Home > News > Top Stories > Cyber Intelligence Expert's Firm Launches New Security Tool to Detect and Defend Threats to Critical National Infrastructure

Data Security

Cyber Intelligence Expert's Firm Launches New Security Tool to Detect and Defend Threats to Critical National Infrastructure

Timed to coincide with the new U.S. focus on cyber security in the critical infrastructure, The Bellwether Group introduces VAULT Systems, a custom hardware and intelligent software platform capable of visualizing data and detecting, defending and mitigating cyber threats to critical national infrastructure.

The announcement coincides with the July 28, 2021, National Security Memorandum issued from the White House that targets cybersecurity threats as "the most significant and growing issues confronting our Nation."

"The Memorandum establishes a voluntary initiative intended to drive collaboration between the federal government and the critical infrastructure community to improve the cybersecurity of control systems. VAULT Systems can help the critical infrastructure community improve their cybersecurity posture,Critical infrastructure includes electric, water, oil and natural gas, transportation, food and beverage distribution, as well as interconnected systems such as maritime and port operations, air traffic control, and dams.

The Bellwether Group CEO and founder Tim Teal

"We are launching VAULT Systems custom hardware and intelligent software platform, specifically designed to decipher, monitor and protect critical infrastructure," said Teal. The new VAULT Systems leverages best-in-class ICS (Incident Command System) and SCADA (Supervisory Control and Data Acquisition) equipment data collection and visualization tools from IoT International, as well as custom cyber network defense and forensics analytics developed by The Bellwether Group, Inc. This combination will enable operators to monitor equipment, and identify and actively deter cyber threats in real time.

Teal recently retired from the U.S. Cyber Command as the Director of J6/J8/J9 of the Cyber National Mission Force at US Cybercommand. He was also a founding member of the National Security Agency's "Hunt Mission," which deployed tactical tools and capabilities to detect and eradicate network adversaries across the Department of Defense. This background and knowledge of cyber operations and defense enables The Bellwether Group to add unparalleled tools and capabilities to protect critical infrastructure.

About The Bellwether Group
Founded two years ago by U.S. cybersecurity expert, Tim Teal, the Bellwether Group is a veteran-owned and operated small business in Maryland. In addition to VAULT Systems, The Bellwether Group also has a custom hardware and software product line called Vimana™. The Vimana™ platforms are designed to support cyber operations globally through advanced artificial intelligence situational awareness software and state of the art cyber tools.

Spotlight

More featured news

Spotlight

Related News

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Platform Security

OpenText Cybersecurity Nastiest Malware of 2023 Shows Ransomware-as-a-Service Now Primary Business Model

PR Newswire | October 26, 2023

OpenText (NASDAQ: OTEX), (TSX: OTEX), today announced the Nastiest Malware of 2023, an annual ranking of the year's biggest malware threats. For six consecutive years OpenText Cybersecurity threat intelligence experts have analyzed the threat landscape to determine the most notorious malware trends. Ransomware has been rapidly ascending the ranks, with ransomware-as-a-service (RaaS) now the weapon of choice for cybercriminals. This year four new ransomware gangs, believed to be the next generation of previous big players, topped the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit. A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities, said Muhi Majzoub, EVP and Chief Product Officer, OpenText. There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom. This year's list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target. 2023 Nastiest Malware Cl0p, a RaaS platform, became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software. MOVEit victims include such notable organizations as Shell, BBC, and the United States Department of Energy. Black Cat, recognized in our 2021 Nastiest Malware report, believed to be the successor to REvil ransomware group, has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts. Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data. Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt. Lockbit 3.0, a main stain on the list and last year's winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors. Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately. To learn more about the findings of this year's Nastiest Malware analysis, visit the OpenText Cybersecurity Community, as well as tune in to our Nastiest Malware Webinar.

Read More

Software Security

Cisco to Secure Splunk for Resilience and Security in AI-Driven World

Cisco | September 25, 2023

Cisco and Splunk are joining forces to advance organizations from reactive threat handling to proactive threat anticipation and prevention. Together, they will emerge as a major global software entity, boosting Cisco's shift towards recurring revenue. This collaboration unites two esteemed workplaces with shared values, robust cultures, and skilled teams. The synergy between these pioneering companies positions them for leadership in AI-driven security and observability. Anticipated to yield positive cash flow and improved gross margins in the initial fiscal year following the merger, with non-GAAP EPS enhancement expected by year two. Cisco and Splunk, the leader in cybersecurity and observability, today announced a definitive agreement under which Cisco will acquire Splunk for $157 per share in cash, representing an equity value of approximately $28 billion. Gary Steele, president and CEO of Splunk, will join Cisco's Executive Leadership Team upon completion of the acquisition, reporting to Cisco chair and CEO Chuck Robbins. Chair and CEO of Cisco, Chuck Robbins, remarked, We're excited to bring Cisco and Splunk together. Our combined capabilities will drive the next generation of AI-enabled security and observability. From threat detection and response to threat prediction and prevention, we will help make organizations of all sizes more secure and resilient. [Source: Cision PR Newswire] Every company relies on data to operate its business and make mission-critical choices in today's hyper-connected environment. Accelerating and adopting generative AI, growing danger surfaces, and different cloud environments offer unprecedented complexity for enterprises. To be digitally resilient, organizations must better manage, preserve, and unleash data's value. Gary Steele, president and CEO of Splunk, stated that they would together form a global security and observability leader that will harness the power of data and AI to deliver outstanding customer outcomes and transform the industry. Steele added that they’re eager to join forces with a trusted and long-time partner who shares their passion for innovation and top customer experience, and they expect their community of Splunk employees to benefit from the greater opportunities as they bring together two purpose-driven and respected organizations. Cisco and Splunk will give insight across hybrid and multi-cloud systems, enabling clients to provide seamless application experiences for digital enterprises. The companies can help other organizations responsibly use AI due to their scale, data visibility, and trust. These two firms will unite to invest more in innovative products, accelerate innovation, and expand globally to serve clients of all sizes. The transaction is expected to be cash flow positive and gross margin accretive in the first fiscal year post-close, with non-GAAP EPS accretive in year two. The acquisition is subject to regulatory approval and customary closing conditions, including approval by Splunk shareholders. Advisors for the Cisco-Splunk acquisition include Tidal Partners LLC, Simpson Thacher & Bartlett LLP Cravath and Swaine & Moore LLP, among others.

