2020 Predictions
2019 Security Trends & 2020 Predictions That Will Shape Your Organization’s Strategy
Reading Time: 5 minutes

As we commence a new year and century, we tend to look at the different trends from the previous years and think about what the future holds for us.

When looking back at 2019, it was a wild run for organizations that were fighting different challenges such as cryptojacking, phishing, ransomware and making sure their critical resources stayed in the clear from hackers. However, not everyone stayed safe in 2019 as we saw different organizations fall prey, for example, the Capital One breach. As we move forward it is important to dwell on what we experienced, take those lessons, and implement them in order to improve your organization’s internal and external security.

Looking forward to 2020 and beyond, organizations will need to be prepared against attackers who will create and implement different kinds of attacks. We talked to different security experts who explained what 2019 trends and 2020 predictions they’re most excited about seeing in security in the upcoming year.

2019 Network Security Trends

Insider Threat Attacks

Hackers and malicious actors have a massive resource pool available to them which helps them easily access an organization’s networks and resources. One of the most popular kinds of attacks in 2019 was insider threat attacks.

“The insider threat is one of the greatest drivers of security risks that organizations face as a malicious insider utilizes credentials to gain access to a given organization’s critical assets. Many organizations are challenged to detect internal nefarious acts, often due to limited access controls and the ability to detect unusual activity once someone is already inside their network. The threat from malicious insider activity is an increasing concern, especially for financial institutions, and will continue to be so in 2020.” – Steve Durbin, Managing Director of the Information Security Forum

More Data Privacy Regulations

“With new legislation such as CCPA for California Residents and previous regulations such as GDPR, Data Privacy and Compliance are huge issues for 2019. There is an ongoing focus on protecting consumer’s personally identifiable information (PII) and a lot of companies are falling short. If each person took five minutes to run an internet search, they would likely find a wealth of information about themselves on public websites that they didn’t know existed. This will continue to be a problem in 2020 as not all companies will comply with privacy laws and some companies will continue to sell people’s personal information for profit.” – Courtney H. Jackson, Founder & Chief Information Security Officer (CISO) at Paragon Cyber Solutions

5G leading to More IoT Risks

With the rollout of 5G, we have seen more data than ever before being gathered from IoT, to protect access to those devices, IAM solutions for IoT will be a major need in 2020.

“With the opportunity of higher bandwidth provided by 5G, there are emerging threats, to name a few, that threat actors will dedicate more effort to hijack these devices for botnets for DDOS, malware distribution and recognizance of the target organization.

Enterprises should start planning now to protect this type of asset that is often forgotten, leaving them unmanaged from a security point of view and a low effort entry point for an attacker, often combined with the device vendor unwilling or unable to patch known vulnerabilities. This lead to a continued spread of Mirai botnet and their clones across the globe in 2019, three years after the threat was identified it is still a danger, given the current trend, I predict we will continue to see them grow in 2020.”- Fausto Oliveira, Principal Security Architect at Acceptto

2020 Security Predictions

Ransomware

Ransomware has always been a continuous threat to organizations over the years and in 2020 and beyond we will see many businesses and users in the financial sector become a more popular target by hackers.

“We will continue to expect to see more ransomware attacks on healthcare, education, and government sectors due to the large ransoms and success over the past year. Additionally, several ransomware groups have started to exfiltrate data in order to force victims to pay ransoms as many organizations started to ensure that they had good backup systems in place and avoided paying ransoms. But with this new twist to ransomware, companies now face the release of information and a data breach.“ – Shannon Wilkinson, CEO of Tego Cyber

Increasing Automated Security

There’s a huge shortage of skilled cybersecurity personnel, several million worldwide according to some reports.

“To make do with too few skilled resources, more companies will explore and expand security automation initiatives. In recent years, a whole market has emerged for Security Orchestration Automated Response (SOAR) platforms which enable teams to orchestrate and automate security actions to get more done in less time and with less manual effort. In 2020, look for greater adoption of SOAR platforms and automated playbooks, as well as for SIEM and Threat Intelligence Platform vendors to add more SOAR-type capabilities.” – Atif Mushtaq, CEO of SlashNext

Shadow IT

Over the past decade, many organizations have considered “shadow IT” as one of the key risk trends expected to change the way we think about security risk. As we enter 2020 and the next decade, shadow IT will become not just a trend but the native way we do business.

“Organization, from the largest hospital systems to rapidly-growing startups, will have an ever-growing set of thousands of external, cloud-based software systems, or externally managed dependencies introduced into their systems and software. It will be critical that companies understand which type of data they are sharing and with which third parties – and the security postures of those third parties.

In order to mitigate the risk in this fundamental change to the way we do business, information security organizations will need to support all areas of the business with more efficient processes and practices so everyone can make informed, risk-based decisions about the software they use and how to manage it securely – in line with a shared responsibility model.” – Ben Waugh, CSO at digital health firm Redox.

Unified Security Platforms

Today the majority of organizations are continuously adopting many different kinds of security solutions. Most of them are outdated, hard to manage and no longer relevant to the modern world and its new threats. The idea of a unified security platform will be introduced in 2020.

“Modern organizations will need to adopt Saas based unified cybersecurity platforms that are easier to implement and manage inside the organization’s environment. Moving forward, instead of using different vendors for different security needs, I believe IT managers will prefer to implement a central security system that provides complete visibility of its networks to help the cybersecurity analysts identify threats and respond in real-time in case of an incident. This concept presents the idea of having one platform for all solutions which provide the idea of a  one-stop-shop to consume cybersecurity.” – Amit Bareket, Co-Founder and CEO of Perimeter 81

Looking Past the Predictions

When looking back at 2019 and even earlier, we must learn from our previous security experiences and mistakes to learn what worked well and what didn’t. However,  looking into 2020 and forward we can’t depend on outdated tactics to fight off hackers and attacks.

The security community as a whole needs to stay informed daily about the different kinds of attacks, tactics and trends and start implementing them on an organization level to stay safe in 2020. We wish everyone a happy and secure 2020!

