Data Security

CompTIA ISAO Adds Real-time Cybersecurity Threat Analysis and Intelligence Resources from Sophos

Advanced cybersecurity threat analysis and intelligence capabilities are now available from the CompTIA Information Sharing and Analysis Organization (ISAO) through an expanded collaboration with global next-generation cybersecurity leader Sophos and it industry-leading and highly acclaimed threat research lab, SophosLabs.

The announcement of the new cyber capabilities was made today by CompTIA, the nonprofit association for the information technology (IT) industry and workforce.

CompTIA ISAO members can directly submit suspicious URLs and files through the ISAO's Cyber Forum to SophosLabs Intelix™ for rapid analysis to determine if they are known or zero-day cybersecurity threats. SophosLabs Intelix combines petabytes of threat intelligence derived from decades of SophosLabs threat research with Sophos AI tools and techniques, bringing a powerful new source of threat intelligence to the CompTIA ISAO and its managed services provider (MSP), vendor, distributor, and associate members.

"SophosLabs research illustrates how adversaries are constantly changing their tactics, techniques and procedures (TTPs) to breach targets, move laterally and carry out ransomware and other attacks," said Simon Reed, senior vice president, SophosLabs. "The only way to effectively fight modern cybercrime is if we do it together. That's why Sophos is committed to sharing actionable threat intelligence with the CompTIA community. This new integration gives member organizations advanced abilities to quickly investigate suspicious URLs and files to determine their risk and to understand what happens if they are opened or executed. Powered by machine learning, SophosLabs Intelix predictively convicts never-before-seen threats, and is constantly improving based on the collective input of community intelligence."

"This is a real differentiator for our members, who can access a powerful analysis resource to identify, classify and prevent threats, further protecting themselves and more importantly, their customers," said MJ Shoer, senior vice president and executive director of the CompTIA ISAO.

The new integration expands Sophos' support of the CompTIA ISAO. As a Silver Industry Partner, Sophos has been contributing detailed threat analysis from SophosLabs Uncut to the CompTIA ISAO.

"This is a significant addition to the resources available to our members," Shoer added. "It is the latest example of the support that industry partners such as Sophos have for the CompTIA ISAO, and the commitment we all have to make the industry more secure."

The CompTIA ISAO is a community of nearly 1,200 member companies that share best practices, cyber threat intelligence, educational content and more to help address ever-evolving cyber threats. Working closely with public and private cybersecurity agencies and organizations, the CompTIA ISAO is helping its members understand the threat landscape, defend against current and future attacks and raise cybersecurity awareness throughout the global tech industry.

About CompTIA
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world's economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce.

About Sophos
Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today's most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K.

Spotlight

Spotlight

Related News

Platform Security

OpenText Cybersecurity Nastiest Malware of 2023 Shows Ransomware-as-a-Service Now Primary Business Model

PR Newswire | October 26, 2023

OpenText (NASDAQ: OTEX), (TSX: OTEX), today announced the Nastiest Malware of 2023, an annual ranking of the year's biggest malware threats. For six consecutive years OpenText Cybersecurity threat intelligence experts have analyzed the threat landscape to determine the most notorious malware trends. Ransomware has been rapidly ascending the ranks, with ransomware-as-a-service (RaaS) now the weapon of choice for cybercriminals. This year four new ransomware gangs, believed to be the next generation of previous big players, topped the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit. A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities, said Muhi Majzoub, EVP and Chief Product Officer, OpenText. There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom. This year's list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target. 2023 Nastiest Malware Cl0p, a RaaS platform, became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software. MOVEit victims include such notable organizations as Shell, BBC, and the United States Department of Energy. Black Cat, recognized in our 2021 Nastiest Malware report, believed to be the successor to REvil ransomware group, has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts. Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data. Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt. Lockbit 3.0, a main stain on the list and last year's winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors. Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately. To learn more about the findings of this year's Nastiest Malware analysis, visit the OpenText Cybersecurity Community, as well as tune in to our Nastiest Malware Webinar.

