms of network and systems but also in terms of staff allocation. Relying on a single person, especially when it comes to a critical network, is not a great idea. Delegate a second person to reach out and provide assistance in case of an incident.
While incident response might seem insignificant in the larger scheme of things, when a disaster hits, it could potentially devastate your business. Take some time to prioritize incident management and make it part of your organization’s culture by creating a backup, training your employees, drafting a workplace continuity plan, and learning from your past incidents. Learn more about IT incident management for your business.
Cyber Security
ManageEngine Intros Enhanced SIEM with Dual-Layered System for Better Precision in Threat Detection

ManageEngine, the enterprise IT management division of Zoho Corporation, today unveiled the industry’s first dual-layered threat detection system in its security information and event management (SIEM) solution, Log360. The new feature, available in Log360’s threat detection, investigation and response (TDIR) component, Vigil IQ, empowers security operations centre (SOC) teams in organizations with improved accuracy and enhanced precision in threat detection.
A quality SOC ensures people, processes, and cutting-edge technology function well. However, enterprise security is made difficult by staffing shortages and solution orchestration complexities. Following recent upgrades to the security analytics module of Log360 designed to facilitate SOC optimization through key performance metric monitoring, the company has focused on addressing pressing challenges in security operations.
“In a recent ManageEngine study, a majority of respondents revealed that their SOCs are understaffed. These resource-constrained SOCs grapple with significant obstacles, such as process silos and manual investigation of alerts, which are often non-threats, low-priority issues or false positives. These lead to extended detection and response times for actual threats. To overcome these challenges, we recognize the imperative adoption of AI & ML for contextual event enrichment and rewiring threat detection logic,” said Manikandan Thangaraj, vice president at ManageEngine.
“We pioneered a dual-layered, ML approach to heighten the precision and consistency of threat detection. First, Vigil IQ ensures genuine threats are discerned from false positives. Second, the system facilitates targeted threat identification and response. This advanced system significantly improves the accuracy of identifying threats, streamlining the detection process and allowing SOC analysts to focus their valuable time on investigating real threats.”
Key Features of the Dual-Layered Threat Detection System of Vigil IQ in Log360:
Smart Alerts: Vigil IQ, the TDIR module of Log360, now combines the power of both accuracy and precision in threat detection. With its dynamic learning capability, Vigil IQ adapts to the changing nature of network behaviour to cover more threat instances accurately. It will spot threats that get overlooked due to manual threshold settings, thereby improving the detection system’s reliability.
Proactive Predictive Analytics: Leveraging predictive analytics based on historical data patterns, Vigil IQ predicts potential security threats, facilitating the implementation of proactive measures before incidents occur. This predictive intelligence drastically reduces the mean time to detect (MTTD) threats.
Contextual Intelligence: Vigil IQ enriches alerts with deep contextual information, providing security analysts with comprehensive threat insights. This enrichment of alerts with non-event context accelerates the mean time to respond (MTTR) by delivering pertinent, precise information.
News
Proofpoint Appoints Sumit Dhawan as Chief Executive Officer

Proofpoint has announced that Sumit Dhawan has been appointed chief executive officer, effective immediately. Rémi Thomas, Proofpoint’s chief financial officer, who has been acting as Proofpoint’s interim CEO since October 25th, will continue to serve as the company’s CFO. “The Proofpoint board of directors could not be more excited to partner with Sumit as he joins Proofpoint to usher in a new stage of growth,” said Seth Boro, managing partner at Thoma Bravo. “Sumit brings a wealth of valuable experience and expertise in building category-leading, scaled companies and businesses. We are confident his customer-centric passion and strong legacy of leadership will continue to carry Proofpoint’s mission forward in providing people-centric cybersecurity solutions that address some of the most challenging risks facing organizations today.”
Dhawan is a highly respected and seasoned technology leader with a proven track record of building market-leading security, cloud, and end-user computing businesses. In his most recent role as president of VMware, Dhawan was responsible for driving over $13B of revenue and led the company’s go-to-market functions including worldwide sales, customer success and experience, strategic ecosystem, industry solutions, marketing, and communications. Before that, he was chief executive officer of Instart, a cybersecurity business delivering innovations in web application security services. He has held senior executive and general management roles at both VMware and Citrix and has successfully established category-leading businesses at scale.
“Over the years, Proofpoint has built an exceptional brand and is trusted by some of the world’s leading organizations as their cybersecurity partner of choice,” said Sumit Dhawan. “I’m honoured to join a leader at the forefront of cybersecurity innovation and to shepherd its continuing and unwavering commitment to helping organizations across the globe protect people and defend data.”
Proofpoint recently announced it has entered into a definitive agreement to acquire Tessian, a leader in the use of advanced AI to automatically detect and guard against both accidental data loss and evolving email threats. Tessian’s cloud-native, API-enabled inbound and outbound email protection solution will extend Proofpoint’s award-winning offering to address the most frequent form of data loss including, misdirected email and data exfiltration.
-
Cyber Security1 week ago
Databases Are the Black Boxes for Most Organisations
-
News1 week ago
Proofpoint Appoints Sumit Dhawan as Chief Executive Officer
-
Cyber Security1 week ago
Cybersecurity on a Budget: Affordable Cybersecurity Strategies for Small Businesses
-
Cyber Security1 week ago
ManageEngine Intros Enhanced SIEM with Dual-Layered System for Better Precision in Threat Detection
-
Cloud1 week ago
Google Clarifies the Cause of Missing Google Drive Files
-
Interviews3 days ago
COP28: AI Can Be Leveraged to Deliver Actionable Insights
-
Interviews3 days ago
COP28: Fortinet is Committed to Innovating for a Safer Internet
-
Expert Speak3 days ago
Don’t Brush It Off – Plan Your Incident Response Now