Incoming IBM CEO Arvind Krishna faces monumental challenges on multiple fronts

/0 Comments/in /by

Arvind Krishna is not the only CEO to step into a new job this week, but he is the only one charged with helping turn around one of the world’s most iconic companies. Adding to the degree of difficulty, he took the role in the midst of a global pandemic and economic crisis. No pressure or anything.

IBM has struggled in recent years to find its identity as technology has evolved rapidly. While Krishna’s predecessor Ginni Rometty left a complex legacy as she worked to bring IBM into the modern age, she presided over a dreadful string of 22 straight quarters of declining revenue, a record Krishna surely hopes to avoid.

Ginni Rometty leaves complex legacy as she steps away as IBM CEO

Strong headwinds

To her credit, under Rometty the company tried hard to pivot to more modern customer requirements, like cloud, artificial intelligence, blockchain and security. While the results weren’t always there, Krishna acknowledged in an email employees received on his first day that she left something to build on.

“IBM has already built enduring platforms in mainframe, services and middleware. All three continue to serve our clients. I believe now is the time to build a fourth platform in hybrid cloud. An essential, ubiquitous hybrid cloud platform our clients will rely on to do their most critical work in this century. A platform that can last even longer than the others,” he wrote.

But Ray Wang, founder and principal analyst at Constellation Research, says the market headwinds the company faces are real, and it’s going to take some strong leadership to get customers to choose IBM over its primary cloud infrastructure competitors.

“His top challenge is to restore the trust of clients that IBM has the latest technology and solutions and is reinvesting enough in innovation that clients want to see. He has to show that IBM has the same level of innovation and engineering talent as the hyper scalers Google, Microsoft and Amazon,” Wang explained.

Cultural transformation

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

/0 Comments/in /by

The U.S. federal government is now in the process of sending Economic Impact Payments by direct deposit to millions of Americans. Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to collect bank account information from the many Americans who don’t usually file a tax return. The question is, will those non-filers have a chance to claim their payments before fraudsters do?

The IRS says the Economic Impact Payment will be $1,200 for individual or head of household filers, and $2,400 for married filing jointly if they are not a dependent of another taxpayer and have a work eligible Social Security number with adjusted gross income up to:

  • $75,000 for individuals
  • $112,500 for head of household filers and
  • $150,000 for married couples filing joint returns

Taxpayers with higher incomes will receive more modest payments (reduced by $5 for each $100 above the $75,000/$112,500/$150,000 thresholds). Most people who who filed a tax return in 2018 and/or 2019 and provided their bank account information for a debit or credit should soon see an Economic Impact Payment direct-deposited into their bank accounts. Likewise, people drawing Social Security payments from the government will receive stimulus payments the same way.

But there are millions of U.S. residents — including low-income workers and certain veterans and individuals with disabilities — who aren’t required to file a tax return but who are still eligible to receive at least a $1,200 stimulus payment. And earlier today, the IRS unveiled a Web site where it is asking those non-filers to provide their bank account information for direct deposits.

However, the possibility that fraudsters may intercept payments to these individuals seems very real, given the relatively lax identification requirements of this non-filer portal and the high incidence of tax refund fraud in years past. Each year, scam artists file phony tax refund requests on millions of Americans, regardless of whether or not the impersonated taxpayer is actually due a refund. In most cases, the victim only finds out when he or she goes to file their taxes and has the return rejected because it has already been filed by scammers.

In this case, fraudsters would simply need to identify the personal information for a pool of Americans who don’t normally file tax returns, which may well include a large number of people who are disabled, poor or simply do not have easy access to a computer or the Internet. Armed with this information, the scammers need only provide the target’s name, address, date of birth and Social Security number, and then supply their own bank account information to claim at least $1,200 in electronic payments.

Page 1 of 2 in the IRS stimulus payment application page for non-filers.

Unfortunately, SSN and DOB data is not secret, nor is it hard to come by. As noted in countless stories here, there are multiple shops in the cybercrime underground that sell SSN and DOB data on tens of millions of Americans for a few dollars per record.