Read More

Platform Security

Fortinet Announces Formation of Veterans Program Advisory Council to Narrow the Cybersecurity Skills Gap with Military Veteran Talent

GlobeNewswire | September 29, 2023

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced it has formed the Veterans Program Advisory Council, made up of a global board of esteemed members from organizations that support the military veterans community across the Five Eyes countries: United States, United Kingdom, New Zealand, Canada, and Australia. Members will provide counsel on how Fortinet can continue meeting the needs of military veterans looking to transition into the cybersecurity field. Military veterans have many complementary skillsets that make them ideal candidates for cybersecurity roles, including discipline, problem-solving under immense pressure, situational awareness, and an understanding of the importance of maintaining a strong defense posture. With the industry facing a talent shortage with an estimated 3.4 million security roles needing to be filled worldwide, the veteran community can play a key role in filling critical cyber roles with access to training, mentorship, and employment opportunities. Yet, the Fortinet 2023 Cybersecurity Skills Gap Global Research Report found that 43% of organizations indicated difficulty in recruiting qualified veterans for cybersecurity roles. At the same time, veteran turnover is high in the industry, with one key reason being the shortage of staff, leading to overwork and burnout. To further address these hurdles veterans face, the esteemed members of the Veterans Program Advisory Council with extensive backgrounds working with the military veteran community and as veterans themselves will help Fortinet strengthen its Veterans Program offerings by providing guidance on how to continue reskilling and upskilling veterans so they can start and stay in various cyber career pathways. Veterans Program Advisory Council members (listed in alphabetical order) include: Chris Barlow, Managing Director at Cerco IT Ltd (U.K.) Marty Donoghue, Chief Executive of the RNZRSA (New Zealand) Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (U.K.) Tom Marsland, Board Chairman and CEO at VetSec, Inc. (U.S.) Heath Moodie, Director of Vets in Cyber (Australia) James Murphy, Director of TechVets Programme, The Forces Employment Charity (U.K.) Bryan Radliff, CyberVets Program Manager at Onward to Opportunity, D’Aniello Institute for Veterans and Military Families (U.S.) Patrick Shaw, Founder of Cyber Catalyst (Canada) Mark Wilcox, Head of Cyber Training, Permanent Opportunities and Partnership at Cerco IT Ltd (U.K.) Fortinet’s Commitment to Supporting Veterans to Close the Cyber Skills Gap The Veterans Program Advisory Council will help build on the Veterans Program's success in providing more cybersecurity training pathways for military veterans with both existing technical background or no IT experience. Fortinet provides Veterans Program members access to its Network Security Experts (NSE) Certification Program curriculum to help them transition into the cybersecurity field and advance in their security careers through access to cyber training, professional development resources, and employment opportunities. This year, the Veterans Program is celebrating five years of helping military service members, veterans, and military spouses receive the fundamental resources they need to transition into cyber roles. Fortinet has also been recognized as a 2023 VETS Indexes Recognized Employer, further underscoring the company’s commitment to supporting the veteran community throughout their careers. Veterans Program Advisory Council Members Biographies Chris Barlow, Managing Director at Cerco IT Ltd (U.K.) Chris Barlow joined Cerco in 2003, and has since established a recruitment division for graduates through Cerco Training, a large proportion of which were British forces veterans. Chris acquired the entire business in 2017, and the company has continued to grow, prosper, and develop further. The vision for Cerco is to become a market leader in taking novice talent and guiding them to the highest levels of IT support and cybersecurity. Chris has made employment connections for new engineers with global IT companies such as Fujitsu, Hewlett-Packard, and IBM. Marty Donoghue, Chief Executive of the RNZRSA (New Zealand) Marty Donoghue has been chief executive of the RNZRSA since October 2020. Marty has a 35-year track record of transformational leadership, successfully building and managing teams and mobilizing volunteers in New Zealand and internationally across defense, sport, science, and in the not-for-profit sector. Marty served in the New Zealand Army for 25 years and is a veteran of Bosnia, Angola, Bougainville, and Iraq. Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (U.K.) Colin Grimes joined TechVets from the education sphere, where he worked as a primary school teacher with particular responsibility for computing across the curriculum. During his time in education, he also worked as a consultant to schools for the National Centre of Computing Education, delivering training to schools in computing and remote learning, leaning on lessons learned during the COVID-19 pandemic. Before this, he enjoyed a 24-year career as an air battle management specialist in the Royal Air Force. He also served as an instructor within the U.K. School of Air Battle Management, where he was responsible for training the next generation of air surveillance specialists. Tom Marsland, Board Chairman and CEO at VetSec, Inc (U.S.) Tom Marsland is a cybersecurity professional with over 21 years of experience in the information technology and nuclear power industry. He has also served over 21 years in the U.S. Navy and has a BS in IT security and an MS in cybersecurity. He is the board chairman of VetSec and the VP of technology and technical services at Cloud Range. Heath Moodie, Director of Vets in Cyber (Australia) Heath is the director of Vets in Cyber, where he is helping to build a mentoring program, running community events, and partnering with industry-leading training providers to offer employment assistance to veterans. As a five-year Australian Army infantry veteran, Heath transitioned into cybersecurity and was immediately confronted with the different cultures between the military community and civilian life. Wanting to be the change that he needed, Heath created a grassroots organization, Vets in Cyber, which is focused on helping to build a community around veterans to offer them the support they need within the cybersecurity industry. James Murphy, Director of TechVets Programme, The Forces Employment Charity (U.K.) James Murphy joined TechVets from Government Digital Services in the Cabinet Office, where he was employed as the head of threat intelligence, providing strategic cyber threat intelligence advice to key decision makers within central government with specific focus on protecting national infrastructure. Prior to this, James served for 19 years in the British military, deploying to Northern Ireland, East Africa, and Afghanistan with the infantry, receiving lifelong injuries as a result of enemy action. James then served the remainder of his service in intelligence, developing the army’s exploitation capability, providing support to U.K. Defence Engagement in East Asia before delivering strategic support to global joint military operations.​ Bryan Radliff, CyberVets Program Manager at Onward to Opportunity (O2O) (U.S.) Bryan Radliff serves as the CyberVets program manager in the Onward to Opportunity Program for the D’Aniello Institute for Veterans and Military Families (IVMF) at Syracuse University. CyberVets is a skills-to-job pathway that aims to fast-track veterans into high-demand cyber careers by providing no-cost employment training, industry certifications, and career services to transitioning service members, veterans, and military spouses. Bryan is a 31-year veteran of the U.S. Army, serving as an enlisted medical supply specialist, infantryman, and an armor/cavalry officer before retiring as a lieutenant colonel. Patrick Shaw, Founder of Cyber Catalyst and Tech Vets (Canada) Founder of Cyber Catalyst and co-founder of Coding For Veterans (CFV), Pat initiated Cyber Catalyst Talent Solutions to assist veterans achieve meaningful and rewarding careers using the skills developed through their upskilling or reskilling studies. Pat curated the CFV secure software development and the cybersecurity curriculum and established the learning approach aligning widely recognized industry certification exams to meet the cyber talent needs of employers. Cyber Catalyst Talent Solutions offers job-focused microcredentialing and certifications in support of job placement. Tech Vets Canada engages veterans and military family members with career mentorship and learning support. Mark Wilcox, Cyber Training, Opportunities and Partnership at Cerco IT Ltd (U.K.) Mark has over 30 years of commercial software development experience, the majority of which has involved web technologies. Throughout his career, Mark has developed and supported complex systems for a range of clients, including the London Stock Exchange, Lloyds Bank, Ryman stationers, Debenhams, and Woolworths. In January 2022, Mark joined Cerco IT to head up the cybersecurity training and employment division. As a key architect of Cerco's Cradle to Cyber training program, an initiative to provide advanced network security skills to Cerco’s trained graduates (many of whom are ex-armed forces), Mark continues to forge relationships with internationally renowned tech and training partners, such as Fortinet and CompTIA. About Fortinet Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.

