Top 5 Application Security Trends Businesses Must Be Aware of in 2023

Kutubkhan Bohari | March 29, 2023 | 520 views | Read Time : 04:00 min

Top 5 Application Security Trends Businesses Must Be Aware of in 2023
Introduction

Top 5 Trends for Businesses to Improve Their Existing Application Security

1.AppSec and Convergence
2.Adoption of Automated AI Security Capabilities
3.Emphasis on Securing the Software Supply Chain
4.Extreme 'Shift Left'
5.Upsurge in Demand for Vulnerability Prioritization

Moving Forward with Application Security

Introduction

The proliferation of applications and their usage across the business landscape has made application security a strategic initiative that spans departments rather than an activity. Several factors are driving the rethinking of application security as a broader strategic program, including the evolving threat landscape, more incremental software development frameworks, and the adoption of nimbler.

With the acceleration of software development and the greater-than-ever role of code in current business infrastructure, application security is shifting left in the process and infusing every step to ensure that the applications reaching customers' hands are secure and reliable.

Top 5 Trends for Businesses to Improve Their Existing Application Security

Applications serve as a doorway to servers and networks, making them an excellent target for malicious actors. Since cyber attackers constantly improve their techniques for breaking into software, it is becoming essential for businesses to gain insights into ever-evolving trends in the AppSec space.

Here are some of the prominent trends that businesses should aware of to improve their existing application security.

Trend 1: AppSec and CloudSec Convergence

To accurately estimate attack surface and overall security posture, both application code vulnerabilities and cloud service hosting misconfigurations must be examined.

The convergence of AppSec and CloudSec is becoming a critical component of modern security operations. It allows organizations to gain a comprehensive view of the attack surface and better understand the risks posed by application code and cloud service providers. By looking at these two areas cohesively, organizations can identify business-critical vulnerabilities and prioritize their remediation efforts.

Trend 2: Adoption of Automated AI Security Capabilities

The increasing volume and complexity of security threats pose significant challenges for organizations, causing strain on their threat detection and response capabilities. This leads to slower response times, higher costs, and a greater impact on security incidents.

To address this issue, many companies are turning to security automation as a potential solution. One of such approaches involves the use of artificial intelligence (AI), which can automate data gathering, threat identification, and incident response processes. By adopting security automation, companies can optimize the use of limited security personnel and resources, enabling them to focus on high-value activities that provide maximum benefit to the organization.

Trend 3: Emphasis on Securing the Software Supply Chain

The software supply chain is emerging as a primary area of focus due to the heightened risks associated with software development. This urgency has been further compounded by the recent attack, such as Solarwind data breach and the Log4j attack on Apache, increasing the significance of software security measures.

Companies are taking a more proactive approach for making enhancements in the software supply chain to protect their applications, including conducting Static Application Security Testing (SAST) to identify and address vulnerabilities before malicious actors can exploit them.

Trend 4: Extreme 'Shift Left'

The ‘shift left’ in software development has gained significant momentum in recent years. The idea behind this approach is to prioritize security and other critical aspects of software development at the earliest possible stage in the development process. By doing so, organizations can make more informed security decisions and identify and address security vulnerabilities before they cause any damage.

As the pace of development continues to increase, organizations are increasingly adopting this approach in their software development processes to protect their systems and data from security risks.

Trend 5: Upsurge in Demand for Vulnerability Prioritization

Managing vulnerabilities in a software system requires analyzing vast amounts of data to determine issues that require immediate attention and prioritization. However, the growing presence of false positives is negatively impacting this process, resulting in decreased efficiency and wasted resources.

Organizations are increasingly looking for vendors to provide vulnerability management tools that can reduce false positives, differentiate between low-priority issues and severe security threats, and offer actionable insights to mitigate them.

Moving Forward with Application Security

Applications security has become more critical than ever before for businesses in the current digital scape. With the attack surface constantly expanding and the frequency of threats on the rise, organizations must remain agile and employ the best effective strategies to protect their applications from potential cyberattacks. 

The significance of application security has not gone unnoticed. As organizations continue to invest in security measures, they are increasingly upgrading themselves as per emerging security trends to protect themselves against evolving cyber threats. This includes adopting the ‘shift left’ approach, tightening controls, and having a clear definition of remediation processes.