A review of the Web site set up to accept bank account information for the stimulus payments reveals few other mandatory identity checks to complete the filing process. It appears that all applicants need to provide a mobile phone number and verify they can receive text messages at that number, but beyond that the rest of the identity checks seem to be optional.

For example, Step 2 in the application process requests a number of data points under the “personal verification” heading,” and for verification purposes demands either the amount of the applicant’s Adjusted Gross Income (AGI) or last year’s “self-selected signature PIN.” The instructions say if you do not have or do not remember your PIN, skip this step and follow the instructions in step A above.

More importantly, it appears one doesn’t really need to supply one’s AGI in 2018. “If you didn’t file a return last year, enter 0,” the site explains.

Step 2 in the application for non-filers.

In the “electronic signature,” section at the end of the filing, applicants are asked to provide a cell phone number, to choose a PIN, and provide their date of birth. To check the filer’s identity, the site asks for a state-issued driver’s license ID number, and the ID’s issuance and expiration dates. However, the instructions say “if you don’t have a driver’s license or state issued ID, you can leave the following fields blank.

Alas, much may depend on how good the IRS is at spotting phony applications, and whether the IRS has access to and bothers to check state driver’s license records. But given the enormous pressure the agency is under to disburse these payments as rapidly as possible, it seems likely that at least some Americans will get scammed out of their stimulus payments.

The site built to collect payment data from non-filers is a slight variation on the “Free File Fillable Forms” product, which is a free tax filing service maintained by Intuit — a private company that also processes a huge percentage of tax returns each year through its paid TurboTax platform. According to a recent report from the Treasury Inspector General for Tax Administration, more than 14 million Americans paid for tax preparation services in 2019 when they could have filed them for free using the free-file site.

In any case, perhaps Intuit can help the IRS identify fraudulent applications sent through the non-filers site (such as by flagging users who attempt to file multiple applications from the same Internet address, browser or computer).

There is another potential fraud storm brewing with these stimulus payments. An app is set to be released sometime next week called “Get My Payment,” which is designed to be a tool for people who filed tax returns in 2018 and 2019 but who need to update their bank account information, or for those who did not provide direct deposit information in previous years’ returns.

It’s yet not clear how that app will handle verifying the identity of applicants, but KrebsOnSecurity will be taking a look at the Get My Payment app when it launches later this month (the IRS says it should be available in “mid-April”).

20 Years In The Dark | The Dark Web Turns Twenty: What Does This Mean For A CISO?

/0 Comments/in /by

Infamous for its illicit trade and now the adopted home of malware authors, purveyors of ransomware and traders in stolen credit card and other misappropriated data, the Dark Web (aka Darknet) has been with us now for two decades. While not everything on the Dark Web is shady – there’s plenty of traffic hidden from sight that is not only benign, but sometimes in the public goodthere’s no doubt that it has acquired a reputation as a place that harbors criminals, malcontents, and threat actors who might be planning on attacking your enterprise. In this post, as the Dark Web turns twenty, we review what it is, where it came from, and most importantly, what it means to today’s CISOs and their security teams.

How the Dark Web Started 20 Years Ago

The Dark Web (sometimes referred to as the “Darknet”) was officially launched 20 years ago, on March 20, 2000 with the release of “Freenet“: a peer-to-peer, decentralised network, designed to make it less vulnerable to attack and snooping by authorities and states.

Freenet was the brainchild of Ian Clarke, who developed the concept and the software tools required to support it during his studies at Edinburgh University. For his thesis project, Clarke created “a Distributed, Decentralised Information Storage and Retrieval System”, through which he hoped he could provide freedom to communicate without the fear of being tracked online.

Freenet is still available today, and it is still free to use. Freenet was mostly about information sharing (including pornographic and pirated materials), but otherwise the hardcore cybercriminals were at this time still using other platforms for their needs such as imageboards like 4Chan and IRC channels.

Peeling the Onion

On 20 September 2002, the The Onion Router (or TOR) Network was created by computer scientists Roger Dingledine and Nick Mathewson. Surprisingly, this semi-anarchist project was mostly funded by the US Naval Research Laboratory, which wished to facilitate safer communication with intelligence sources around the world. This is a critical point. The TOR network is not inherently evil, nor was it architected with bad intent. 