Read More
CCPA
Why Your Organization Needs to Become California Consumer Privacy Act (CCPA) Compliant
Reading Time: 4 minutes

Over the past decade, organizations are getting familiar with the different new privacy laws being enforced by governments. In 2018, GDPR went into effect and we are seeing the huge impact this law has had on organizations when dealing with people’s personal data. Now, there’s another major regulation that just went into effect.

On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) went into effect and sets new requirements and rights relating to personal information of California consumers. This is the first state-level privacy law in the United States.

Data-driven companies are quickly making the right adjustments with the new regulation into their system, similar to how they prepared for GDPR. 

Despite not knowing how much of an impact this new regulation will have on organizations, it’s always best to prepare and be compliant. In this blog post, we will explain what the CCPA is, how it will impact your business and any other lingering questions you may have about CCPA. 

What is the CCPA?

The CCPA was created in order to protect the privacy and personal data of consumers who live within the state of California. The CCPA grants people the right to know what information businesses are storing about them. The act additionally gives people the right to tell businesses they cannot use their personal information.

Similar to GDPR, people may request that a business discloses the types of personal information it collects, the purpose of collecting that information, and who the information is being sold to. According to the regulation, people are allowed to request this data report twice a year, free of charge.

Why did California pass CCPA?

The California legislature approved the CCPA regulation after the mining of personal data was brought to light in 2018 with the famous data mining Cambridge Analytica scandal and how the congress hearing proved how vulnerable personal information can be misused. The state desired to create more laws that will implement better data privacy control and transparency.   

According to CNET, more states are considering similar laws and similar proposals are being presented at the federal level.

What CCPA Means for Consumers

The CCPA regulation provides California residents with 4 basic rights with their personal information:

  • The right to know what personal information, including specific pieces of information which are being stored and what the business is doing with the information.
  • The right to request that the business who is storing their information delete their personal information.
  • The right to opt-out of the sale of their personal information. 
  • If a consumer takes advantage of their rights under the CCPA, freedom from discrimination of price or services. However, a business may offer financial incentives, including payments to consumers, for the collection, sale, or deletion of personal information

How Do I Know If My Organization Is Impacted by the CCPA?

The CCPA regulation affects any organization that collects, shares, or sells California residents’ personal data and meets any of the following three criteria:

  • Has an annual gross revenue of $25 million or more.
  • Possesses the personal information of 50,000 or more consumers, households, or devices.
  • Earns more than half of its annual revenue by selling personal information.

How Can My Organization Become CCPA Compliant?

Your organization can implement different privacy steps to ensure consumers are able to exercise their rights under the CCPA. Here are the key steps to make:

  • Provide two or more methods for consumers to submit requests about their personal information. At a minimum, these methods must include a toll-free telephone number and at least one additional method such as a designated email address or online form.
  • Establish protocols to respond to consumer requests within 45 days of receiving them.
  • Update your privacy policies to include new CCPA privacy rights.
  • Analyze your data collection and documentation processes. Ensure that you are able to track how you collect data, how you use it, where it resides, and have a system in place to provide consumers with this information. 
  • Provide consumers with notice that their personal information is being sold. Implement a process to honor opt-out requests in a timely manner.
  • Assess and document your data security practices to ensure your business takes the necessary steps to avoid data theft and any other security breaches. 

Make sure your legal team reviews the entire CCPA initiative to identify all steps your business must implement to remain CCPA compliant. We highly recommend that you educate your entire staff on the main factors of CCPA compliance. 

Meeting CCPA with a Zero Trust Network As a Service

Although the law requirements are clear, CCPA does not provide a technical direction on how to meet these standards. Instead, organizations are required independently to create a plan to meet data security requirements. Admittingly, this sounds quite data-heavy, but each of these benchmarks can be easily met using a Zero Trust Network as a Service platform.

A Zero Trust Network as a Service (ZTNA) uses pre-shared keys to identify, authenticate and authorize user access. Using a ZTNA which offers a centralized cloud management platform, an entity can create customized user access to sensitive data – including cloud environments, SaaS services, sandbox and production environments, and more.

Additionally, any data which passes over any network is secured with advanced encryption. This creates a virtual tunnel so data can’t be intercepted by users who don’t have access. By offering network visibility and identifying risks and vulnerabilities to your systems and data, detailed activity reports provide insight into which resources are being accessed, what applications are being used, and how much bandwidth is being consumed.

Accelerate Your CCPA Compliance with Perimeter 81

At Perimeter 81, we are committed to protecting your company’s data and your customers’ data. In order to ensure complete CCPA compliance, we have:

  • Undergone a full third-party audit
  • Updated our terms of service and Privacy Policy
  • Ensured that our platform meets all data storage requirements

To help you navigate the CCPA and secure your clients’ data, we provide:

Automatic Wi-Fi Security for CCPA Compliance

With CCPA in effect, the way businesses handle Wi-Fi security will change drastically. At Perimeter 81, we have made this one of our key priorities. Our patented, Automatic Wi-Fi Security feature is a special built-in functionality to all of our applications that allows users to automatically deploy a VPN connection even if the device is locked and in your pocket.

Once you install Perimeter 81’s client applications, you can rest assured that data passing over any network is secured with 256-bit bank-level encryption. Perimeter 81’s innovative Automatic Wi-Fi Security immediately shields data by automatically activating VPN protection when employees connect to unknown, untrusted networks.

If you have any more questions about CCPA, our Automatic Wi-Fi Security feature, or the steps we at Perimeter 81 have taken to protect your data, please don’t hesitate to contact us at [email protected]

Read More
2020_Security_Experts
Top 10 Security Experts You Should be Following in 2020
Reading Time: 4 minutes

Data breaches and cybersecurity attacks tend to dominate the global headlines with the prominent details of the attack or hack. However, when looking for the bolts and nuts of a security breach, you need to know where and whom should you go for answers. 

Twitter and different security blogs are the most popular places to gain more insights and expertise from different security experts. These ever-changing platforms provide any user or person to engage and learn from the best minds in the security industry. You have the chance to communicate and interact with experts that you normally wouldn’t have the opportunity to by reaching out, commenting or tagging them in their tweets or comment section of their blog post.

