F-Secure - Experts & Thought Leaders

WithSecure™ (formerly known as F-Secure Business) has continued to evolve its Elements cloud-based security platform with the addition of several new capabilities and services that can help organisations manage risks associated with cyber attacks. WithSecure™ Elements, which can be managed by a trusted service provider or in-house, provides organisations with the flexibility to pick and choose the capabilities they need via different modules. Available modules include Endpoint Protection, Endpoint Detection and Response, Vulnerability Management, Collaboration Protection, and recently added Cloud Security Posture Management. Access to new security services In order to ensure these different modules equip organisations with the security capabilities they need today and in the future, they receive constant updates that provide new capabilities and access to new security services.  APIs for integration with security orchestration, automation, and response (SOAR) platforms is one such recent improvement. SOAR platforms combine information/data produced by different security technologies and provide support to help organisations respond to potential incidents directly from their SOAR. Author's quote Brand new APIs provided by WithSecure are state-of-the-art and allow Sekoia.io to easily develop "Seamlessly integrating Shuffle SOAR and WithSecure's Elements API is like unlocking the power of automated incident response management at your fingertips. This makes it easier to establish a holistic view of any security landscape which helps streamline response and protection," said Binu Panicker, Director of Business Development at Shuffle. “The brand new APIs provided by WithSecure are state-of-the-art and allowed Sekoia.io to easily develop an Elements connector within our SOC platform. This seamless integration provides our customers with the capabilities to leverage all the potential of Elements. Specifically: they can now orchestrate the response actions that rely on Sekoia.io’s SOAR features,” Georges Bossert, CTO at Sekoia.io. Additions to WithSecure™ Elements Other recent additions to WithSecure™ Elements include:  The general availability of the recently launched co-monitoring service, with the inclusion of new features such as out-of-office scheduling (on top of the existing 24/7 option), input for emergency contact details in Elements Security Centre as a self-service for partners, and other usability and workflow improvements.  The general availability of Cloud Security Posture Management with additional environment scans for even more comprehensive coverage.  Dynamic risk scoring increases protection for assets that become more vulnerable due to changes in the threat landscape. Set of security capabilities According to WithSecure™ Vice President of Product Development Leszek Tasiemski, the intent of the platform’s evolution is to support organisations with managing security risks in a fast, efficient way. “Elements needs to make its integrated set of security capabilities—everything from exposure management to response—as accessible and practical as possible. While introducing these new capabilities is important, we’re also looking to offer a superior user experience so that our customers can capitalise on these improvements. We look forward to continuing to build on what’s great about Elements to help organisations manage security risks quickly and efficiently,” he explained.

Sustainability is a challenge that affects every person and organisation on the planet. To help overcome this challenge, WithSecure™ (formerly known as F-Secure Business) has created a W/Sustainability program that commits it to operate as an ethical, equitable, and environmentally responsible global citizen. W/Sustainability is a program that embeds sustainability and transparency into WithSecure’s strategy and operations. The program was built based on surveys and in-depth interviews with customers, investors, pioneers, and WithSecure™ employees, to understand the relevance of areas of sustainability for various stakeholders. Three themes As a result of these consultations, W/Sustainability was grouped into three themes: Safer and greener digital world: Minimising the energy consumed by WithSecure’s solutions while maximising the security outcomes to customers, and sharing cyber security knowledge with those who need it. Truly equitable workplace: Ensuring all WithSecure™ employees feel they can bring their best and true self to work and enjoy opportunities to learn and grow. Responsibly run business: Maintaining the highest ethical standards to ensure WithSecure™ chooses partners responsibly and strives to minimise its environmental footprint everywhere it can. Examples of concrete initiatives Protecting digital society is our most important contribution to a more sustainable world" “Protecting digital society is our most important contribution to a more sustainable world. However, we don’t want to stop there. Our W/Sustainability program ensures that sustainability is embedded in all our decisions, and that the impact of these activities is transparent in our reporting,” explained WithSecure™ President and CEO Juhani Hintikka. Examples of concrete initiatives implemented as part of W/Sustainability include: Established partnerships that allow WithSecure™ personnel to provide pro-bono security services to non-governmental organisations and other groups working with vulnerable communities. Created an internal “green coding” program that aims to measure and reduce the amount of energy consumed by software. WithSecure’s partnership with Tapio Lehtinen Sailing and its sponsorship of the Galiana WithSecure sailboat to promote sustainable, carbon-neutral solutions. Implementing a similar approach WithSecure™ Head of Product Management Leszek Tasiemski, who spearheads the company’s green coding efforts, feels that many software vendors could benefit from implementing a similar approach to their own software development. “As of today, there are no independent standards when it comes to the energy efficiency of software, which I think makes the opportunity to create more sustainable code easy for engineers to miss. But I’m hoping that as our own solutions demonstrate the potential to measure efficiency and eventually save energy through more sustainable coding practices, more companies will consider implementing a similar approach to their own development operations. We are open to collaborating on this initiative with other vendors,” he said.

