AI-powered data security platform company Cohesity this month announced it has expanded the Cohesity Cyber Event Response Team (CERT) service to include partnerships with a number of incident response (IR) vendors.
The team says that by partnering with IR vendors such as Palo Alto Networks Unit 42, Arctic Wolf, Sophos, Fenix24 and Semperis, Cohesity CERT augments the traditional IR process, infusing data and backup and recovery expertise, helping to speed investigations and enable organizations to recover from incidents.
Consolidated comfort factor
Using native platform capabilities, Cohesity CERT can share a consolidated set of customer-approved operational data with its IR partners, including logs, reports, inventories and more. This dataset, together with Cohesity CERT’s data security and recovery expertise, enhances the digital forensics, threat intelligence, and containment capabilities of IR partners, enabling them to perform analysis of the cyber incident and resolve issues while reducing business downtimes.
According to 451 Research’s Information Security Budgets Study, eEnterprise security teams need all the help they can get. One third of enterprises have expressed that current staffing levels are inadequate for their organization’s challenges; the degrees of staff specialisation have consistently increased. In lieu of additional staffing, enterprises are looking for vendors to provide value-added services that improve processes with their products.
Explore related questions
“With ransomware, data breaches and other cyber threats becoming an unavoidable reality, organizations need the assurance that they can bounce back faster, stronger and smarter,” said Sanjay Poonen, CEO, Cohesity. “Cohesity CERT is a natural extension of our mission to empower organizations with resilient, secure data management. We’re doubling our commitment to our customers by ensuring they have the expertise and tools to navigate and recover from cyber crises effectively. Cyber resilience is the cornerstone of modern cybersecurity and we are committed to helping our customers achieve it.”
Cohesity CERT is available to all Cohesity customers as part of their existing subscription. Customers can benefit from:
- Minimized Business Disruption and Financial Loss: As cyberattacks become more frequent and damaging, Cohesity aids customers in detecting, investigating and recovering from incidents, preventing and minimizing extended operational disruptions.
- Comprehensive, Coordinated Response and Recovery: Working alongside its ecosystem of IR partners, Cohesity has developed a methodology that utilizes native platform capabilities and integrations with its Data Security Alliance to provide greater insight into data breaches.
- 24/7 Availability and Multi-vendor Integrated Support: Cohesity CERT handles a range of incidents, from sophisticated ransomware and data breaches to targeted attacks. It assists customers whenever cyber incidents occur. Cohesity and its partners maintain communication throughout the response and recovery process, allowing for faster decision-making and a more agile response to cyberattacks.
- Specialised Expertise and Proactive Recommendations: Personnel from Cohesity CERT and its partners are cybersecurity experts with specialised knowledge in incident response, threat intelligence and forensics, making them a useful resource during critical incidents. The service provides actionable recommendations and valuable expertise that help businesses strengthen their defenses over time, enabling customers to stay ahead of evolving cyber threats.
“Cybercriminals are increasingly emboldened by new technology, making cyberattacks more effective and efficient. Unit 42 provides customers with leading incident response expertise, threat intelligence and proactive services, enabling them to effectively address the most challenging threats. Through this new partnership, Cohesity will play a crucial role in expediting backup and business recovery processes of shared customers. This collaboration will greatly benefit our customers, ensuring a comprehensive approach to cybersecurity that enhances the overall investigation process for Unit 42,” said Sam Rubin, SVP of consulting and threat intelligence, Unit 42 at Palo Alto Nerworks.
Kerri Shafer-Page, vice president for incident Response at Arctic Wolf says that time and information are two of the most critical parts of incident response. The more information we have, the quicker we can return a customer to normal operations. She feels that Cohesity’s quick response toolkit gives us access to all kinds of data that can enable a more comprehensive investigation and quicker recovery.
Secure, redundant, immutable & relevant
“Your organisation is only as safe as your backup controls are secure, redundant, immutable, and relevant to threat actor playbooks,” said John Anthony Smith, founder and chief security officer of Conversant Group. “However, incident response investigations can be complex and time-consuming. Therefore, our long-standing partnership with Cohesity CERT is highly beneficial to our joint customers because it adds valuable expertise in backup and recovery and helps us ensure resiliency no matter what attackers throw at them.”
Rob Harrison, senior vice president of product management for SecOps and endpoint security at Sophos says that by partnering with Cohesity CERT, Sophos’ Incident Response (IR) team of experts who work 27/4 around the world identifying and neutralising threats can jump right in to assess and react to active threats targeting Cohesity’s customers.
“This streamlined process is critical because the faster Sophos IR can get involved, the faster the team can disrupt and eject attackers before they exfiltrate data, carry out ransomware or other damaging activities. With this partnership, Sophos customers will also be referred to Cohesity’s quick response toolkit for comprehensive backup and recovery programs. This collaboration ensures our joint customers are more resilient and able to recover faster from cyberattacks,” added Harrison.