October NY Information Security Meetup: Contact Singapore

97 views

Based in San Francisco Bay Area, Kelly manages the North America (West Coast) operations of Contact Singapore to attract professionals to work in key growth and emerging sectors in Singapore with a focus on research, ICT and biomedical sectors.

Prior to joining Contact Singapore, Kelly spent several years in both private and non-profit sectors specializing in regulatory and governance, business development and relationship management.

Spotlight

IDMWORKS

IDMWORKS is an expert-level Identity and Access Management consultancy having successfully driven 400+ IAM projects since 2004. IDMWORKS has been recognized for their leadership in security by Gartner and their consultants are true domain experts as recognized by their peers, customers and partners. In addition to Identity and Access Management consulting, IDMWORKS provides Data Center Migration Services, Custom Application Development and Managed Services, including mobile application monitoring capabilities.

OTHER ARTICLES
SOFTWARE SECURITY

Why Should Businesses Care About Identity Security?

Article | July 8, 2022

In recent years, several of the world's most technology-savvy businesses have experienced identity-related breaches. These occurrences have emphasized how digital identities have evolved to be both today's largest cybersecurity issue and the foundation of current organizational security. It has become evident that a comprehensive, all-hands-on-deck strategy is essential to keep ahead of attackers and make their success more difficult. Why Should Businesses Care About Identity Security? According to CrowdStrike Overwatch team analysis, eight out of ten (80%) breaches are identity-driven. These contemporary attacks often skip the conventional cyber kill chain by utilizing stolen credentials to perform lateral moves and launch larger, more devastating attacks. Identity-driven attacks, however, are particularly difficult to detect. When a genuine user's credentials have been hacked, and an adversary is posing as that user, traditional security processes and tools might make it impossible to distinguish between the user's regular activity and that of the hacker. Identity security is often seen as an organization's final line of defense. These technologies are designed to combat attackers who have escaped existing security measures like endpoint detection and response tools. Identity Security and Zero Trust: How Are They Related? Zero Trust is a security architecture that needs every user, both within and outside of an organization's network, to be verified, approved, and constantly checked for security configuration and posture before allowing or maintaining access to applications and data. Zero Trust implies that there is no conventional network edge; networks can be local, in the cloud, or a mix or hybrid of the two, with resources and employees located everywhere. Businesses that wish to implement the most robust security defenses should combine an identity security solution with a zero-trust security architecture. They must also make sure that their chosen solution complies with industry standards, such as those specified by NIST. Closing Lines Many changes are in store for 2022. Indeed, we cannot forecast all the critical challenges and subjects that will arise this year. Could you fill in some of the gaps? A robust identity security solution will provide the business with several benefits and expanded capabilities.

Read More
PLATFORM SECURITY

The Reasons Why Cyberattack Surfaces Are Rising

Article | July 12, 2022

Increased cyber assets result in growing attack surfaces. So much so that, according to a recent Gartner analysis, the number one security and risk management trend today is attack surface growth. Businesses and security executives must update security policies and processes to prevent growing dangers when new technologies and cyber environments are adopted. Let's discuss the reasons for attack surface growth and how to rethink cyber asset protection in light of them. Reasons Behind Attack Surface Expansion The Multi-Cloud Trend Is Rapidly Expanding Modern businesses are using the cloud to stay up with digital innovation and meet market expectations. For organizations in many locations, a single public cloud provider is no longer appropriate. Choosing one that satisfies organizational demands is difficult. This simple problem-solution gave many organizations the multi-cloud trend. Gartner found that 81% of respondents use two or more cloud services. Multi-cloud is also used to maintain a vendor-agnostic approach and prevent vendor lock-in. To remain ahead of the competition, numerous vendors provide best-of-breed solutions. This is a huge benefit for multi-cloud adopters. For Ever-Growing SaaS Toolchains, Visibility Is an Issue More than 150 SaaS apps are used by companies with 1,000+ employees. Modern businesses embrace more SaaS apps to speed up their workflows. However, as SaaS adoption expands, so do businesses' attack surfaces. The following are the key reasons for SaaS security: Misconfigurations The absence of robust identity and access management system Inadequate disaster recovery planning Problems with data retention Breach of privacy and data security Inability to satisfy regulatory compliance To keep up with SaaS platforms, businesses must have scalable security and compliance policies. CAASM Automates Security Gap Identification According to Gartner, Cyber Asset Attack Surface Management (CAASM), Digital Risk Protection Services (DRPS), and External Attack Surface Management (EASM) will enable CISOs to safeguard environments against expanding attack surfaces. CAASM will help security teams in particular to: Gain insight over the cloud and SaaS cyber assets Automatically fill security loopholes. Accelerate incident reaction and clean-up Closing Lines As the attack surface rises, so does the amount of cybercrime that occurs. According to the FBI, cyberattacks have risen 400% since the pandemic began, making it essential to detect and minimize cyberthreats for business's health and future. To defend your company from rising dangers, you must detect gaps in time and adapt to the digital world. There are more targets for attackers to strike since organizational attack surfaces are constantly growing.

