Enhanced CWS boosts hybrid multicloud protection

Kaspersky has unveiled an upgraded version of its Kaspersky Cloud Workload Security (CWS) platform, offering enhanced protection for hybrid and multicloud environments

The update addresses the increasing complexity of cloud infrastructures by improving visibility, strengthening runtime defense for containers, and providing organisations with a more flexible, cost-efficient approach to safeguarding workloads.

As cloud infrastructures grow, security challenges continue to pose significant risks. In a research paper titled ‘Alleviating cloud migration difficulties with robust hybrid-cloud and container security’, Kaspersky and ISG found that 60% of surveyed organisations rank monitoring and proactively preventing runtime misconfigurations of cloud assets among their top five concerns regarding current cloud security solutions. The latest updates in CWS aim to help organisations stay ahead of evolving cyberthreats.

Kaspersky Cloud Workload Security consists of two core products: Kaspersky Container Security (KCS) and Kaspersky Hybrid Cloud Security (KHCS). The updated KCS introduces node OS vulnerability scanning and file threat protection, extending runtime security across both nodes and orchestrators. Organizations can now enhance network connection reputation data by integrating their own vulnerability feeds alongside NIST’s and Kaspersky’s databases, providing tailored intelligence that reflects their unique threat landscape.

Operational transparency is also improved with detailed logging of changes in RBAC (Role-Based Access Control) cluster objects. Incident response is more agile thanks to support for WebHooks, enabling data sharing with compatible software even without direct integration. Additionally, KCS now supports Microsoft Azure Registry and Google Cloud Platform Kubernetes & Registry, allowing organizations to secure workloads across a broader set of platforms.

Security policies, including Assurance, Runtime, and Response, have been expanded to deliver higher detection rates and greater flexibility, ensuring protection aligns with both business priorities and regulatory requirements.

In tandem with this release, the Light Agent in Kaspersky Hybrid Cloud Security has been enhanced. The solution now leverages Kaspersky Endpoint Security for Windows (12.10) and Kaspersky Endpoint Security for Linux (12.3) as light agents, improving integration and overall security capabilities in hybrid environments.

The update addresses common customer challenges, including cloud security blind spots, rising infrastructure costs, regulatory compliance pressures, and the limitations of traditional endpoint and open-source solutions in protecting multicloud workloads. By combining advanced automation with rich contextual intelligence, Kaspersky helps enterprises maintain resilience while meeting both business and compliance objectives.

"With the latest updates to Kaspersky Cloud Workload Security, we're continuing to push the boundaries of cloud security, providing our customers with the most comprehensive and robust protection available," commented Anton Rusakov-Rudenko, senior product marketing manager, cloud & network security product line at Kaspersky. "Our goal is to empower businesses to take full advantage of the cloud's potential, without compromising on security. With these updates, we're helping our customers to stay one step ahead of emerging threats and maintain the highest levels of security and compliance in their cloud infrastructure."

Kaspersky launches External Attack Surface module in DFI, giving security teams visibility, risk scoring, and proactive defenses

Kaspersky has unveiled a new External Attack Surface module within its Digital Footprint Intelligence (DFI) service, now accessible through the Threat Intelligence portal

This addition integrates External Attack Surface Management (EASM) features, enabling security teams to continuously oversee and protect their organisation’s external perimeter with improved visibility and control.

For years, the exploitation of public-facing applications has remained the leading method of initial compromise. According to the Kaspersky Incident Response report, these accounted for 39% of incidents in 2024. Furthermore, over 90% of the vulnerabilities targeted by attackers during that year had been publicly disclosed more than twelve months earlier, highlighting weak update and patch management practices in the affected organisations.

With the rapid expansion of digital ecosystems across cloud platforms, third-party applications, and shadow IT, organisations face mounting challenges in maintaining a secure perimeter. The newly introduced module helps by detecting exposed infrastructure, flagging vulnerabilities such as unpatched software or open ports, and assigning risk scores so that security teams can prioritise fixes based on potential business impact.

The External Attack Surface module directly addresses two essential concerns for security leaders: identifying internet-facing assets and determining which ones are at risk. It combines vulnerability scanning, misconfiguration checks, and contextual risk analysis to give enterprises a clear picture of their exposure, along with concrete steps to minimise it.

Unlike tools that provide only a snapshot, this solution also collects and stores historical data. This enables retrospective analysis, trend monitoring, and enhanced incident investigations. Data aggregation from multiple specialised search engines boosts coverage across hosts and services. Each issue discovered is supported by thorough explanations and remediation advice, ensuring teams can move efficiently from detection to resolution.

The value of the module lies not only in enhanced visibility but also in the ability to act decisively. Whether it involves patching outdated software, moving systems behind VPNs, applying WAF rules, or resetting compromised credentials, the module delivers clear and prioritized recommendations that help organizations strengthen defenses before attackers can exploit weaknesses.

“Security teams are under constant pressure to manage an ever-expanding digital perimeter. With the External Attack Surface module, we give them not only visibility of what attackers can see but also recommendations to reduce exposure and respond effectively. By enriching DFI with EASM functionality, we continue to expand the scope of our Threat Intelligence portfolio and deliver cross-product synergies that empower security teams with deeper insights, faster investigations, and more resilient cyber defense.” said Yuliya Novikova, head of digital footprint intelligence at Kaspersky.

