Security

Nudge Security emerges from stealth to tackle cybersecurity’s people problem • ZebethMedia

By zebethcontrolPosted on October 13, 2022Posted in SecurityNo Comments

Social engineering attacks are on the rise. These low-tech but high-impact attacks — where hackers manipulate employees into granting them access to companies’ services and data — increased by almost threefold last year, and have so far this year claimed several high-profile victims, from Twilio and Mailchimp to Revolut, and most recently Uber. As these big names demonstrate, these kinds of attacks can be hard for even the most well-resourced organizations to protect against. Now, cybersecurity startup Nudge Security is emerging from stealth to help organizations tackle what they think is the biggest cybersecurity weakness: people. The fully remote company — with outposts in Austin, Texas and Jackson, Wyoming — was founded in 2021 by ex-AlienVault software engineers Russell Spitler and Jaime Blasco who believe the only way to address the “people problem” is to make employees part of the solution. As its name suggests, its product does that by “nudging” employees towards optimal security behaviors, such as switching on multi-factor authentication (MFA) or changing their password if it has been involved in a breach. The company’s security offering continuously uncovers historical and new software-as-a-service assets across an organization, including SaaS supply chains and OAuth grants, without relying on network infrastructure, endpoint agents, browser extensions, or API integrations. When there’s a new “security critical” event, such as the creation of a new account or the installation of a new app, Nudge engages with that employee to ensure they are making good security choices. For example, if an employee downloads Dropbox but the organization uses Google Drive, Nudge will start a dialogue to understand why that decision has been made. “We act as a sidecar in a way that allows employees to engage with the security team and allows the centralized team to still have visibility into what’s going on, set policies, and have employees be part of that process in a way that doesn’t disrupt their work,” Nudge’s Spitler told ZebethMedia. “We believe that every employee has the potential to behave in ways that support and strengthen the organization’s cybersecurity posture, it’s just not always simple or straightforward to do so.” In order to ensure employees engage with these prompts, Nudge worked with Aaron Kay, a professor of psychology at Duke University, who showed the startup how it can take foundational research done in psychology in order to establish a relationship between our product and end users. “We’re trying to engage employees, and make sure we’re not coming across in a way that’s slapping your hands or waving a big red warning banner,” Spitler added. Nudge is not claiming that it could have prevented Uber’s hack or Revolut’s breach — Spitler told ZebethMedia, “we’ve been in the industry too long to make bold cases like that” — but that the company believes it can help organizations inform their risk posture not just in terms of who has access, but in terms of who has access to what and why. “Like in the case of Uber, one of the things that has been a trend for collapse over the past few months is the complexity of these organizations,” Spitler said. “Social engineering plus complexity means that even if one user gets compromised, all of a sudden the organization starts to fall apart.” “We also provide supply chain information,” added Blasco, Nudge’s co-founder and chief technology officer. “Let’s say your organization is using Slack, and they’re using Twilio, we’re able to tell you that Twilio is compromised.” Nudge is launching its product six months after it secured a $7 million seed investment from Ballistic Ventures, a new VC outfit solely dedicated to advising and funding early-stage cybersecurity startups. Since this investment, Nudge has onboarded 10 customers, with another dozen or so in the large enterprise pilot phase. “The product that we’ll be delivering this week is really our focus right now, and then we’ll be scaling up our marketing and sales efforts,” Splinter said. “When we start to expand on that front, we’ll probably look to raise another round.”

Microsoft launches new security services aimed at protecting code in the cloud • ZebethMedia

By zebethcontrolPosted on October 12, 2022Posted in devops, Enterprise, Microsoft Ignite, Microsoft Ignite 2022, SecurityNo Comments