There has always been a need for a network which facilitates a higher level of security communications. This network allows for anonymous sources to be protected in hostile regimes, for example. The adoption of the TOR network by criminals is an unfortunate side-effect, but the value of the network should not be weighed based solely on that as there is also a percentage of legitimate and good activity as well. 

In 2004, the Naval Research Laboratory released the code for TOR under a free license, and the Electronic Frontier Foundation (EFF) began funding Dingledine Mathewson and others to continue its development, until they launched “The TOR Project”, a non-profit organization to help maintain the network.

The Onion Router is the most popular means by which people today access dark web sites. TOR has several search engines, directories and hidden wikis that users can use to navigate their way around the dark web and find the kind of sites they’re looking for. A version of the TOR browser even exists for mobile users. 

TOR greatly simplified access to and use of the Dark Web, and this has led to an explosion of sites offering almost any type of service imaginable, especially for contraband and illicit material – both physical and digital content – using a variety of online payment services like Paypal and Western Union.

Cryptocurrencies, Revolutions and the NSA

It wasn’t until around 2010 when cybercriminals really took to the platform. Forums like the Silk Road netted millions of dollars for their administrators with the aid of another technological development: cryptocurrencies, particularly Bitcoin (BTC) and, later, Monero. Cryptocurrency enables the anonymous transfer of funds and provides a nearly complete smokescreen for both buyers and sellers. 

Later, the Dark Web was used by hacktivists such as the Anonymous collective and Middle Eastern hacktivists involved in the Arab Spring to coordinate attacks on countries, organizations and enterprises.

Darknet users who value their privacy and anonymity also make use of virtual private networks (VPN). The reason for that is to disguise the fact that the user is actually connecting to TOR at all. Without a VPN, even though you may be anonymous, your use of TOR is not. It has been claimed that the NSA tracks the IP addresses of everyone who visits a TOR website, regardless of the content. According to leaks from whistleblower Edward Snowden in 2014, the NSA also collects the IPs of anyone using FreeNet, HotSpotShield, FreeProxies, MegaProxy and Tails. Hence, along with bitcoin, VPNs are part-and-parcel of the darknet user’s technology stack.

And What About the Dark Web Today?

Although the FBI took down the Silk Road and hacktivist activities have declined in recent years, the Dark Web is still a haven of illegal activity. Researchers at King’s College in London classified the contents of 2,723 dark web sites over a five-week period (2015) and found that 57% hosted illicit material.

As for the rest, it is largely a mixture of political dissidents, journalists, and whistelblowers mixed in with a motley crew of people trading esoteric or borderline-legal goods and services that the participants or community would rather not draw attention to. White hat, grey hat and of course, black hat hackers also all make use of the darknet for sharing techniques, intel and various software kits that could be used for both educational and illegal purposes.

Nevertheless, it is important to note that on any given day, there are only a few thousand illicit Dark Web sites that are active and accessible. It is very dynamic, and if we compare the risk of the Dark Web to the “clearnet”, there is no doubt that there are far more threats in the known clearnet than on the Darknet.

How is the Dark Web Relevant to a CISO?

So how is the Dark Web relevant to CISOs and CIOs? The fact that this network exists is in itself no cause for concern. Cybercrime existed before it was fully developed and will continue even if it were to shut down today. Even in that unlikely event, the same traffic would most likely migrate to social media or encrypted messaging apps like Signal, Telegram and WhatsApp.

But in all likelihood, the cybercriminals who are, or might be, relevant to your organization are active on the Dark Web today. Employing proactive threat intelligence from Dark Web sources can provide security teams with additional information that might prove useful for securing your organization against future threats.