Read More
PLATFORM SECURITY

Cloud Security Threats: 2022 Edition

Article | July 29, 2022

The worldwide cloud services industry is expanding as enterprises around the world continue to embrace cloud technologies. Cloud computing is estimated to reach 947.3 billion by 2026 (Yahoo), growing at a CAGR of 16.3%. But, for all of the advantages the cloud brings, there is a catch: cloud security risks. According to a survey by ISC2, 93% of businesses are concerned about the risks connected to cloud computing. Is this to say that the danger outweighs the reward? No, not at all. Let's look at some cloud security threats to watch out for in 2022, as well as how to develop a cybersecurity policy to safeguard your data while reaping the benefits of cloud computing safely. What Security Issues Can Organizations Deal in 2022? Cloud Strategy One of the most crucial security threats for companies is their ability to design and maintain a cloud strategy plan efficiently. Your business is likely to face fragmentation if cloud and security environments are not aligned with business strategy, which can have a detrimental impact on overall operations and business management. How to Mitigate This Risk: Create a cohesive strategy Concentrate on organizational outcomes Update your cloud security strategy periodically Unauthorized Access Access management is a major challenge to cloud security since it includes private data. Businesses of all sizes are concerned about employees openly sharing data with unauthorized personnel or external third parties, deliberately or accidentally. Additionally, some users with weak passwords or no authentication are more prone to having their data compromised. Ineffective passwords cause almost 80% of data breaches, according to Verizon. How to Mitigate This Risk: Create reasonable policies and processes Implementing multi-factor authentication (MFA) Developing a security model based on zero trust Making use of real-time access data Insecure APIs Many cyberattacks, particularly denial of service (DoS) cyberattacks, are done using application program interfaces (APIs). According to Gartner, API assaults will become the most common attack vector in 2022. How to Mitigate This Risk: Develop an API-specific security strategy Protect your API data using encryption Maintain consistent control over your APIs

Read More
PLATFORM SECURITY

How SD-WAN Can Help Businesses in Boosting ROI?