Spotlight

Fireglass

Fireglass is revolutionizing enterprise network security by eliminating all web attack surfaces including websites, emails and documents. Leveraging military-grade security approaches, the Fireglass Threat Isolation Platform protects both users and web applications from all known and unknown threats and malware to offer future-proof security without compromising user experience or productivity. Easily deployable on-premises or offered as a cloud service, Fireglass’s Transparent Clientless Rendering (TCR) technology allows organizations of all sizes to isolate any web content and safely enable new functionality while reducing security operational costs. Fireglass customers include Fortune 500 companies, large financial services providers and healthcare providers. Founded by network security experts and military intelligence veterans, Fireglass is financially-backed by Lightspeed Venture Partners, Norwest Venture Partners, Singtel Innov8 and co-founders of Trusteer, Mickey Boodaei and Ra

OTHER ARTICLES
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

The Great CISO Resignation

Article | August 20, 2022

CISOs Are Leaving in Droves The Great Resignation has been front-page news since Covid lockdowns, with many employees looking for the work-life balance they enjoyed at the time. Now, the phenomenon has spread to the role of Chief Information Security Officer (CISO) and shows no signs of letting up. In fact, industry experts predict that it is likely to worsen. A recent study from cybersecurity company BlackFog found that 32% of CISOs in the U.K. and U.S. have considered leaving and many planned to do so in just six months. The majority noted that the top reason for leaving was a lack of work-life balance. The CISO role is demanding, with firefighting and frequent changes in regulations and customer expectations taking up significant time both on and off the job. In another recent study in which 581 CISOs were surveyed, the IANS Research and Artico Search explored CISO compensation and job satisfaction. Three-fourths of CISOs are satisfied with their job, which is 7% higher than in the 2021 sample and more than double that of the 2020 sample. The main drivers of satisfaction are compensation, budget, executive visibility, and organizational support. However, despite high satisfaction numbers, the study found that as many as 44% of respondents are considering a job change. CISO Challenges LIABILITY AND EXPOSURE OF THE CISO There is a perception that CISOs face heightened liability for cyber intrusions and the response to cyber events. One extraordinary example is the recent conviction of Uber’s former security officer, which represents the first time a security executive has faced federal crime prosecution over a data security response. In this case the finding was that he obstructed justice by concealing information about a breach, destroying data, and covering up the incident. CISOs are often in the hot seat when it comes to cyber-intrusions and how they are handled. The Board of Directors (possibly including named corporate officers) in most cases are protected by being diligent about the Business Judgement Rule (BJR). Heavily adopted in Delaware case law and since adopted in various forms in many states, this “rule” stipulates that proper oversight includes demonstrating the duty of loyalty (no conflicting interests) and duty of care (make informed decisions) to be protected from liability. There are few cases (although Enron being one) where liability was found but it was for illegalities and poor business judgment. Since CISOs are not named corporate officers in most cases, BJR does not provide comfort. Similarly, liability insurance which covers legal defense fees and cash judgments often covers only directors and named corporate officers unless the CISO has been specifically included in the policy. DUTY TO REPORT Improving Board-CISO Transparency There is a mechanism found in corporate governance best-practices for ensuring that the most senior people in an organization get direct, unfiltered input from a key executive, regardless of reporting structure. It is called the executive session. This is in common use by Boards of Directors who meet individually with the Chief Financial Officer, Controller, and other key executives, notably without other management in the room. Questions are intended to be penetrating and the respondent is expected to respond openly. Now that cybersecurity has risen to a top risk for the enterprise, the CISO position should be among those who appear individually in an executive session with the highest governing body of an enterprise at least annually. This addition to governance best-practices would give Board members and State governors unfiltered information on cybersecurity matters, thereby helping to fulfil their oversight responsibility. Bob Zukis, founder and CEO of the Digital Directors Network, reports that a survey of its membership of more than 900 IT, cyber, and boardroom leaders shows nearly half of the respondents already have some form of this policy in practice. However, this is still a minority of the overall CISO population, signaling more transparency between the CISO and Board is needed. CISOs in State Governments Government organizations also face many of these issues. Evidence shows that CISOs in state governments are as vulnerable to other job offers as CISOs in the private sector. In the span of eight days in October 2022, there were several reports of state CISOs resigning, including Oklahoma, Georgia, Pennsylvania, and North Dakota. [1] Legal liability is not an issue the government CISO needs to be worried about since governments and their employees are immune from legal suits. However, government CISOs are highly concerned about shouldering blame, especially in the press, for security intrusions or their coverup. As with private industry, state governments should also institute this recommended practice. NCC recommends CISOs be called upon to appear in an executive session with agency heads and even the governor at least once a year. The State of Texas, for example, already has a version of this policy implemented in a statute and in practice. Texas Administrative Code includes provisions for: Reporting, at least annually, directly to the agency head the status and effectiveness of the security program and its controls. Informing any relevant parties in the event of noncompliance with the state agency’s information security policies Resolving the Great CISO Resignation For organizations across the public and private sectors, cybersecurity has risen to one of the top risks and has increased the importance of the role of the CISO. Most are looking to improve their work-life balance and reduce some of the stressors of the job. While many CISOs are also concerned about trends in liability and becoming headline news for decisions made on the job, requiring CISOs to appear in executive sessions with board members or state governors can help to alleviate these concerns and improve CISO job satisfaction while at the same time improving how the most senior levels of organizations fulfil their responsibilities for oversight of top risks.

Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry

Article | August 12, 2022

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?A new study of credit management professionals has revealed that improving the quality of data and decision-making will be a top priority for the credit industry in the next three years. The research, from Equifax Ingnite in collaboration with Coleman Parkes, takes a deep dive into the views of credit management pros across retail, banking, finance and debt management/recovery sectors.

Read More
PLATFORM SECURITY

3 Trends in Data Privacy Breach Laws That Will Carry Over to 2020

Article | July 12, 2022

During 2019, new privacy laws were introduced, and many current laws evolved in the United States and across the global landscape. With the General Data Protection Regulation (GDPR) in full effect, we saw expensive fines levied upon companies that fell victim to data privacy breaches. As we move into a new year, probably the biggest takeaway from 2019 is that being proactive and having a data privacy strategy in place is important to help mitigate the risk of a data privacy breach. The regulatory landscape continues to evolve as states and countries actively pass new expanded requirements for privacy and cybersecurity regulations. While laws in the U.S., like the California Consumer Privacy Act (CCPA), are getting significant attention, many other states and countries are actively amending their breach notification laws to include tighter restrictions.

Read More

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | February 12, 2020

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

Spotlight

Fireglass

Fireglass is revolutionizing enterprise network security by eliminating all web attack surfaces including websites, emails and documents. Leveraging military-grade security approaches, the Fireglass Threat Isolation Platform protects both users and web applications from all known and unknown threats and malware to offer future-proof security without compromising user experience or productivity. Easily deployable on-premises or offered as a cloud service, Fireglass’s Transparent Clientless Rendering (TCR) technology allows organizations of all sizes to isolate any web content and safely enable new functionality while reducing security operational costs. Fireglass customers include Fortune 500 companies, large financial services providers and healthcare providers. Founded by network security experts and military intelligence veterans, Fireglass is financially-backed by Lightspeed Venture Partners, Norwest Venture Partners, Singtel Innov8 and co-founders of Trusteer, Mickey Boodaei and Ra

Related News

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Centripetal Expands Internationally with the Launch of its European Cyber Intelligence Centre of Excellence

