“The wise adapt themselves to circumstances, as water moulds itself to the pitcher.” – Chinese Proverb.

The way we work, socialise, and consume information has changed exponentially over the last few years. This has been driven owing to global macro and micro events, such as world health emergencies or the continued march of technological innovation. The result is our ability to understand, publish and consume information has changed radically.

Governments and businesses need to keep pace with the changing landscape of how society uses these evolutions and in doing so need to adapt their business models, security efficacy and accessibility for their users.

One such example is the explosion of remote work, coupled with the continued march towards ‘cloud-first’ technology consumption. Resulting in expectations from both internal and external stakeholders that services should always be accessible, fast, and secure. This presents a challenge: How do we secure such a disparate infrastructure where sensitive information is stored in various places, from datacentres to SaaS Services like Microsoft 365 and personal end-user devices?

Securing the user from the endpoint through to the application itself has become a key battleground in the protection of information, detection of data exfiltration, shadow IT, even network and endpoint health for pre-emptive troubleshooting. Typically, organisations need to retro-fit controls, tools, and policies into systems with varying levels of technical debt resulting in a disjointed approach. The culmination of this approach often sees multiple point tools with little-to-no integration being deployed. Ultimately presenting their own set of challenges to the organisation.

Another approach organisations are taking is to centralise security and network within one platform. This is called Secure Access Service Edge or SASE (for those of you wondering, it’s pronounced SASY). Simply put, SASE is a cloud-delivered, centrally managed security solution that encompasses network-level capability in a Software Defined Wide Area Network (SD-WAN). Both Gartner and Forrester have released their respective analysis on who they believe to be the players in SD-WAN and SASE.

Figure 1: SASE Architecture

A SASE architecture has the potential to enable organisations to design flexibility and scalability into their operational model without compromising security or user experience. The integrated nature of the platform means it is a strong launch pad for the adoption of granular Zero-Trust Access (ZTA) controls to organisations’ data and that of their customers.

The effective implementation of a SASE Architecture involves a deep understanding of the network, security, and end-user requirements to be successful. Typically, this means engaging multiple different teams in the organisation to clearly define requirements as well as what is supported. Next, we need to engage operational teams to define what they need to see to be able to support the organisation. For example, Digital Experience Monitoring (DEM), network-level events and logs. This may sound daunting, but doing this early on can mean the organisation can have a clearly defined roadmap for the adoption of a single technology that can cater for a multitude of different use cases from one platform. This drives down the Total Cost of Ownership (TCO) to the organisation using a common set of tools and skills within the respective teams.

Fortinet’s approach to SASE looks to extend far further than the current solutions, coining the term Universal SASE. Imagine an architecture where a single platform can secure and provide actionable intelligence for the network, endpoint, SaaS services, experience monitoring, IoT/OT equipment and even branch switches and access points. “A pipe dream”, I hear you shouting? Well, with Fortinet this is quickly becoming possible through the centralised management ethos and world-class security capabilities from FortiGuard Labs.

Figure 2: Some features and benefits of the Fortinet SASE solution

For a lot of organisations, the move from a traditional siloed network and security ecosystem is not a simple endeavour. Therefore, we need to map out a journey to get organisations to a point where they can utilise this flexible security and network method with ease. This is what a world-class cybersecurity partner can do for you.

Let us recall that proverb: The wise adapt themselves to circumstances. Find out more about how Fortinet is helping guide organisations to adopt a SASE architecture at the International Cyber Expo at Stand P70. Come and listen to my product innovation session at the Tech Hub stage called ‘The Journey to Secure Access Service Edge (SASE)’ at 13:25-13:45 on the 26^th of September.

By Dan Kendal, Senior Systems Engineer, Central Government, Fortinet UK

The post The Journey to Secure Access Service Edge (SASE) appeared first on IT Security Guru.

WatchGuard® Technologies, provider of unified cybersecurity, today announced the acquisition of CyGlass Technology Services, a provider of cloud and network-centric threat detection and response solutions that help organisations see risks, stop threats, and prove compliance. CyGlass’s cloud-native platform utilises advanced artificial intelligence (AI) and machine learning (ML) capabilities to deliver enterprise-class cyber defence across hybrid networks, to mid-sized and small organisations at an affordable cost and without hardware. WatchGuard notes that the CyGlass technology will add to its Unified Security Platform^® architecture, delivering AI-based detection of network anomalies with a future Network Detection and Response (NDR) service, and will accelerate Open eXtended detection and response (XDR) capabilities within WatchGuard ThreatSync.

“The success of CyGlass in the last year demonstrates that mid-sized companies and MSPs are seeking innovative detection and response solutions that are not reliant on costly hardware. The WatchGuard solutions built on CyGlass technology will create a competitive advantage for our partners that will drive increased revenue and margin opportunities,” said Andrew Young, chief product officer at WatchGuard. “When integrated into WatchGuard’s Unified Security Platform architecture, partners and customers alike will benefit from the latest security advances to keep network attacks at bay, enhanced XDR insights and actions with telemetry from 3rd-party devices including switches, and easier regulatory and cyber-insurance compliance with powerful built-in reports.”

CyGlass mirrors a key tenet of WatchGuard’s mission, which is to make enterprise-grade security more accessible to all customers. Other NDR products commonly rely on expensive hardware and experienced security analysts to manage the solutions, meaning that only larger enterprise businesses could reasonably deploy them. CyGlass’s product allows a different approach; as a fully cloud-based solution, it enables mid-sized enterprises and MSPs to provide NDR capabilities at a very reasonable cost of ownership.

“We founded CyGlass with the goal of helping organisations better defend their hybrid networks with new levels of intelligence that protect against the most sophisticated attacks,” said Ed Jackowiak, founder and CEO of CyGlass. “Joining WatchGuard and integrating our capabilities into its impressive Unified Security Platform architecture takes our mission to the next level and makes it available to an established global network of partners and customers.”

The immediate focus of the combined company is on supporting current CyGlass customers and partners with existing CyGlass solutions and integrating the CyGlass technology into the WatchGuard platform.

Kirkland & Ellis LLP and K&L Gates LLP served as legal counsel to WatchGuard and Vector Capital.

The post WatchGuard acquires CyGlass for AI-powered network anomaly detection appeared first on IT Security Guru.

The UK is home to around 5.5 million Small and Medium-sized Enterprises (SMEs). They collectively account for 99.9% of businesses, generating three fifths of employment, and with a combined turnover of £2.3 trillion. As such, they represent a vital element of the economy and a significant national asset, which in turn, highlights a need to ensure that they are protected. The connected and IT-dependent nature of modern businesses means that the cyber perspective will be crucial here, but smaller organisations are typically not well placed in terms of related expertise and capability. Many take steps to outsource their security, in the hope that someone else will manage it (although even this arguably requires some knowledge of where to look and what to look for), whereas others may be reliant on limited in-house knowledge or potentially, overlook things entirely.  

The annual DSIT study of Cyber security skills in the UK labour market consistently reveals a lack of basic skills, with the 2023 results indicating that 50% of businesses have a basic skills gap in relation to technical cyber security (estimated to equate to approximately 739,000 businesses). The basic skills referred to in this context includes areas such as configuring firewalls, detecting and removing malware, and choosing secure settings. The gap is lower in large businesses (18%), highlighting that smaller organisations face the more pronounced problem. Many SMEs are consequently ill-positioned to attend to their own needs, leaving them both exposed and dependent upon further support in the event of incidents, or when making security-related decisions (including those around technology adoption and procurement).  