Article | July 4, 2022

We are surrounded by acronyms and buzzwords in technology. SD-WAN is one that is often used in the industry nowadays. Organizations embrace digital transformation to stay up with market developments, consumer needs, and competitiveness. Traditional network designs weren't meant to manage digital transformation workloads and complexity. Business-critical services are commonly spread over numerous clouds, compromising network performance, particularly at branch sites. Smart network operations teams opt for SD-WAN. SD-WAN reduces overhead and improves network performance. Routing and hardware expenses are saved through SD-WAN solutions while allowing multi-cloud access. SD-WAN also reduces overhead and supports new digital apps and services. This new technology streamlines WAN administration and operation and brings corporate advantages. Business Challenges that SD-WAN Addresses There has been a dramatic increase in the pressure on the network as a result of digitalization. Businesses must now rely on a stable and secure network, which conventional router-based network topologies are incapable of providing. An SD-WAN solution assists businesses in addressing use cases in order to expedite digital transformation efforts, lower cybersecurity risks, and increase revenue. Eases connectivity with far-flung factories and offices. Effectively deploys new sites and minimizes network equipment sprawl. Enhances the speed of file transfer and backups to disaster recovery facilities. Helps in moving applications to the cloud and protecting cloud app. data using Secure Access Service Edge (SASE). Safeguards IoT devices using a zero-trust network Helps in complying with the cybersecurity framework of the National Institute of Standards and Technology (NIST). Ways SD-WAN Can Help Businesses Boost their Bottom Line • Boosts Security Digital transformation is a double-edged sword. It can increase consumer satisfaction and market reach, but can pose security threats. According to the U.S. State of Cybercrime study, 41% of respondents stated more cybersecurity occurrences in 2017. The good news is that many SD-WAN solutions provide built-in security. Most SD-WAN systems only offer basic firewall and VPN functionalities, requiring IT teams to add security to elastic and dynamic SD-WAN connections after the fact. SD-WAN solutions with NGFW, IPS, encryption, AV, and sandboxing can avoid data loss, downtime, regulatory violations, and legal liability. • Enables Cloud Usage Cloud services are rapidly being used by businesses. The great news is that SD-WAN enables direct cloud access at the remote branch, removing backhauling traffic – which routes all cloud and branch office traffic through the data center – allowing workers to directly access cloud applications irrespective of location without burdening the core network with additional traffic to manage and secure. Furthermore, SD-WAN enhances cloud application performance by prioritizing vital business apps and allowing branches to interact directly with the Internet. • Reduces Costs As businesses deploy a growing number of cloud-based services, the volume of data traveling across a WAN rises dramatically, driving up operational expenses. SD-WAN, thankfully, can minimize this cost by utilizing low-cost local Internet connectivity, offering direct cloud access, and lowering traffic via the backbone WAN. According to an IDC poll (prediction), over a quarter of survey respondents anticipate SD-WAN cost reductions of up to 39%, with the other two-thirds anticipating more modest savings of 5–19%. • Improves performance Data transfer over a network isn't created equal. Fortunately, SD-WAN can be set up to prioritize business-critical traffic and real-time services such as Voice over Internet Protocol (VoIP) and then successfully guide it over the most efficient path. IT teams can help decrease packet loss and latency concerns by supporting important applications over dependable, high-performance connections, increasing employee productivity and morale. This is business-impacting performance. Closing Note Indeed, SD-WAN evolved and flourished in the data center over the first few years of development. However, the time has arrived to take it seriously as a tool for managing your wide area network. There are currently several vendors on the market, as well as several mature solutions to choose from. More significantly, the business cases for SD-WAN are expanding on a daily basis.

Read More

Spotlight

IDMWORKS

IDMWORKS is an expert-level Identity and Access Management consultancy having successfully driven 400+ IAM projects since 2004. IDMWORKS has been recognized for their leadership in security by Gartner and their consultants are true domain experts as recognized by their peers, customers and partners. In addition to Identity and Access Management consulting, IDMWORKS provides Data Center Migration Services, Custom Application Development and Managed Services, including mobile application monitoring capabilities.

Related News

SOFTWARE SECURITY

GrammaTech and T.E.N. Announce Call for Nominations for Product Security Executive of the Year Awards

GrammaTech | August 16, 2022

GrammaTech, a leading provider of application security testing products and software research services, and T.E.N., founder of the Information Security Executive® (ISE®) of the Year Awards, today announced the Product Security Executive (PSE) of the Year Awards. This annual competition will recognize individuals whose contributions have delivered advancements in security for embedded or commercial software products. Nominations are now being accepted through October 10, 2022 at The judging panel includes: Edna Conway, Vice President, Security & Risk Officer, Cloud Infrastructure at Microsoft, former CSO, Cisco Global Value Chain and a member of the Executive Committee of the U.S. Department of Homeland Security Task Force on ICT Supply Chain Risk Management. Malcolm Harkins, Chief Security & Trust Officer with Epiphany Systems, former Chief Security and Privacy Officer (CSPO) and the first CISO at Intel Corporation. Troy Rydman, Senior Practice Leader - Global Strategic Accounts, Security, Risk, & Compliance for Amazon Web Services (AWS) and former cybersecurity executive with Silicon Valley Bank, with fourteen years of increasing cybersecurity leadership. “In a world of increasingly autonomous products, from cars to appliances to robots, managing the integrity of the software that enables our connected world is critical. The Product Security Executives who drive quality, security and safety of our many devices are pivotal to the digital economy. “It is time to recognize these individuals and the significant contributions they make in securing the software at the heart of our hyper-connected world.” Edna Conway, VP, Security & Risk Officer, Microsoft Cloud Infrastructure Eligibility U.S.-based executives, including those with director, vice president, chief product security officer or similar titles, who are responsible for product security management are eligible for consideration. This includes individuals overseeing security at all stages of the product development lifecycle for software, firmware and/or embedded code; as well as secure product design, risk and vulnerability management and standards/regulatory compliance. There is no cost to enter. “There’s an increased emphasis on maintaining the safety and security of embedded software across virtually all industries, which is becoming the responsibility of a Product Security Executive whether or not the title exists,” said Andrew Meyer, Chief Marketing Officer for GrammaTech. “We collaborated with T.E.N. to create this award competition and recognize the men and women on the front lines of this new discipline, honor their accomplishments and share their best practices with the industry.” “The number of IoT devices is in the billions and we will continue to see an ever-growing number of devices become smart and connected,” explains Marci McCarthy, CEO and President of T.E.N. “Every device is at risk for cyberattacks, and threat actors are taking advantage of every opportunity to exploit product security vulnerabilities. Demand for product security has thus grown across multiple industries, especially consumer electronics, automotive and healthcare. Because product security is a relatively new concept whose time has come, we are thrilled to partner with GrammaTech to recognize individuals for advancements and innovations leading to more secure products going to market.” About T.E.N. T.E.N. is an award-winning technology and security networking and marketing firm that hosts relationship-building events between top Information Security executives, industry pioneers and innovative solution providers within the cybersecurity industry. Its flagship program, the nationally acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals, honoring both leading executives and deserving project teams. About GrammaTech GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers.

