Heron introduces Security Configuration & Data Compliance Assessment service

Heron introduces a new Security Configuration & Data Compliance Assessment Service to help organisations discover misconfiguration and exposures on monitored endpoints and mishandling of sensitive data that would pose significant risks. The assessment will be free for Singapore companies with over 50 employees for a limited time period.

Heron Security configuration assessment dashboard
A security misconfiguration occurs when system or application configuration settings are missing or are erroneously implemented, allowing unauthorized access. Common security misconfigurations can occur due to leaving default settings unchanged, erroneous configuration changes or other technical issues. They can occur in applications, cloud infrastructure, networks and elsewhere. Misconfigurations are widely regarded as the top cloud vulnerability.

There have been numerous cyber attacks in recent years due to security misconfiguration being the primary cause. In 2021, Nissan, a Japanese multinational automobile manufacturer, had some source code leaked online due to the misconfiguration of a company Git server. Earlier, in May 2020, Mercedes-Benz experienced a similar breach. The Atlassian JIRA data exposure incident in 2019 was one of the most significant exploits of a misconfiguration. Another example of an incident due to excess privileges was Shopify’s 2020 breach.

Data breaches are also increasingly damaging to companies due to increasing data privacy laws, financial penalties and consumer activism. Companies in Singapore can now be fined up to S$1M or 10% of annual revenue if the annual turnover exceeds S$10M. In 2021, 104 Singapore companies were fined a total of S$2.68M, before the increased fine framework was introduced in October 2022. Companies that collect or process the personal data of residents of the EU also must comply with the regulations set forth by the GDPR. GDPR fines are much more severe – depending on the severity of the infringement, it can be up to 4% of annual worldwide revenue or €20 million, whichever is greater.Sample data assessment report
Heron’s new services will help companies prevent attacks due to security misconfiguration and avoid punitive measures under the PDPA and GDPR. The service will also support companies aiming for MAS TRM, ISO27001, HIPPA and other compliance and regulatory requirements.

More details of this service are available in the brochure.


https://heron-technology.com/s....ecurity-configuratio

Heron signs business partnership agreement with IBM

Heron is pleased to announce a partnership with IBM to resell IBM Security’s cybersecurity technologies and incorporate them into Heron’s Managed SOC Service operations. This partnership will allow Heron to strengthen its cyber services by leveraging IBM’s leading cybersecurity technology company Reaqta.

The Reaqta platform provides advanced threat detection and response capabilities to help minimise the impacts of cyberattacks on an organisation and its customers. These capabilities offer a wide range of powerful tools that can be used to detect, investigate, and remediate threats.

With this collaboration, Heron can offer customers the most comprehensive security solutions available today. Heron will also utilise Reaqta’s platform for their Managed SOC Service offerings. This collaboration will enable Heron to provide its customers with the best possible security solutions.

https://heron-technology.com/h....eron-signs-business-