At its Ignite conference today, Microsoft announced Defender Cloud Security Posture Management and Defender for DevOps, two new offerings within the company’s Defender for Cloud service (previously Cloud App Security) aimed at managing software development and runtime security across multicloud, multiple-pipeline environments. Currently available in public preview, they work with GitHub and Azure DevOps to start, with additional product integrations to come down the line. In a conversation with ZebethMedia, Microsoft CVP of cloud security Shawn Bice said that Defender for DevOps and Defender Cloud Security Posture Management (or Defender CSPM, to refer to it by its more wieldy acronym) arose from the challenges companies are increasingly facing as they use cloud-native services to deploy and manage applications. These customers often have incomplete visibility and a lack of prioritized mitigations, he said, making their security reactive as opposed to proactive. There’s truth to that. According to a 2020 report from Orca Security, 59% of cybersecurity teams report receiving more than 500 alerts about cloud security per day — a large portion of which are false positives. Tool sprawl is often cited as a challenge in maintaining code security. Responding to a GitLab survey from August, 41% of DevOps teams said that they used between six to 10 tools in their development toolchains, leading them to miss security issues. “The accelerated cloud transformation journey for our customers has created an urgent need for a unified solution to manage security from development to runtime in multicloud and multiple pipeline environments,” Bice said via email. Image Credits: Microsoft To this end, Defender CSPM leverages AI algorithms to perform contextual risk analyses of software dev environments. Resulting recommendations and insights are piped into source code management platforms like GitHub and Azure DevOps to drive remediation efforts; alternatively, users can create workflows connected to security recommendations to trigger automated remediation. Defender CSPM also provides “attack queries” that security teams can use to explore risk and threat data, as well as a dashboard showing all the rules implemented across dev environments and tools that allow security admins to define new rules. As for Defender for DevOps, it shows the security posture of pre-production app code and resource configurations. Security teams can use the service to enable templates and container images designed to minimize the chance that cloud misconfigurations reach production environments. “Leveraging [insights] within Defender for Cloud, security admins can help developers prioritize critical code fixes with actionable remediation and assign developer ownership by triggering custom workflows,” Bice explained. With the rollout of Defender CSPM and Defender for Cloud, it’s clear Microsoft is angling for a larger slice of the enormous and growing DevSecOps segment. Grand View Research estimates that the market for DevSecOps — which spans tools that automate security practices at every step of software development — was worth $2.79 billion in 2020. Startups including Spectral, which aims to detect potential security issues in codebases and logs, and Cycode, which offers tools to secure DevOps pipelines, might be perceived as competitors. But Microsoft’s scale — and the fact that both Defender CSPM and Defender for Cloud are free for Defender for Cloud customers during the preview period — give it an advantage. “Microsoft is committed to enabling security for all,” Bice added, “[with] a comprehensive cloud security benchmark across multiple clouds.”

Cyber training platform pulls in another $66M after post-pandemic remote working increases cyber threats • ZebethMedia

By zebethcontrolPosted on October 12, 2022Posted in cybersecurity, SecurityNo Comments

It was only in June last year when we reported how Immersive Labs, a platform which teaches cybersecurity skills to employees in a “gamified” way, had closed a $75 million Series C funding round. As of today, the company just pulled in another $66 Million, taking the total raised to $189 million. And it can perhaps put its success partly to COVID-19. The company has previously said the new wave of interest in cyber security by organizations has been caused by so many people shifting to working remotely, a habit which was acquired during the pandemic and which now increasingly companies implement by default. Ten Eleven Ventures led the latest raise, while existing investors Goldman Sachs Asset Management, Summit Partners, Insight Partners, Menlo Ventures, and Citi Ventures all participated in the round. Immersive Labs originated from the CYLON cyber accelerator in London, an idea borne of founder James Hadley, a former GCHQ security researcher, and trainer, who realized ordinary employees needed a better way to learn cyber security as they were the weakest links in most organizations. The capital will be used to boost its “Cyber Workforce Resilience” category and deliver solutions to enterprise customers like Citi, Goldman Sachs, HSBC, Pfizer, Daimler, Humana, Atos, and the UK National Health Service. In a statement Hadely said: “Attracting new investment during a difficult time overall for the tech sector underscores the incredible demand for Immersive Labs’ disruptive, people-centric approach to cybersecurity. Proving cyber resilience has increasingly become a Board and C-level consideration.” Immersive has also beefed-up its executive team, adding Sandra McDevitt as Chief Human Resources Officer (CHRO) and Lucian Lui as Chief Marketing Officer (CMO). Dave Palmer (Ten Eleven General Partner and Darktrace Founder and former Chief Product Officer) will join the company’s Board, while Jack Huffard (Tenable Co-Founder and current Non-Executive Director of Immersive) becomes Chair. Palmer added: “As we see more focus on proving cyber resilience across public and private sectors, Immersive Labs stands to play a key role in the future of cybersecurity.