More directly highlighting a challenge for smaller businesses, the latest release of the UK Cyber Security Breaches Survey suggests a drop in attention toward a range of basic cyber hygiene related activities, such as use of password policies, use of network firewalls, and timely application of security-related software updates (all of which have declined around 10% in the last two years). The survey observes that the results in large businesses have not changed, and so the difference is attributable to the SME community (and in particular, to the situation within micro businesses). While the decline may be explained by factors such as post-pandemic challenges and financial pressures during an economic downturn, the net result will nonetheless be that organisations are less protected and at greater potential risk from incidents and attackers (which in turn, could have more serious consequences and costs for the affected businesses).  Such factors further highlight the potential for SMEs to be even more exposed and in need of greater support. 

In parallel, SMEs face an increasing expectation to address cyber security and comply with good practice. An example is the increasing requirement for compliance with Cyber Essentials, where SMEs can potentially find themselves obliged to meet standards that they lack the skills to action.  

This backdrop provides the context for a new 2.5 year research project led by the University of Nottingham, in partnership with Queen Mary University of London and the University of Kent.  The aim of the research is to better understand the cyber security support needs of the SMEs (particularly those of smaller businesses), and to pilot a new approach that engages them in further supporting each other.  

The initial phase of the research seeks to establish SMEs’ current understanding and confidence around cyber security, as well as their awareness and perceptions of available support. It will examine the situations in which SMEs may seek advice and support (e.g. what happens when they have concerns, questions, or indeed, incidents), and the extent to which they feel that they achieve effective outcomes. At the same time, consideration will also be given to the existing routes for support, looking at the coverage and consistency of advice, as well as the confidence and capacity of those offering it. 

Based upon the findings from these initial activities, the research will then take a more specific focus by attempting to track and analyse individual ‘support journeys’ from participating SMEs.  The intention is to determine a set of related case studies, looking at the nature and extent of support being sought, and the factors that lead to successful or unsuccessful outcomes.  The ultimate aim of the project is to then use the collective findings to inform the design, implementation and piloting of Cyber Security Communities of Support (CyCOS).  

These will be a basis for local collaboration and cooperation between SMEs and associated advisory sources, with the community offering a basis for SMEs to identify and share their support needs and have contact with advisory sources positioned to help them (which may include peer support from other SMEs). The project aims to trial the operation of the CyCOS via three pilots, enabling a practical evaluation of the approach, with a view towards establishing a repeatable model that can be adopted more widely. 

SMEs that would potentially be interested in being kept updated or contributing to the work are invited to contact the research team via steven.furnell@nottingham.ac.uk.  

Equally, if you would like to learn more from Professor Steven Furnell on how we, as a cyber security community, can better support SMEs, be sure to attend his Global Cyber Summit session at International Cyber Expo (London Olympia) at 5pm on the 26th of September 2023.

He will address the following:

• Recognising the support needs of small businesses, including their current understanding and confidence around cyber security
• The coverage, consistency and accessibility of existing support routes available to SMEs
• The concept of Cyber Security Communities of Support, fostering localised collaboration between SMEs and advisory sources  

To register for FREE as a visitor: https://ice-2023.reg.buzz/eskenzi

The post SME Cyber Security – Time for a New Approach? appeared first on IT Security Guru.

This week, Keeper Security announced that it has been identified as a leading privileged access management (PAM) provider for its product strength and cost-efficiency. The recognition comes from analyst firm Enterprise Management Associates® (EMA) in its latest research report: EMA Radar for Privileged Access Management.

The post Keeper Security Named a Market Leader in Privileged Access Management (PAM) by Enterprise Management Associates appeared first on IT Security Guru.

Synopsys has announced it has been recognised as a leader in The Forrester Wave: Static Application Security Testing, Q3 2023. The report identifies the 11 most significant vendors in the static application security testing (SAST) market and evaluates them against 26 criteria grouped into three high-level categories: Current offering, Strategy, and Market presence. Synopsys’ Coverity® SAST solution received the second highest score in the Current offering category and tied for the second highest scores in the Strategy and Market presence categories.

The report states: “Security and development leaders look to static application security testing solutions to find, prioritise, and help fix security weaknesses quickly in proprietary code by seamlessly integrating into developer workflows.”

Within the Current offering category, Synopsys received the highest score in the Detection criterion, among the highest scores given in the Product security criterion, and a tie for the second highest score in the DevSecOps workflows criterion. Within the Strategy category, Synopsys received the highest possible scores in the Roadmap, Partner ecosystem, and Supporting services and offerings criteria.

According to the report, “Coverity offers native, high-confidence, high-impact scan analysis to deliver only the most actionable results to developers. Security pros who want complete coverage and have a higher tolerance for false positives can dial up analysis through a scan configuration setting. Software Risk Manager centralises results for all scan types and results from other vendors. Security pros use the tool to determine the highest-priority issues across their portfolios and weed out possible false positives by applying filter options such as policy, age, predicated status, and an ML confidence rating based on triage history. Custom checkers also help Coverity maintain its ‘very low false-alarm rate,’ as one customer reference put it.”

“We’re honored to be recognised by Forrester as a leader in this evaluation,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “With the emergence of DevOps and AI-assisted coding solutions, it is critical that organisations can find and fix vulnerabilities in their proprietary code quickly and at scale, without introducing unnecessary friction into the software delivery cycle. We believe the results of this evaluation reflect our commitment to helping customers build trust in their software—with confidence and at the speed their businesses demand.”

Download a complimentary copy of The Forrester Wave: Static Application Security Testing, Q3 2023.

The post Synopsys Recognised as a Leader in Static Application Security Testing by Independent Research Firm appeared first on IT Security Guru.

Cato’s largest financing round to date brings total funding to $773M, underscoring investor confidence in the company’s leadership in the fast-growing single-vendor SASE market.

Cato Networks, provider of the world’s leading single-vendor SASE platform, announced it raised $238M in equity investment, bringing total funding to $773M. The largest financing round to date was led by LightSpeed Venture Partners with the participation of Adams Street Partners, Softbank Vision Fund 2, Sixty Degree Capital, and Singtel Innov8. The round comes just weeks after adding Carlsberg as a major enterprise customer, Cato’s recognition as a ZTE/SASE Leader by Forrester Research, and as a Challenger in Gartner’s Magic Quadrant for Single-vendor SASE. This up-round’s valuation underscores investor confidence in Cato’s massive market opportunity and its SASE platform’s disruptive and transformative power.

Following the round, Ravi Mhatre, founder and managing director of LightSpeed Venture Partners, will join the Cato board. “Lightspeed has a proven track record of supporting innovative companies that successfully disrupted and transformed huge legacy markets,” says Mhatre. “I am excited to join Cato’s board of directors to help guide the company towards its next phase of growth as it continues to expand its product offerings and scales global sales, marketing, and branding.”

“This funding round reflects investor confidence in Cato’s leadership in the single-vendor SASE market,” says Shlomo Kramer, co-founder and CEO of Cato Networks. “Cato’s SASE platform uniquely enables organisations of all sizes to optimally secure their businesses without the cost, complexity, and risk of owning and maintaining a pile of point solutions. Cato provides the only SASE platform creating a seamless customer experience and empowers IT to move at the speed of business.”

Cato will use the new funds to scale its organisation in three key areas: delivering Cato’s vision and customer success to a broader audience, expanding the partner ecosystem offering managed Cato SASE services, and growing the engineering and product team in charge of our high-velocity train of innovative capabilities.