Businesswire | May 29, 2023

Centripetal, the global leader in intelligence powered cybersecurity, today announced that it has opened its Galway based European Cyber Intelligence Centre of Excellence to address cybersecurity opportunities in the UK, Ireland and across Europe. Additionally, the company is enabling cloud-based deployments of its CleanINTERNET® solution for total enterprise protection. Centripetal is headquartered in the US and has plans to create 50 jobs in Galway. The project is supported by the Government of Ireland through IDA Ireland. According to the International Trade Administration, the cybersecurity market in Ireland is thriving, valued at €280 million. However, with economic crime and fraud on the rise in recent years, cybercrime is extremely disruptive in how it impacts the business community. Grant Thornton Ireland reports that the cost of cybercrime in Ireland exceeded €9.6 billion in 2020. With the opening of Centripetal’s European Cyber Intelligence Centre of Excellence, the company will bring its innovative, patented technologies to the European market to protect organizations from every known cyberthreat. Centripetal’s European Cyber Intelligence Centre of Excellence will serve as the central hub where new and existing customers can work with Centripetal to gain insight on the current European and global threat landscape and how they might be affected. Customers will have access to Centripetal’s global cyber intelligence operations analyst team, who continuously analyze emerging threats, highlighting critical risks and applying global threat intelligence. “Today’s jobs announcement is yet another vote of confidence in Galway, in our available skilled workforce and in our city and county as a great place to work and live. Galway was home to a number of significant investment announcements last year including Fidelity Investment, Genesys, SAP and Diligent, so Centripetal are certainly in good company,” said Minister Hildegarde Naughton TD. “Congratulations again to the entire team at Centripetal and thank you for choosing not only Galway but the people of Galway.” ‘’The news that Centripetal is to open a European Cyber Intelligence Centre of Excellence in Galway is great news for the West Region and this investment will support the development of the wider technology ecosystem in Ireland for cyber,” said Anne-Marie Tierney Le-Roux, Head of Department Enterprise Technology at IDA Ireland. “The creation of 50 jobs is a vote of confidence in the talent and skill set that our regional locations in Ireland have to offer. I would like to wish Centripetal every success as they scale operations.’’ To give customers the ability to access intelligence powered cybersecurity everywhere, Centripetal’s CleanINTERNET® CLOUD is now available for deployment. The CleanINTERNET® service is a revolutionary approach to defending a company’s assets from cyber threats by leveraging dynamic threat intelligence on a mass scale. The solution can be deployed to protect assets running in cloud environments, providing unparalleled cyber defense and removing the need for more costly cybersecurity infrastructure. The addition of AWS cloud support extends CleanINTERNET® to protect all enterprise assets whether on premises, remote or in the cloud. Centripetal will additionally provide CleanINTERNET® on Azure and Google Cloud Platform in late 2023. “Centripetal is the only cybersecurity vendor that delivers intelligence powered protection that neutralizes every known cyberattack at the network level while simultaneously driving down the cost of security operations,” said Jonathan Rogers, Chief Operating Officer for Centripetal. “Our innovative technology is an industry first and we’re thrilled to be partnering with the IDA to bring our solution to Ireland and the UK to not only provide unparalleled protection for our customers but also valuable employment opportunities for the country.” Centripetal uses threat intelligence to shield organizations from 99% of known cyberthreats globally with CleanINTERNET®. This uniquely managed cyber defense service provides greater effectiveness, lower costs, and enhanced security expertise to defend networks from attacks. Centripetal goes beyond traditional threat intelligence methods and pushes the industry forward by operationalizing the world's largest collection of threat intelligence: With over 250 Threat Intelligence providers, CleanINTERNET® applies over 100 billion indicators of compromise from real-time intelligence feeds, updated every 15 minutes, to protect its customers' networks. Centripetal defends customers networks by providing the fastest packet filtering technology on the planet, applying millions of threat intelligence based rules to incoming and outgoing datastreams with zero latency. Centripetal’s elite team of highly trained intelligence operations analysts acts as an extension of its customer’s internal cybersecurity team, who monitor and analyze emerging threats. This mitigates the skills gap and reduces the burden on overworked IT resources. For more information on Centripetal’s offering and its latest global European expansion, visit www.centripetal.ai/centripetal-ireland/ ABOUT CENTRIPETAL Centripetal, a global leader in intelligence powered cybersecurity, is operationalizing the world’s largest collection of threat intelligence, in real-time, to protect organizations from every known cyberthreat through its innovative patented technologies. Through its CleanINTERNET® service, Centripetal delivers a highly effective solution leveraging the latest computing technology and skilled intelligence operators at a significantly lower cost. We are experts in intelligence, with a team comprised of cryptologists, and security analysts from the U.S. Intelligence & Defense community who have protected the most sensitive assets in the world. Centripetal is based in Reston, VA with offices in Portsmouth, NH and Galway, Ireland. For more information, visit www.centripetal.ai.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

