Exabeam News Wrap-up — August 1, 2023

Welcome to our latest roundup of Exabeam news coverage, press releases, articles, and awards. Stay up to date with the Exabeam News Wrap-up and visit the Exabeam Newsroom for all things newsworthy.

In this article:

• New SEC Rules Require Breach Disclosure Within Four Days
• Exabeam Delivers SIEM Behavior Monitoring Solution for Federal Agencies, Departments
• Roblox Suffers Major Data Breach – Experts React
• Why SOCs Need Urgent Modernization
• Enhancing Bank Cybersecurity by Combating External and Insider Threats with MFA
• The Evolution of Threat Defense – An Interview with Steve Povolny of Exabeam
• Credential Harvesting: Understanding and Combating the Threat
• Taking Stock of Cybersecurity in 2023: Challenges and Opportunities
• Messaging: Navigating Nuances in an Ever-changing Cybersecurity Landscape
• Exabeam Makes Fortune Best Workplaces for Millennials™ 2023 list
• Exabeam Spotlight23 to Debut TDIR Innovations

New SEC Rules Require Breach Disclosure Within Four Days  

The United States Securities and Exchange Commission recently announced new rules mandating the disclosure of cybersecurity incidents as well as ongoing risk management, strategy, and governance.

Effective 30 days after publication, these rules require public companies to disclose any material cybersecurity incident within four business days. The disclosure should include details about the nature, scope, timing, and potential impact of the incident. The SEC allows delays in disclosure only in cases where the immediate disclosure would pose a substantial risk to national security or public safety and the U.S. Attorney General provides written notification to the Commission.

Exabeam CISO, Tyler Farrar, expressed optimism about the rules, believing they will benefit consumers by encouraging companies to prioritize better security practices. He emphasized that the added layer of accountability can create a safer environment for consumers’ personal information.

Exabeam Delivers SIEM Behavior Monitoring Solution for Federal Agencies, Departments 

To help federal agencies and departments comply with the White House Office of Management and Budget Memorandum-21-31 on “Improving the Federal Government’s Investigative and Remediation Capabilities Related to Cybersecurity Incidents,” Exabeam has unveiled a new user behavior monitoring solution purpose-built for these organizations. The solution outlines practical steps to enhance the prevention, detection, assessment, and remediation of cybersecurity incidents targeting government organizations.

Roblox Suffers Major Data Breach – Experts React

Popular gaming platform Roblox recently experienced a significant data breach, resulting in the release of personal information, including addresses, of attendees who participated in the Roblox Developer Conference between 2017 and 2020.

According to haveibeenpwned.com, 3,943 accounts were compromised, with the breach initially occurring on December 18, 2020, and the information becoming public on July 18, 2023. The potential ramifications for those affected include identity theft and scams due to the substantial volume of exposed data. While Roblox has assured that it remains vigilant in monitoring and vetting its cyberposture, further updates on the extent of the consequences may take time to emerge.

Sam Humphries, Head of Security Strategy, EMEA at Exabeam, commented on the incident, highlighting the importance of detecting and mitigating abnormal behavior through user activity insights. She also encouraged organizations to create a vendor risk management plan, thoroughly vet third parties, and adhere to best cybersecurity practices to reduce the chance of unauthorized access.

Why SOCs Need Urgent Modernization

Security operations centers (SOCs) play a vital role in detecting, investigating, and remediating cybersecurity threats. However, these centers face an array of challenges that put immense pressure on SOC professionals and their work. Richard Orange, VP of Marketing, EMEA at Exabeam, explains how consolidating data points and technology solutions is critical. Organizations must prioritize SOC modernization, asking the right questions and adopting a risk-based approach. By doing so, the SOC can bring significant return on investment and improved cybersecurity.

Enhancing Bank Cybersecurity by Combating External and Insider Threats with MFA

In another article, Orange highlights the significance of multifactor authentication (MFA) in enhancing bank cybersecurity. MFA plays a critical role in achieving a zero-trust posture, safeguarding customer data, preventing fraud, and reducing insider threats. To bolster security measures, banks should integrate MFA data into a security information and event management (SIEM) system with user and entity behavior analytics (UEBA). By adopting MFA and a comprehensive security strategy, banks can effectively combat external and insider threats.