Here are some examples of how Dark Web intelligence could be relevant to your security operations:

  • Tracking the development and sale of malware and exploit kits
  • Monitoring data dumps that could contain your IP
  • Finding stolen credentials such as login passwords belonging to your organization
  • Discovering vendors on the Dark Web actively selling access to corporate networks and MSPs

Summary

The Dark Web has been around for two decades, and it seems that it will continue to be with us for some time yet; its shape could change, but its function will likely remain the same. It isn’t the sort of mythical place some imagine it to be; it is real and won’t disappear just by simply looking the other way. But the Dark Web does offer some opportunities: it can provide us with useful intelligence. The SentinelLabs team regularly monitors the Dark Web and provides actionable intelligence for our customers.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

German security firm Avira has been acquired by Investcorp at a $180M valuation

/0 Comments/in /by

Mergers and acquisitions largely grinded to a halt at the end of March, in the wake of the coronavirus pandemic spreading around the world, but today comes news of a deal out of Europe that underscores where pockets of activity are still happening. Avira, a cybersecurity company based out of Germany that provides antivirus, identity management and other tools both to consumers and as a white-label offering from a number of big tech brands, has been snapped up by Investcorp Technology Partners, the PE division of Investcorp Bank. Investcorp’s plan is to help Avira make acquisitions in a wider security consolidation play.

The financial terms of the acquisition are not being disclosed in the companies’ joint announcement, but the CEO of Avira, Travis Witteveen, and ITP’s MD, Gilbert Kamieniecky, both said it gives Avira a total valuation of $180 million. The deal will involve ITP taking a majority ownership in the company, with Avira founder Tjark Auerbach retaining a “significant” stake of the company in the deal, Kamieniecky added.

Avira is not a tech startup in the typical sense. It was founded in 1986 and has been bootstrapped (in that it seems never to have taken any outside investment as it has grown). Witteveen said that it has “tens of millions” of users today of its own-branded products — its anti-virus software has been resold by the likes of Facebook (as part of its now-dormant antivirus marketplace) — and many more via the white-label deals it makes with big names. Strategic partners today include NTT, Deutsche Telekom, IBM, Canonical and more.

He said that the company has had many strategic approaches for acquisition from the ranks of tech companies, and also from more typical investors, but these were not routes that it has wanted to follow, since it wanted to grow as its own business, and needed more of a financial injection to do that than what it could get from more standard VC deals.

“We wanted a partnership where someone could step in and support our organic growth, and the inorganic [acquisition] opportunity,” he said.

The plan will be to make more acquisitions to expand Avira’s footprint, both in terms of products and especially to grow its geographic footprint: today the company is active in Asia, Europe and to a lesser extent in the US, while Investcorp has a business that also extends deep into the Middle East.

Cybersecurity, meanwhile, may never go out of style as an investment and growth opportunity in tech. Not only have cyber threats become more sophisticated and ubiquitous and targeted at individual consumers and businesses over the last several years, but our increasing reliance on technology and internet-connected systems will increase the demand and need to keep these safe from malicious attacks.

That has become no more apparent than in recent weeks, when much of the world’s population has been confined to shelter in place. People have in turn spent unprecedented amounts of time online using their phones, computers and other devices to read news, communicate with their families and friends, entertain themselves, and do critical work that they may have in part done in the past offline.

“In the current market, you can imagine a lot are concerned about the uncertainties of the technology landscape, but this is one that continues to thrive,” said Kamieniecky. “In security, we have seen companies develop quite rapidly and quickly, and here we have an opportunity to do that.”

Avira has been somewhat of a consolidator up to now, buying companies like SocialShield (which provided online security specifically for younger and social media users), while ITP, with Investcorp having some $34 billion under management, has made many acquisitions (and divestments) over the years, with some of the tech deals including Ubisense, Zeta Interactive and Dialogic.

Pepper, a platform for restaurants and suppliers, pivots to deliver food to consumers

/0 Comments/in /by

Though the effects of the coronavirus pandemic on restaurants has been crystal clear, many forget the impact this disease has had on food chain suppliers. With restaurants closed, these suppliers — who still have access to tons upon tons of food — no longer have customers.

Meanwhile, end consumers are dealing with their own stresses around securing food, deciding between venturing out to the grocery store and ordering food through increasingly unreliable grocery delivery services.