ActZero Teams with UScellular to Secure Mobile Devices from Ransomware Attacks

Prnewswire | May 18, 2023

ActZero®, a leading cybersecurity provider for small and mid-sized enterprises, announced it is teaming with UScellular, making it the first and only wireless carrier to offer the ActZero Managed Detection and Response (MDR) service. Together the two organizations make it easier for businesses to secure mobile devices from ransomware and phishing attacks. UScellular Business Ultimate and Business Premium unlimited handset plans now include ActZero MDR for Mobile. "UScellular and ActZero share a common goal: to bring better performance and better security to businesses at a fair price," said Sameer Bhalotra, chief executive officer for ActZero. "With ActZero's on-device cyberdefense technology plus 24x7 security operations staff, UScellular business customers can stop mobile threats quickly, before they spread into the corporate network." With 24/7 threat coverage, ActZero stops breaches on mobile devices and networks, with a 90% block rate and response time of 15 minutes for critical alerts. Customers can easily deploy ActZero MDR for Mobile within minutes to their employees' iOS, Android, or Chrome mobile phones, tablets, and laptops. On-device protection and real-time notifications eliminate delays if a mobile device is compromised. ActZero's patent-pending AI means better cyberdefense and fewer false alarms. "ActZero delivers a powerful and affordable cybersecurity service businesses need to prioritize threat and vulnerability management," said Kim Kerr, senior vice president, enterprise sales and operations for UScellular. "Our customers often don't have the IT resources to ensure they are protecting their network and devices from malware, phishing, and ransomware attacks. The unique artificial intelligence and machine learning from ActZero intelligently pinpoints threats so less time is spent filtering noise and more time is focused on the action that should be taken, when it's truly important." About ActZero ActZero is a Gartner-recognized provider of Managed Detection and Response (MDR) services that delivers a powerful and affordable cybersecurity service to protect small and mid-sized enterprises against ransomware attacks. By continuously testing defenses against the latest attack techniques and variants, ActZero ensures AI detections and human threat hunters quickly stop threats. The company brings deep roots and expertise in cybersecurity to deliver measurable ransomware defense, reducing false alerts and responding quickly on a customer's behalf. Combined with exceptional service, ActZero empowers businesses with confidence that the company and customers are protected. For more information, please visit actzero.com. About UScellular Business UScellular is the fourth-largest full-service wireless carrier in the United States, providing national network coverage and industry-leading innovations designed to elevate the customer experience. The Chicago-based carrier provides a strong, reliable network supported by the latest technology and plays a critical role in helping businesses of all sizes navigate the wireless ecosystem, delivering advanced technology, increased network security and reliability. To learn more about UScellular's business solutions, visit one of its retail stores or uscellular.com/business.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Skyflow launches Skyflow GPT Privacy Vault

Businesswire | May 22, 2023

Today, Skyflow, the data privacy vault company, unveiled Skyflow GPT Privacy Vault, a robust privacy solution that enables organizations to safely and securely leverage the full power of large language models such as GPT. Companies are rushing to adopt AI, whether to increase productivity, enhance decision-making powered by data-driven insights, or to improve customer experience. However, privacy concerns hinder organizations from fully embracing AI. The Skyflow GPT Privacy Vault can provide enterprises with unparalleled data protection throughout the entire lifecycle of GPT models, and offers a comprehensive range of features tailored to meet the evolving needs of enterprises: Data Privacy and Security: Skyflow GPT Privacy Vault establishes a secure environment for sensitive data, protecting it from unauthorized access, breaches, and data leaks. Granular Data Control: Organizations can maintain strict control over sensitive data, ensuring that only authorized individuals or entities can access specific data sets or functionalities within GPT systems. Privacy-Preserving AI: Sensitive data is redacted and anonymized during data collection, model training, and interactions, enabling organizations to maximize AI capabilities without compromising privacy. Compliance and Regulatory Requirements: With Skyflow GPT Privacy Vault, global companies can leverage AI while complying with data residency requirements, such as GDPR, LGPD, and others. Here’s how organizations can leverage Skyflow GPT Privacy Vault: Data Collection and Preparation: Redact or tokenize sensitive information as it flows through GPT without lessening the value of the output. Skyflow’s proprietary polymorphic encryption technique enables the model to seamlessly handle protected data as if it were plaintext. Model Training: Safely train GPT models on content where sensitive data is redacted and anonymized. Robust multi-party training is also available, so that two or more entities can share anonymized datasets and safely use AI to unlock substantial insights. Interaction with GPT Models: De-identify sensitive data during interactions with GPT models, ensuring that privacy is preserved throughout the entire user interaction process. Secure Deployment and Integration: Seamlessly integrate Skyflow GPT Privacy Vault into existing data infrastructures to add a robust layer of data protection. Skyflow GPT Privacy Vault will protect all sensitive data flowing into GPT models and only reveal sensitive information to authorized parties once it has been processed by the model and returned. Skyflow GPT Privacy Vault delivers significant value across industries. Here are two specific use cases: Pharmaceutical Research: Pharmaceutical companies rely on Skyflow GPT Privacy Vault to protect sensitive data throughout the drug development lifecycle. It ensures the privacy and security of clinical trial data, safeguards proprietary research and intellectual property, and enables secure collaborations with external partners. Additionally, it supports personalized medicine initiatives by preserving the privacy of genetic data. Online Travel Booking: Online travel booking companies utilize Skyflow GPT Privacy Vault to protect customer data while leveraging AI models for personalized recommendations and enhanced customer experiences. It allows them to anonymize and protect personally identifiable information (PII) and payment data, ensuring compliance with privacy regulations while delivering superior travel experiences. “Generative AI can be a powerful tool for teams to maximize their output and scale their products. But the risk of a sensitive data leak is high, and with other providers, the cost of deploying a private GPT can be 10x what it is in a shared environment,” said Anshu Sharma, co-founder and CEO of Skyflow. “Skyflow can offer world-class data privacy throughout the lifecycle of GPT models, seamlessly and affordably.” The Global Partner in Cybersecurity and Privacy at Infosys, Joseph Williams, said, "Companies are eager to adopt ChatGPT and other generative AI platforms but they need to solve for privacy and regulatory compliance. Like we laid out in our seminal paper on the future of privacy engineering, data privacy vault architecture is a right way to go about this." Read more about Skyflow for GPT here. About Skyflow Skyflow is a data privacy vault company built to radically simplify how companies isolate, protect and govern their customers’ most sensitive data. With its global network of data privacy vaults, Skyflow helps companies meet complex data localization requirements. Skyflow customers span verticals like fintech, retail, travel, and healthcare. Skyflow is headquartered in Palo Alto, California and was founded in 2019. For more information, visit www.skyflow.com or follow on Twitter and LinkedIn.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Centripetal Expands Internationally with the Launch of its European Cyber Intelligence Centre of Excellence