Market Adopts Single-vendor SASE Architecture Pioneered by Cato

Founded in 2015 by industry luminaries Shlomo Kramer, co-founder of Check Point Software and Imperva, and Gur Shatz, co-founder of Incapsula, Cato was built to deliver enterprise security and networking capabilities through a converged cloud service. This vision inspired the creation of the SASE category four years later. SASE promises an indisputable value to all enterprises: the ability to use a world-class security infrastructure converged with a global private backbone for the entire business without having to “own” the underlying infrastructure. Cato’s SASE stands as a glaring alternative to legacy and emerging approaches that fall short of delivering this outcome as enterprises struggle with skills, resources, and budget constraints.

Cato’s vision has been met with enthusiasm in the market. In 2022, the company crossed the $100 million ARR mark, growing revenues at over 60% year-over-year. Cato’s gross dollar retention rate of over 95% is a strong testament to the improvements in security, agility, and performance experienced by our customers.

More than 1,800 enterprise customers, including Carlsberg and the TAG Heuer Porsche Formula E, trust Cato with their mission-critical security and networking infrastructure, demonstrating the robustness of Cato’s platform and its ability to support complex business and technical requirements. On Gartner Peer Insights, IT leaders give high marks for the Cato Experience. As of 11 September 2023,[YY1] [DG2] the Cato SASE Cloud had the highest overall rating of any rated single-vendor SASE platform (4.7 out of 5) based on 10x more reviews than any other vendor in the Single-Vendor SASE market.

“Cato Networks is the poster child for ZTE and SASE,” writes Forrester Research in The Forrester Wave: Zero Trust Edge Solutions Q3 2023 Report[YY3] . “Founded by Shlomo Kramer of Check Point Software Technologies and Imperva fame, Cato Networks started with a strong security pedigree and built a global platform of distributed PoPs from which to deliver security as a service. Cato has a strong strategy paired with a truly unified networking and security solution and has shown real security innovation within its single-pass architecture platform.”

Looking ahead, Cato will expand its cloud-first, globally distributed secure network platform to deliver new security and networking capabilities without increasing the customer’s total cost of ownership. Cato’s unique visibility into massive, real-time traffic volumes underpins existing and upcoming AI/ML capabilities to detect and respond to threats in real time. Cato’s zero-touch deployment model is ideally suited to expand beyond the network to further increase Cato’s end-to-end visibility and control of all enterprise traffic.

To learn more about Cato Networks, visit https://www.catonetworks.com.

The post Cato Networks Raises $238M in Equity Investment at Over $3B Valuation appeared first on IT Security Guru.

Today, Specops Software, an Outpost24 company, has announced the launch of its new continuous scanning capabilities within Specops Breached Password Protection. The feature will now enable security administrators to continuously monitor Active Directory for compromised passwords or those exposed on the Dark Web and prevent password reuse within the enterprise in real-time. The feature is available now to all Specops Breached Password Protection customers.

Passwords continue to represent a persistent risk for all businesses, regardless of size, location and industry. In fact, Microsoft revealed that it deflects over 1,000 password attacks every second.

It’s a complicated situation – IT teams often don’t have control or visibility into the password policies of every app of website their users make use of in the course of doing business, and users often continuously reuse passwords when creating new accounts in their work and personal lives. The likelihood of an attacker taking advantage of exposed credentials is therefore increased. If users continue to reuse passwords in their work and personal lives, it could allow a hacker to gain unauthorised entry to a user’s Active Directory account when those accounts are breached, which puts the entire organisation at risk.

Complicating the risk organisations face is the trend of eliminating password expiry paired with only checking for compromised password use at change or reset events. Without regular expiry, organisations utilising tools that lack continuous monitoring are removing the majority of their compromise checks. Zero expiry periods also give their users more opportunities to reuse their active work passwords in various SaaS in work and personal lives, increasing the chance an attacker could make use of a reused password.

With true continuous scanning, Specops Breached Password Protection identifies and blocks the use of weak or vulnerable passwords whenever a password is changed, reset or when the daily scan takes place, forcing the user to replace that password at the next login (if enforcement is configured). Having near-immediate protection of compromised passwords can mean the difference between a password being exploited or not.

Continuous scanning for breached passwords is a feature included within Specops Breached Password Protection, an add-on for Specops Password Policy which is the comprehensive Active Directory password management system that enhances, enforces and extends password security for the entire organisation. Specops Software continuously monitors and checks against a daily updated database of 3 billion unique passwords in Specops Breached Password Protection. The database automatically acquires intelligence from password leaks, data breaches and honeypot data from live attacks – offering true real-time password protection for businesses.

“Password security continues to be a concern for IT security teams and our own research has shown that passwords continue to be a weak link in security,” said Darren James, product manager at Specops Software. “A critical way to combat this issue effectively is with a layered approach to security that contains continuous password scanning. Security must be constant and consistent. By monitoring which Active Directory passwords are being used in real-time, we can greatly mitigate the risk of password reuse, or the risk of a compromised password being successfully used. With the added feature of continuous scanning within Specops Breached Password Protection, we are proud to be providing market-leading password security that not only meets today’s regulatory compliance needs, but importantly gives the upper hand to security teams and IT administrators to prevent unauthorised account access.”

Specops Breached Password Protection will continue to enable organisations to meet the latest password security recommendations and guidance set out by industry regulatory authorities and standards including NIST, GDPR, NCSC, HITRUST, ANSSI and BSI.

The post Specops Software Launches Continuous Scanning Capabilities for Breached Password Protection appeared first on IT Security Guru.

Today, Salt Security announced that it has expanded its partnership with CrowdStrike by integrating the Salt Security API Protection Platform with the industry-leading CrowdStrike Falcon® Platform. With this new integration, customers now can get a 360-degree view of API security risks with unique insights into the application-layer attack surface.  Available on the CrowdStrike Marketplace, the new integration delivers robust API threat intelligence and enhanced cross-organization API security functions by streamlining and improving API auditing, monitoring, and enforcement workflows. 

Only the patented Salt API security platform applies cloud-scale big data, along with artificial intelligence (AI) and machine learning (ML), to enable organisations to automatically discover and inventory all of their APIs. By showing where APIs expose sensitive data, Salt helps enterprises identify and block potential API attacks, as well as remediate vulnerabilities to strengthen their API security posture. 

The combination of best-of-breed API runtime monitoring and AI-driven insights from Salt with CrowdStrike’s award-winning AI-powered protection capabilities gives organisations complete visibility into their API attack surface with context into the business criticality of threats. With this partnership, customers benefit from:

• API vulnerability and threat context: Additional intelligence from the Salt platform provides contextual information on API vulnerabilities and threats for application-layer security which enriches the Falcon platform
• API threat mitigation: Robust API threat mitigation with Salt detections integrated with the Falcon platform 
• API threat management automation: Enhanced detection, investigation and response of API-based threats through automated policy management within the Falcon console 

“APIs represent the core of modern technology stacks, underpinning our digital-first society by enabling the seamless transfer of data and services,” said Gur Talpaz, vice president of corporate development and head of Falcon Fund at CrowdStrike. “With APIs now a prime target for malicious actors, securing them requires a diligent and comprehensive approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organisations comprehensive visibility into their application-layer attack surface and a robust understanding of their application threat landscape.” 

“As API abuse continues to proliferate and cause havoc on unprepared organisations, API security has become a top priority for CISOs and security teams globally,” said Roey Eliyahu, co-founder and CEO, Salt Security. “Protecting against API threats requires deep visibility and robust runtime protection. We are excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organisations with extended posture management and runtime protections across the cloud and application landscapes.” 

In September 2022, the CrowdStrike strategic investment vehicle, Falcon Fund, invested in Salt Security. Since then, the companies have worked together to enhance API discovery and runtime protection and enable security testing to harden APIs.