That’s where Pepper comes in.

Pepper launched late last year with an enterprise product focused on connecting restaurants with their suppliers. Most restaurants have 6+ different suppliers, and manually placed orders with each of them individually each night either by email, voicemail or text message. Oftentimes, there was no confirmation that the order was received, with employees receiving orders and hoping that everything arrived on time as it was requested.

To digitize the industry, Pepper developed an app that let restaurants input the contact information of suppliers and place orders quickly, and then let those suppliers press a single button to confirm the order was received and in progress.

In the six months since launch, things have changed dramatically for the startup, which has led co-founder and CEO Bowie Cheung to rethink the business.

Alongside facilitating orders between restaurants and suppliers, Pepper has now opened up a consumer-facing portal called Pepper Pantry, allowing everyday users to place an order directly with a food supplier.

Folks pay a flat $5 payments processing fee on the platform, and can choose from fresh meats, produce, dairy and other categories to have food delivered directly to their home.

Of course, this involved considerable adaptation on the part of Pepper and their suppliers, who are used to shipping pallets of food rather than bags or boxes. However, it has created some jobs on the supplier side as folks repackage food to amounts that are suitable for families or individuals, rather than businesses.

Cheung says the portions are still ‘bulk’ but more on par with a Sam’s Club or Costco purchase than the types of orders restaurants were placing.

Suppliers are able to choose their minimum order amount, which can range between $0 and $150. Thus far, eight suppliers have signed on to the Pepper Pantry platform, serving the greater NYC area (NYC, NJ, CT) and the greater Boston area.

Pepper declined to disclose its total funding amount, but did share that it has received investment from Greylock’s Mike Duboe and Box Group.

Free tool helps manufacturers map where COVID-19 impacts supply chain

/0 Comments/in /by

Assent Compliance, a company that helps large manufacturers like GE and Rolls Royce manage complex supply chains through an online data exchange, announced a new tool this week that lets any company, whether they’re a customer or not, upload bills of materials and see on a map where COVID-19 is having an impact on their supply chain.

Company co-founder Matt Whitteker, says the Ottawa startup focuses on supply chain data management, which means it has the data and the tooling to develop a data-driven supply chain map based on WHO data identifying COVID hotspots. He believes that his is the only company to have done this.

“We’re the only ones that have taken supply chain data and applied it to this particular pandemic. And it’s something that’s really native to our platform. We have all that data on hand — we have location data for suppliers. So it’s just a matter of applying that with third-party data sources (like the WHO data), and then extracting valuable business intelligence from it,” he said.

If you want to participate, you simply go to the company website and fill out a form. A customer success employee will contact you and walk you through the process of uploading your data to the platform. Once they have your data, they generate a map showing the parts of the world where your supply chain is most likely to be disrupted, identifying the level of risk based on your individual data.

The company captures supply chain data as part of the act of doing business with 1,000 customers and 500,000 suppliers currently on their platform. “When companies are manufacturing products they have what’s called a bill of materials, kind of like a recipe. And companies upload their bill of materials that basically outlines all their parts, components and commodities, and who they get them from, which basically represents their supply chain,” Whitteker explained.

After the company uploads the bill of materials, Assent opens a portal for the companies to exchange data, which might be tax forms, proof of sourcing or any kind of information and documentation the manufacturer needs to comply with legal and regulatory rules around procurement of a given part.

They decided to start building the COVID-19 map application when they recognized that this was going to have the biggest supply chain disruption the world has seen since World War II. It took about a month to build it. It went into beta last week with customers and over 350 signed up in the first two hours. This week, they made the tool generally available to anyone, even non-customers, for free.

The company was founded in 2016 and has raised $220 million, according to Whitteker.

Canada’s Assent Compliance raises $31.4M Series B round to help businesses stay in compliance

The Great Transition: Transforming Your Business To Survive COVID-19

/0 Comments/in /by

Look inwards to your company mission & culture to make the best decisions for your teams and customers in this crisis.