Cyberthreats are intensifying across sub-Saharan Africa, with Nigeria emerging as a key target, according to Kaspersky’s latest 2025 security report. (Image source: Kaspersky)

According to data from global cybersecurity company Kaspersky, sub-Saharan Africa recorded 42.4 million web attacks and 95.6 million on-device attacks in the first half of 2025

The region also saw spyware cases more than double, a 64% increase in password stealer incidents, and a 12% rise in backdoor infections compared with the same period in 2024. These figures are being released ahead of Kaspersky’s participation at GITEX Nigeria, one of the region’s leading technology exhibitions taking place on September 3–4 in Lagos. At the event, the company will provide practical guidance and host workshops to help individuals and businesses strengthen their defences against fast-evolving threats.

In Nigeria, during the first half of 2025, Kaspersky’s security tools blocked more than 1.46 million online attack attempts targeting users. These threats—which included phishing scams, exploits, botnets, Remote Desktop Protocol (RDP) intrusions, and network spoofing such as fake Wi-Fi networks—affected nearly one in five people in the country (19.9%). During the same period, 4.97 million on-device attacks were intercepted, with 28.6% of Nigerian users facing malware delivered through infected USB drives, CDs, DVDs, and hidden installers. These included ransomware, worms, backdoors, trojans, password stealers, and spyware.

Kaspersky’s research highlighted a 66% surge in password stealer attacks in Nigeria in H1 2025 compared to the same timeframe in 2024, along with a 53% increase in spyware incidents. Exploits exploiting vulnerabilities in applications such as Microsoft Office also remained widespread. While the overall number of phishing detections dropped by 52%, phishing attempts became more precise. Financially themed phishing, including scams targeting banks, e-commerce platforms, and payment systems, increased by 46%. Kaspersky registered more than 595,000 finance-related phishing attempts in Nigeria during the period.

Industrial sectors remain vulnerable as well. In H1 2025, Kaspersky solutions blocked threats on 26.5% of Industrial Control Systems (ICS) computers in Nigeria. Virus and worm infections posed significant risks, particularly in construction, ICS engineering and integration, energy, and biometrics industries. More broadly, Africa ranks among the regions with the highest percentage of ICS computers impacted by malicious objects worldwide.

“Every day, more people in Africa and in Nigeria specifically are moving their businesses, banking, and even daily errands online. But with this opportunity comes a challenge. Cybercriminals are also becoming more active, targeting not only big companies and government networks, but also ordinary people, small businesses, and industrial infrastructures we depend on,” commented Chris Norton, general manager for sub-Saharan Africa at Kaspersky.

NEC XON expands services to strengthen cybersecurity across South Africa and beyond

NEC XON, a leading IT security solutions provider, has announced a major step forward in its service offering

The company has expanded its managed services portfolio to include full-scale Fortinet device management, a move already implemented at two of South Africa’s largest clothing retail chains.

This development comes at a critical time, as businesses across South Africa grapple with complex security needs and evolving cyber threats. The new managed service aims to enhance Fortinet performance, reduce system downtime, and deliver a stronger layer of protection.

A recent S&P Global Market Intelligence report presented at RSAC 2025 highlights the increasing reliance on managed security services (MSS). Nearly 29% of organisations now use MSS to support or replace their in-house teams. Meanwhile, 23% are consolidating security resources and 28% are downsizing their security teams – a risky decision amid rising threat levels. Another 37% report no major changes, suggesting stagnation in their security posture.

A South African response to a global challenge

“We are dedicated to providing top-tier support to help businesses stay secure and operational. That’s not just a slogan — it’s a promise South African companies urgently need,” commented Grant Ferreira, regional manager security at NEC XON. “We are very excited to have launched the expansion of our managed services to meet the growing security demands of our customers. With our team of certified experts, we have had great success with the expanded services in the coastal regions of South Africa and are in the process of rolling out the project to the rest of SA and Africa.”

More than just another device

As a certified Fortinet partner, NEC XON is delivering more than just another IT service. What sets this offering apart is the combination of top-tier technology with a people-first approach. Fortinet’s firewalls and secure networking solutions are industry leaders, but it’s the flexibility and support around them that makes the NEC XON approach unique.

With both onsite and remote support options, the company meets customers where they are – whether they need engineers on the ground or hands-off remote monitoring. That adaptability is especially important for businesses in smaller towns or rural regions that may not have the technical resources or budget to manage advanced infrastructure.

NEC XON’s team includes certified engineers skilled in Secure Connectivity, SD-WAN and Security Operations – closing the technical gap with confidence.

Backed by Fortinet’s elite programmes

NEC XON also brings serious credentials to the table, with access to Fortinet’s Engage Preferred Services Partner (EPSP) and Expert Technical Support (ETSP) programs. These designations represent more than vendor recognition – they enable advanced support like in-depth troubleshooting, specialised configuration, and tailored training that clients can rely on.

Cybersecurity with real economic impact

The value of this service goes beyond technology. By helping businesses avoid downtime, prevent breaches and improve operational efficiency, NEC XON is also contributing to a more resilient digital economy.

In South Africa, where energy uncertainty, strained public services and rising risks are the norm, solid cybersecurity remains one of the few controllable aspects of business infrastructure. It is an investment that pays off – not only in business continuity but in trust and confidence.