Businesswire | May 29, 2023

Centripetal, the global leader in intelligence powered cybersecurity, today announced that it has opened its Galway based European Cyber Intelligence Centre of Excellence to address cybersecurity opportunities in the UK, Ireland and across Europe. Additionally, the company is enabling cloud-based deployments of its CleanINTERNET® solution for total enterprise protection. Centripetal is headquartered in the US and has plans to create 50 jobs in Galway. The project is supported by the Government of Ireland through IDA Ireland. According to the International Trade Administration, the cybersecurity market in Ireland is thriving, valued at €280 million. However, with economic crime and fraud on the rise in recent years, cybercrime is extremely disruptive in how it impacts the business community. Grant Thornton Ireland reports that the cost of cybercrime in Ireland exceeded €9.6 billion in 2020. With the opening of Centripetal’s European Cyber Intelligence Centre of Excellence, the company will bring its innovative, patented technologies to the European market to protect organizations from every known cyberthreat. Centripetal’s European Cyber Intelligence Centre of Excellence will serve as the central hub where new and existing customers can work with Centripetal to gain insight on the current European and global threat landscape and how they might be affected. Customers will have access to Centripetal’s global cyber intelligence operations analyst team, who continuously analyze emerging threats, highlighting critical risks and applying global threat intelligence. “Today’s jobs announcement is yet another vote of confidence in Galway, in our available skilled workforce and in our city and county as a great place to work and live. Galway was home to a number of significant investment announcements last year including Fidelity Investment, Genesys, SAP and Diligent, so Centripetal are certainly in good company,” said Minister Hildegarde Naughton TD. “Congratulations again to the entire team at Centripetal and thank you for choosing not only Galway but the people of Galway.” ‘’The news that Centripetal is to open a European Cyber Intelligence Centre of Excellence in Galway is great news for the West Region and this investment will support the development of the wider technology ecosystem in Ireland for cyber,” said Anne-Marie Tierney Le-Roux, Head of Department Enterprise Technology at IDA Ireland. “The creation of 50 jobs is a vote of confidence in the talent and skill set that our regional locations in Ireland have to offer. I would like to wish Centripetal every success as they scale operations.’’ To give customers the ability to access intelligence powered cybersecurity everywhere, Centripetal’s CleanINTERNET® CLOUD is now available for deployment. The CleanINTERNET® service is a revolutionary approach to defending a company’s assets from cyber threats by leveraging dynamic threat intelligence on a mass scale. The solution can be deployed to protect assets running in cloud environments, providing unparalleled cyber defense and removing the need for more costly cybersecurity infrastructure. The addition of AWS cloud support extends CleanINTERNET® to protect all enterprise assets whether on premises, remote or in the cloud. Centripetal will additionally provide CleanINTERNET® on Azure and Google Cloud Platform in late 2023. “Centripetal is the only cybersecurity vendor that delivers intelligence powered protection that neutralizes every known cyberattack at the network level while simultaneously driving down the cost of security operations,” said Jonathan Rogers, Chief Operating Officer for Centripetal. “Our innovative technology is an industry first and we’re thrilled to be partnering with the IDA to bring our solution to Ireland and the UK to not only provide unparalleled protection for our customers but also valuable employment opportunities for the country.” Centripetal uses threat intelligence to shield organizations from 99% of known cyberthreats globally with CleanINTERNET®. This uniquely managed cyber defense service provides greater effectiveness, lower costs, and enhanced security expertise to defend networks from attacks. Centripetal goes beyond traditional threat intelligence methods and pushes the industry forward by operationalizing the world's largest collection of threat intelligence: With over 250 Threat Intelligence providers, CleanINTERNET® applies over 100 billion indicators of compromise from real-time intelligence feeds, updated every 15 minutes, to protect its customers' networks. Centripetal defends customers networks by providing the fastest packet filtering technology on the planet, applying millions of threat intelligence based rules to incoming and outgoing datastreams with zero latency. Centripetal’s elite team of highly trained intelligence operations analysts acts as an extension of its customer’s internal cybersecurity team, who monitor and analyze emerging threats. This mitigates the skills gap and reduces the burden on overworked IT resources. For more information on Centripetal’s offering and its latest global European expansion, visit www.centripetal.ai/centripetal-ireland/ ABOUT CENTRIPETAL Centripetal, a global leader in intelligence powered cybersecurity, is operationalizing the world’s largest collection of threat intelligence, in real-time, to protect organizations from every known cyberthreat through its innovative patented technologies. Through its CleanINTERNET® service, Centripetal delivers a highly effective solution leveraging the latest computing technology and skilled intelligence operators at a significantly lower cost. We are experts in intelligence, with a team comprised of cryptologists, and security analysts from the U.S. Intelligence & Defense community who have protected the most sensitive assets in the world. Centripetal is based in Reston, VA with offices in Portsmouth, NH and Galway, Ireland. For more information, visit www.centripetal.ai.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