The post Salt Security Strengthens CrowdStrike Partnership with New Integration appeared first on IT Security Guru.

Acronis, a global cyber protection company, today announced the launch of Acronis Cyber Protect Home Office (formerly Acronis True Image). The innovative software offers a comprehensive suite of features that seamlessly integrate secure backup, and AI-based security making it the ultimate must-have solution for individuals, families, home office users, and small businesses.

An alarming 41% of individuals rarely or never back up their data while 61% report a preference for an integrated solution. The need for robust, less complex, and all-encompassing backup and cyber protection has never been greater in an increasingly interconnected world. Acronis Cyber Protect Home Office is designed to conquer the evolving landscape of cyber threats by integrating Acronis’ cutting-edge cyber protection and secure backup solutions. By combining AI-powered defense mechanisms, robust data backup, remote management tools, and mobile device protection, Acronis sets the standard for holistic cyber protection. Acronis Cyber Protect Home Office is the only complete active-security solution that addresses cyber protection needs within a single, easy-to-use, and modern platform.

“With the advancements of AI, cybercriminals and their tactics are evolving,” said Gaidar Magdanurov, President at Acronis. “Today, even those with limited tech expertise can impact a large number of individuals through the use of complex phishing and social engineering attacks. Protecting data, applications, and systems requires a complete cyber protection solution – integrated with security and data backup. We are excited to announce our latest update of Acronis Cyber Protect Home Office, bringing better performance and stronger security to protect individuals’ data, devices, and home offices.”

Key features and benefits of Acronis Cyber Protect Home Office include: 

• AI-Based Cybersecurity Enhancement: Innovative AI capabilities proactively identify and neutralise potential threats, while providing an added layer of security against cyberattacks including automated recovery from ransomware attacks. Enable the two-factor authentication (2FA) functionality to maximise your security.

• Backup and Cloning: Acronis Cyber Protect Home Office offers robust secure backup and cloning features. Users can safeguard their critical data and systems with reliable backup that ensures quick recovery in case of data loss or cyber-attacks.

• Remote Management: Users are empowered with remote management tools to monitor and manage their cybersecurity measures from anywhere in the world. This added convenience and flexibility allow for a swift response to any emerging threats.

• Mobile App and Backup: While mobile device manufacturers offer some storage options, it’s usually platform-specific, and multi-device families may have a mix of operating systems. Acronis Cyber Protect Home Office features storage capabilities for any operating system and advanced encryption to keep mobile contacts, calendars, photos, files, and data safe. The solution also offers the Acronis mobile app to safeguard mobile device data. The feature seamlessly functions across devices so access data is accessible from anywhere through the app or the web interface.

Acronis Cyber Protect Home Office is available for purchase online and through select resellers with yearly packages starting from $49.99. For more information about features, pricing, and how to get started, please visit https://go.acronis.com/cyber-protect-home-office.

The post Acronis Unveils First Ever AI-powered Cyber Protection Software for Consumers appeared first on IT Security Guru.

New statistics by International Cyber Expo reveal that in the event of a data breach at an organisation, nearly one in every five (19%) individuals across the UK believe the person(s) who allowed initial entry via phishing, poor security practices etc. should be held most responsible and face the harshest penalty. Additionally, of these individuals, over a third (34%) consider prison to be the most suitable punishment for a data breach. The research shines a renewed spotlight on blame culture.  

This survey was conducted among 1,000 nationally representative UK respondents (aged 16+) by Censuswide, on behalf of International Cyber Expo. 

Granted, a higher proportion of the population (29%) think the cybercriminals who exploited the organisation’s vulnerabilities should be held most responsible. Yet, historically, most cyber crimes go unreported and cybercriminals are rarely convicted. When asked who should be responsible for financially compensating the victims of a data breach (i.e. the individuals, not the corporation), 35% believe it should be the perpetrators, followed by the Courts through compensation orders (26%) and the Treasury through the Proceeds of Crime procedures (20%). However, in each of these scenarios, a clear determination of the offender is required, which is not often achieved with cybercrime.

International Cyber Expo’s Advisory Council member, Flavia Kenyon – Barrister at The 36 Group, adds: “It is imperative that cyber laws and regulations continuously adapt to keep up with technological innovation, so that they are fit for purpose in order to ensure clarity, effective compliance, and enforcement.  

The current legal framework is fragmented, and in the absence of an overarching cybersecurity legislation, there is a raft of acts and regulations. The Computer Misuse Act 1990, the main act that criminalises unauthorised access to computers, the so-called ‘hacking offences’, is often enforced in conjunction with the Data Protection Act 2018, and even with the Fraud Act 2006, and the Proceeds of Crime Act 2002 to punish those responsible for cyber-attacks, enable asset-tracing and compensate victims.  

Additionally, there are mandatory duties (including directors’ duties under the Companies Act 2006) that trigger civil liability and fines for non-compliance under the DPA 2018, the UK-GDPR, NIS Regulations (Network and Information Security Regulations 2018), and the latest Telecommunications (Security) Act 2021, the latter expected to be fully implemented in 2024.  

Time will tell if this legal framework can deliver on ensuring protection of our most critical digital infrastructure and of our most-pressured asset, data.  

When it comes to liability, and enforcement, it is important to distinguish between software developers, who purely develop the code underlying open-source protocols, from third parties who use the protocol to cause harm and/loss, and those who provide, operate, and control the network, and benefit from it financially.”

Apart from the cybercriminals themselves and individuals who allowed initial entry, 18% of survey respondents believe the CEO or board members of software providers (e.g video conferencing tools, cloud file storage etc.) should be held most responsible for not providing secure products and updates. A further 15% and 14%, respectively, hold the CEO or board members of the targeted organisation, and the CEO or board members of cybersecurity providers most responsible. This is interesting in light of the White House’s recently announced National Cybersecurity Strategy, which endeavours to shift the liability for insecure software products and services to the entities making them. Meanwhile, 16% of respondents maintain that the cybersecurity team of the targeted organisation should be the ones held most responsible; which may add to fears among CISOs of personal liability.

The International Cyber Expo takes place next week. It is held on the 26th and 27th of September 2023 at London Olympia. To register for FREE as a visitor visit: https://ice-2023.reg.buzz/eskenzi

The post Over a Third of UK Population Believe Prison is the Most Suitable Punishment for Individuals Responsible for Data Breach appeared first on IT Security Guru.

The TAG Heuer Porsche Formula E Team relies on the security of the Cato SASE Cloud platform. This enables the reliable and secure transmission of data worldwide. The insights gained on the race circuit can be applied to companies across all industries worldwide.

In any environment where data is generated or sent to the cloud, cybersecurity plays a particularly crucial role. This applies to businesses where employees work at different locations and branches, transferring data over the network. Traditional IT security solutions face challenges in being complex, cumbersome, costly to manage, and, most importantly, outdated.

Modern technologies like Secure Access Service Edge (SASE) represent the next generation of network security. Porsche Motorsport recognizes this and employs this technology for its Formula E Team. However, this approach is transferable to any organization where employees work remotely, multiple branches exist, and data flows to and from the cloud.

Why is SASE relevant for Formula E and other technology – and data-driven companies?

It’s quite simple: SASE converges network and security functions onto a global cloud platform. Instead of dealing with multiple manufacturers and products, a central platform is utilized, where all components are harmonized to work seamlessly together.