Toyota exposed 300,000 customer email addresses for 5 years • ZebethMedia

By zebethcontrolPosted on October 12, 2022Posted in cybersecurity, data leaks, GitHub, Security, ToyotaNo Comments

Automotive giant and car maker Toyota has warned that the personal information of roughly 300,000 customers may have been exposed for close to five years. The possible exposure relates to T-Connect, an official Toyota app that allows customers to connect their smartphone to their vehicle’s dashboard infotainment system. In a statement, Toyota admitted that a subcontractor developing the T-Connect website inadvertently uploaded part of the site’s source code to a public GitHub repository in December 2017, where it sat undiscovered until last month. This source code contained an access key to a server that stored customer email addresses and customer management numbers that it assigns to each customer. Toyota said that a total of 296,019 email addresses could have been accessed by anyone who found the access key until the access to the GitHub repository was closed on September 15, 2022. Toyota, which confirmed it has since changed the server’s access key on September 17, said that no other information, such as customer names, phone numbers and credit card information, was affected. But the company was forced to admit that it could not rule out the possibility of someone having accessed and stolen the data during the five-year span. “As a result of an investigation by security experts, although we cannot confirm access by a third party based on the access history of the data server where the customer’s email address and customer management number are stored, at the same time, we cannot completely deny it,” Toyota said in a statement. Toyota advised customers whose details may have been leaked to be on alert for phishing attempts and to avoid opening email attachments from unknown senders that claim to be from Toyota. A similar security lapse recently led to the leak of a huge amount of sensitive data from Shanghai’s police database, including the names, addresses, phone numbers, national identifications, birthplaces, and criminal records of more than 70 percent of the country’s population — approximately 1 billion Chinese residents.

Dedrone’s counter-drone jammer uses science to stop drones in their tracks • ZebethMedia

By zebethcontrolPosted on October 12, 2022Posted in Dedrone, drones, Hardware, military, SecurityNo Comments

Drones are lovely for all sorts of things, including shooting incredible 700-shot gigapixel images over Burning Man, for example. But they can also be used for nefarious purposes, carrying explosives or scaring the bejesus out of the Secret Service as they are trying to protect the prez. Dedrone has had a series of antidrone tools with more than 700 solutions already in the hands of military forces around the world. Today, the company announced it’s adding a handheld system that can jam radio frequencies, effectively preventing drone pilots from controlling their own drones. Once the connection is severed, what happens next depends on the drone, and how it is programmed to behave after it loses contact with its pilot. Some will just set down wherever they are, others will try to navigate back to the take-off location. It is unclear what would happen if a drone operates autonomously with a programmed path, or potentially some sort of self-flying algorithm taking it toward its target. The new DedroneDefender is aimed at civilian, state and local law enforcement in urban environments. Weighing in at 7.5 pounds and 22 inches long, it uses narrow-band (or “comb”) jamming to ensure as little interference with other devices as possible. Once communications are interrupted on a drone, the tool enters a preprogrammed safety mode to minimize risk to others and damage to the drone, the company claims. “DroneDefender is a valuable resource for extreme hostile environments, as proven by our federal and military customers,” said Aaditya Devarakonda, CEO of Dedrone. “DedroneDefender extends that security to law enforcement and is a vital tool in a layered defense approach. It is easy to implement and use for drone mitigation, especially when combined with the threat prioritization provided by DedroneTracker. Our solution library is continuously updated to ensure both DroneDefender and DedroneDefender are able to mitigate even the newest manufactured and DIY drones.” You won’t be able to buy them yourself, though. For one thing, US law prohibits disabling of aircraft; DoD or Homeland Security may be authorized to disable a drone they identify as a terrorist threat (let’s say at the Super Bowl) but local police or stadium security cannot legally bring the drone down under current law. Unless you have very deep pockets and some pretty special authorizations, you’re out of luck. DedroneDefender price range is in the tens of thousands of dollars.