While the common internet user will go to Twitter to see what their favorite athlete or musician is commenting or discussing on, the network security community uses the platform to provide another angle on different attacks or the direction of the industry. 

So before you go follow everyone who says they are the “must follow” security expert, you need to ask yourself who you should be following. We recommend that you check their expertise in security, whether they are active, and finally, what do they actually tweet or blog about. Once you know who to follow or subscribe to, we recommend creating Twitter lists or feeds per category of the expert. This will be key to simplifying the different numerous network security expert opinions that matter most to you.

We have assembled the best network security experts you should be following in 2020 and forward. Don’t have time to follow them all? Follow our list here

Brian Krebs (@briankrebs)

Brian Krebs is the most well-known cybersecurity expert in security. He is an independent investigative security journalist who spends his days investigating and reporting the latest hacks and breaches. Krebs started his career as a reporter for The Washington Post but only started to write about cybersecurity after his entire home network was taken over by a Chinese hacking group. His security blog mainly focuses on all things considered computer security and cybercrime. Brian tweets on a daily basis about security vulnerabilities and current InfoSec issues.

Graham Cluley (@gcluley)

Graham Cluley is one of the most active security bloggers, researchers, podcasters, and public speakers. Since the early ’90s, Cluley has been fighting to make the internet a safer place with his endless investigations and blogging about different hacks and breaches. Graham’s blog and daily tweets cover the latest security news, malware, breaches and cyberattacks.

Troy Hunt (@troyhunt)

Troy Hunt is one of the best experts when it comes to data breaches and security practices. Currently Troy is the  Microsoft Regional Director, a Microsoft Most Valuable Professional (MVP) for Developer Security and an international speaker on web security. He also runs the site Have I been pwned?, a free tool that aggregates every public data breach and instantly lets people know if their email account has been compromised in a breach. He tweets and blogs about network attacks and app security on a daily basis.

Bruce Schneier (@schneierblog)

Bruce Schneier is an internationally known privacy specialist and cybersecurity writer who famously was named the “Security Guru” by The Economist. Over the years, he has shared his cybersecurity experience and in-depth knowledge as an author of over 13 books. On his website Schneier on Security”, he regularly writes about the top security issues that we as internet users are facing. While he has an active Twitter account, it’s best to bookmark his security blog as that’s where he goes into the small details.   

The Grugq (@thegrugq)

While The Grugq doesn’t share his real identity, he is one of the most popular and well respected independent information security consultants and anti-forensic researcher. His detailed blogs on Medium are insightful and must-reads after a hack has become public. His Twitter account provides a sharp and witty commentary for pointing out the absurd and real concerns in the security space

Richard Stiennon (@stiennon

Richard Stiennon is an industry analyst who not only covers the IT security space but has spent a lot of time investigating the technology research business. Richard authored the book “There Will Be Cyberwar”, a book about the U.S. military’s shift to network-centric warfare and what that portends for cyberwar. He was named one of the “50 Most Powerful People in Networking” by Network World Magazine. His twitter account is filled with his interviews and articles on different topics within cybersecurity. 

Shira Rubinoff (@shirastweet)

Shira Rubinoff is one of the most recognized and popular female cybersecurity experts who leads multiple women-in-technology efforts. Additionally, she is one of the leading experts when it comes to the human factors of information technology and security. She lectures and publishes on a  regular basis on different topics that relate to cybersecurity and psychology. She tweets daily about all things considered security and how the human factor plays into cybersecurity.

Zack Whittaker (@zackwhittaker)

Zack Whittaker is the lead security editor for TechCrunch. He has been a security journalist for over 10 years writing for ZDNet, CNET and CBS News. Additionally, his articles have been featured in Time, WIRED, Fortune and other online outlets. He is constantly tweeting about news stories on security, legal, privacy, cybersecurity, national security, government and technology. He also produces a cybersecurity newsletter where he summarizes the previous week’s news.

InfoSec Taylor Swift (@SwiftOnSecurity)

Swift On Security is a parody account that was originally created to discuss with the Twittersphere about the famous HeartBleed bug, but currently, it has grown to Twitter famous in the security industry. For those who like their security with the right amount of mockery and passion, this is a must-follow.

Daniel Miessler (@DanielMiessler)

Daniel Miessler is one of the most veteran security bloggers in the industry. He has shared his thoughts on the interactions between technology and society since 1999 and his current focus is on the security of networks, web applications, mobile, and IoT systems. His Twitter account is a great place to find out what’s happening with all aspects of cybersecurity that you rarely will find elsewhere. Every week he puts an email newsletter about all the interest security news over the past week, you can subscribe here.

We’ve highlighted just a few of the best security experts in the industry that will help you stay connected with everything security-related. Of course, we have to mention that you can always stay updated with all our news and content by following @Perimeter_81 on Twitter.

Read More
amazon_reinvent
AWS re:Invent 2019: The Future is in the Cloud
Reading Time: 3 minutes

December started with a bang, culminating in the always exciting AWS re:Invent conference. Over 65,000 attendees made the trek to Las Vegas to get a grasp of the plethora of new updates at AWS and learn more about the different security vendors (including Perimeter 81) who were exhibiting at the conference. 

After the action-packed week that was AWS re:Invent, it’s time to reflect on the highlights and great conversations we had with customers, partners and thousands of potential clients that we met throughout the four-day conference.

Join us as we look back on last week’s event from start to finish, sharing our key learnings, conversations and booth activities.

AWS Doubling Down on Entire Cloud Migration

Every re:Invent, AWS announces different new features and services to their customers and this year they kept it simple with Andy Jassy’s keynote session. The clear message was organizations need to migrate everything to the cloud. Jassy’s and AWS vision is that by organization fully adopting AWS cloud services it will unlock additional IT spending. The main point presented was that AWS has the most features and capabilities of any provider and that competitors aren’t getting any closer. So in short AWS wants to become the pillar of next-generation of businesses in the upcoming year. 

One of the Best Conference to meet Customers

While exhibiting at AWS re:Invent, we had endless opportunities to meet with our amazing clients. Even if it’s just a quick hello or a longer conversation, it’s great to have the face to face discussion with our customers. While at the conference we had great conversations with different customers from different sectors and each conversation provided us with real-time customer insights into our solution. Their personal insights and feedback will help our team to continue to build the best Network as a service solution in the market.

