Big tech firms back UK cyber security initiative

ComputerWeekly | July 22, 2019

Big tech firms back UK cyber security initiative
UK government and industry, including Microsoft and Google, have committed to an almost £190m co-investment in an initiative to ensure new technology is secure by design against top cyber threats. Security by default and design is a key element of UK government policy on technological innovation. The principle is enshrined in the recently published minimum requirements for manufacturers of surveillance camera systems and components, and the voluntary code of practice (CoP) for manufacturers of consumer internet of things (IoT) devices, published by the UK in October 2018. The co-investment, announced by UK business secretary Greg Clark, will benefit businesses and consumers alike, with increased security built into digital devices and online services. “Digital devices and online services are powering more of our daily lives than ever before, from booking a doctors’ appointment to buying online shopping,” he said. “While these devices and services bring great benefits to businesses and consumers, they come with the associated risks of cyber attacks and threats that are becoming increasingly complex to tackle.

Spotlight

Universities use data analytics to increase student retention and academic performance while collecting large amounts of personal data. They also provide resources for faculty and students to conduct sometimes groundbreaking (and valuable) research. This information can be very profitable for Cyber Criminals and is the basis for many attempts at Cyber Crime in the EDU space.

Related News

SOFTWARE SECURITY

OPSWAT to Unveil Next Gen Cybersecurity Kiosk for Protecting Critical Infrastructure

OPSWAT | July 08, 2021

The global leader in Critical Infrastructure Protection, OPSWAT, has announced the availability of the L1001, its next-generation MetaDefender Kiosk. It offers an important option for cybersecurity prevention for both Operational Technology (OT) environments and Industrial Control Systems (ICS). Both have experienced an bigger number of ransomware AND cybersecurity attacks ewcwntly.. Such as cyberattacks surge, among the critical infrastructure sectors, there is a heightened sense of security. Malware, targeted attacks, and ransomware have recently interrupted the service of food and agriculture, energy, defense industrial base, and healthcare. all 16 critical infrastructure sectors now being threatened by copycat attacks. MetaDefender Kiosks of OPSWAT used to protect critical infrastructure environments and ICS that include over 98% of US-based nuclear facilities, from various zero-day attacks and malware. The mainstream of these settings modernize their air-gapped or OT settings through the practice of movable media devices, which OPSWAT can scan, audit, and clean before malware spreads a highly serious OT network. The L1001 deals a totally reshaped form feature which structures better-quality manageability choices, automatic updating, and quicker file and device scanning for enhanced cybersecurity. Further advancements and benefits also include: • Simplified deployment and manageability • Lower maintenance requirements • Higher performance and security The MetaDefender Kiosk, L1001, is combined into the wider OPSWAT Cross Domain portfolio of solutions for ICS environments and Critical Infrastructure. About OPSWAT OPSWAT, the global leader in critical infrastructure cybersecurity, helps protect the world's mission-critical establishments from zero-day attacks and malware. More than 1,000 organizations worldwide spanning Defense, Financial Services, Energy, Manufacturing, Transportation Systems, and Aerospace trust OPSWAT to secure their files and devices.

Read More

NETWORK THREAT DETECTION

Axonius Integrates with the New, Enhanced Amazon Inspector to Deliver Comprehensive Cyber Asset Attack Surface Management

Axonius | December 06, 2021

Axonius, a leader in cybersecurity asset management, today announced an integration with the new Amazon Inspector, an automated security assessment service. The integration will enable mutual customers to better understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure. Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure. The solution automatically discovers all running Amazon Elastic Compute Cloud (Amazon EC2) instances and container images residing in Amazon Elastic Container Registry (Amazon ECR), at any scale, and immediately starts assessing them for known vulnerabilities. Because Axonius delivers a complete inventory of assets from many correlated data sources, customers can gain a comprehensive view of their cloud security posture, including vulnerability data found from Amazon Inspector. "Customers are burdened by the increasing number of security tools to protect the sprawl of cloud, physical, and virtual assets in their environments,It's not easy for them to surface which assets are not covered by their security controls that should be, or if they are covered, whether the control is actually working. Customers are exhausted with the highly manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius, customers can get a unified view of their assets and dramatically accelerate the process of strengthening security posture across all of their assets.” Mark Daggett, vice president of worldwide channels and alliances, Axonius Comprehensively Track and Assess the Security of AWS Assets: In just a few clicks, the Axonius Query Wizard can identify any AWS assets that have not been assessed with Amazon Inspector. Customers can also easily search for a set of assets based on their last scan time, or segment AWS assets with known vulnerabilities by common vulnerabilities and exposures (CVE) severity, CVE ID, and more. It can also be used to track the Amazon Inspector usage and coverage. Manage Vulnerabilities Within a Broader Context: Beyond simply identifying known vulnerabilities, Axonius delivers correlated data from tools such as endpoint detection and response, privilege access management, and more to help cloud security, DevOps, and security operations teams prioritize which vulnerabilities to remediate first. With an endless backlog of vulnerabilities to manage, this level of context is imperative to helping teams mitigate the vulnerabilities that are more likely to be exploited, or that would have the most impact if exploited. Improve Cloud Compliance Based on Industry Benchmarks: Customers can also ensure that their AWS assets adhere to security best practices, such as the CIS AWS Foundations Benchmark. Using Axonius and Amazon Inspector, cloud security teams can prioritize which assets pose the most risk due to any detected vulnerability or deviation from security standards and best practices. “To be effective, security and DevOps teams need to prioritize vulnerability remediation based on business impact”, said Michael Fuller, director of product management, AWS Security Services. “With the new Amazon Inspector, we’ve dramatically simplified continuous and automated vulnerability assessment for customers across their entire organization, whether they have one AWS account or five thousand. The Axonius integration then brings developers more contextual asset data to help prioritize vulnerability remediation.” About Axonius Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps, and automatically validates and enforces policies. Deployed in minutes, the Axonius cyber asset attack surface management (CAASM) solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions, and informing business-level strategy. Cited as one of the fastest growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of devices for customers around the world.

Read More

DATA SECURITY

Data Protection Platform, Protegrity to introduce dynamic monitoring and data masking capabilities

helpnetsecurity | June 11, 2021

Version 8.1 of Protegrity, the latest version of the Protegrity Data Protection Platform, is released. This has the features such as monitoring capabilities and dynamic data masking. It provides all the customers, from a single data store, multiple data-protection methods. The company has also introduced Protegrity Cloud API and a redesigned logging architecture. Monitoring and dynamic data masking provide visibility and control for sensitive data access With this functionality, version 8.1 of the Protegrity Data Protection Platform gives a greater level of control and choice to meet the data protection they need to run their business smoothly. Monitoring capabilities provide customers standard visibility into how data is being retrieved and used across the company. Customers can utilize dynamic data masking of Protegrity for a greater level of control over their sensitive data. Unicode tokenization delivers language-preserving data security for global businesses Unicode is a standard for the consistent handling, encoding, and representing text expressed in the world's writing systems. Protegrity, with version 8.1, now brings all the benefits of its tokenization to all text encoded in the one- and two-byte Unicode standards. New cloud API and logging architecture enhance platform functionality Along with new data-protection methods, including data masking, monitoring, and Unicode tokenization, version 8.1 of Protegrity has revealed the following essential platform enhancements: • Protegrity Cloud API • Redesigned logging architecture

Read More

Spotlight

Universities use data analytics to increase student retention and academic performance while collecting large amounts of personal data. They also provide resources for faculty and students to conduct sometimes groundbreaking (and valuable) research. This information can be very profitable for Cyber Criminals and is the basis for many attempts at Cyber Crime in the EDU space.