Earlier this year, managed security service provider (MSSP) received a call from a panicked business owner dealing with a catastrophic business email compromise (BEC) attack. They said: “Help – we’ve lost $5 million, and we don’t know what else the hackers had access to!”
According to Tiberium CEO Drew Perry, this type of call is becoming increasingly common. In fact, more than half of Tiberium’s incident response engagements have been prompted by BEC attacks in 2022.
“BEC attacks involve a threat actor injecting themselves into a legitimate email chain at the point of invoice payment, and they’re growing in frequency due to so much low-hanging fruit and sizeable financial reward,” he says. “The losses they cause are increasing too. These attacks, plus the hybrid war we’re facing against Russian ransomware gangs, are some of the biggest current cyberthreats. Perhaps now it is finally time to sanction business and outlaw paying ransoms? The debate continues.”
To protect their critical systems and assets against such attacks, businesses can deploy Tiberium’s cloud-native cybersecurity solutions – FROST and MYTHIC. Both can be implemented within just 10 minutes to offer automated threat detection and alerting capabilities for Microsoft Azure and Office 365 environments. MYTHIC also provides additional assistance via human analysts and threat hunters.
Perry notes that Tiberium’s cloud-native offerings are much more effective at shielding business-critical assets against threats than traditional MSSP solutions.
“As a cloud-native MSSP focused on automation and collaboration we do what other legacy MSSPs have not historically done – we prevent incidents by hardening the attack surface with the help of multifactor authentication and attack surface reduction rules,” says Perry. “This type of protection is hard for some MSSPs to implement, but we make it easy for our customers. Tiberium’s innovative automation, combined with our Cyber Defender Microsoft Teams integration, makes us much more effective at taking all our customers’ cybersecurity worries away and helping them to achieve a good night’s sleep.”
Tiberium’s solutions have already helped multiple customers in the legal, financial services and small to medium-sized enterprise sectors to detect, prevent or respond to cyberattacks. Perry cites one notable example of a law services firm that called him mid-crisis seeking to implement Tiberium’s MYTHIC service.
“The company had been compromised by two threat actors, one of which had just failed to sink the business by deploying ransomware,” says Perry. “To rapidly migrate the firm to Microsoft Azure and Office 365, we implemented Microsoft Sentinel with Defender and full extended detection and response (XDR) capabilities. We kicked out the threat actors, validated the integrity of the firm’s newly secured cloud environment, and deployed FROST to enable it to automatically detect and react to any future threats.”
Now that many businesses are going digital and migrating to hybrid working models, it is more vital than ever for them to invest in automated cybersecurity solutions that extend beyond their offices and into the homes of employees and other remote locations.
“A dispersed workforce needs to be able to trust in security teams and partners to provide them with a safe environment,” says Perry. “We’re extending our offering by helping our customers implement a zero-trust model and XDR capabilities with our Tiberium MYTHIC and FROST services. We ensure that businesses have compliant hardened devices and proper security identities (users) so employees can work securely from anywhere at any time.”
This article was originally published in the Summer 2022 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.