ActZero Teams with UScellular to Secure Mobile Devices from Ransomware Attacks

Prnewswire | May 18, 2023

ActZero®, a leading cybersecurity provider for small and mid-sized enterprises, announced it is teaming with UScellular, making it the first and only wireless carrier to offer the ActZero Managed Detection and Response (MDR) service. Together the two organizations make it easier for businesses to secure mobile devices from ransomware and phishing attacks. UScellular Business Ultimate and Business Premium unlimited handset plans now include ActZero MDR for Mobile. "UScellular and ActZero share a common goal: to bring better performance and better security to businesses at a fair price," said Sameer Bhalotra, chief executive officer for ActZero. "With ActZero's on-device cyberdefense technology plus 24x7 security operations staff, UScellular business customers can stop mobile threats quickly, before they spread into the corporate network." With 24/7 threat coverage, ActZero stops breaches on mobile devices and networks, with a 90% block rate and response time of 15 minutes for critical alerts. Customers can easily deploy ActZero MDR for Mobile within minutes to their employees' iOS, Android, or Chrome mobile phones, tablets, and laptops. On-device protection and real-time notifications eliminate delays if a mobile device is compromised. ActZero's patent-pending AI means better cyberdefense and fewer false alarms. "ActZero delivers a powerful and affordable cybersecurity service businesses need to prioritize threat and vulnerability management," said Kim Kerr, senior vice president, enterprise sales and operations for UScellular. "Our customers often don't have the IT resources to ensure they are protecting their network and devices from malware, phishing, and ransomware attacks. The unique artificial intelligence and machine learning from ActZero intelligently pinpoints threats so less time is spent filtering noise and more time is focused on the action that should be taken, when it's truly important." About ActZero ActZero is a Gartner-recognized provider of Managed Detection and Response (MDR) services that delivers a powerful and affordable cybersecurity service to protect small and mid-sized enterprises against ransomware attacks. By continuously testing defenses against the latest attack techniques and variants, ActZero ensures AI detections and human threat hunters quickly stop threats. The company brings deep roots and expertise in cybersecurity to deliver measurable ransomware defense, reducing false alerts and responding quickly on a customer's behalf. Combined with exceptional service, ActZero empowers businesses with confidence that the company and customers are protected. For more information, please visit actzero.com. About UScellular Business UScellular is the fourth-largest full-service wireless carrier in the United States, providing national network coverage and industry-leading innovations designed to elevate the customer experience. The Chicago-based carrier provides a strong, reliable network supported by the latest technology and plays a critical role in helping businesses of all sizes navigate the wireless ecosystem, delivering advanced technology, increased network security and reliability. To learn more about UScellular's business solutions, visit one of its retail stores or uscellular.com/business.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Skyflow launches Skyflow GPT Privacy Vault

