Blog

The U.S. Securities and Exchange Commission (SEC) recently implemented a new rule mandating stringent cybersecurity incident reporting and disclosure requirements for public companies.

Accelerated digital transformation, coupled with the escalating cloud and SaaS threat landscape, have made cloud breach readiness a topic climbing up many CISOs’ lists of cyber priorities.

As cyber threats continue to evolve, enterprise security teams are under growing pressure to rapidly identify and mitigate cloud and SaaS-based attacks. Two concepts have emerged as cornerstones of a robust defense strategy: Cloud Detection and Cloud Hunting. However, a misunderstanding or underestimation of these concepts can leave organizations vulnerable to sophisticated attacks.

When it comes to today’s active, dynamic cloud threat landscape filled with targets from IaaS ( Infrastructure as a Service ), to PaaS (Platform as a Service), and SaaS (Software as a Service), the conventional methods of managing incident response(IR) are increasingly falling short. Mitiga’s IR2 platform was born from this realization.

Incident response (IR) retainers have been a staple for security teams for years. You pay an upfront fee to an IR firm to be "on call" if an incident occurs. The basic idea is that IR experts are ready to parachute in when disaster strikes.

Cybersecurity has been with us for decades, yet it’s still a young and maturing industry—and not surprisingly. Every enterprise that cybersecurity supports is still moving along their own digital transformation journey. Some are in the early stages, lifting and shifting their on-prem workloads to the cloud. Others are well along the path, taking on new SaaS (Software as a Service) applications and developing their own cloud-native solutions to serve customers better, build efficiency into their operations, and transact with greater ease.

The new financing will help support rapid customer adoption of Mitiga’s IR2 platform, at the forefront of a new wave in cloud investigation and response capabilities.

There’s been a recent surge in cloud ransomware attacks. Examples of such attacks were observed by Sophos X-Ops, which detected the ransomware group BlackCat/ALPHV using a new Sphinx encryptor variant to encrypt Azure storage accounts by employing stolen Azure Storage account keys. The BlackCat/ALPHV ransomware group is the same entity that claimed responsibility for infiltrating MGM’s infrastructure and encrypting more than 100 ESXi hypervisors.

On September 12, 2023, the world woke up to the news ofanother significant cyber-attack, this time on MGM Resorts International, arenowned name in the hotel and casino industry. The incident affected theiroperations across various locations, including iconic Las Vegas.