Netskope expands the Netskope NewEdge network with a new data center in Seoul, South Korea

Netskope announced the expansion of the Netskope NewEdge network with a new data center in Seoul, South Korea. Serving millions of enterprise users around the world, Netskope NewEdge is a carrier-grade, security private cloud network that is reserved exclusively for Netskope customers.

With South Korea representing a ‘top five’ economy in Asia and ‘top 15’ globally, the addition of the Seoul data center enhances the NewEdge infrastructure and demonstrates an increased investment in the region.

This translates into improved coverage for Netskope services with high performance and lower latency, especially important for companies headquartered in the region or multinationals with a presence in Northern Asia.

“Our customers are rapidly moving away from legacy backhaul architectures, embracing the cloud, and looking to acquire security technology that controls data movement, guards against threats and secures users both inside and outside the enterprise network,” said Jay Kwon, CTO at VicCns Co., Ltd.

“With Netskope launching a new data center in Seoul paired with the NewEdge network’s local peering for the fastest access to web, cloud and SaaS in region, we expect increased adoption of Netskope cloud security across Korea in the coming months.”

As organizations continue to balance the remote or hybrid-office workforce, they are relying on cloud-based solutions to seamlessly bridge the gap from office to home for their employees.

With 20% of users moving sensitive data among multiple cloud apps and services, businesses must continue to prioritize security during this era of rapid digital transformation.

“We’re excited to continue our expansion across Asia-Pacific with the launch of the NewEdge data center in Seoul,” said Jason Hofmann, VP Platform Architecture and Services at Netskope.

“With just 5% to 10% of the latency compared to other vendors based on 3rd-party tests, Netskope is now unequivocally the highest-performing cloud security provider in South Korea, with the fastest on-ramps for user traffic and best round trip times for web, cloud and SaaS access.”

The decades-long efforts to digitally transform enterprises have pushed the capabilities of the public internet to its maximum. Inherently unpredictable and unsecure, the public internet is strained by users who demand great web, cloud, and private application performance and enterprises that demand more security.

Compounding this challenge, legacy security tools often introduce delays to accessing these critical services. As a result, industry analysts have scrutinized the reliance on the public internet for security of these services, giving rise to new architectural frameworks like Gartner’s “secure access service edge” (SASE) that enterprise security leaders are moving to adopt.

Netskope NewEdge is built by industry veterans representing the largest and most performant networks ever built. Like no other network, NewEdge delivers inline security services through a carrier-grade, next-generation global infrastructure based on advanced application and network optimization technologies and processes.

As a private cloud network, NewEdge optimizes connectivity with its resilient global architecture, which is directly peered with major providers, mitigating the challenge of the public internet. This enhances the overall user experience, resulting in a better web, cloud, and private application performance for most Netskope customers.

The Netskope Security Cloud, delivered on NewEdge, provides unrivaled visibility and real-time data and threat protection for cloud services, websites, and private apps accessed from anywhere, on any device.

No other company in the market has addressed shifting demands by combining Next-Generation SWG capabilities, the world’s leading CASB, Cloud Security Posture Management, Zero Trust Network Access, and advanced machine learning to detect unauthorized data exfiltration and advanced threat protection.

Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

To accelerate deployment and simplify administration for network teams, Netskope supports the most flexible options of any vendor for steering traffic to the NewEdge network. This includes Netskope’s lightweight client for managed devices or a traditional proxy auto-config (PAC) file-based approach.

NewEdge also works seamlessly with a customer’s existing router, firewall, and proxy investments utilizing IPSec/GRE tunnels or proxy chaining, as well as plug-and-play integrations with SD-WAN solutions.

To extend security and data protection to unmanaged users and devices, Netskope also supports an extensive set of clientless options to enable any web-based, SaaS application.

Netskope Cloud Threat Exchange: Enabling real-time sharing of threat intelligence in the cloud

Netskope announced the Cloud Threat Exchange, one of the industry’s first cloud-based solutions for the ingestion, curation, and real-time sharing of threat intelligence across enterprise security enforcement points.

With this announcement, Netskope has made the Cloud Threat Exchange free and open to customers that wish to use the technology to collaborate on sharing indicators of compromise (IOCs).

Any certified, partner, vendor, or customer may use Cloud Threat Exchange to automate the delivery and distribution of high-value, actionable threat intelligence, thus reducing the time to protection and eliminating gaps in coverage.

Cloud Threat Exchange is supported by a wide range of members certified by Netskope, which include VMWare Carbon Black, CrowdStrike, Cybereason, Mimecast, SentinelOne, and ThreatQuotient. Together, this ecosystem helps mutual customers maximize the benefit of their protections by leveraging threat intelligence across multiple enforcement points.

