DATA SECURITY

CompTIA Launches Critical Cybersecurity Information Sharing and Analysis Organization in the U.K.

CompTIA | October 12, 2021

CompTIA, the nonprofit association for the global information technology (IT) industry, today expanded the CompTIA ISAO (Information Sharing and Analysis Organization) to the United Kingdom to serve as the focal point for dealing with cyber-threats to technology vendors, MSPs, solution providers, integrators, distributors, and business technology consultants.

We are in a time of unprecedented and malicious hacking activity, much of which is targeted specifically at technology product, service and solution companies,CompTIA aims to improve the cybersecurity landscape in the U.K. by bringing together the know-how and power of the industry to deliver timely, relevant, actionable threat intelligence that companies can use to protect themselves and more importantly, to keep their customers safe and secure.

said MJ Shoer, senior vice president, executive director of the CompTIA ISAO

The CompTIA ISAO, which launched in the United States in 2020, currently has over 1,200 member companies and growing. Axcient, ConnectWise, Dark Cubed, Dell Technologies, and Sophos are Industry Partners of the CompTIA ISAO. The CompTIA ISAO is a member led initiative governed by three co-equal councils, the Executive Advisory Council, the MSP Champions Council and the SME (Subject Matter Expert) Champions Council representing all categories of CompTIA ISAO membership.

"In the current climate of cybercrime, one of the best ways to sharpen the industry's defences against today's cyberattacks, including ransomware, is through industry experts sharing threat intelligence. This move to launch the CompTIA ISAO in the UK will advance industry collaboration and innovation, and Sophos is proud to be a part of this effort," said James Wilson, product director, Sophos. "Having access to SophosLabs Intelix within the ISAO gives members easy and quick access to actionable, relevant threat intelligence from Sophos. Research from SophosLabs continually highlights how adversaries are constantly adapting their tactics, techniques and procedures (TTPs) to breach targets and carry out attacks and emphasises how essential it is for us to work together."

Additionally, innovative partnerships have been forged with the Information Technology-Information Sharing and Analysis Center (IT-ISAC) and  TruSTAR to build out the threat intelligence feed and custom reporting that will serve as the backbone of the CompTIA ISAO. This ensures that members will receive critical, targeted, real-time information in a way that's easy to understand and act upon.

"Raising the cybersecurity resilience of the global tech industry is important for everyone," Shoer explained. "This is how, together, we will fight back against this existential threat and do the right thing for our industry and the global economy."

The CompTIA ISAO is dedicated to advancing the cybersecurity resiliency of the global technology industry. It is a resource where organizations in the business of technology can share real-time threat intelligence, analysis of potential impacts, coordinated countermeasure response efforts, cybersecurity best-practice adoption, and workforce education.

In addition to the latest cybersecurity intelligence data, all CompTIA ISAO members will receive full access to CompTIA corporate member benefits, including all the resources, communities and tools designed to help a technology business thrive.

About CompTIA
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world's economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce.

Spotlight

In this paper, RSA examines the need for strong authentication. They explore the return on investment in order to help organizations make an informed decision when contemplating their strategic move toward more effective security.

Spotlight

In this paper, RSA examines the need for strong authentication. They explore the return on investment in order to help organizations make an informed decision when contemplating their strategic move toward more effective security.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Datadog Announces Integration with Amazon Security Lake

Datadog | November 30, 2022

Datadog, Inc., the monitoring and security platform for cloud applications, today announced a new integration with Amazon Security Lake. The integration, announced during AWS re:Invent, makes it easy for Amazon Security Lake users to send cloud security logs to Datadog in a standard format. Building data pipelines in order to aggregate and route security logs to various security analytics solutions can be a cumbersome and time-consuming process. For Amazon Security Lake customers, Datadog's integration provides an easy way to send security logs to Datadog with minimal configuration required. Once security logs are ingested into Datadog, customers can analyze and identify threats through out-of-the-box detection rules or by writing custom security rules. They can also do deeper investigations using Datadog's log management tools. "Amazon Security Lake makes it easier for teams to manage their cloud security data and analyze it with partner solutions of their choice," said Rod Wallace, General Manager for Amazon Security Lake. "Datadog's integration with Amazon Security Lake will allow customers to collect their security logs to improve their cybersecurity posture and send them to Datadog for analysis leveraging an open source schema." "Security threat detection and investigation is dependent on an effective logging strategy that ensures critical logs are being properly analyzed. However, managing dozens of log integrations from cloud-hosted accounts and entities can be cumbersome and lead to gaps in visibility. "Amazon Security Lake and Datadog are working together to provide an easy way to set up and manage important log integrations for Datadog Cloud SIEM, giving customers deep visibility into their most critical infrastructure." Pierre Betouin, SVP of Security Products at Datadog About Datadog Datadog is the monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Elektrobit and Argus Cyber Security announce industry-first automotive switch firmware pre-integrated with cyber security functionality