In a matter of just a few weeks, businesses around the world have begun to engage in the largest exercise in organizational change ever conducted, and at a pace that, like the Coronavirus pandemic that precipitated it, is entirely unprecedented. There are no textbooks, use cases or research studies on how to conduct such a rapid and fundamental transformation successfully. For all of us, everywhere, this is causing us to change on a continuous and real time basis.

Despite that, and despite the personal, professional, and organizational strains that this situation has rapidly thrust upon us, adhering to the same principles of effective leadership, organizational resilience, and human empathy that have brought success in the past will serve well here, too. This is no “quick win” strategy. It’s time to double-down on the core tenets of your organizational culture. 

SentinelOne took an early and decisive approach to the emerging COVID-19 situation back in February. In this post, we will share some of the principles and best practices that have helped us to successfully navigate this sudden upheaval to our business, our clients, and our team members.

It’s the People That Matter

SentinelOne is, at heart, a people company. Our product is driven by people creating AI models and writing code. Our business is driven by social interactions between our teams and our customers. Getting to know our customers and their unique needs, whether it’s in their own workplaces or at conferences, small or large, and building relationships that last is central to what we do. The same principle underlies our approach to our people and our talent. Our people define our success, and the strength of our teams is built on open, inclusive communication that is fostered across all levels and regions and reflected throughout the organization. Shutting doors and social distancing is not in our DNA, so how have we managed the great Coronavirus transition?

Act Early, Act Decisively

Like many companies, particularly in the tech sector, we are not entirely new to the concept of remote work, but we believe that even for companies that have no experience of supporting a remote workforce, the challenges are really less about technology and more about culture and leadership.

As the likelihood of the Coronavirus becoming pandemic rose sharply during February 2020, SentinelOne began offering the early option for our teams to work from home well before formal public directives were issued. We also adjusted travel guidelines and implemented visitor and guest policies at all SentinelOne sites. By getting out ahead of the problem, we bought time to implement further changes along the way. 

Wherever you are now in your journey, you can still get ahead of the game. Preempt the possibilities for where you could be and start your journey. Do not hedge between “best case” and “worst case” scenarios at this point, but act quickly to address the most essential needs of your teams and customers that you see in front of you. Taking this first step starts the journey and builds the path forward.

Foster Awareness & Empathy

Technological aspects aside, the shift to remote work may be challenging for many of your teams. It is crucial that leaders raise awareness of the reality of remote work and give managers and their teams the support they need.

Working from home for those not regularly doing it places many strains on your employees, from finding the right environment for effective work to juggling relationships and duties as partners, parents, teachers, and caregivers. We are all multi-tasking now, and we’re working in spaces that, unlike our purpose-built office spaces, were not designed for the job. Remote work blurs the boundaries between work and life at the best of times. With the restrictions and worries brought about by both the pandemic and working from home, this is even more true.

It’s not only important to recognize these challenges, but to communicate to your team members that you recognize them. Remind them that they are trusted and valued and acknowledge the unprecedented nature of the situation. At SentinelOne, we created a Work From Home Handbook providing essential tips to employees, and we maintain a Wiki with updated information and guidance on things like hand hygiene and WHO recommendations. We’ve also published posts, webinars, and other digital assets on best practices for working from home and using remote software securely.

image showing tips on how you can help prevent the spread of illnesses such as coranavirus and flu

Engaged Leadership & “Relentless” Communication

Frequent and authentic communication is ever more important as each day brings more uncertainty. 

At SentinelOne, we prioritized this top-down, bottom-up, peer to peer as well as site/geo specific communication. Starting with frequent updates from our CEO and leadership team and All Hands, we also opened up several other channels. We set up Slack channels specific to COVID-related issues, resources, and news for every region that are being updated real time. It turned out to be a huge platform for team connection and communication: not only were we able to cascade policy and resource updates, but it also led to a huge outpouring as our teams shared their own news and updates and consulted with each other around the clock.

Our leaders and teams were already well-versed with using virtual communication tools like Zoom, but now they also use them to create virtual All Hands meetings, team “happy hours” and celebrations.