Vanta lands $40M to automate cybersecurity compliance • ZebethMedia

By zebethcontrolPosted on October 12, 2022Posted in compliance, crowdstrike, cybersecurity, Falcon Fund, funding, Security, Sequoia, startup, Startups, Vanta, Y CombinatorNo Comments

Vanta, a security compliance automation startup, today announced that it raised $40 million in an extension of its Series B funding round that closed in June, which valued the company at $1.6 billion. Notably, Crowdstrike invested in the extension — which was led by Craft Ventures — through its Falcon Fund, joined by Sequoia, Y Combinator and unnamed existing investors. CEO Christina Cacioppo tells ZebethMedia that the new cash will be used to support Vanta’s customer acquisition, product R&D and go-to-market efforts. It brings the company’s total capital raised to $203 million. Cacioppo founded Vanta in 2016 to — in her words — “help companies achieve and maintain a strong security posture.” Previously a professor at the School of Visual Arts in New York, Cacioppo co-founded Nebula Labs, a software development house, before joining Dropbox as a product manager on Dropbox Paper. “With massive breaches on the rise — like Uber, Sony, Equifax — companies understand that proving their security is a must to doing business. Why? Because enterprises won’t buy a product that is not secure and regulators will crack down on any company with a weak security posture,” Cacioppo told ZebethMedia via email. “The problem is emerging companies lack the resources and expertise in-house to properly secure their perimeter, leaving them open to incoming threats and penalties for non-compliance, and they have no way to prove to their customers that their critical business assets are safe from threats.” Vanta offers services designed to enable businesses to meet regulations, compliance standards and laws, like HIPA and GDPR. The company provides workflows and controls for various apps and services to ensure compliance, allowing auditors to complete audits within Vanta and delivering alerts and guidance via email and apps like Slack. Vanta recently began offering what it calls “Trust Reports,” which aim to summarize a company’s compliance position. Behind the scenes, a monitoring engine collects data from Vanta customers’ software-as-a-service app and cloud stack and runs analyses to surface potential security threats. Cacioppo explained: “A customer’s journey in Vanta is guided by data-driven insights from the thousands of companies that have used Vanta to build and demonstrate their security. Each new customer benefits from the experience of all previous Vanta customers.” Certainly, compliance is a tricky field — one many companies struggle with. A 2021 survey from The Harris Poll found that nearly two-thirds (63%) of organizations see compliance issues as critical barriers to growth. In a separate, recent study from Telos, an IT cybersecurity firm, organizations reporting having to comply with an average of 13 different IT security and privacy regulations and spend $3.5 million annually on compliance activities, with audits taking close to two months each fiscal quarter. That’s been good for business. San Francisco-based Vanta, which employs more than 350 people, now has a customer base numbering north of 4,000 organizations that includes brands like Quaro, Modern Treasury and Autodesk. When asked, Cacioppo didn’t reveal annual recurring revenue figures — save for that revenue has grown “significantly faster” than Vanta’s valuation. “Vanta continues to drive innovation in the space by building beyond ‘check the box compliance’ to a scalable set of security tools that help address the risks inherent in running businesses in the cloud,” Cacioppo said, citing a report from Polaris Market Research that predicts the enterprise governance, risk and compliance software market will be worth $96.98 billion by 2028. “‘Growth at all costs’ has never been our MO. [I] bootstrapped the company until it hit $10 million annual recurring revenue to make sure there was strong product-market fit and the company could stand on its own … The metrics that investors are scrutinizing now — burn rate, capital efficiency, gross margins — are ones Vanta has always excelled at.” The challenge for Vanta will be beating back competitors in the increasingly crowded risk and compliance space. Just in May, Kintent, a startup providing enterprise compliance and security solutions, raised $18 million in venture capital. Earlier this year, Secureframe landed $56 million for its platform that automates an enterprise’s compliance with standards like HIPPA and SOC 2. Other rivals include Ethyca, Ketch, Soveren and Anecdotes, the last of which secured $25 million in its Series A. There’s cash to go around, fortunately. Investors poured $5.1 billion into governance, risk and compliance startups in Q2 2021, a 113% increase from Q2 2020, according to Crunchbase data cited by The Wall Street Journal. In the first 10 weeks of 2022 alone, funding reached nearly $1 billion — spurred by international sanctions and data privacy legislation like the California Consumer Privacy Act. In an emailed statement, CrowdStrike CTO Michael Sentonas said: “Compliance is no longer a siloed function — it’s a boardroom priority and an essential component of the modern security stack. We invested in Vanta because they created a way for every company, large and small, to achieve and maintain compliance by automating the process end-to-end.”