Additionally, this solution operates precisely where data is generated, network traffic flows, and cybercriminals target – in the cloud. SASE brings security inspection and policy information to the data, rather than routing the data to a data center, which increases latency. Cato can be self-managed, co-managed, or fully managed, which eases the burden on companies that no longer need to operate and maintain their hardware. The solution is tailored to support each company’s specific needs.

Simultaneously, a dedicated team of security experts takes care of the underlying SASE infrastructure. This ensures that protective measures are up-to-date. Furthermore, the team monitors the entire data traffic for potential threats. This makes it challenging for attackers to successfully breach Cato’s customers’ networks. At the same time, this approach relieves the IT department and reduces costs for security components.

The Formula E races on numerous tracks around the globe. From Mexico to Great Britain, the USA, South Africa, Indonesia, Monaco, Spain, Italy, and of course also in Germany. At each of the tracks, the TAG Heuer Porsche Formula E team must quickly establish a stable, secure, and above all, fast data connection. The vehicle data must be provided to the engineers in the pit lane on-site, the cloud applications, and the operations room in Weissach in real-time to make strategically important decisions before and during the race. This results in approximately 400 GB of data being generated at each race weekend, which must be delivered swiftly, securely, and reliably to their respective recipients.

SASE = Security and Network Management

The SASE cloud platform not only serves the purpose of defending against attackers but also ensures the highest possible data transmission quality. The challenge lies in the fact that high-end data lines are not always available to the system. Instead, the data lines at various Formula E race circuits vary greatly in quality.

The Round Trip Time (RTT) for data between the race circuit and the TAG Heuer Porsche Formula E Team headquarters is approximately 80 to 100 milliseconds. A maximum bandwidth of 50 Mbit/s is used, which is identical for all Formula E teams. This demonstrates that the SASE cloud platform is valuable not only for high-end connections but especially in situations with varying qualities.

For example, at the Diriyah race circuit in Saudi Arabia, the jitter was nearly zero to one millisecond, and packet loss during a session was around 2%. The different applications had to cope with bandwidth and cycle times. The Cato SASE Cloud then maintains data volume and transmission stability and performance even under challenging conditions. The racing team often doesn’t know how good the technical infrastructure will be at the next location but relies on having stable, secure, and fast data connections.

Furthermore, latency times vary from location to location. This is where another strength of the Cato SASE Cloud becomes evident. It minimizes latency with its managed global and private backbone, reducing delays and packet losses caused by inefficient internet routing. At the same time, the Cato SASE Cloud maximizes data volume through integrated bandwidth optimization.

Since the system’s implementation, it hardly matters to the racing team whether they are in India, Brazil, Germany, or anywhere else in the world. Of course, the performance of the Cato SASE Cloud depends on local conditions and distances between nodes, but it optimizes the situation wherever possible.

Setting up Service Quality, Prioritization, and Real-Time Connections

The IT team sets up the SASE access node at the race circuit, and the system connects to the Cato SASE Cloud, enabling secure, high-speed data transmission. Here, it is also possible to prioritize data traffic, which is particularly relevant in locations with low bandwidth. For instance, voice calls can remain clear and distinct even when large data volumes are transmitted over the same connection.

Ultimately, the SASE cloud platform helps ensure that the relevant team members receive the right data at optimal speeds. Real-time transmission, comprehensively protected by the platform, is also possible.

The most critical data for transmission includes video streams, timing data, and intercom voice communication. Speed and reliability of transmission play a crucial role here. Large amounts of data are collected at the race circuits, and with the Cato SASE Cloud, the data can be downloaded and processed as needed by the engineers. It’s important that the data is transmitted to the central operations center in Weissach as quickly and efficiently as possible during data processing.

Thanks to the SASE Cloud platform, the TAG Heuer Porsche Formula E Team can rely on consistently stable, fast, and secure internet data connections.

The post Cyber security in Formula E: TAG Heuer Porsche Formula E team relies on support from SASE appeared first on IT Security Guru.

Lookout, Inc., the data-centric cloud security company, today announced the availability of Lookout Mobile Endpoint Security to CrowdStrike channel partners and customers via the CrowdStrike Marketplace. As part of CrowdStrike’s world-class ecosystem of compatible solutions from trusted partners, Lookout will be the first mobile threat defence solution in the CrowdStrike Marketplace.

While remote work is becoming the new normal for businesses around the world, many struggle to secure an increasingly mobile-centric environment. According to The Global State of Mobile Phishing Report published by Lookout, 2022 saw the highest mobile phishing encounter rate ever, with more than 50% of personal devices exposed to a mobile phishing attack. Lookout estimates the potential annual financial impact of a mobile phishing attack to an organisation of 5,000 employees is nearly $4 million.

Lookout Mobile Endpoint Security provides visibility into mobile threats and state-sponsored spyware, while protecting against mobile phishing and credential theft. The platform analyses telemetry from more than 215 million devices, 269 million apps, and millions of web destinations to uncover hundreds of phishing domains each day.

“With the CrowdStrike Marketplace, we make it easy for customers to have flexibility and choice through integrations with best-of-breed security products into the CrowdStrike Falcon® platform,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “Lookout’s Mobile Endpoint Security is a great example of an innovative partner security solution that addresses the critical security challenges that organisations face when employees connect their mobile devices to corporate networks.”

“The rapidly evolving threat landscape calls for a collaborative approach that brings together best-in-class solutions to secure the new hybrid workforce,” said Jim Dolce, Lookout CEO. “Being listed in the CrowdStrike Marketplace is a great opportunity for organisations to directly procure Lookout’s advanced mobile security solution to help execute a comprehensive security strategy.”

Lookout at Crowdstrike Fal.Con 2023

Today through September 21, Lookout will join CrowdStrike and thousands of cybersecurity’s best as a Platinum sponsor of CrowdStrike Fal.Con 2023 at Caesars Palace in Las Vegas. Attendees are invited to booth #802 to witness first-hand why Lookout Mobile Endpoint Security is the industry’s most advanced mobile threat defence platform.

On Tuesday, September 19 at 8:30 a.m. PDT in the Partner Theater @The Hub, Justin Albrecht, Lookout Director of Mobile Threat Intelligence, will host a speaking session titled “Phishing Tricks and Zero Clicks: Tracking Mobile Threats.” This session will shed light on the importance of viewing mobile devices as endpoints requiring protection, sharing trends, and reporting on mobile threats while offering unique insights into Lookout’s intelligence on APT activity targeting this often-overlooked sector.

To access Lookout Mobile Endpoint Security on the CrowdStrike Marketplace, click here.

The post Lookout Announces CrowdStrike Marketplace Availability of Mobile Threat Defense appeared first on IT Security Guru.

At the IT Security Guru we’re showcasing organisations that are passionate about making cybersecurity a healthier, more mindful industry. This week’s guest has set up a dedicated organisation to do just that! Peter Coroneos, Founder and Executive Chairman at Cybermindz, spoke to the Gurus about the importance of supporting the wellbeing of cybersecurity professionals and why the time is now for change.

Peter is a cybersecurity veteran, with years of experience across the cyber and technology sectors. His resume is broad, extensive and impressive, currently serving as a global ambassador for Paris-based not-for-profit Cybersecurity Advisors Network, with over a decade of experience as CEO of Australia’s Internet Industry Association (1997-2010), and a pioneer for the development of the 2010 icode scheme (a scheme embraced by the Federal Government in Australia and adapted for the US government).  In recent years, however, Coroneos has turned his attention to the mental health of cybersecurity professionals. In 2022, he established Cybermindz, a dedicated not-for-profit mental health initiative. Cybermindz launches in the UK this week.

