DATA SECURITY

Cerberus Sentinel Launches Secured Managed Services Providing Senior Support to Mitigate Cyber Risks

Cerberus Sentinel | October 26, 2021

Cerberus Cyber Sentinel Corporation a cybersecurity consulting and managed security services firm, today introduced its Cerberus Sentinel Secured Managed Services to help organizations step up their cybersecurity protections with security-focused, end-to-end network and device management solutions provided by a team of senior staff.

Cerberus Sentinel's full-scale secured managed services are an integral part of MCCP+, their holistic approach to cybersecurity, compliance and culture. This ensures that all strategic solutions are tailored specifically for each client. Cerberus Sentinel has long recognized that a company must incorporate a culture of cybersecurity through its solutions, processes, and staff training to address the rapid growth of threats to its very existence, data, and intellectual property.

"The cost of just one data breach was $3.86 million in 2020,The cybersecurity market is expected to grow to $10.5 trillion by 2025, and the lack of those trained with cyber skills remains a challenge for most businesses. We know organizations are struggling to stay ahead of attacks, as well as to protect their customers and employees. With our senior team's decades of experience, we can provide peace of mind by partnering side-by-side to help them reduce system downtime and realize a quantifiable increase in employee productivity."

Brian Yelm, managing director, Cerberus Sentinel

Cerberus Sentinel Secured Managed Services highlights include:

Managed Support: Unlimited concierge support for all workstations, servers, firewalls, switches, routers, wireless access points, printers, and copiers. A real-time inventory is kept of all hardware and software. Strategic guidance is provided to organizations without a CIO, CTO or director of IT.

Security Bundle: Antivirus/MDR, scripting tools, and patch management are included as well as software for workstations and servers to provide secure remote access.

Project Engagement: Covers custom projects or for remediation after a penetration test or security assessment uncovers system vulnerabilities.

Microsoft 365 Partner: All licenses and email migration are available.

Backup and Disaster Recovery: Customized on-premises, hybrid, and cloud-based back-up solutions.

Spam, Web and DNS Filtering: Partnership with Cisco Umbrella (DNS) and provider of multiple spam filter solutions tailored for specific email environments.

Cloud Storage: Custom Tech Connect Drive, plus partnership with Dropbox and Microsoft for One Drive support.

About Cerberus Sentinel
Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Spotlight

CRASHOVERRIDE1 is the first publicly-known malware designed to impact electric grid operations. While some attention has already been paid to CRASHOVERRIDE’s ICS-specific effects, the broader scope of the attack – and the necessary prerequisites to its execution – have been woefully unexamined. Reviewing previously unavailable data covering log, forensics, and various incident data, this paper will outline the CRASHOVERIDE attack in its entirety, from breach of the ICS network through delivery and execution of ICS-specific payloads.

Spotlight

CRASHOVERRIDE1 is the first publicly-known malware designed to impact electric grid operations. While some attention has already been paid to CRASHOVERRIDE’s ICS-specific effects, the broader scope of the attack – and the necessary prerequisites to its execution – have been woefully unexamined. Reviewing previously unavailable data covering log, forensics, and various incident data, this paper will outline the CRASHOVERIDE attack in its entirety, from breach of the ICS network through delivery and execution of ICS-specific payloads.

Related News

DATA SECURITY

Westcoast Limited Strengthens the Cyber Security Portfolio with an AppGuard Malware Disruption Technology Distribution Agreement for Endpoints

prnewswire | February 22, 2021

Westcoast Limited, a main UK wholesaler of IT items and administrations with over £3 billion in yearly incomes, today declared a circulation concurrence with AppGuard, a worldwide endpoint security supplier that shields associations from cyberattacks by disturbing malware from causing hurt. Under the understanding, Westcoast will appropriate AppGuard's malware interruption innovation in the U.K. also, Northern Europe districts, further extending its obligation to empowering Westcoast's affiliates and their clients to more readily guard against cyberattacks by shielding endpoints from being undermined by malware. Conveying driving IT brands like HP, HPE, Microsoft, Lenovo, Apple, and numerous others to an expansive scope of affiliates, retailers and office item vendors in the UK and past, Westcoast and its 9,000 exchanging accomplices and their clients comprehend that network safety is the main test confronting the present organizations. The expansion of AppGuard to Westcoast's network safety portfolio advances propels the organization's obligation to guarantee accomplices and their clients have the guard inside and out they need to ensure against the present progressed malware assaults.