Vista Equity Partners to acquire cybersecurity company KnowBe4 for $4.6B • ZebethMedia

By zebethcontrolPosted on October 12, 2022Posted in Enterprise, KnowBe4, Security, vista equity partnersNo Comments

Vista Equity Partners has agreed a $4.6 billion all-cash deal to acquire KnowBe4, a publicly-traded cybersecurity company specializing in helping enterprise workers avoid phishing attacks. “Under Vista’s ownership, we will have access to additional resources and support, which will help us achieve our goals and deliver enhanced value to our customers,” KnowBe4 founder and CEO Stu Sjouwerman noted in a press release. Founded in 2010, Clearwater, Florida-based KnowBe4 delivers simulated phishing attacks via the browser, offering a range of programs spanning videos, games, interactive modules, and more. The company hit the public markets in 2021 after raising more than $300 million in VC funding, but its shares have performed somewhat tepidly in the intervening months, hovering at around the $20 mark (give or take) since its IPO. Vista Equity Partners’ offer of $24.90 per share represents a premium of around 44 percent on KnowBe4’s $17 closing price on September 16, the date at which Vista first made its proposed bid. Today’s news represents KnowBe4’s agreement to be acquired after the company set up a special committee to assess the initial proposal and potential alternative deals. It still has to be approved by the shareholders, but the company said that it expects the deal to close in the first half of 2023.

Google looks to boost its security cred in the cloud • ZebethMedia

By zebethcontrolPosted on October 11, 2022Posted in Enterprise, SecurityNo Comments

Cloud data breaches in the enterprise have skyrocketed in the last year — a worrying trend that’s led to the emergence of a host of new tools and services to help better secure that environment; as well as a major mobilization among cloud service providers to launch more specific tech to address the gap. Today comes the latest development on that front: Google Cloud is announcing a wide slate of security products and services, covering areas like supply chains; digital sovereignty; secure collaboration environments in the cloud; and a new security operations product. Announced at the company’s Google Cloud Next event, above all Google’s aim is to win over business by putting cybersecurity front and center for end users that are prioitizing it, too, and using it to guide their procurement strategies. Below is a walk through the bigger announcements: Software Delivery Shield is a new product Google Cloud is launching specifically to address supply chain security — ensuring that you are not picking up or passing on malware or other potentially harmful data as work is processed through a series of partners that do not normally work within the same computing environment. This is an emerging area that I’d say has definitely been on the rise with the arrival of “digital transformation” and an increasing number of organizations doing business in the cloud. Google presents this as a fully managed solution aimed at developers, DevOps and security teams that works within GKE, Cloud Code, Cloud Build, Cloud Deploy, Artifact Registry and Binary Authorization. It’s an area that has been covered also by a number of startups, including Endor, Chainguard, Phylum, Valence and many others. One point these will continue to have over Google is the fact that they have the scope (and potentially trust) to do an adequate job in hybrid and multi-cloud environments from multiple vendors. While the supply-chain security product appears to have been built in house, Google Cloud is taking a different approach with another security launch, this one focused on digital sovereignty. Here it is working with more than 20 different software companies to build out a new “Sovereign Solutions” initiative: Aiven, Broadcom (Symantec), Cloud Software Group (Citrix), Climate Engine, Commvault, Confluent, Datadog, DataIKU, Dell Technologies, Elastic, Fortinet, Gitlab, Iron Mountain, LumApps, MongoDB, NetApp, OpenText, Palo Alto Networks, Pega Systems, Siemens, SUSE, Thales, Thought Machine, Veeam, and VMware are among them. It’s also adding integrations with companies like ForgeRock, JumpCloud, Okta, and Ping Identity to improve sign-on flows. The idea here is that a number of Google’s existing and potential customers are already using one or a combination of these companies, and so this is about integrating those solutions more deeply into Google’s cloud platform so that these companies can work more seamlessly (and of course adopt more Google Cloud products, now knowing that they can be used with their existing identity management and other protocols). The push to work with multiple providers is practical on another level: these are the apps that are used by companies to let them localize operations better for specific regions and use cases and users, so Google has to accommodate that to work with them on the bigger prize of winning more business overall. Confidential space, meanwhile, is a new product that Google is launching as part of its Confidential Computing initiative, a push to build and provide more secure environments for those collaborating in the cloud and exchanging data as part of that process, by letting them keep that data constantly encrypted and secure. This has been a very interesting area and aspect of the cybersecurity market in the last several years, raising lots of questions about how anonymized data can be in, for example, machine learning models that are trained specifically to figure out and shape identities out of sparse amounts of information. Approaches using cutting-edge algorithms and concepts like homomorphic encryption aim to bypass that issue by treating the data itself as salient, wrapped packages, and this is, not in so many words, what Google Cloud is also has been attempting to build here, starting with Confidential Virtual Machines (VMs) back in 2020, which kept data encrypted even while it was being processed. Today, this may be a priority only for a small segment of organizations that handle especially sensitive information; but judging by the evolution of data privacy and data protection, it is increasingly, and likely, going to become a more prominent aspect of the data protection regulatory environment, and therefore for a wider range of companies, too. The last of the big security announcements at Google Cloud Next focuses on SecOps, specifically the expansion of its Chronicle Security Operations software suite, a cloud-native platform for cyber teams to monitor, detect, investigate and respond to cyberthreats “with the speed, scale, and intelligence of Google.” It’s another well-worn cybersecurity area that a number of startups have identified and built solutions to address over the years, and indeed that is precisely what Google tapped to build this product: Mandiant, which it acquired earlier this year for a whopping $5.4 billion, forms a cornerstone of Chronicle; as does Siemplify, another acquisition from earlier this year. Chronicle existed prior to today’s news; now Google’s bringing these different products together under that brand to strengthen the product and positioning of it.