Read More

NETWORK THREAT DETECTION

Chariton Valley Commits To Protecting All Customers From Growing Cybersecurity Threats With Calix ProtectIQ Home Network Security

Calix | July 15, 2022

Calix, Inc. (NYSE: CALX) announced today that Chariton Valley Telephone Corporation (Chariton Valley) expects to double its customer connections after providing ProtectIQ® home network security to all customers at no cost. Chariton Valley leverages the full power of Calix Revenue EDGE to transform its value proposition and improve the customer experience. In May, the 70-year-old broadband service provider (BSP) launched ProtectIQ, part of Calix Revenue EDGE Suites, as it continues to roll out GigaSpire® BLAST systems across its Midwestern communities. In a climate of increased cybersecurity concerns, Chariton Valley has equipped all GigaSpire BLAST customers with effortless access to robust home network security. In doing so, the BSP increases customer loyalty across rural regions and nearby cities in north-central and northeast Missouri. Many Chariton Valley customers have sophisticated internet habits—half identify as gamers and almost 40 percent work from home. By evolving its value proposition, the innovative BSP has also fortified itself against billion-dollar market cap competition in Palmyra and Hannibal. In its first two months of offering ProtectIQ to all customers, Chariton Valley blocked more than 48,000 web threats, intrusions, malware, and viruses from entering home networks—proving the immediate value of its investments. The comprehensive Revenue EDGE platform enables BSPs of all sizes to easily and quickly launch differentiating turnkey, managed offerings. Chariton Valley continues to evolve its value proposition and strengthen its growing customer connections by: Transforming its business to help communities thrive for decades. Chariton Valley is on track to complete a historic five-year, $42 million fiber-to-the-home (FTTH) buildout in its member service territory, and another $40 million in expansion opportunities next year by leveraging the secure broadband access network platform, Calix Intelligent Access EDGE™. In May, it began rolling out turnkey, managed offerings in EDGE Suites, starting with ProtectIQ, recently recognized by the cybersecurity industry as “Best in Anti-Phishing, Network Security & Management,” at no cost to its customers. As a result, Chariton Valley blocked thousands of web threats in only two months—further proving the value of its investment in the region. Creating internet experiences that grow with customers’ needs. After the successful rollout of ProtectIQ, Chariton Valley is now taking a targeted approach to introduce its second EDGE Suite, the advanced parental controls in ExperienceIQ®. Calix-partnered BSPs have seen a 178 percent increase in people using ExperienceIQ since the beginning of the year. Both ProtectIQ and ExperienceIQ are accessed through the BSP’s branded subscriber-facing mobile app, built on CommandIQ®, giving customers more control over their home networks. Leveraging data and insights to offer services that meet each customer’s unique needs. Using the insights and analytics in Calix Marketing Cloud (Marketing Cloud), even a small BSP like Chariton Valley can successfully leverage data for segmenting and targeting. For example, Chariton Valley uses Marketing Cloud to uncover which of its customers are most likely to need the advanced parental controls of ExperienceIQ. Now their marketing team can quickly identify the right people for the new service. This enables Chariton Valley to get maximum ROI from every dollar invested in marketing. “As a member-owned organization, the customer experience informs everything we do,” said Kirby J. Underberg, president and chief executive officer at Chariton Valley. “Chariton Valley is committed to the region’s future—the investment we made building a secure fiber network will benefit people living in north-central and northeast Missouri for the next three decades. However, we also understand that we are responsible for protecting our customers from the increasing threat of digital dangers that come along with the positive generational impact of secure, fast Wi-Fi. By adding critical services like home network security and advanced parental controls, we will continue to invest in our customers by providing superior internet experiences long after the latest deals from our competitors expire.” Along with ProtectIQ and ExperienceIQ, EDGE Suites also includes connected home camera security systems (Arlo Secure). Additionally, Calix is launching two new managed offerings this summer: social media monitoring (Bark) and connected device protection (Servify Care). “Chariton Valley’s incredible first two months offering ProtectIQ to all customers underlines why today’s successful broadband business must be about more than just fast Wi-Fi, ProtectIQ has helped BSPs of all sizes block millions of digital threats in 2022. The Missouri-based market leader competes against a billion-dollar market cap company and wins because it leverages the full power of the Revenue EDGE platform to easily and quickly launch turnkey, managed offerings like ProtectIQ that improve the customer experience. We look forward to supporting Chariton Valley’s continued growth as they evolve their value proposition to reflect their commitment to protecting customers in north-central and northeast Missouri.” Matt Collins, executive vice president of commercial operations and chief marketing officer at Calix About Calix Calix, Inc. Calix cloud and software platforms enable service providers of all types and sizes to innovate and transform. Our customers utilize the real-time data and insights from Calix platforms to simplify their businesses and deliver experiences that excite their subscribers. The resulting growth in subscriber acquisition, loyalty, and revenue create more value for their businesses and communities. This is the Calix mission: to enable broadband service providers of all sizes to simplify, excite, and grow. This press release contains forward-looking statements that are based upon management’s current expectations and are inherently uncertain. Forward-looking statements are based upon information available to us as of the date of this release, and we assume no obligation to revise or update any such forward-looking statement to reflect any event or circumstance after the date of this release, except as required by law. Actual results and the timing of events could differ materially from current expectations based on risks and uncertainties affecting Calix’s business. The reader is cautioned not to rely on the forward-looking statements contained in this press release. Additional information on potential factors that could affect Calix’s results and other risks and uncertainties are detailed in its quarterly reports on Form 10-Q and Annual Report on Form 10-K filed with the SEC.