Read More

SOFTWARE SECURITY

Green Hills Software Expands Leadership in Automotive Cybersecurity

prnewswire | October 28, 2020

Green Hills Software, the worldwide leader in embedded safety and security, announced today it has adopted the two new international security standards and regulations for automotive cybersecurity – ISO/SAE 21434 and UNECE WP.29 for the INTEGRITY real-time operating system (RTOS) and associated products and services. For decades, Green Hills has been an industry-recognized leader helping electronics manufacturers create and deploy embedded systems at the highest levels of safety and security. By offering compliant products and associated evidence reports for these new standards, Green Hills will build upon its proven pedigree as the foundational run-time software provider trusted by OEMs and their Tier 1 suppliers for automotive electronics. Utilizing these new security standards enables manufacturers to design and deploy purpose-built, secure, software-defined systems in connected vehicles, including highly automated driving, high performance compute clusters, domain controllers, vehicle gateways, telematics, keyless entry, diagnostic connections and electric vehicle charging stations, to name a few. As reliance on vehicle connectivity grows and demand for software-defined services rises, the risk of cyberattacks against connected vehicles continues to rise. With over 100 ECUs and hundreds of millions of lines of code, connected vehicles are a target-rich platform for cyberattacks. Multiple points of entry to modern connected vehicles provide opportunities for malicious vehicle control, fraud, and data-breaches that threaten companies, drivers, and road users. A single exploited security vulnerability could put an entire fleet of vehicles at risk, numbering in the millions. With nearly 80% of new cars connected1 to the internet, cybersecurity breaches have the potential to put billions of dollars in sales and lawsuits at risk – not to mention the damage to brand reputation. As a result, governmental bodies and independent regulators are drafting two related measures for managing cybersecurity threats throughout a connected vehicle's lifecycle. Green Hills is collaborating with its customers and adopting cybersecurity assessment policies for the following: The draft ISO/SAE 21434 "Road vehicles – Cybersecurity engineering" Standard was recently published by SAE International and ISO (Organization for Standardization). It is a baseline for vehicle manufacturers and suppliers to ensure cybersecurity risks are managed efficiently and effectively from both a product lifecycle and organizational perspective spanning concept, development, production, operation, maintenance, and decommissioning. The WP.29 regulations from the United Nations Economic Commission for Europe (UNECE) make OEMs responsible for cybersecurity mitigation in four cybersecurity areas spanning the entire vehicle lifecycle: managing cyber risks; securing vehicles by design; detecting and responding to security incidents; and providing safe and secure over-the-air (OTA) software updates. While WP.29 defines concrete examples of threats and mitigations, OEMs can choose how they show the threats are addressed, such as complying with ISO/SAE 21434. The regulation is expected to be finalized in early 2021 and applied initially to many member nations including European nations, South Korea, UK, and Japan, and will likely influence vehicle homologation polices in the US, Canada and China. WP.29 will be legally binding within adopting countries, and while the ISO/SAE 21434 standard is not a regulation, it is expected to be widely accepted in the global industry like ISO 26262 is today. "Connected cars bring significant risks and rewards to OEMs and their suppliers," said Chris Rommel, Executive Vice President, IoT & Industrial Technology at VDC Research. "Green Hills has earned a high stature in the industry for supplying security-critical foundational software to companies building life-critical systems like aircraft avionics, vehicle ADAS and medical equipment, and its support of these new cybersecurity standards is noteworthy." "ISO/SAE 21434 and WP.29 are valuable additional steps towards protecting connected vehicles from cybersecurity vulnerabilities," said Dan Mender, VP of Business Development at Green Hills Software. "Green Hills has decades of experience developing and delivering security-certified technologies at the highest levels. Adopting these standards expands our offerings to global automotive OEMs and their suppliers bringing the industry's leading secure software run-time environment to next-generation connected vehicle electronics." Reference (1) Source: VDC Research Group, Inc.: Automotive Cybersecurity Software & Services Market report, 2019 Strategic Insights Security & The Internet of Things Research Program. About Green Hills Software Founded in 1982, Green Hills Software is the worldwide leader in embedded safety and security. In 2008, the Green Hills INTEGRITY-178 RTOS was the first and only operating system to be certified by NIAP (National Information Assurance Partnership comprised of NSA & NIST) to EAL 6+, High Robustness, the highest level of security ever achieved for any software product. Our open architecture integrated development solutions address deeply embedded, absolute security and high-reliability applications for the military/avionics, medical, industrial, automotive, networking, consumer and other markets that demand industry-certified solutions. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom. Green Hills, the Green Hills logo and INTEGRITY are trademarks or registered trademarks of Green Hills Software in the U.S. and/or internationally. All other trademarks are the property of their respective owners.

Read More

DATA SECURITY

Living Security Hosts a Panel of Industry Experts to Discuss Emerging Threats

Living Security | May 27, 2021

Living Security, a pioneer in Human Risk Management and a cybersecurity awareness training leader, is proud to host this year's Breaking Security Awareness Conference 2021, which will be held virtually on Thursday, June 24, 2021. The free event will educate business, IT, and security leaders on the most recent threats emerging in our increasingly digital world, as well as explain how effective training can protect employees both at work and at home. The conference will include a panel of industry thought leaders who will discuss topics such as: • Human risk management • Social engineering • DEI in cybersecurity • Enterprise security awareness • Remote working security • Ransomware Among the speakers this year are executives from Amplitude, Cisco, CISO Series, Forrester, LARES, National CyberSecurity Alliance (NCSA), Netflix, Social Engineer, and Yass Partners. About Living Security The objective of Living Security, which was founded in 2017, is to help prevent cybersecurity breaches by providing a human risk management platform that does more than just meet compliance requirements. It has a real effect on behavior. Living Security believes that empowering individuals is the key to putting an end to breaches. Gamified learning and immersive experiences engage and educate users, while the science-backed, tech-enabled platform enables CISOs to measure efficacy and program ROI uniquely. The Living Security team named one of Austin's Best Places to Work is made up of 50+ cybersecurity professionals dedicated to redefining security awareness training as we know it and transforming end-users into the enterprise's greatest asset against cybercrime. CVS Health, MasterCard, Verizon, MassMutual, Biogen, AmerisourceBergen, Hewlett Packard, JP Morgan, and Target are among the companies that rely on Living Security.

Read More