“The existence of Cybermindz is testimony to a very real problem. A problem you wish didn’t exist, but it does. It’s because of that very suffering that we’re here,” Coroneos said, regarding the founding of the organisation. It’s well documented that cybersecurity is a thankless industry, with professionals increasingly more often reporting signs of burnout and stress. Coroneos notes that the relentless threat environment posed by unseen attackers causes the neurology of cybersecurity professionals to adapt into an unhealthy state of ‘hypervigilance’. He notes that we’re not adapted, according to environmental biology, to combat virtual threats. Traditionally, our attackers would have been in front of us and visible. Therefore, there’s a disconnect in the way our brains approach these threats. Burnout, in this case, is the product of the failure of the human neurology to adapt to these modern threats.

The Cybermindz program directly addresses the risk of burnout and skills loss in existing cyber teams. The organisation aims to equip leaders “with the necessary coping skills and support to ensure they remain happy, effective and resilient in the face of an escalating threat environment. Our mission is to support the performance of cyber teams and related professionals, improve skills retention and enhance the health, wellbeing, productivity and cohesion of our most critical human assets, and those who work with them.” Cybermindz is peer-informed and will operate at scale to transform the human face of cybersecurity.

Coroneos knows the importance of wellbeing support for cybersecurity professionals first-hand: “We’re all cyber people ourselves; we are the industry. It’s painful to witness the human toll on people you really care about. The people who defend us but aren’t recognised. They take the brunt, so society doesn’t need to suffer. This plays out on health and relationships though.”

Peter is also an accredited Integrative Restoration (iRest) teacher and practitioner of this and related disciplines since 1977. iRest is at the heart of Cybermindz offerings, with virtual and in person sessions available for organisations. But what is it? According to the Cybermindz website, iRest is “a simple 10-step protocol that is easy to learn and can be practiced anytime, anywhere. Its positive effects are supported by scientific trials and military based research.”

“iRest can be practiced in short sessions of 10 or 20 minutes, to induce deep relaxation and leave you feeling refreshed and alert. It can also be used before bed, to ease your body and mind into restful sleep, even if you work shifts or are sleep deprived.”

Additionally, Cybermindz offers organisations the chance to take part in a two-hour explorative masterclass on the neuroscience of burnout, along with courses spanning from 8-weeks to 36-months.  They pride themselves on offering support for organisations that’s easy to implement and builds resilience. Being remote, they open themselves up for scaling.

But why now? Coroneos says: “we’re fighting an asymmetrical war. We never know if we’re safe. Organisations and security professionals are in a pincer between the bad actors and pressures from their own organisations.” When it comes to cybersecurity, Cybermindz have identified 15 unique factors to cybersecurity that lead to burnout and stress for professionals, including success invisibility, under resourcing, ‘remotification’, relentlessness, and understaffing.

To coincide with the UK launch of the non-profit, this week Cybermindz are hosting a virtual summit on the topic of UK mental health in cybersecurity leadership. The event will bring together cyber leaders and practitioners to explore what a solution to the burnout and mental health crisis in cybersecurity might look like. The summit is designed to explore a constructive way forward. The iRest protocol will also be demonstrated.

The event runs from 10am-12pm on Thursday 21st September 2023. You can register for free here: UK Mental Health in Cybersecurity Leadership Summit + UK launch of Cybermindz | Humanitix

Do you know an organisation that’s doing incredible things for employee wellbeing? Email me at charley@itsecurityguru.org.

The post Cyber Mindfulness Corner Company Spotlight: Cybermindz appeared first on IT Security Guru.

Dragos, Inc., the global leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments, today announced a $74 million Series D extension, led by strategic operating and investing firm WestCap.

The equity investment is an extension of Dragos’s $200 million Series D that took place in October 2021, led by Koch Disruptive Technologies, an investment arm of Koch Industries, with funds and accounts managed by BlackRock, a leading global asset manager. This brings the Series D round to $274 million, with total funds raised to date now approximately $440 million.

According to analyst firm Frost & Sullivan, “The global industrial cybersecurity market will likely hit $10.2 billion by 2025 from $3.3 billion in 2020, registering exponential growth at a compound annual growth rate (CAGR) of 25.3%.¹” The funding will support additional go-to-market initiatives to meet growing demand. It will also fund accelerated expansion in key growth markets including North America, Europe, the Middle East, and Asia-Pacific; and across diverse industries including electric, oil & gas, chemical, manufacturing, pharmaceutical, food and beverage, water, transportation, mining, and building automation.

“The industrial threat landscape irreversibly changed this past year, and critical industries are seeking solutions that give them visibility into their OT networks and defend against the threats making headlines and driving government action,” said Robert M. Lee, Chief Executive Officer and Co-Founder of Dragos, Inc. “Demand for OT cybersecurity continues to be strong and this extension allows us to scale. What’s really exciting is that WestCap, as lead investor, is a partner in our success and shares our commitment to build the collective defense to protect industrial organisations and the communities they serve.”

The extension round arrives as governments and infrastructure providers globally are recognising the importance of industrial cybersecurity and demanding more attention to their ICS/OT environments. This shift is demonstrated in the release of the Biden administration’s National Cybersecurity Strategy this year, and the March 23 hearing before the United States Senate Committee on Energy and Natural Resources, during which Lee testified on the cybersecurity risks to energy infrastructure. Internationally, government initiatives across Europe, the Middle East, and Asia-Pacific are having a similar impact.

“As cyberattacks escalate in frequency and complexity, it is critical that we support the scaling of leading companies like Dragos whose mission is to ‘safeguard civilization,'” said Laurence A. Tosi, Founder and Managing Partner at WestCap. “Dragos is the category leader in protecting critical infrastructure with a holistic cybersecurity approach in the Operational Technology segment led by a respected leadership team with a proven track record for investigating the most high-profile cybercrimes in recent history and building innovative technology to isolate and combat those threats.”

The Series D funding extension will bolster Dragos’s ability to make ICS/OT cybersecurity more accessible around the world. This year, Dragos has already expanded across Western Europe and the DACH region, building on its established presence in the UK. This summer, Dragos entered into an agreement with Macnica to provide Dragos’s cybersecurity solutions in Japan, signifying Dragos’s expansion in Asia-Pacific beyond its presence in Australia and New Zealand. In August, the company signed a three-year Memorandum of Understanding (MOU) with the Cyber Security Agency of Singapore (CSA) to support the country’s efforts to defend against cyber-attacks to its operational technology and critical infrastructure. Dragos also continued to grow its footprint in the Middle East through its established presence in the Kingdom of Saudi Arabia and United Arab Emirates.

Dragos also received top industry recognition this year. In August, the Dragos Platform received the SC Award for Best Industrial Security Solution for its ability to help organisations identify their OT assets, manage vulnerabilities, and detect and respond to threats that target industrial control systems. Dragos also received the SC Award for Most Promising Unicorn. In June, Dragos was named Best Incident Response Solution by SC Awards Europe. This year’s awards followed Lee’s recognition in 2022 as SC’s Security Executive of the Year, and as an EY Entrepreneur of the Year for the Mid-Atlantic region.

¹Frost & Sullivan, “Increasing Sophistication of Attacks and Evolving Threat Landscape Powering Global Industrial Cybersecurity, Outlook 2022,” Sankara Narayanan Venkataramani, April, 2022.

The post Industrial Cybersecurity Leader Dragos Raises an Additional $74M in Series D Round Extension Funding Led by WestCap appeared first on IT Security Guru.

A new study from Forbes Advisor has unveiled that a staggering 93% of employers perceive there to be an IT skills gap within the UK job market.