The Evolution of Threat Defense – An Interview with Steve Povolny of Exabeam

In a recent interview, Steve Povolny, Director of Security Research at Exabeam, discussed vulnerabilities, the rise in ransomware attacks, the role of users, and the evolving threat landscape. The interview highlighted the importance of understanding vulnerabilities and indicators of compromise (IoCs) and emphasized the need for the right strategy and tools to detect, respond to, and recover from cyberattacks.

Credential Harvesting: Understanding and Combating the Threat

Matt Rider, VP of Security Engineering, EMEA at Exabeam, sheds light on the battle against cybercrime, where digital identities have become prime targets for cybercriminals. Credential harvesting poses a significant security risk, causing nearly three-quarters of all attacks. Traditional cybersecurity solutions struggle to detect or prevent these attacks, as threat actors often use legitimate login details. To tackle this problem, security leaders must prioritize effective employee education and leverage technological innovation like machine learning and UEBA to improve security.

Taking Stock of Cybersecurity in 2023: Challenges and Opportunities

James Anderson, VP of EMEA Channels at Exabeam, discusses the challenges and opportunities in the cybersecurity sector. Despite economic pressures, cybersecurity spending continues to rise, and organizations seek integrated security technologies to make better decisions. AI and machine learning systems play a crucial role in handling the data deluge generated by modern technologies. The XaaS model offers growth opportunities for channel organizations, and MSPs are encouraged to broaden their service-led capabilities. Software vendors and partners have significant opportunities to create compelling solutions to address diverse cybersecurity risks.

Messaging: Navigating Nuances in an Ever-changing Cybersecurity Landscape 

In today’s highly competitive cybersecurity industry, organizations must continuously analyze and refine their messaging to remain competitive. Larissa Gaston, VP of Corporate Communications at Exabeam, offers insight into how organizations can achieve messaging success by crafting nuanced messaging that conveys their value and differentiation clearly. Achieving internal consensus through stakeholder involvement is crucial, and the right third-party help can facilitate the process. Timing the messaging rollout carefully and maintaining a holistic view ensure clarity and differentiation in a rapidly changing cybersecurity landscape.

Exabeam Makes Fortune Best Workplaces for Millennials™ 2023 list

Exabeam has earned a spot on the prestigious Fortune Best Workplaces for Millennials™ 2023 list. Our employees have praised the fantastic culture cultivated at Exabeam since its founding. Executives have been deliberate in hiring great people who align with the company’s five values. Colleagues are described as caring and diverse individuals who work together to solve challenging problems.

Exabeam Spotlight23 to Debut TDIR Innovations

We are excited to announce our sixth annual users’ conference, Spotlight23, sponsored by Google Cloud. The event will be livestreamed worldwide from Chase Center in San Francisco, providing attendees with an up-close look at the latest product advancements and achievements that push the boundaries of what’s possible with advanced New-Scale threat detection, investigation, and response (TDIR).

Taking place on Tuesday, Sept. 26 in the Americas and Wednesday, Sept. 27 in the EMEA and APJ regions, Spotlight 23 will feature Exabeam CEO Adam Geller and his leadership team, who will share what’s next for Exabeam, along with a sneak peek at our product roadmap.

Stay tuned for our next Exabeam News Wrap-up and browse through past editions!

Live From the Chase Center in San Francisco, It’s Exabeam Spotlight23!

Security is fast-moving and the stakes are high. You must raise your game to beat the adversaries. Attacks are sophisticated and hard-to-detect, legacy SIEM is limited, and security teams are overwhelmed with data, unable to see a complete picture of a threat. Until now.

Join Exabeam at Spotlight23 and raise your security game!

What you’ll experience at Spotlight23:

• Hear from Exabeam executives, security experts, and customers as they share the latest product innovations and use cases 
• Learn the latest strategies to advance security operations, detect threats, defend against cyberattacks, and defeat adversaries 
• Attend optional breakout sessions that deep dive into technology advancements

Registration opens July 25!