Read More

DATA SECURITY

ControlCase Partners with ConnectWise & FifthWall Solutions to Increase MSP Cybersecurity Maturity & Bridge Access to Cyber Insurance.

ControlCase | July 11, 2022

ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced its recent partnership with ConnectWise and FifthWall Solutions. Under this partnership, Managed Service Providers (MSPs) can now access the ConnectWise MSP+ security best practices framework from the ControlCase Compliance HubTM platform for both self-assessment and verification by ControlCase. This partnership also provides the rate-quote-bind assistance required for procuring insurance. ConnectWise’s MSP+ framework is derived from the NIST CSF framework and aims to help MSPs strengthen their cybersecurity program, increase cybersecurity maturity, and ultimately lower their risk of a data breach. MSP+ provides an affordable compliance framework that can be used as the foundation for an MSPs cybersecurity program. The MSP+ program is split into 3 parts: 1. MSP+ Self Assessment – Allows the MSP to access the framework and start implementing controls and closing gaps at their own pace. 2. MSP+ Advanced – Includes assistance with remediation and final verification by ControlCase. 3. MSP+ Mastery – Demonstrates a mature cybersecurity program and is also verified by ControlCase. “This partnership is a gamechanger for MSPs,” said Mike Jenner, CEO at ControlCase. “Security incidents involving MSPs, and their clients continue to rise. This rise necessitates stringent security controls to be implemented and the MSP+ framework provides a great place for MSPs to start learning about cybersecurity and implementing necessary controls.” Speaking on the achievement, Raffael Marty, General Manager -Cybersecurity at ConnectWise said “Cyber insurance is a critical element to help partners protect their legacy by building a more cyber-resilient business. This partnership will help MSPs increase their cybersecurity maturity, prepare for and procure insurance; eliminating dozens of steps they and their customers would otherwise have to take.” The ControlCase Compliance HubTM platform is integrated with ConnectWise Manage. MSPs can complete their MSP+ assessments without ever leaving their PSA. The MSP+ Advanced and Mastery offerings also include real-time compliance status and vital statistics such as risk rating and security milestone planning. “FifthWall is excited to be the dedicated Cyber Insurance & Risk Management Solution Provider,” said Reid Wellock, President, FifthWall Solutions. “We work with 35+ insurers to limit clients’ cyber exposure and give peace of mind for businesses of any size.” This partnership greatly simplifies MSPs and their clients' access to insurance.” For more information on this partnership and the related offerings, please contact Kimberly Simon at ksimon@controlcase.com About ControlCase ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premises and cloud environments. ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP. About FifthWall Solutions FifthWall works with 35+ carriers to limit your clients’ cyber exposure and give peace of mind for businesses of any size. With our policies, MSPs and their clients are covered from business interruptions, cyber crimes, and several of the consequences that follow. With breach prevention and response tools, MSPs and their clients avoid risk and minimize impact in the event of a security incident.