Businesswire | May 22, 2023

Today, Skyflow, the data privacy vault company, unveiled Skyflow GPT Privacy Vault, a robust privacy solution that enables organizations to safely and securely leverage the full power of large language models such as GPT. Companies are rushing to adopt AI, whether to increase productivity, enhance decision-making powered by data-driven insights, or to improve customer experience. However, privacy concerns hinder organizations from fully embracing AI. The Skyflow GPT Privacy Vault can provide enterprises with unparalleled data protection throughout the entire lifecycle of GPT models, and offers a comprehensive range of features tailored to meet the evolving needs of enterprises: Data Privacy and Security: Skyflow GPT Privacy Vault establishes a secure environment for sensitive data, protecting it from unauthorized access, breaches, and data leaks. Granular Data Control: Organizations can maintain strict control over sensitive data, ensuring that only authorized individuals or entities can access specific data sets or functionalities within GPT systems. Privacy-Preserving AI: Sensitive data is redacted and anonymized during data collection, model training, and interactions, enabling organizations to maximize AI capabilities without compromising privacy. Compliance and Regulatory Requirements: With Skyflow GPT Privacy Vault, global companies can leverage AI while complying with data residency requirements, such as GDPR, LGPD, and others. Here’s how organizations can leverage Skyflow GPT Privacy Vault: Data Collection and Preparation: Redact or tokenize sensitive information as it flows through GPT without lessening the value of the output. Skyflow’s proprietary polymorphic encryption technique enables the model to seamlessly handle protected data as if it were plaintext. Model Training: Safely train GPT models on content where sensitive data is redacted and anonymized. Robust multi-party training is also available, so that two or more entities can share anonymized datasets and safely use AI to unlock substantial insights. Interaction with GPT Models: De-identify sensitive data during interactions with GPT models, ensuring that privacy is preserved throughout the entire user interaction process. Secure Deployment and Integration: Seamlessly integrate Skyflow GPT Privacy Vault into existing data infrastructures to add a robust layer of data protection. Skyflow GPT Privacy Vault will protect all sensitive data flowing into GPT models and only reveal sensitive information to authorized parties once it has been processed by the model and returned. Skyflow GPT Privacy Vault delivers significant value across industries. Here are two specific use cases: Pharmaceutical Research: Pharmaceutical companies rely on Skyflow GPT Privacy Vault to protect sensitive data throughout the drug development lifecycle. It ensures the privacy and security of clinical trial data, safeguards proprietary research and intellectual property, and enables secure collaborations with external partners. Additionally, it supports personalized medicine initiatives by preserving the privacy of genetic data. Online Travel Booking: Online travel booking companies utilize Skyflow GPT Privacy Vault to protect customer data while leveraging AI models for personalized recommendations and enhanced customer experiences. It allows them to anonymize and protect personally identifiable information (PII) and payment data, ensuring compliance with privacy regulations while delivering superior travel experiences. “Generative AI can be a powerful tool for teams to maximize their output and scale their products. But the risk of a sensitive data leak is high, and with other providers, the cost of deploying a private GPT can be 10x what it is in a shared environment,” said Anshu Sharma, co-founder and CEO of Skyflow. “Skyflow can offer world-class data privacy throughout the lifecycle of GPT models, seamlessly and affordably.” The Global Partner in Cybersecurity and Privacy at Infosys, Joseph Williams, said, "Companies are eager to adopt ChatGPT and other generative AI platforms but they need to solve for privacy and regulatory compliance. Like we laid out in our seminal paper on the future of privacy engineering, data privacy vault architecture is a right way to go about this." Read more about Skyflow for GPT here. About Skyflow Skyflow is a data privacy vault company built to radically simplify how companies isolate, protect and govern their customers’ most sensitive data. With its global network of data privacy vaults, Skyflow helps companies meet complex data localization requirements. Skyflow customers span verticals like fintech, retail, travel, and healthcare. Skyflow is headquartered in Palo Alto, California and was founded in 2019. For more information, visit www.skyflow.com or follow on Twitter and LinkedIn.

Read More

Events