ACLU’s Jennifer Stisa Granick and Google’s Maddie Stone talk security and surveillance at Disrupt • ZebethMedia

By zebethcontrolPosted on October 9, 2022Posted in Disrupt, Privacy, Security, TechCrunch Disrupt 2022No Comments

In a world filled with bad actors and snooping governments, surveillance is the one factor that affects almost every business across the globe. While companies like Apple, Signal and LastPass fight against surveillance using end-to-end encryption and by shunning mass data collection — you can’t hand over data you don’t have — too many companies, big and small, remain unaware and deeply vulnerable to prying eyes. The fast-changing surveillance landscape is why we’re thrilled that Jennifer Stisa Granick, ACLU’s surveillance and cybersecurity counsel, and Maddie Stone, a security researcher on Google’s Project Zero team, will join us onstage at ZebethMedia Disrupt on October 18–20 in San Francisco. In a panel discussion called “Surveillance in Startup Land,” Granick and Stone will join ZebethMedia security editor Zack Whittaker to present a crash course on the surveillance state to inform, educate and inspire early-stage founders to think about how to protect their users and customers from threats they haven’t even thought of yet. We’ll discuss the emerging threats today, like how spyware makers, like NSO Group, Cytrox and Candiru, which let governments secretly wiretap phones in real time, and data brokers — the companies that trade in people’s personal information and granular location — represent an ever increasing threat to privacy and civil liberties. Surveillance isn’t just in the United States — it’s everywhere — and change can happen quickly and unexpectedly. Case in point: Fear over healthcare data tracking and privacy became a reality after the U.S. Supreme Court overturned Roe v. Wade, the landmark legal case that guaranteed a person’s constitutional right to abortion. The decisions that founders and investors make today can and will affect millions tomorrow. We can’t wait to hear our panelists weigh in on how companies should think about what they’re building now — and in the future — so they don’t inadvertently become extensions of the surveillance state. Jennifer Stisa Granick fights for civil liberties in an age of massive surveillance and powerful digital technology. As the surveillance and cybersecurity counsel with the ACLU Speech, Privacy and Technology Project, she litigates, speaks and writes about privacy, security, technology and constitutional rights. Granick is the author of the book “American Spies: Modern Surveillance, Why You Should Care, and What to Do About It,” published by Cambridge University Press and winner of the 2016 Palmer Civil Liberties Prize. Maddie Stone is a security researcher on Google Project Zero team, where she focuses on zero-day exploits actively used in the wild. Previously, she served as reverse engineer and team lead on the Android security team, focusing predominantly on preinstalled and off-Google Play malware. Stone holds a Bachelor of Science, with a double major in computer science and Russian, and a Master of Science in computer science from Johns Hopkins University. ZebethMedia Disrupt takes place on October 18–20 in San Francisco. Buy your pass today and find out why Disrupt is the place where startups go to grow. Is your company interested in sponsoring or exhibiting at ZebethMedia Disrupt 2022? Contact our sponsorship sales team by filling out this form.