The impact of cyber attacks on vulnerable populations serviced by non-governmental organisations (NGOs) is often overlooked, but they can affect communities already exposed to poverty, violence, and other threats/risks. WithSecure™ (formerly known as F-Secure Business) is now offering the support of its cyber security professionals to these groups through the CyberPeace Builders programme. The programme, managed by the CyberPeace Institute, connects cyber security professionals with NGOs. According to information from the CyberPeace Institute, only one in ten NGOs provide regular cyber security training to staff. Three out of four do not monitor their networks, and four out of five do not have cyber security plans. Attention of cyber criminals At the same time, these organisations can manage millions or even billions of dollars in donations, which draws the attention of cybercriminals. “NGOs are increasingly targeted by criminal and state actors online, for the sensitive data they hold, for the funds they raise, and for the very operations they conduct on the ground. These precious resources are critical to the vulnerable populations that NGOs protect, yet NGOs have a hard time attracting and retaining cyber talent," said Stéphane Duguin, CEO of the CyberPeace Institute. Stéphane Duguin adds, “The CyberPeace Builders provides cyber security professionals with a platform to use their unique knowledge and skills to help protect some of the world’s most vulnerable communities.” WithSecure’s participation in programme WithSecure’s participation in CyberPeace Builders programme represents evolution of cooperation  “As security professionals, we understand we have an important social role in helping keep people safe and secure from a variety of threats. Many of the brilliant minds working in our field understand this and want to use their skills in ways that have a genuine, positive impact on people’s lives. Participating in the CyberPeace Builders programme is an excellent opportunity for us to help provide a safe, secure, and sustainable digital environment for everyone,” said WithSecure™ CEO, Juhani Hintikka. WithSecure’s participation in the CyberPeace Builders programme represents an evolution of the cooperation between WithSecure™ and the CyberPeace Institute. The two organisations have worked together since 2021 in areas including intelligence gathering, reverse engineering malware, forensic analysis of cyber incidents, and cyber risk assessments. CyberPeace Builders programme With the CyberPeace Builders programme, individual researchers, consultants, and other security professionals at WithSecure™ can connect directly with NGOs that require assistance. Assistance provided via the programme covers a variety of services, including: Pre-incident: vulnerability scanning, security audits, penetration tests, awareness raising, cyber security training, incident planning, exercises; Post-incident: attack notification, security hardening, investigation support; Non-technical: data protection consulting, cyber insurance advice, crisis communications training, design of internal awareness-raising materials. WithSecure™ personnel’s participation Participation in the CyberPeace Builders fits into WithSecure’s W/You programme. W/You is an initiative intended to support WithSecure™ personnel’s participation in different projects related to sustainability and philanthropy – something that can prove crucial to the job satisfaction of cyber security specialists. “The act of volunteering can also be personally rewarding for individuals involved. Contributing to a greater cause, such as helping to protect vulnerable organisations from cyber threats, can provide a sense of purpose and fulfilment that may be lacking in one's day-to-day work. Where any work in cyber security usually starts with the ‘what’ and the ‘how,’ so too is the ‘why’ a crucial part into one's personal motivation in order to find meaning and grounding,” explained WithSecure™ Principal Threats and Technology Researcher, Tom Van de Wiele.