Read More

SOFTWARE SECURITY

GrammaTech and T.E.N. Announce Call for Nominations for Product Security Executive of the Year Awards

GrammaTech | August 16, 2022

GrammaTech, a leading provider of application security testing products and software research services, and T.E.N., founder of the Information Security Executive® (ISE®) of the Year Awards, today announced the Product Security Executive (PSE) of the Year Awards. This annual competition will recognize individuals whose contributions have delivered advancements in security for embedded or commercial software products. Nominations are now being accepted through October 10, 2022 at The judging panel includes: Edna Conway, Vice President, Security & Risk Officer, Cloud Infrastructure at Microsoft, former CSO, Cisco Global Value Chain and a member of the Executive Committee of the U.S. Department of Homeland Security Task Force on ICT Supply Chain Risk Management. Malcolm Harkins, Chief Security & Trust Officer with Epiphany Systems, former Chief Security and Privacy Officer (CSPO) and the first CISO at Intel Corporation. Troy Rydman, Senior Practice Leader - Global Strategic Accounts, Security, Risk, & Compliance for Amazon Web Services (AWS) and former cybersecurity executive with Silicon Valley Bank, with fourteen years of increasing cybersecurity leadership. “In a world of increasingly autonomous products, from cars to appliances to robots, managing the integrity of the software that enables our connected world is critical. The Product Security Executives who drive quality, security and safety of our many devices are pivotal to the digital economy. “It is time to recognize these individuals and the significant contributions they make in securing the software at the heart of our hyper-connected world.” Edna Conway, VP, Security & Risk Officer, Microsoft Cloud Infrastructure Eligibility U.S.-based executives, including those with director, vice president, chief product security officer or similar titles, who are responsible for product security management are eligible for consideration. This includes individuals overseeing security at all stages of the product development lifecycle for software, firmware and/or embedded code; as well as secure product design, risk and vulnerability management and standards/regulatory compliance. There is no cost to enter. “There’s an increased emphasis on maintaining the safety and security of embedded software across virtually all industries, which is becoming the responsibility of a Product Security Executive whether or not the title exists,” said Andrew Meyer, Chief Marketing Officer for GrammaTech. “We collaborated with T.E.N. to create this award competition and recognize the men and women on the front lines of this new discipline, honor their accomplishments and share their best practices with the industry.” “The number of IoT devices is in the billions and we will continue to see an ever-growing number of devices become smart and connected,” explains Marci McCarthy, CEO and President of T.E.N. “Every device is at risk for cyberattacks, and threat actors are taking advantage of every opportunity to exploit product security vulnerabilities. Demand for product security has thus grown across multiple industries, especially consumer electronics, automotive and healthcare. Because product security is a relatively new concept whose time has come, we are thrilled to partner with GrammaTech to recognize individuals for advancements and innovations leading to more secure products going to market.” About T.E.N. T.E.N. is an award-winning technology and security networking and marketing firm that hosts relationship-building events between top Information Security executives, industry pioneers and innovative solution providers within the cybersecurity industry. Its flagship program, the nationally acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals, honoring both leading executives and deserving project teams. About GrammaTech GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers.