                       Catching up with True{X} at the Perimeter 81 booth

Attendees Came for Company Swag and Were Welcomed with Demos

Like other large security conferences, we went all out at AWS re:Invent – we ran a voluminous amount of demos so attendees could receive a better understanding of our product and walk through our Zero Trust Network as a Service solution and all of its capabilities.

AWS__1

We also made sure that people didn’t leave empty-handed! Attendees who stopped by our booth had the option of different company stickers and swag.

Swag

Additionally, each visitor of our booth received a scratch card with the opportunity to win great prizes. Winners received Bluetooth turntable with speakers, portable speakers, Instax cameras and more.

AWS_conference_photo

Until Next Time

When looking back at the jam-packed week that was AWS re:Invent, it was a very enjoyable and exciting week, filled with great activities, the opportunity to meet up with old colleagues, and the chance to make some new connections. A big hats-off to everyone who helped make AWS re:Invent 2019 a huge success! We look forward to seeing you at the next industry event soon.

We’d love to have you join us for a webinar discussing simplifying connectivity to AWS transit gateway with Perimeter 81. 

Read More
Product Updates
December 2019 Product Updates: Automatic WI-Fi, WireGuard and More
Reading Time: 3 minutes

Over time, we have learned that we develop products, not for our solution, but for you, the customer, to help resolve your network access problems. But just resolving a customer’s problem is not enough – the product should also be intuitive and user-friendly. 

It’s clear that the best people to provide feedback about the ease of use of our platform are our customers. We listened to your feedback and requests and recently have made some significant updates across the Perimeter 81 platform that will help your employees achieve easy and secure network access. 

Below, we’ve outlined the highlights of our latest product updates over the past 6 months to our Network as a Service solution.

Automatic Wi-Fi Security Feature

As the number of public Wi-Fi hotspots worldwide is projected to reach 432 million by 2020, Wi-Fi continues to pose serious risks to businesses of all sizes. Due to the lack of encryption and open passwords, open networks can be hacked in a matter of seconds. Wi-Fi hotspots are everywhere – cafes, airports, hotels, smart cities, but only one out of every three people know how to identify unsecured networks. Simply, it’s no surprise that one out of every five people and three out of ten organizations fall prey to cybercrime while on-the-go.

Due to this, we have integrated our patented Automatic Wi-FI technology (Patent number: 10440762) which automatically secures your Wi-Fi connection no matter where you are working from. Our Automatic Wi-Fi security feature activates an instantaneous connection if an employee’s device connects to unsecured Wi-Fi, and establishes a private and secure connection. This security feature will be a key addition to our upcoming bundle of new security capabilities. 

Automatic Wi-Fi Security is enabled by default. Each user can adjust this configuration locally in their account when signed into the client application on their device.

WireGuard Connector 

Customers often ask how we are improving the performance and the speed of our solution. Now your questions are answered by our latest integration of the WireGuard® connector into the Perimeter 81 platform.

WireGuard connector is a free and open-source software application and communication protocol that implements virtual private network (VPN) techniques to create secure point-to-point connections in routed or bridged configurations. It aims to be faster, simpler, leaner, and more useful than IPsec while avoiding the challenges of IPsec. Compared to OpenVPN, Wireguard connectors have outperformed when it comes to quicker performance and simplified implementation. 

While it was initially released for the Linux kernel, it is now available and deployable on all major platforms (Windows, macOS, BSD, iOS, Android). By implementing WireGuard Connector in our platform, users will experience a faster performance within their Perimeter 81 application, 

Always-on VPN

In the summer days of July, we added a new configuration feature into the Perimeter 81 applications, Always-On VPN. This simple new feature establishes an automatic VPN connection any time an authorized client has an active internet connection. 

We recommend that all administrators enable the Always-On VPN technology feature in the configuration settings for all client applications. No matter which team member is using the application, they will always be connected to a secure network while working.  

New Gateway Locations

As the Perimeter solution advances with new security features, so does the amount of public and private gateway locations. We are now offering you over 36 global public gateway locations within in the Perimeter 81 platform.

While we always recommend all users to create private networks for their teams, we kindly remind you have the option to use the public gateway inside the platform.

That’s a Wrap

2019 was filled with different product updates and our latest partnership with SonicWall. This has capped off a huge 12 months at Perimeter 81. We’d love to hear your feedback going into the holidays and stay tuned for more product updates in 2020 as we are planning to launch our new unified network and security platform with more network and security features

Read More
press release image
Perimeter 81 Announces $10 Million Funding Round to Expand its Network as a Service Platform; Partners with SonicWall to Add Unified Security Services
Reading Time: 3 minutes

SonicWall and Perimeter 81 signed a mutual OEM agreement to enhance their product offerings in the cybersecurity market by delivering a secured Network as a Service.

TEL AVIV, IsraelNov. 21, 2019 /PRNewswire/ — Perimeter 81, a leading Zero Trust network provider for enterprises and organizations, announced today a $10 million Series A investment round led by SonicWall, a Francisco Partners portfolio company, together with Spring Ventures, and existing investors. Perimeter 81 provides enterprises and organizations with a secure cloud-based network solution. SonicWall equips users with next-generation firewall & Cyber Security solutions. As a result, each company will provide a unified network & security platform that will be a one-stop-shop for network and security offerings as a service.

The companies will integrate SonicWall’s advanced security solutions and Perimeter 81’s matured and innovative Zero Trust Network as a Service solution. Both company’s platforms will offer an easy-to-use “Secure Network as a Service” solution that provides Zero Trust access to internal resources, user and branch internet security, branch interconnectivity and endpoint security in one place.

With cloud and mobility solutions changing the way we work, we are seeing an increasing number of employees working on the go. This is driving a need to shift from a dated site-centric security model to a more cloud user-friendly, service-based platform. Perimeter 81 is one of the only vendors offering a comprehensive set of converged secure network capabilities, delivered and managed from its multi-tenant cloud.