Our teams are using their innovative DNA to make this as live and as close to face-time interaction as possible. The latest in this is our virtual corridor called “S1 Living Room.” This virtual room is open all day and you can enter at any moment, drink coffee together, have a talk, connect on your hobbies, your pets or even join a Yoga class at scheduled times.

We set up a global cross-functional/cross-site COVID task force that meets every week to problem-solve in real time and pass on insights to the team managers, who connect often and share resources with their teams.

Therefore, there are a number of ways you can use your communication platform effectively. Create channels both by team but also by region and even local area, depending on the structure of your organization. As we are all isolated at home, it’s important to know what else is going on around us, and knowledge-sharing about local conditions – in both business and social spheres – is an important part of ensuring everyone stays connected, motivated and on top of their game. Physical distancing does not have to preclude social interaction! 

Team Safety & Wellness

Awareness and empathy around the current situation needs to be backed up and reflected in company policies. At SentinelOne, we have realigned our family benefits, sick leave policies, disability and wellness benefits globally to prioritize the safety of our teams and to support the mass shift to working from home. We are always checking in with managers and standing by to support team members and their families if they get sick, such as by sending them care packages to show our support. 

Also, we realized early by listening to our teams that one size does not fit all. For instance, our Tel Aviv site needed more support for families adapting to work from home via additional baby-sitting allowances, but our US and EMEA teams had other needs. This led us to set up a monthly team allowance for them that could be used for supporting family or wellness or home IT needs. Additionally, where we provided free lunches and snacks in our onsite kitchens and cafeterias, we now replaced that with reimbursement for food delivery.

In office spaces, there are regulations around things like ergonomics, work-to-break time intervals, and many other practices to ensure the health and safety of staff. As your people transition to remote work, they need help and support to take effective responsibility for these kinds of issues themselves. SentinelOne communicates this kind of information through wellness resources on our Slack channels and publishes resources to support physical wellness through providing live streaming of free classes and also providing resources to support mental and financial wellness.

Business Continuity

It’s vital in these uncertain times to ensure that you can continue to operate effectively, serve customers, and manage your data securely. Crucial Information Technology services must be prioritized, and as you transition teams to remote work, do so in the knowledge that the COVID-19 pandemic creates new vectors for threat actors to exploit.

The SentinelOne IT & Operations team began preparations a few weeks before we physically moved to work from home. We foresaw a shortage of computing resources and stocked up on laptops and other equipment beforehand. We also allowed staff to take home any necessary equipment such as monitors, chairs, and keyboards that would facilitate the transition to working from home.

Update your teams on safety and security procedures, and deploy endpoint security software on all business machines. All SentinelOne company computers are remotely administered and protected by a variety of tools, including our own endpoint security platform. It’s also important to ensure that all computers are updated to the latest versions of operating systems and software, and that all employees have appropriate licenses for the software they need to continue working.

Ensure teams are using an appropriate and secure VPN when connecting to corporate assets, and increase the visibility of your IT and Security teams so that staff feel confident to approach them if they have concerns. 

Beyond ensuring the delivery of critical business infrastructure, consider revisiting your product/business roadmap. What is most crucial in the current crisis? What can you confidently execute on and deliver to customers? Where you have to make changes that affect earlier market promises, communicate those to customers early and transparently. Form tiger teams to address projects that face significant obstacles but which must still be delivered.  

Looking Ahead

There is no doubt that the COVID-19 pandemic is, and will continue to be, a major challenge for organizations throughout 2020 and perhaps even beyond. In order to address the problems presented by this crisis, it’s crucial to act early and decisively, ensure teams are informed and equipped to work effectively, and that you lead from the front. At SentinelOne, we are confident in the knowledge that our people, our culture, and our organizational practices will steer us through these turbulent times. We hope this post has provided some ideas that you can successfully adopt that will help your organization, too. This pandemic will pass, and we all need not only to navigate safely through the choppy waters of today but also to envision and plan for the things to come in the post-COVID-19 world. 

We look forward to seeing you on the other side, with your teams healthy and your business in good shape!