Read More

NETWORK THREAT DETECTION

Chariton Valley Commits To Protecting All Customers From Growing Cybersecurity Threats With Calix ProtectIQ Home Network Security

Calix | July 15, 2022

Calix, Inc. (NYSE: CALX) announced today that Chariton Valley Telephone Corporation (Chariton Valley) expects to double its customer connections after providing ProtectIQ® home network security to all customers at no cost. Chariton Valley leverages the full power of Calix Revenue EDGE to transform its value proposition and improve the customer experience. In May, the 70-year-old broadband service provider (BSP) launched ProtectIQ, part of Calix Revenue EDGE Suites, as it continues to roll out GigaSpire® BLAST systems across its Midwestern communities. In a climate of increased cybersecurity concerns, Chariton Valley has equipped all GigaSpire BLAST customers with effortless access to robust home network security. In doing so, the BSP increases customer loyalty across rural regions and nearby cities in north-central and northeast Missouri. Many Chariton Valley customers have sophisticated internet habits—half identify as gamers and almost 40 percent work from home. By evolving its value proposition, the innovative BSP has also fortified itself against billion-dollar market cap competition in Palmyra and Hannibal. In its first two months of offering ProtectIQ to all customers, Chariton Valley blocked more than 48,000 web threats, intrusions, malware, and viruses from entering home networks—proving the immediate value of its investments. The comprehensive Revenue EDGE platform enables BSPs of all sizes to easily and quickly launch differentiating turnkey, managed offerings. Chariton Valley continues to evolve its value proposition and strengthen its growing customer connections by: Transforming its business to help communities thrive for decades. Chariton Valley is on track to complete a historic five-year, $42 million fiber-to-the-home (FTTH) buildout in its member service territory, and another $40 million in expansion opportunities next year by leveraging the secure broadband access network platform, Calix Intelligent Access EDGE™. In May, it began rolling out turnkey, managed offerings in EDGE Suites, starting with ProtectIQ, recently recognized by the cybersecurity industry as “Best in Anti-Phishing, Network Security & Management,” at no cost to its customers. As a result, Chariton Valley blocked thousands of web threats in only two months—further proving the value of its investment in the region. Creating internet experiences that grow with customers’ needs. After the successful rollout of ProtectIQ, Chariton Valley is now taking a targeted approach to introduce its second EDGE Suite, the advanced parental controls in ExperienceIQ®. Calix-partnered BSPs have seen a 178 percent increase in people using ExperienceIQ since the beginning of the year. Both ProtectIQ and ExperienceIQ are accessed through the BSP’s branded subscriber-facing mobile app, built on CommandIQ®, giving customers more control over their home networks. Leveraging data and insights to offer services that meet each customer’s unique needs. Using the insights and analytics in Calix Marketing Cloud (Marketing Cloud), even a small BSP like Chariton Valley can successfully leverage data for segmenting and targeting. For example, Chariton Valley uses Marketing Cloud to uncover which of its customers are most likely to need the advanced parental controls of ExperienceIQ. Now their marketing team can quickly identify the right people for the new service. This enables Chariton Valley to get maximum ROI from every dollar invested in marketing. “As a member-owned organization, the customer experience informs everything we do,” said Kirby J. Underberg, president and chief executive officer at Chariton Valley. “Chariton Valley is committed to the region’s future—the investment we made building a secure fiber network will benefit people living in north-central and northeast Missouri for the next three decades. However, we also understand that we are responsible for protecting our customers from the increasing threat of digital dangers that come along with the positive generational impact of secure, fast Wi-Fi. By adding critical services like home network security and advanced parental controls, we will continue to invest in our customers by providing superior internet experiences long after the latest deals from our competitors expire.” Along with ProtectIQ and ExperienceIQ, EDGE Suites also includes connected home camera security systems (Arlo Secure). Additionally, Calix is launching two new managed offerings this summer: social media monitoring (Bark) and connected device protection (Servify Care). “Chariton Valley’s incredible first two months offering ProtectIQ to all customers underlines why today’s successful broadband business must be about more than just fast Wi-Fi, ProtectIQ has helped BSPs of all sizes block millions of digital threats in 2022. The Missouri-based market leader competes against a billion-dollar market cap company and wins because it leverages the full power of the Revenue EDGE platform to easily and quickly launch turnkey, managed offerings like ProtectIQ that improve the customer experience. We look forward to supporting Chariton Valley’s continued growth as they evolve their value proposition to reflect their commitment to protecting customers in north-central and northeast Missouri.” Matt Collins, executive vice president of commercial operations and chief marketing officer at Calix About Calix Calix, Inc. Calix cloud and software platforms enable service providers of all types and sizes to innovate and transform. Our customers utilize the real-time data and insights from Calix platforms to simplify their businesses and deliver experiences that excite their subscribers. The resulting growth in subscriber acquisition, loyalty, and revenue create more value for their businesses and communities. This is the Calix mission: to enable broadband service providers of all sizes to simplify, excite, and grow. This press release contains forward-looking statements that are based upon management’s current expectations and are inherently uncertain. Forward-looking statements are based upon information available to us as of the date of this release, and we assume no obligation to revise or update any such forward-looking statement to reflect any event or circumstance after the date of this release, except as required by law. Actual results and the timing of events could differ materially from current expectations based on risks and uncertainties affecting Calix’s business. The reader is cautioned not to rely on the forward-looking statements contained in this press release. Additional information on potential factors that could affect Calix’s results and other risks and uncertainties are detailed in its quarterly reports on Form 10-Q and Annual Report on Form 10-K filed with the SEC.