This funding round is the latest move in a year of exponential growth for Perimeter 81. Launched in February 2018, the company has already seen 400% year over year revenue growth, expanding from 180 businesses using Perimeter 81 to 500 in the past eleven months alone. More than 81% of Perimeter 81’s customers use it as their secure corporate network and not only as Zero Trust Access, replacing the need for a VPN.

“As we see greater numbers of companies, from SMBs to enterprises and governments, making the move to a perimeter-less organization largely supported by cloud services, Perimeter 81 has seen tremendous growth,” said Amit Bareket, Co-Founder and CEO of Perimeter 81. “When we created our Network as a Service solution, we made it possible to easily offer security solutions on top of our existing platform. We are excited to partner with SonicWall in order to provide the most advanced Secure Network as a Service available today.”

“We are excited to partner with Perimeter 81. This relationship will allow us to provide a wide range of businesses, from SMBs to Fortune 500s and governments, with our award-winning Capture Cloud Platform and real-time breach detection and prevention solutions, while allowing them to adopt a Zero Trust Security architecture that delivers tremendous efficacy in securing the modern organization,” said SonicWall President and CEO Bill Conner. “Going forward, our customers and partners have choices between on-premise, cloud, and now, Secure Network as a Service all with integrated management within Capture Security Services. We believe this will ensure that our customers continue to fearless.”

About Perimeter 81

Perimeter 81 is a Zero Trust Secure Network as a Service that is simplifying network security for the modern and distributed workforce. Based in Tel Aviv, the heart of the startup nation and a global hub for innovative technology development, Perimeter 81 was founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali. The team of security as a service experts comes together every day to deliver a truly innovative, world-class network security service. Perimeter 81’s clients range from SMB to include Fortune 500 businesses and industry leaders across a wide range of sectors, and its partners are among the world’s foremost integrators, managed service providers and channel resellers. Earlier this year, Gartner selected Perimeter 81 as a “Cool Vendor in Network and Cyber-Physical Systems Security. For more information, visit www.perimeter81.com

About SonicWall

SonicWall has been fighting the cybercriminal industry for over 28 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on TwitterLinkedInFacebook and Instagram.

Read More
Perimeter 81 Completes a $10M Funding Round Led by Partner SonicWall to Add Unified Network Security Services
Reading Time: 4 minutes

2019 was a banner year for Perimeter 81 as we introduced and launched the second version of our Zero Trust solution, Zero Trust Application Access. Additionally, we were selected by Gartner as a Cool Vendor in Network and Cyber-Physical Systems Security and named a Deloitte Technology Fast 500™ rankings for EMEA.

As we are nearing the end of 2019, we are thrilled to share that we have recently announced a new round of funding of $10 million dollars. This round was led by our new partner SonicWall, a Francisco Partners portfolio company, together with Spring Ventures, and our existing investors. This latest round of funding will help us to deliver more security and network features for our customers and accelerate the growth of our company.

This is the latest move in a year of exponential growth for Perimeter 81. Since we have launched in February 2018, we have already seen 400% year over year revenue growth, expanding from 180 businesses using Perimeter 81 to 500 in the past ten months alone. More than 81% of Perimeter 81’s customers use it as their secure corporate network and not only as Zero Trust Access, replacing the need for a VPN.

Sagi_Amit

Co-Founders Amit Bareket and Sagi Gidali

Why Perimeter 81 is Partnering with SonicWall 

Over the past year, we have consistently received great feedback from our customers about the different changes and updates that we were making in our platform, including requests for more security features. We listened to your feedback and requests and today we signed a new partnership with SonicWall in order to create this holistic solution. 

This partnership comes at a critical juncture in the network security space. With cloud and mobility solutions changing the way we work, we are seeing an increasing number of employees working on the go. This is driving a need to shift from a dated site-centric security model to a more cloud user-friendly, service-based platform. Perimeter 81 is one of the only vendors offering a comprehensive set of converged secure network capabilities, delivered and managed from its multi-tenant cloud. 

When we created our Network as a Service solution, we made it possible to easily offer security solutions on top of our existing platform. We knew right away that we wanted to partner with a strong security player to make that happen, which is why we chose SonicWall. In our OEM agreement with SonicWall, we will be integrating their advanced security solution into our secure Network as a Service platform which will create a unified network & security platform that will be a one-stop-shop for network and security offerings as a service. Among the security features that we will be integrating are secure gateways, network policies rules, IPS, Sandboxing, application control and more.

Now with the security features embedded into our platform, customers will be able to consume Zero Trust access to internal resources, user and branch internet security, branch interconnectivity and endpoint security all in one place. This new perimeter-less and unified network and security platform will revolutionize the way companies consume network security solutions, allowing companies of any size to replace the traditional and perimeter-based network security services with a cloud and service-based solution. The advanced security features are expected to launch during the second half of 2020.

New Partnership Leads The SASE Market 

Cloud and mobility solutions are changing the way we work; the internet today is fast and connectivity is everywhere. It is becoming more common to employ mobile workers from anywhere in the world causing the need for a shift from the outdated site-centric security model to a cloud-friendly service-based platform. Traditional network security, a market of tens of billions of dollars will go through disruption in the next 5 years, due to cloud and mobility, in favor of cloud-based services.

With our new partnership with SonicWall, we will have integrated the different security features and strengthen our current offering, helping us to create one of the strongest Secure Access Service Edge (SASE) model offerings in the network security space. SASE was recently named by Gartner as one of the most promising emerging technology in enterprise networking. The relatively new technology is still in early adoption stages with less than 1% of organizations adopting the new model. However, we will see the adoption rate by organizations grow in the upcoming years. 

Perimeter 81 is one of the first vendors with SASE model capabilities to build out a comprehensive set of converged secure network capabilities, delivered and managed from its multi-tenant cloud, allowing companies of all sizes to access to an enterprise-grade network security solutions as a service. 

Moving Forward to 2020 and Beyond

The latest financial investment and partnership will enable us to create and develop new features and solutions that will revolutionize the way cyber and network security is consumed moving forward. In the coming months, we will be launching new security features and product updates, creating a unified platform for secure network, cloud and application access for the modern and mobile workforce. 