Historically, there have been multiple barriers to sharing threat intelligence, which made it difficult to implement at scale. For example, vendors might use APIs or data formats that require proprietary tools or plug-ins to commercial products for translation.

In addition, the tools are typically built in a hub and spoke manner, making it possible for a single vendor (the hub) to benefit from multiple sources of threat intelligence (spokes), but lacking the ability to set up any other type of threat sharing arrangement.

Cloud Threat Exchange breaks through these limitations by providing a free tool that can be used between any members that wish to exchange threat intelligence. This flexibility makes it possible for a relationship directly between peers that does not require intermediation by Netskope.

According to Netskope’s August 2020 Cloud and Threat Report, cybercriminals are continuing to use the cloud as an attack vector in new ways, and this has only been exacerbated by the surge in remote working caused by the COVID-19 pandemic.

Between January 1, 2020 and June 30, 2020, cloud malware delivery and cloud phishing were the two most common types of cloud threats, and 63% of malware was delivered over cloud applications. These challenges require multiple defenses with unique capabilities and focus points to share timely threat intelligence.

For example, a threat actor may combine multiple types of attacks including phishing, malware, and data theft. An organization improves their capabilities to stop such an attack by sharing details of the threats across all of their protections, which is enabled through the use of Cloud Threat Exchange.

Cloud Threat Exchange features include:

  • Facilitates the exchange of threat indicators between vendors, including file hashes, malicious URLs, and DLP file signatures, thus providing customers with fast, up-to-date protection across their security investments.
  • Reduces time between new threat discovery and protection implementation, allowing organizations to keep up with the ever-evolving threat landscape.
  • Establishes full IOC exchange with leading security providers, including endpoint detection and response, threat intelligence, managed detection and response, email security, and ticket management systems. Other vendors are easily added by customers or partners building their own plug-ins.
  • Works with indicators delivered via STIX/TAXII standards enabling information sharing for real-time network defense.

“Speeding the delivery and dissemination of threat intelligence is crucial for building a strong cybersecurity program,” said Krishna Narayanaswamy, Co-founder and CTO, Netskope.

“We believe vendors need to make it as easy as possible to automate the exchange of threat indicators and the Cloud Threat Exchange breaks down the silo walls between security disciplines and helps make every organization safer.”

“For security and IT teams, now is the time to refocus defenses as the threat landscape evolves and attacks become more frequent and increasingly sophisticated,” said Tom Corn, Senior Vice President, Security Business Unit, VMware.

“To meet the security demands of transforming organizations and distributed workforces, VMware Carbon Black is going beyond legacy approaches to bring our customers industry leading cloud native endpoint and workload protection with the added power of ecosystems like the Netskope Cloud Threat Exchange.

“We are delivering on a vision for the next-generation SOC with unprecedented visibility and threat intelligence to help our customers better secure endpoints, networks, workloads, and containers.”

“Staying ahead of today’s ever-evolving threat actors is critical and can’t be accomplished without effective security intelligence. Organizations must arm themselves with the right technology and advanced data to ensure that they can quickly detect adversary activity, and thus protect their business’s most valuable assets from being destroyed or stolen,” said Matthew Polly, Vice President of Worldwide Alliances, Channels and Business Development, CrowdStrike.

“CrowdStrike is excited to join this exchange that will provide joint customers the choice to operationalize their IOCs to proactively prevent and respond to all attack vectors to improve their security posture.”

As personal use of managed devices becomes ubiquitous, risks increase

Netskope analyzed the most interesting trends on enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. Based on anonymized data from millions of global users, the report found there was a 148% rise in remote workers due to the COVID-19 pandemic—which resulted in a 161% increase in visits to high-risk apps and websites, as personal use of managed devices nearly doubled. “The abrupt shift to remote work in … More

The post As personal use of managed devices becomes ubiquitous, risks increase appeared first on Help Net Security.

Cloud-enabled threats are on the rise, sensitive data is moving between cloud apps

44% of malicious threats are cloud enabled, meaning that cybercriminals see the cloud as an effective method for subverting detection, according to Netskope.

cloud-enabled threats

“We are seeing increasingly complex threat techniques being used across cloud applications, spanning from cloud phishing and malware delivery, to cloud command and control and ultimately cloud data exfiltration,” said Ray Canzanese, Threat Research Director at Netskope.

“Our research shows the sophistication and scale of the cloud enabled kill chain increasing, requiring security defenses that understand thousands of cloud apps to keep pace with attackers and block cloud threats. For these reasons, any enterprise using the cloud needs to modernize and extend their security architectures.”

Enterprises using a variety of apps

89% of enterprise users are in the cloud, actively using at least one cloud app every day. Cloud storage, collaboration, and webmail apps are among the most popular in use.