The experts at the price comparison and guidance platform surveyed 500 UK businesses across a range of sectors, including business, consulting and management, engineering and education, to find out what IT skills they are most lacking, as well as what measures they are taking to bridge the skills gap.

When examining the primary reasons behind the IT skills gap, more than two in five businesses (42%) attribute the issue to the rapid pace of technological advancements. Training and development challenges were identified by two in five businesses (41%) while over a third (37%) cite a lack of relevant educational programmes.

More than a third of businesses (35%) expressed concerns about competition and the scarcity of qualified candidates. Additionally, more than a quarter of businesses (29%) pointed to salary disparities across the sector as a contributing factor.

Source: Forbes Advisor

Question asked: What, if anything, do you think are the primary factors contributing to the IT skills gaps in the UK job market? 

What are the most in-demand IT skills in the UK jobs market?

The skill that emerged as a top priority for employers in 2023 is within artificial intelligence (AI) and machine learning. Overall, two in five employers (40%) consider this to be the most sought-after skill in the UK jobs market.

This sentiment is particularly echoed by key decision-makers in organisations. Three quarters (75%) of business chairpeople and more than two thirds (71%) of business partners believe that skills in AI hold the greatest value in today’s job market.

Following closely are two other indispensable technology skills, IT support and troubleshooting (32%) and cybersecurity (30%).

Source: Forbes Advisor

Question Asked: Which IT skills do you consider to be the most in-demand in the current job market?  

Further research highlights how so-called ‘soft skills’ play a key role alongside technical expertise for employers. When questioned on the most vital soft skills for IT professionals to possess, more than half of employers (55%) identified problem-solving, which encompasses analytical skills, critical thinking and troubleshooting.

Following closely behind is adaptability (52%), highlighting the importance of embracing change and learning new skills in an ever-evolving industry. Teamwork holds an equal importance (52%), with collaborative efforts and cooperation highlighted as a top skill within a fast-paced IT environment.

Regarding soft skills for IT professionals, two in five businesses (40%) cite ‘effective communication’ – ensuring they can convey ideas through various channels. More than a quarter of businesses (28%) rank leadership as an essential skill, with vision, motivation, and delegation key for guiding teams and strategies.

How are businesses aiming to bridge the IT skills gap?

Research has uncovered the ways in which British businesses are rising to the challenge of the IT skills gap by implementing innovative strategies. More than one-third of businesses (34%) have invested in internal training programmes to upskill their workforce.

Following closely, nearly one-third of businesses (31%) outsource their IT projects to specialised providers or consultants. Additionally, 30% are investing in top talent by offering IT experts higher salaries or incentives, and likewise, more than one-quarter (28%) are actively headhunting candidates from other companies.

Collaboration with educational institutes is also proving popular, with more than a quarter (28%) of businesses partnering with educational institutions to bridge the gap between IT skill demand and supply.

Businesses may also wish to consider DIY solutions to their fundamental IT needs, such as developing and enhancing their online presence. An increasing number of relatively low cost, off-the-shelf solutions can be used by non-IT specialists to enable a business to punch above its weight in an IT context.

Mark Hooson, technology reporter at Forbes Advisor, said: “Small businesses may be able to tackle the IT skills gap with useful software and website builders. These resources can empower businesses to navigate technology challenges, even without a full IT team.

“Website builders offer customisable templates and modules, which means there’s no need for complex coding. Also, software can automate routine tasks and facilitate communication, reducing the reliance on technical expertise.”

The post Digital Deficit: 93% of UK Employers Identify An IT Skills Gap Within The UK Job Market appeared first on IT Security Guru.

New research reveals 1 in 7 Brits have had personal data leaked in the past year, equivalent to over seven million[1] Brits. Yet, more than three quarters (77%) still rarely, or never, check if their data has been stolen or leaked.

Millions of Brits[2] remain in the dark about the dark web – which among other things is a destination for cybercriminals to buy stolen personal data. While most Brits – 80% of those surveyed – have heard of the dark web, only 31% accurately answered that the dark web is a part of the Internet that can only be accessed using specialist browsers.

The research, conducted among 2,000 UK adults by Censuswide and commissioned by F-Secure,  a global leader in cyber security, found that Brits are unconcerned about the risks of the dark web with less than a quarter (23%) saying they worry about their data going on there, and 4%, the equivalent to two million[3] Brits naively believing they can remove their data from it. However, the reality is that once data is on the dark web, it’s impossible to get it off, leaving victims trapped in a constant cycle of their information being sold.

There is also a misperception that the dark web is monitored and policed for data leaks. A quarter of Britons (27%) would call the police if hacked – however, data being compromised isn’t always a police matter.

The research comes as a report by UK Finance found over £1.2 billion was stolen by criminals through fraud in 2022 – the equivalent to over £2,300 every minute.

While the dark web isn’t all crime and illicit behaviour, security experts at F-Secure are warning that consumers are not taking their data security as seriously as other aspects of everyday life. Many Brits are more likely to check their car’s oil and water (16%) and their boilers (14%), than they are to check if their personal data has been leaked online, despite the fact identity theft has real life consequences.

With increased digital transformation and high-profile data breaches happening with global brands the availability of personal data on the dark web is set to become even greater. F-Secure experts warn that consumer apathy about the dark web and data leaks could lead to financial and online identity difficulties for many if we don’t start checking our data security on a more regular basis.

Tom Gaffney, Principal Consultant at F-Secure, comments: “Data leaks can happen to anyone, leading to identity theft, financial fraud, and other forms of cybercrime. This emphasises the need for individuals to be proactive in safeguarding their data and understanding the steps they can take to mitigate risks. Almost a third of Brits (29%) don’t know what action they can take to mitigate the risks of their data being on the dark web. We must work together to change that.”

The dark web uses technology that allows anonymity. Sites found on the dark web are not indexed by conventional search engines and when a data breach happens, personal details often end up on this part of the internet, where they are sold to criminals.  Once data is in the hands of a cybercriminal it means a heightened risk of identity theft and financial fraud. Often individuals are unaware of this until they are refused credit or a mortgage application, at which point it’s often too late.

To help Brits mitigate the risks, Tom offers three tips:

• Regularly check to see if your data has been compromised using free online tools such as F-Secure’s ID Theft Checker. It takes less than five minutes to check if you’ve been compromised and it doesn’t cost a penny to do so.
• After receiving your report, change the passwords for the sites that may have been compromised. Use a good password manager to create strong individual passwords for each site. Never use the same password for multiple sites.
• Contact the companies where your data has been compromised, especially if it’s your credit or debit card.

To check if your data has been compromised visit F-Secure’s free ID Theft Checker tool here: https://www.f-secure.com/gb-en/identity-theft-checker

[1]. 14.13% of those surveyed is equivalent to 7,680,172 of the UK adult population (54,353, 665)

[2]. 14.28% of those surveyed is equivalent to 7,761,703 of the UK adult population (54,353, 665)

[3]. 4.49% of those surveyed is 2,440,479 of the UK adult population (54,353, 665)

The post Brits Are in the Dark About the Dark Web appeared first on IT Security Guru.

The Information Commissioner’s Office (ICO) has issued a warning about the risks posed by smart devices harvesting personal data.

The ICO also announced a crackdown on connected devices, announcing plans for new rules and action to be taken against manufacturers who fail in their data security obligations.

The warning comes in response to a new report from Which? that conducted a detailed audit of connected devices, revealing that almost all required location data, despite this information not being key to the products functionality. The report revealed that some brands of speakers automatically share customer data with TikTok and Meta, to smart TVs that insist on knowing viewing habits.