Stay tuned for features and product updates and announcements by following us on Facebook, LinkedIn, and Twitter.

Read More
SASE
Gartner SASE: Transforming Network Security
Reading Time: 4 minutes

SASE is now doing to network security what storage devices did to the IT space.

SASE was coined in late August by leading Gartner security analysts Neil MacDonald, Lawrence Orans, and Joe Skorupa. They published the “The Future of Network Security Is in the Cloud” report, which discussed for the first time a new model for network security which will change the way organizations secure their networks and data. This model is called Secure Access Service Edge (SASE).

SASE was announced as the emerging technology model that will shape network security in the upcoming years. Gartner believes that SASE will change the network security industry, similar to how IaaS changed data center architecture. Despite being just introduced, the emerging SASE market is becoming apparent. In the report, Gartner says by 2024, at least 40% of enterprises will have security strategies that will require the SASE model. The concept of the model is to create and provide a secure cloud environment that is fully integrated into one’s network.

Cloud Services Adoption Requires Better Security 

As the majority of organizations are moving to the cloud and adopting different cloud services, they are quickly learning network security isn’t so simple. The traditional network security model was built on the idea that organizations should send traffic to corporate static networks where the necessary security services were located. At the time, this was the accepted model due to the majority of employees working from site-centric offices. 

The idea of more user-centric networks is changing the traditional network we once knew. While people are now working more remotely from home, cafes, as well as around the world the standard, hardware-based security appliances we’ve depended on are no longer adequate in securing remote network access

With the widespread adoption of cloud computing, organizations started to see the increase in employees becoming nomads. As more digital workspaces increased, the static network model became a thing of the past. This new approach presented an increase in network security issues. While static network security solutions provide a level of security for most organizations, a fundamental transformation is essential. However, this network and resources digital transformation haven’t provided a smooth transition. 

Organizations have implemented cloud services with traditional hardware security solutions such as firewalls, SD-WAN devices, and other security products. This attempt to work with both outdated security solutions and cloud services has created more problems than solutions. How can organizations moving forward combine their hardware and cloud security solutions? 

The cyber security and network security solution space is highly segmented with an endless amount of different solutions by security vendors. This is creating a massive headache for organizations that are trying to smoothly integrate these solutions in their network environment. Instead, the entire cybersecurity space needs to converge to provide a more holistic cybersecurity approach. This is where SASE is introduced. SASE allows organizations to have a software-based and service-based network that will provide a unification of different security solutions approach. It happened with the IT space with storage devices and it is now happening with the network security space with SASE.

What is SASE? 

Secure Access Service Edge (SASE) is the cloud architecture model that combines the different functions of network and security solutions into a unified cloud security platform to be delivered as a service without any or small amounts of hardware and appliances involved. The new cloud architecture model which is transforming how the cloud will integrate more smoothly with outdated security technologies all in one network. SASE provides organizations the opportunity to securely connect to a single network where they can gain access to physical and cloud resources – no matter their location.

SASE enables IT security solutions to provide a more holistic and agile service for business networking and security for its customers. What makes SASE innovative and disruptive is the idea of how it will transform the way network security is consumed over traditional products and cloud services. 

SASE Is Networking

Unlike traditional networking, SASE is removing the outdated network idea of site-centric to a more user-centric mindset. Instead of organizations connecting their networks and resources under one branch to a central office, the SASE model suggests that businesses should instead connect their employees and networks on a more user-centric level to a cloud-based service. 

In the past, the majority of networks for organizations were pinpointed at the central data center for user access. While this approach was implemented by global organizations, Gartner suggests that this site-centric approach is outdated and not effective as organizations are turning to edge platforms, SaaS solutions and cloud services. While the concept of organizations providing a data center for user access won’t disappear overnight its will become less relevant as the majority of services are moving to the cloud. 

According to Gartner, SASE provides organizations of all sizes many advantages over traditional security technologies such as better flexibility for users and IT managers, more affordable network costs and greater performance. 

SASE Means More Security Features

While current network security solutions emphasis on very specific features in their product, SASE creates the opportunity for security services to provide different security features than their initial offering. One of the key additional security features that SASE can offer is Zero Trust network access. 

Due to the SASE model, which is not dependent on an IP address or location of a user’s device for policy enforcement, organizations can implement the Zero Trust approach for consistent and secure network access and policy enforcement. 

By enforcing the Zero Trust approach for identity user access ensures policy enforcement and protection for all users, devices, applications, and data, regardless of where they’re connecting from. This user-centric approach makes the verification of authorized entities mandatory, not optional. By implementing a holistic security approach with the SASE model will provide a more flexible and adaptable versus any potential network risks moving forward all organizations no matter the size. 

Is SASE the Right Model For Your Organization?

For each organization the successful network security depends on the right solution, organizations can feel confident that they can implement the SASE model without needing to modify the existing network.

With secure, segmented and audited access to cloud environments, applications, and local services, Perimeter 81’s SASE service increases security, auditing, monitoring, and visibility while reducing help-desk support and hardware spending.

Read More
How Employees Open the Door to Hackers (and how to prevent it)
How Employees Open the Door to Hackers (and how to prevent it)
Reading Time: 5 minutes

With every passing day, we are seeing more and more security breaches announced globally. Whether it’s the massive Capital One data breach or the latest CafePress data breach, organizations of all sizes are being targeted and breached by malicious actors. While these breaches grab headlines, reporters are constantly highlighting the hackers, information or the failure of technology. 

These stories may be exciting for your casual reader, we should be asking ourselves what is the real reason these breaches are happening. Unfortunately, companies prefer not to admit to it but the reality is that breaches, no matter the size, tend to be caused by a mistake from someone inside the company.

According to an industry report by Shred-it, 47% of business leaders cited human error as the main cause of a data breach at their organization. These simple but harmful mistakes are hurting organizations financially and ruining customer’s trust in their service or product. One of the main reasons for these mistakes is that far too many employees are not fully aware of the security policies implemented at their company. By not following these security policies, employees are lowering their guard and presenting an easier target for hackers.