Read More

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Platform Security

OpenText Cybersecurity Nastiest Malware of 2023 Shows Ransomware-as-a-Service Now Primary Business Model

PR Newswire | October 26, 2023

OpenText (NASDAQ: OTEX), (TSX: OTEX), today announced the Nastiest Malware of 2023, an annual ranking of the year's biggest malware threats. For six consecutive years OpenText Cybersecurity threat intelligence experts have analyzed the threat landscape to determine the most notorious malware trends. Ransomware has been rapidly ascending the ranks, with ransomware-as-a-service (RaaS) now the weapon of choice for cybercriminals. This year four new ransomware gangs, believed to be the next generation of previous big players, topped the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit. A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities, said Muhi Majzoub, EVP and Chief Product Officer, OpenText. There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom. This year's list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target. 2023 Nastiest Malware Cl0p, a RaaS platform, became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software. MOVEit victims include such notable organizations as Shell, BBC, and the United States Department of Energy. Black Cat, recognized in our 2021 Nastiest Malware report, believed to be the successor to REvil ransomware group, has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts. Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data. Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt. Lockbit 3.0, a main stain on the list and last year's winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors. Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately. To learn more about the findings of this year's Nastiest Malware analysis, visit the OpenText Cybersecurity Community, as well as tune in to our Nastiest Malware Webinar.

Read More

Software Security

Cisco to Secure Splunk for Resilience and Security in AI-Driven World

Cisco | September 25, 2023

Cisco and Splunk are joining forces to advance organizations from reactive threat handling to proactive threat anticipation and prevention. Together, they will emerge as a major global software entity, boosting Cisco's shift towards recurring revenue. This collaboration unites two esteemed workplaces with shared values, robust cultures, and skilled teams. The synergy between these pioneering companies positions them for leadership in AI-driven security and observability. Anticipated to yield positive cash flow and improved gross margins in the initial fiscal year following the merger, with non-GAAP EPS enhancement expected by year two. Cisco and Splunk, the leader in cybersecurity and observability, today announced a definitive agreement under which Cisco will acquire Splunk for $157 per share in cash, representing an equity value of approximately $28 billion. Gary Steele, president and CEO of Splunk, will join Cisco's Executive Leadership Team upon completion of the acquisition, reporting to Cisco chair and CEO Chuck Robbins. Chair and CEO of Cisco, Chuck Robbins, remarked, We're excited to bring Cisco and Splunk together. Our combined capabilities will drive the next generation of AI-enabled security and observability. From threat detection and response to threat prediction and prevention, we will help make organizations of all sizes more secure and resilient. [Source: Cision PR Newswire] Every company relies on data to operate its business and make mission-critical choices in today's hyper-connected environment. Accelerating and adopting generative AI, growing danger surfaces, and different cloud environments offer unprecedented complexity for enterprises. To be digitally resilient, organizations must better manage, preserve, and unleash data's value. Gary Steele, president and CEO of Splunk, stated that they would together form a global security and observability leader that will harness the power of data and AI to deliver outstanding customer outcomes and transform the industry. Steele added that they’re eager to join forces with a trusted and long-time partner who shares their passion for innovation and top customer experience, and they expect their community of Splunk employees to benefit from the greater opportunities as they bring together two purpose-driven and respected organizations. Cisco and Splunk will give insight across hybrid and multi-cloud systems, enabling clients to provide seamless application experiences for digital enterprises. The companies can help other organizations responsibly use AI due to their scale, data visibility, and trust. These two firms will unite to invest more in innovative products, accelerate innovation, and expand globally to serve clients of all sizes. The transaction is expected to be cash flow positive and gross margin accretive in the first fiscal year post-close, with non-GAAP EPS accretive in year two. The acquisition is subject to regulatory approval and customary closing conditions, including approval by Splunk shareholders. Advisors for the Cisco-Splunk acquisition include Tidal Partners LLC, Simpson Thacher & Bartlett LLP Cravath and Swaine & Moore LLP, among others.

Read More

More featured news