The Which? report stated “Based on our testing, Chinese brand Ezviz’s devices, sold by major high-street retailers including Argos, had by far the most tracking firms active. These included Pangle (TikTok’s business marketing unit), Huawei, as well as Google and Meta.”

Every single brand assessed by Which? used tracking services from Google, while Blink and Ring also connected to parent company Amazon. Google’s Nest product demands the user’s full name, email, date of birth and gender.

Andy Ward, VP International, Absolute Software, added: “Connected devices are the lifeblood of a modern workplace but are also a minefield when it comes to data security. The ability for malicious third parties to listen in, steal passwords and confidential information means that organisations should think first before implementing new devices that could present a major security risk.

Key to this effort must be ensuring rigorous and regular cyber defences are in place, along with the ability to track, locate and freeze devices in the event of loss or theft.”

ICO chief Stephen Almond, Executive Director of Regulatory Risk said: “People should be able to enjoy the benefits of using their connected devices without having excessive amounts of their personal data gathered. This simply isn’t a price we expect to pay.

“To maintain trust in these products companies must be transparent about the data they collect and how they use it, and ensure that the data is not used or shared in ways that people would not expect.”

Cyber expert Oseloka Obiora, CTO, RiverSafe said: “It’s time to wake up and smell the coffee around the risks posed by smart devices, which bring with them both a data privacy and cyber risk. The rise of smart offices can create an exciting work environment, but open up a myriad of security challenges, from eavesdropping in the boardroom to offering a backdoor into the business for hackers to exploit. New devices should be approached with a level of caution, with data policies checked and confidential information properly protected at all times.

“The most effective defence against identity theft is personnel awareness. Strong and consistent cyber awareness programmes are crucial to minimising the opportunistic data privacy compromises,” he added.

The post ICO issues warning over smart devices harvesting personal data appeared first on IT Security Guru.

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today revealed that it is supplying managed detection and response (MDR) capabilities to Kingston University free of charge to mitigate the threat of serious cyber disruption during their busiest time of year for student recruitment.

“University clearing is like the run up to Christmas for retailers. And in the same way, threat actors are ready to cash-in with info-stealing ransomware attacks,” said Trend Micro’s Technical Director Bharat Mistry. “That’s why we’re offering our MDR expertise to long-time customer Kingston University—to contain any breaches before they can spread.”

Each year from July-October, many of the UK’s higher education institutions compete to fill any places they might still have on over 30,000 courses.

The education sector was one of the top four sectors affected by malicious files last year, according to Trend Micro data. In the past, universities have found critical systems supporting Clearing operations taken offline by carefully timed attacks.

Trend Service One’s MDR functionality will slot into Kingston University’s existing Trend cyber protection portfolio, which includes Trend Vision One, Trend Apex One, Cloud App Security and Trend Cloud One. It will offer rapid detection and response including:

• 24/7 analysis, monitoring and correlation of threats across email, endpoint, cloud server and Azure AD
• 24/7 support via email, phone, and case portal
• Trend Micro threat analysts that work behind the scenes to detect, investigate, and perform threat hunting
• Rapid, round-the-clock service response and recovery, guided by Trend experts

“During the intense Clearing Period, the last thing we need is any disruption caused by threat actors”, said Daniel Bolton, Head of Technical Services, Kingston University. 

“Trend’s partnership is invaluable to the University, as their Managed Detection and Response services bolster our defences against potential attacks. With their expertise supporting our in-house cyber security team, we’re confident in our ability to maintain a secure environment at such a critical time.”

The post Trend Micro Protects Kingston University During Peak Clearing Period appeared first on IT Security Guru.

Yesterday, Verimatrix announced that United Cloud will deploy Verimatrix Extended Threat Defence (XTD) technologies to further strengthen protections for its flagship TV 2.0 platform widely popular under the brand name EON TV. United Cloud as an innovation centre that develops world-class products and solutions for the telecommunications and media businesses, harnessing Verimatrix cybersecurity solutions to protect OTT streaming applications.

As one of the most advanced TV platforms in the region, TV 2.0 processes more than 50,000 video assets and is consumed through more than 1.5 million devices every day, its Android and iOS OTT streaming applications will benefit from code polymorphism and obfuscation through Verimatrix XTD technologies, with the implementation helping to consistently counteract static analysis of the application’s code via control flow, arithmetic and symbol obfuscation as well as section and string encryption. The bolstered security will also provide the confidence that content owner protection requirements are met or exceeded.

“Our dedication in delivering an exceptional streaming experience via our flagship TV 2.0 platform with top-notch security has driven us to join forces with Verimatrix. It is obvious that Verimatrix not only understands the unique needs of the media & entertainment space, but it is also a heavily trusted expert in both app protection and mobile threat defence – the perfect mix for our business, ” said Sergej Berisaj, CTO United Cloud.

“As streaming platforms face mounting threats from cybercriminals seeking to exploit vulnerabilities and disrupt operations, comprehensive code protection and threat monitoring are absolutely essential,” said Asaf Ashkenazi, CEO at Verimatrix. “By choosing Verimatrix XTD, United Cloud is taking a proactive stance to harden defenses and ensure business continuity. XTD provides a robust shield around the core app code to neutralize even zero-day threats, and it empowers customers to detect and respond to new types of endpoint threats. This powerful, multi-layered security enables United Cloud to confidently scale their platform with peace of mind. We are thrilled to welcome them as the newest member of the Verimatrix XTD customer family.”

To learn more about Verimatrix’s full suite of cybersecurity solutions for apps, visit: www.verimatrixcybersecurity.com.

The post United Cloud, the Fastest Growing Innovation Centre in SEE Europe, Selects Verimatrix XTD for Mobile App Protection appeared first on IT Security Guru.

Two of Las Vegas’ iconic casinos, the MGM and Caesars hotel, have fallen victim to a major cyberattack. Over the course of this week, it has been revealed that computer systems had been left severely disrupted, causing widespread panic throughout the hospitality and gaming industry.

Reports claim casino guests and staff have had difficulties accessing room reservations, making transactions, and using key services. The management immediately initiated an emergency response protocol to contain the situation and mitigate the damage.

MGM Resorts International, the parent company of MGM Caesar, confirmed the attack in a press release issued this week. The statement noted that the company’s IT security teams were working tirelessly to restore normalcy. In the meantime, they assured customers that their personal and financial information remained secure due to advanced encryption protocols and immediate action taken to isolate the affected systems.

Local law enforcement and federal agencies have launched an investigation into the cyberattack. Their primary focus is on identifying the perpetrators behind this breach and determining their motives. The casino’s surveillance footage is expected to be a crucial piece of evidence in the ongoing investigation.

This incident serves as a stark reminder of the importance of cybersecurity measures, not only for corporations but also for the protection of customers’ sensitive information. As the investigation unfolds, MGM Resorts International has promised to keep its stakeholders and the public informed about any developments related to the cyberattack.

The following cybersecurity experts have provided their insights and thoughts.

James McQuiggan, security awareness advocate at KnowBe4:

Organizations work tirelessly to protect their infrastructure and data from cybercriminals. The challenge lies with the third-party service providers who can also access the network. If they have a different security culture and mindset, it can only be a matter of time before your organization succumbs to an attack. While cybersecurity occurs daily, a Third Party Risk Management program is crucial to assess vendors, security practices, controls, past breaches, and financial stability. Proactively managing third-party cyber risk is crucial for resilience. A robust TPRM program can pay significant dividends in the long run and will only lead to a data breach without one.

Darren James, a Senior Product Manager at Specops Software:

The post MGM and Caesars Casinos Suffer Massive Cyberattack appeared first on IT Security Guru.