Remote Workers: Ideal Target for Hackers

The adoption of remote workers for organizations is increasing by the day. More and more companies are hiring remote workers and allowing employees to work on the go, which presents an increase of potential security risks. For example, when remote workers are using an unsecured public Wi-Fi network, it provides an easy path for hackers to gain access to your organization’s critical resources and network.  

When allowing employees to work remotely, organizations must clearly outline those remote employees’ responsibilities regarding IT security best practices and the importance of data protection. To provide another layer of defense, organizations must implement remote worker specific security policies which include device monitoring, multi-factor authentication and forcing employees to specific locations with secure Wi-Fi networks.

While remote workers might be easier targets for hackers, all types of employees must be aware of all the different kinds of attacks that will exploit human behavior to open the door for hackers. 

The 3 Most Popular Types of Attacks on Employees

Phishing 

Phishing is the most common and easiest way to attack company employees due to its low costs and its organic nature. Hackers target your employees by sending official-looking emails requesting that they send them critical information from their work device. Despite it being one of the oldest and original methods of hacking, most phishing emails can fool the common employee. 

The most famous phishing attack was Phish Phry, where hundreds of bank and credit card customers received an official-looking email directing them towards fake financial websites. People entered their account numbers and passwords into fraudulent forms, giving the attackers easy access to their private data.

Pro Tip: Remind your employees to always make sure the email address, email tone, requests fit the sender’s tendencies and if suspicious to report it to the security team. Another confirmation of a phishing email can help prevent a future phishing attack.

Social Engineering

This kind of attack is when hackers lure your employees into the trap by gathering personal data on them or your organization from the internet or social media. Hackers will use psychological manipulation to trick users into making security mistakes or giving away sensitive information. Hackers will investigate on how to gather the necessary background information and then gain the employee’s trust, which will result in the person breaking security practices, such as revealing sensitive information or granting access to critical resources.

The most famous social engineering attack was 2013’s Yahoo data breach. Leaked data included names, email addresses, phone numbers, security questions (encrypted or unencrypted), dates of birth, and passwords. Furthermore, the breach was used to falsify login data, allowing hackers to grant access to any account without the use of a password. 

Pro tip: Check the source. Make sure your employees check the URL links to see if they are real, and the person sending you the email is actually someone you know or work with. Usually, a spelling error is a dead giveaway that they are being attacked.

Ransomware 

This kind of attack is a type of malicious software which is designed to deny access to critical files unless a ransom is paid. Companies that don’t give in to ransomware attacks tend to result in the publishing of their critical data on the dark web or in the headlines. Even if organizations pay the ransom it’s not guaranteed that they will regain access. 

The most famous ransomware attack was Wannacry. It struck a number of important and high-profile systems globally. This attack exploited a Windows vulnerability that was suspected to have been first discovered by the United States National Security Agency

Pro Tip: To fight off ransomware attacks, your employees should regularly update their devices’ software and block fake email messages using email authentication.

Keys For Better Employee Security Hygiene 

Fighting off potential attacks such as described above starts with continuous and ongoing security training with your employees. The better trained your employees and organization are with IT security best practices, the lesser chance of a successful attack sneaking into your networks and resources. 

Educate Your Employees 

One of the key steps for better employee security hygiene is knowing the best practices and how to implement them in your daily workday. It is important to train employees on security policies and to explain the rationale behind those policies.

Employees don’t care about creating a strong password or watching for phishing emails if they don’t understand the risks behind them. You don’t need to teach employees about every technical detail in security protocols, but they should know which risks can impact their jobs. Organizations should frequently run training sessions to keep their employees up to date with security best practices. 

Minimize Data Access

If you provide all your employees access to every resource in your organization, they are potentially creating more levels of risks. To keep it simple, only give access to employees that need those resources to do their job. By limiting access, you will be safeguarded from potential leaking of your organization’s sensitive information (personal information, financial information) of the organization that shouldn’t be seen by your entire staff.  

Implementing Multi-Factor Authentication (MFA)

It’s 2019 and MFA is everywhere. Despite its importance, MFA frustrates many employees, even though it is one of the most effective practices today. By forcing a second factor for identity verification, risks are eliminated by ensuring that stolen credentials alone won’t be enough to ensure access. When you implement MFA capabilities with strong passwords, SSH keys, and strong internet hygiene, you can further reduce the chances of a breach.

User-Friendly Security Solutions

One of the most effective ways to make sure your employees aren’t creating security risks is by implementing user-friendly security solutions throughout the entire organization. By implementing employee-friendly security solutions, another layer of defense against hackers will be added. To make the user experience more useful and enjoyable for your employees, these solutions should be easy to implement, straightforward, not too technical and optimized for their work environment. The better the user experience, the more secure your employees are. 

Moving Forward 

The common misconception is that malicious actors are gaining access to devices and networks by exploiting systems and vulnerabilities. In reality, they are actually targeting your employees with simple and effective attacks. 

Moving forward, your organization should implement a combination of engaging employee training and the adoption of security solutions. By implementing periodic employee security training and security solutions, your organization and its employees will be moving in the right direction to fight off attacks from hackers. 

We hope you found this post helpful! If you’d like to learn more about the many advantages a Zero Trust Network as a Service solution, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More
Cybersecurity Breakthrough Award 2019 - Blog Post v2
Perimeter 81 Named Wi-Fi Security Solution of the Year in 2019 CyberSecurity Breakthrough Awards
Reading Time: 2 minutes

Company Wins “Wi-Fi Security Solution of the Year” Award in 2019 CyberSecurity Breakthrough Awards

Perimeter 81, the leading Zero Trust Secure Network as a Service provider, today announced that it has been named the winner of the “Wi-Fi Security Solution of the Year” award from CyberSecurity Breakthrough, an independent organization that recognizes the top companies, technologies and products in the global information security market today.

The annual CyberSecurity Breakthrough Awards honor excellence and recognize the innovation, hard work and success in a range of information security categories, including cloud security, threat detection, risk management, fraud prevention, mobile security, email security and more. This year’s program attracted more than 3,500 nominations from companies across the globe.

“This prestigious recognition from the CyberSecurity Breakthrough awards inspires us to look ahead and continuously seek new, innovative ways to improve our product,” said Amit Bareket, CEO and Co-Founder of Perimeter 81. “We’re continuing to work on transforming the world of secure network access and help businesses of all industries securely move to the cloud and empower their modern, mobile workforce.”