Read More

Software Security

SAIC Announces New Zero Trust Edge Capability

Business Wire | November 03, 2023

Science Applications International Corp. (NYSE: SAIC) today announced new, purpose-built Zero Trust security capabilities, which provide a solution to answer the Zero Trust pillars addressing data, identity, devices, networks, applications and workloads. The new Zero Trust security capabilities have been tested and validated on an AWS Snowball Edge and AWS Snow Family device with on-board storage and compute power for select Amazon Web Services (AWS) capabilities. AWS Snowball Edge can support local processing and edge-computing workloads in addition to transferring data between a user’s local environment and AWS. SAIC has brought together the best-in-class tools to deliver a mission-ready Zero Trust Edge capabilities that provides multi-level secure data processing and analytics and prioritizes data in a DDIL environment to transport back to the cloud, said Lauren Knausenberger, chief innovation officer at SAIC. This provides warfighters with a critical capability to extend their enterprise OCONUS, with the ability to run disconnected ops and rapidly adopt technologies and capabilities needed for mission success. This capability has the potential to be a critical enabler for Combined Joint All-Domain Command and Control (JADC2), with the ability to deploy at forward operating bases, on air platforms and at sea. Through the combined efforts of AWS; SAIC; Koverse, an SAIC company; Okta; CrowdStrike; Zscaler and Splunk, ready-to-install cybersecurity and Zero Trust technologies combine data and provide multi-level security from the edge through the enterprise. This capability meets the challenges of Wide Area Network (WAN) or no WAN connectivity by enabling offline compute capabilities and replicates mission-critical data after connectivity is restored. These components of software and hardware allow the capabilities to address the five pillars of the Zero Trust Maturity Model and therefore help increase cybersecurity posture at the edge. SAIC is an industry leader in cloud and cybersecurity, addressing Zero Trust security capabilities, including the latest capabilities which have been validated and tested on an AWS Snowball Edge device.

Read More