Cohesity announced it
has expanded the Cohesity Cyber Event Response Team (CERT) service to
include partnerships with leading incident response (IR) vendors. The
Cohesity CERT team has years of specialized incident response expertise
and has helped numerous customers respond and recover quickly from
high-stakes security events since its formation in 2021. By partnering
with leading IR vendors such as Palo Alto Networks Unit 42, Arctic Wolf,
Sophos, Fenix24, and Semperis, Cohesity CERT augments the traditional
IR process, infusing rich data and backup and recovery expertise,
helping to speed investigations and enable customers to recover quicker
from incidents.
Using native platform capabilities, Cohesity CERT can share a
consolidated set of customer-approved operational data with its IR
partners, including logs, reports, inventories, and more. This rich
dataset, together with Cohesity CERT's deep data security and recovery
expertise, enhances the digital forensics, threat intelligence, and
containment capabilities of IR partners, enabling them to perform more
effective and efficient analysis of the cyber incident and quickly
resolve issues while reducing business downtimes. Customers also have
peace of mind their IR partner of choice can collaborate directly with
Cohesity to streamline their cyber response and ensure they restore
clean data faster.
"With ransomware, data breaches, and other cyber threats becoming an
unavoidable reality, organizations need the assurance that they can
bounce back faster, stronger, and smarter," said Sanjay Poonen, CEO,
Cohesity. "Cohesity CERT is a natural extension of our mission to
empower organizations with resilient, secure data management. We're
doubling our commitment to our customers by ensuring they have the
expertise and tools to navigate and recover from cyber crises
effectively. Cyber resilience is the cornerstone of modern
cybersecurity, and we are committed to helping our customers achieve
it."
Cohesity CERT is available to all Cohesity customers as part of their existing subscription. Customers can benefit from:
-
Minimized Business Disruption and Financial Loss: As cyberattacks
become more frequent and damaging, Cohesity aids customers in swiftly
detecting, investigating, and recovering from incidents, preventing and
minimizing extended operational disruptions.
-
Comprehensive, Coordinated Response and Recovery: Working
alongside its broad ecosystem of industry-leading IR partners, Cohesity
has developed a methodology that utilizes native platform capabilities
and integrations with its Data Security Alliance to provide greater
insight into data breaches. This methodology includes a consolidated set
of customer-approved operational data, including logs, reports,
inventories, and more, which can be rapidly shared with approved
parties, including an external incident response provider, to enable
more effective and efficient analysis leading to safer and faster
recovery after a destructive cyber attack.
-
24/7 Availability and Multi-vendor Integrated Support: Cohesity
CERT handles a wide range of incidents, from sophisticated ransomware
and data breaches to targeted attacks, and assists customers whenever
cyber incidents occur. Cohesity and its partners maintain communication
throughout the response and recovery process, allowing for faster
decision-making and a more agile response to cyberattacks.
-
Specialized Expertise and Proactive Recommendations: Personnel from Cohesity
CERT and its partners are seasoned cybersecurity experts with
specialized knowledge in incident response, threat intelligence, and
forensics, making them an invaluable resource during critical incidents.
The service provides actionable recommendations and valuable expertise
that help businesses strengthen their defenses over time, enabling
customers to stay ahead of evolving cyber threats.
"Cybercriminals are increasingly emboldened by new technology, making
cyberattacks more effective and efficient. Unit 42 provides customers
with leading incident response expertise, threat intelligence and
proactive services, enabling them to effectively address the most
challenging threats. Through this new partnership, Cohesity will play a
crucial role in expediting backup and business recovery processes of
shared customers. This collaboration will greatly benefit our customers,
ensuring a comprehensive approach to cybersecurity that enhances the
overall investigation process for Unit 42," said Sam Rubin, SVP of
Consulting and Threat Intelligence, Unit 42 at Palo Alto Networks.
"Time and information are two of the most critical parts of incident
response. The more information we have, the quicker we can return a
customer to normal operations," said Kerri Shafer-Page, Vice President,
Incident Response, Arctic Wolf. "Cohesity's quick response toolkit gives
us access to all kinds of data that can enable a more comprehensive
investigation and quicker recovery. Partnering with Cohesity CERT adds
valuable expertise in backup and recovery and helps us ensure our joint
customers are resilient no matter what attackers throw at them."
"Your organization is only as safe as your backup controls are secure,
redundant, immutable, and relevant to threat actor playbooks," said John
Anthony Smith, founder and chief security officer of Conversant Group. "However,
incident response investigations can be complex and time-consuming.
Therefore, our long-standing partnership with Cohesity CERT is highly
beneficial to our joint customers because it adds valuable expertise in
backup and recovery and helps us ensure resiliency no matter what
attackers throw at them."
"By partnering with Cohesity CERT, Sophos' Incident Response (IR) team
of experts who work 27/4 around the world identifying and neutralizing
threats can jump right in to assess and react to active threats
targeting Cohesity's customers," said Rob Harrison, senior vice
president of Product Management for SecOps and Endpoint Security at
Sophos. "This streamlined process is critical because the faster Sophos
IR can get involved, the faster the team can disrupt and eject attackers
before they exfiltrate data, carry out ransomware or other damaging
activities. With this partnership, Sophos customers will also be
referred to Cohesity's quick response toolkit for comprehensive backup
and recovery programs. This collaboration ensures our joint customers
are more resilient and able to recover faster from cyberattacks."
"Expanding our partnership with Cohesity will improve operational
resilience for our joint customers and partners, by protecting the
critical pathways that ransomware attackers use to compromise Microsoft
Active Directory (AD) and Entra ID systems. In nearly all ransomware
attacks, adversaries target AD or Entra ID as the key to the
organization. Without sufficient backup and recovery solutions and
regular continuity testing, disruptions of these identity systems can
and do occur, costing organizations money and putting critical
infrastructure at risk," said Mickey Bresman, CEO, Semperis. "Semperis'
combined 150+ years of AD experience not only sets us apart in the
hybrid identity system security market, it also enables us to protect
top global organizations and rebuild compromised identity systems in
hours rather than days, weeks, or months."
"Enterprise security teams need all the help they can get. One third of
enterprises have expressed that current staffing levels are inadequate
for their organization's challenges; the degrees of staff specialization
have consistently increased. In lieu of additional staffing,
enterprises are looking for vendors to provide value-added services that
improve processes with their products." - 451 Research, part of S&P
Global Market Intelligence: 2023 VoTE Information Security
Organizational Behavior & 2024 VoTE Information Security Budgets
Study