“This award is an attestation to the hard work our team has put in the past year to make Perimeter 81 one of the leading Wi-Fi Security solutions. We are looking forward to continuing to build on this momentum in 2020 and moving forward,” says Sagi Gidali, CPO and Co-Founder of Perimeter 81.

About CyberSecurity Breakthrough Awards

Part of Tech Breakthrough, a leading market intelligence and recognition platform for global technology innovation and leadership, the CyberSecurity Breakthrough Awards program is devoted to honoring excellence in information security and cybersecurity technology companies, products and people. The CyberSecurity Breakthrough Awards provide a platform for public recognition around the achievements of breakthrough information security companies and products in categories including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Web and Email Security, UTM, Firewall and more

View the complete list of winners

About Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated, complex and hardware-based traditional network security technologies, and transformed them into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali, Perimeter 81 serves a wide range of businesses, from midsize to Fortune 500 companies, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers.

 

Read More
Goldenbridge_gold19
Perimeter 81 Honored as Gold Winner in the 11th Annual 2019 Golden Bridge Awards
Reading Time: 2 minutes

TEL AVIV, Israel- Perimeter 81, the leading Zero Trust Secure Network as a Service provider, announced its Zero Trust Network as a Service solution was named a Gold Winner in the 2019 Golden Bridge Awards for Startup of the Year in Cyber Security Cloud/SaaS.

The annual Golden Bridge Awards program encompasses the world’s best in organizational performance, innovations, products and services, executives and management teams, women in business and the professions, as well as innovations, best deployments, product management, etc. from every major industry in the world. Organizations from all over the world are eligible to submit nominations including public and private, for-profit and nonprofit, largest to smallest and new start-ups. Winners will be honored in San Francisco on Monday, October 28, 2019 during the annual Red Carpet SVUS Awards Ceremony.

“We are honored to be recognized for our product innovation,” said Amit Baraket, CEO and Co-Founder of Perimeter 81. “Today, employees are working from everywhere and anywhere and are increasingly using cloud technologies. With Perimeter 81, it is our aim to help businesses seamlessly secure network, cloud and application access for the modern and mobile workforce. We are very proud to be recognized by the Golden Bridge Awards for our innovative and user-centric Software-Defined Perimeter and Zero Trust technology.”

Perimeter 81’s win adds to a list of other 2019 honors that have recognized the Zero Trust Network as a Service, including being selected by Gartner as a Cool Vendor in Network and Cyber-Physical Systems Security” and the Frost & Sullivan Software-Defined Access Technology Leadership Award.

About the Golden Bridge Awards

The Golden Bridge Awards are an annual industry and peers recognition program honoring the best companies in every major industry from large to small and new start-ups in North America, Europe, Middle-East, Africa, Asia-Pacific, and Latin-America. The Award highlights the Best New Products and Services, Best Innovations, Management and Teams, Women in Business and the Professions, Case Studies, Customer Satisfaction, and PR and Marketing Campaigns from all over the world. Learn more about Golden Bridge Awards at www.goldenbridgeawards.com

About Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated, complex and hardware-based traditional network security technologies, and transformed them into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali, Perimeter 81 serves a wide range of businesses, from midsize to Fortune 500 companies, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers.

Read More
eloitte Technology Fast 500
Deloitte Names Perimeter 81 as One of the 500 Fastest-Growing EMEA Tech Companies
Reading Time: 2 minutes

TEL AVIV, Israel – Perimeter 81 announced that it has been recognized in the 2018 Deloitte Technology Fast 500™ rankings for EMEA (Europe, the Middle East and Africa). This annual ranking of the fastest-growing EMEA companies in the technology, media, telecommunications, life sciences and energy tech sectors. 

For more than 20 years, Deloitte has recognized the fastest-growing public and private technology companies globally. Award winners are selected based on percentage fiscal year revenue growth from 2014 to 2017. Perimeter 81 impressive growth nearly reached 1287% during the three-year period.

With this recognition, we are positioned as one of the fastest-growing technology companies in the network security industry. “Cloud and mobility are creating a mega shift in traditional network security,” said Amit Baraket, CEO and Co-Founder of Perimeter 81. “With Perimeter 81, it is our aim to help businesses seamlessly secure network, cloud and application access for the modern and mobile workforce. Being named by Deloitte in this prestigious list of technology companies is truly an honor and a clear example of our employees’ dedication, talent and passion for our innovative and user-centric Software-Defined Perimeter and Zero Trust technology.”

“We are proud to be recognized as an industry player whose network security solution has grown over 1200% in the past three years, it is an incredible validation for our solution and company we’ve worked hard to build.” says Sagi Gidali, CPO and Co-Founder. 

About Deloitte’s 2018 Technology Fast 500™

Deloitte’s Technology Fast 500 provides a ranking of the fastest-growing technology, media, telecommunications, life sciences and energy tech companies — both public and private — in North America. Technology Fast 500 award winners are selected based on percentage fiscal year revenue growth from 2014 to 2017.

In order to be eligible for Technology Fast 500 recognition, companies must own proprietary intellectual property or technology that is sold to customers in products that contribute to a majority of the company’s operating revenues. Companies must have base-year operating revenues of at least $50,000 USD, and current-year operating revenues of at least $5 million USD. Additionally, companies must be in business for a minimum of four years and be headquartered within North America.

Click here to see the rankings

About Deloitte

Deloitte provides audit & assurance, consulting, financial advisory, risk advisory, tax and related services to public and private clients spanning multiple industries. Deloitte serves four out of five Fortune Global 500® companies through a globally connected network of member firms in more than 150 countries and territories bringing world-class capabilities, insights and service to address clients’ most complex business challenges. 

About Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated, complex and hardware-based traditional network security technologies, and transformed them into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali, Perimeter 81 serves a wide range of businesses, from midsize to Fortune 500 companies, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers.

If you’d like to receive a full tour of Perimeter 81’s award-winning Zero Trust Network as a Service be sure to request a complimentary demo.

Read More