Enterprises also use a variety of apps in those categories – 142 on average – indicating that while enterprises may officially sanction a handful of apps, users tend to gravitate toward a much wider set in their day-to-day activities. Overall, the average enterprise uses over 2,400 distinct cloud services and apps.

Top 5 cloud app categories

  • Cloud storage
  • Collaboration
  • Webmail
  • Consumer
  • Social media

Top 10 most popular cloud apps

  • Google Drive
  • YouTube
  • Microsoft Office 365 for Business
  • Facebook
  • Google Gmail
  • Microsoft Office 365 SharePoint
  • Microsoft Office 365 Outlook.com
  • Twitter
  • Amazon S3
  • LinkedIn

Threats are mostly cloud based

44% of threats are cloud-based. Attackers are moving to the cloud to blend in, increase success rates and evade detections.

Attackers launch attacks through cloud services and apps using familiar techniques including scams, phishing, malware delivery, command and control, formjacking, chatbots, and data exfiltration. Of these, the two most popular cloud threat techniques are phishing and malware delivery. The top threat techniques in the cloud are phishing and malware delivery.

Top 5 targeted cloud apps

  • Microsoft Office 365 for Business
  • Box
  • Google Drive
  • Microsoft Azure
  • Github

Data policy violations come from cloud storage

Over 50% of data policy violations come from cloud storage, collaboration, and webmail apps, and the types of data being detected are primarily DLP rules and policies related to privacy, healthcare, and finance.

This shows that users are moving sensitive data across multiple dimensions among a wide variety of cloud services and apps, including personal instances and unmanaged apps in violation of organizational policies.

The risk of lateral data movement

20% of users move data laterally between cloud apps, such as copying a document from OneDrive to Google Drive or sharing it via Slack. More importantly, the data crosses many boundaries: moving between cloud app suites, between managed and unmanaged apps, between app categories, and between app risk levels.

Moreover, 37% of the data that users move across cloud apps is sensitive. In total, lateral data movement has been tracked among 2,481 different cloud services and apps, indicating the scale and the variety of cloud use across which sensitive information is being dispersed.

Protecting remote workers

One-third of enterprise users work remotely on any given day, across more than eight locations on average, accessing both public and private apps in the cloud. This trend has contributed to the inversion of the traditional network, with users, data, and apps now on the outside.

It also shows increasing demand on legacy VPNs and questions the availability of defenses to protect remote workers.

Netskope opens new data center in Johannesburg, South Africa

Netskope, the leader in cloud security, has announced the opening of a dedicated data centre in Johannesburg, South Africa. The new point of presence (PoP) is part of the company’s ongoing strategy to ensure its real time security solutions for cloud and web are delivered universally and consistently around the globe.

Netskope’s South African PoP further extends the company’s NewEdge infrastructure. NewEdge is the global security network that enables Netskope’s security cloud to deliver real-time, cloud-native security without the traditional performance vs security trade-off.

It is one of the world’s largest and fastest security networks, ensuring that security is always on, always present, and never a roadblock.

This announcement signals significant growth for the company in the region. Netskope’s revenues in South Africa have doubled year-on-year, and the organisation is continuing to demonstrate commitment to the region through dedicated hiring of industry experts and partnership programmes.

The news follows the appointment of Tinus Janse van Rensburg as Regional Sales Manager, who joins Netskope from Cisco where he managed the organisation’s African cybersecurity business.

Andre Stewart, Vice President for EMEA and LATAM for Netskope commented, “With ever increasing data moving to the cloud, security needs to follow that trend. Netskope is committed to best of breed granular, contextual Cloud Security, and the only way to ensure low latency – below 45m/s – worldwide, is to own your infrastructure.

“NewEdge is about giving the end user the best security without compromise. Our Jo’burg POP means that our South African customers can take advantage of all our security portfolio and benefit from the best end user experience possible.

#Netskope has long term plans for the region which is why we are happy to invest in the best infrastructure but also the best people. I am delighted to have Tinus join our team and the plan is to hire great talent to best serve our customers in the region.”

Grant Reynolds, Regional Sales Manager for Africa continued, “This is great news for our customers and partners in Africa, who are already benefiting from our Next Generation Secure Web Gateway which decodes the latest cloud services and web traffic to deliver comprehensive visibility, prevent advanced threats, protect data, and simplify security operations.

“We are ready for fast growth both in the region and worldwide. This is an exciting time both for Netskope and for the broader security industry.”

Netskope’s Security Platform uniquely ensures that customers have all of their data and policy enforcement occur in Netskope owned / leased high end, highly secure, data centres. The Netskope Security Cloud always maintains SOC-3 Type II, SOC-2 Type II, and SSAE-16 Type II certifications and is the longest-standing security cloud to do so in the market.