Read More

DATA SECURITY

ControlCase Partners with ConnectWise & FifthWall Solutions to Increase MSP Cybersecurity Maturity & Bridge Access to Cyber Insurance.

ControlCase | July 11, 2022

ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced its recent partnership with ConnectWise and FifthWall Solutions. Under this partnership, Managed Service Providers (MSPs) can now access the ConnectWise MSP+ security best practices framework from the ControlCase Compliance HubTM platform for both self-assessment and verification by ControlCase. This partnership also provides the rate-quote-bind assistance required for procuring insurance. ConnectWise’s MSP+ framework is derived from the NIST CSF framework and aims to help MSPs strengthen their cybersecurity program, increase cybersecurity maturity, and ultimately lower their risk of a data breach. MSP+ provides an affordable compliance framework that can be used as the foundation for an MSPs cybersecurity program. The MSP+ program is split into 3 parts: 1. MSP+ Self Assessment – Allows the MSP to access the framework and start implementing controls and closing gaps at their own pace. 2. MSP+ Advanced – Includes assistance with remediation and final verification by ControlCase. 3. MSP+ Mastery – Demonstrates a mature cybersecurity program and is also verified by ControlCase. “This partnership is a gamechanger for MSPs,” said Mike Jenner, CEO at ControlCase. “Security incidents involving MSPs, and their clients continue to rise. This rise necessitates stringent security controls to be implemented and the MSP+ framework provides a great place for MSPs to start learning about cybersecurity and implementing necessary controls.” Speaking on the achievement, Raffael Marty, General Manager -Cybersecurity at ConnectWise said “Cyber insurance is a critical element to help partners protect their legacy by building a more cyber-resilient business. This partnership will help MSPs increase their cybersecurity maturity, prepare for and procure insurance; eliminating dozens of steps they and their customers would otherwise have to take.” The ControlCase Compliance HubTM platform is integrated with ConnectWise Manage. MSPs can complete their MSP+ assessments without ever leaving their PSA. The MSP+ Advanced and Mastery offerings also include real-time compliance status and vital statistics such as risk rating and security milestone planning. “FifthWall is excited to be the dedicated Cyber Insurance & Risk Management Solution Provider,” said Reid Wellock, President, FifthWall Solutions. “We work with 35+ insurers to limit clients’ cyber exposure and give peace of mind for businesses of any size.” This partnership greatly simplifies MSPs and their clients' access to insurance.” For more information on this partnership and the related offerings, please contact Kimberly Simon at ksimon@controlcase.com About ControlCase ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premises and cloud environments. ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP. About FifthWall Solutions FifthWall works with 35+ carriers to limit your clients’ cyber exposure and give peace of mind for businesses of any size. With our policies, MSPs and their clients are covered from business interruptions, cyber crimes, and several of the consequences that follow. With breach prevention and response tools, MSPs and their clients avoid risk and minimize impact in the event of a security incident.

Read More

Events