Elektrobit | September 15, 2022

Elektrobit, a visionary global vendor of software products for the automotive industry, and Argus Cyber Security, a world leader in cyber security products and services for mobility platforms, today announced the launch of EB zoneo SwitchCore Shield, an industry-first pre-integrated solution of embedded intrusion detection and prevention (IDPS) functionality within advanced network management systems for next-generation vehicles. The joint solution is an automotive-grade switch firmware for E/E architectures that pre-integrates Argus Ethernet IDPS, a cyber security protection layer for automotive Ethernet networks, as an embedded module. This production-ready solution reduces carmakers' integration costs and risks while accelerating new vehicles' time to market. Building upon decades of automotive expertise from Elektrobit and Argus, this breakthrough solution allows carmakers to evaluate data detected and quickly determine actions required to confront an attempted cyber-attack. Adding a layer of intelligence and cyber protection to automotive Ethernet switches, facilitates the management of the growing number of network functions required to enhance the scalability, safety, and security of vehicles. By offloading network and cyber-related tasks to the switch firmware, it optimizes the microcontroller unit's computational resource consumption. EB zoneo SwitchCore Shield also enables carmakers to comply with emerging cyber security regulations, such as UN R155 and Chinese GB/T, and also takes security a step further, providing an additional layer of threat prevention via Argus Ethernet IDPS for increased interoperability with Classic AUTOSAR systems. "We developed EB zoneo SwitchCore Shield to fill the gap between the cyber security domain and the advanced networking needed for next-gen, software-defined vehicles. "We're helping carmakers to save time and money by providing a pre-integrated solution built to meet the highest levels of safety and security regulations." Mike Robertson, head of product and strategy management, Elektrobit About Elektrobit Elektrobit is an award-winning and visionary global vendor of software products and services for the automotive industry. A leader in automotive software with over 35 years serving the industry, Elektrobit's software powers over five billion devices in more than 600 million vehicles and offers flexible, innovative solutions for car infrastructure software, connectivity & security, automated driving and related tools, and user experience. Elektrobit is a wholly-owned, independently-operated subsidiary of Continental. About Argus Cyber Security Argus is a global leader in cyber security for connected mobility, providing products and services for embedded automotive systems and backend, fleet-level security functions. Founded in 2014, Argus is headquartered in Tel Aviv, Israel, with offices in Michigan, Stuttgart, Paris, Tokyo, and Seoul. Argus is an independent subsidiary of Elektrobit, a leading provider of automotive software products and services.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Saviynt Completes the Australian Information Security Registered Assessor Program Assessment

Saviynt | November 08, 2022

Saviynt, a leading provider of intelligent identity and access governance solutions, today announced it has successfully completed the Information Security Registered Assessor Program (IRAP) assessment. As an important validation for security vendors doing business with government agencies in Australia, the IRAP assessment confirms that Saviynt's Enterprise Identity Cloud (EIC) is assessed at the PROTECTED level. Validating the effectiveness of security controls offered by the Enterprise Identity Cloud for storing, processing, and communicating information up to the PROTECTED information classification level. The IRAP program enables Australian government customers to validate that appropriate controls are in place for addressing the requirements of the Australian Government Information Security Manual (ISM) produced by the Australian Cyber Security Centre (ACSC). An independent IRAP assessor examined the Saviynt solution, including people, processes, and technology, against the requirements of the ISM. "The IRAP assessment is the latest milestone in Saviynt’s rapid growth in the Asia Pacific region. "It allows us to provide our government and commercial Enterprise Identity Cloud customers in the APAC region with the confidence that their data is fully protected from unauthorized access when leveraging cloud services.” Dan Mountstephen, Senior VP, Asia Pacific, Saviynt Saviynt’s Enterprise Identity Cloud is the only converged identity platform that provides unmatched levels of visibility and security. By combining identity access management, cloud privileged access management, application access management for cross-application separation of duties, third-party access management, and data access governance in a converged platform, Saviynt helps modern enterprises scale cloud initiatives while also solving the toughest security and compliance challenges. About Saviynt Saviynt's Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and privileged access to secure the entire business ecosystem and provide a frictionless user experience.

Read More