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Mozilla names long-time chairwoman Mitchell Baker as CEO

/0 Comments/in /by

Mozilla Corporation announced today that it has chosen long-time chairwoman Mitchell Baker to be CEO, replacing Chris Beard, who announced last August he would be stepping down at the end of the year.

Baker represents a logical choice to lead the company. At a time of great turmoil in the world at large, she brings the stability of someone who has been with Mozilla Corporation since 2003. Writing in a company blog post, she certainly recognized the challenges ahead, navigating the current economic uncertainty and the competitive challenges the company faces with its flagship Firefox browser.

“It’s a time of challenge on many levels, there’s no question about that. Mozilla’s flagship product remains excellent, but the competition is stiff. The increasing vertical integration of internet experience remains a deep challenge. It’s also a time of need, and of opportunity. Increasingly, numbers of people recognize that the internet needs attention,” Baker wrote.

Baker has been acting as interim CEO since December when Beard officially left the company. In a blog post from the board announcing Baker’s official new title, they certainly recognized that it would take someone with her unique combination of skills and experience to guide the company through this next phase.

“Mitchell’s deep understanding of Mozilla’s existing businesses gives her the ability to provide direction and support to drive this important work forward,” they wrote. Adding, “And her leadership style grounded in openness and honesty is helping the organization navigate through the uncertainty that COVID-19 has created for Mozillians at work and at home.”

Mozilla Corporation was founded in 1998 and is best known for its flagship, open-source Firefox browser. The company faces stiff competition in the browser market from Google, Apple and Microsoft.

Mozilla CEO Chris Beard will step down at the end of the year

Box adds automated malware detection to Box Shield security product

/0 Comments/in /by

With more folks working at home than ever, and many on machines outside the purview of IT and security teams, it’s becoming increasingly imperative to find creative ways to protect them from harm. Today, Box announced it was adding automated malware detection tools to Box Shield, the security product it announced last year.

Aaron Levie, CEO at Box, says that it’s important to find new ways of thinking about security, especially with millions of people suddenly working at home using cloud solutions.

“As people have begun working from home in greater numbers, you’re seeing an increase in malware and phishing attacks. [Bad actors] are starting to spread these security vulnerabilities in a much more aggressive manner, and so we’re launching Box Shield with malware protection built-in with advanced tools and policies around that malware detection,” he said.

The company is taking a three-pronged approach with this solution. For starters, it will let users view a file without actually having to download it first, while indicating if there is a risk associated with it. Next, it will actually prevent users from downloading a file with malware attached. Lastly, it will alert the security team when a file with malware has been uploaded to Box.

The idea is to keep the file from infecting whatever device employees are working on, alerting end users when there is a problem, while letting them see the content of the file gives them all the information they need to know if the file is actually legitimate in the first place.

It’s so much easier right now to be spreading this kind of malicious package with people working from home and sharing files at a far greater rate than ever before. This new feature is designed to give everyone in the loop, from the end user to the IT security team, some confidence that they can know when files are infected or not and keep them from proliferating inside of Box.

Box introduces Box Shield with increased security controls and threat protection

Talking venture, B2B and thesis-driven investment with Work-Bench’s Jon Lehr

/0 Comments/in /by

Earlier this week, the Equity crew caught up with Work-Bench investor Jon Lehr to get his take on the current market, and how his firm goes about making investment decisions.

The conversation was a treat, so we cut a piece of it off for everyone to listen to. The full audio and a loose transcript are also available after the jump.

What did Danny and Alex learn while talking to Lehr? A few things, including what Seed II-level investments need these days to be attractive (Hint: It’s not a raw ARR threshold), and what’s going on in SaaS today (deals slowing, but not for select founders; relationships are key to doing deals today), and why being a VC is actually work.

But what stood out the most was how Lehr thinks about finding investment opportunities. While some VCs like to cultivate images of being gut-investors, cutting checks based on first meetings and the like, Lehr told TechCrunch about how he researches the market to find pain-points, and then the startups that might solve those issues.

You can listen to that bit of the chat in the clip below:

Extra Crunch subscribers, the rest of the goodies are below. (A big thanks to Danny for cleaning up the written transcript.)

The audio