DATA SECURITY

Cyber Intelligence Expert's Firm Launches New Security Tool to Detect and Defend Threats to Critical National Infrastructure

The Bellwether Group | October 28, 2021

Cyber Intelligence Expert's Firm Launches New Security Tool to Detect and Defend Threats to Critical National Infrastructure
Timed to coincide with the new U.S. focus on cyber security in the critical infrastructure, The Bellwether Group introduces VAULT Systems, a custom hardware and intelligent software platform capable of visualizing data and detecting, defending and mitigating cyber threats to critical national infrastructure.

The announcement coincides with the July 28, 2021, National Security Memorandum issued from the White House that targets cybersecurity threats as "the most significant and growing issues confronting our Nation."

"The Memorandum establishes a voluntary initiative intended to drive collaboration between the federal government and the critical infrastructure community to improve the cybersecurity of control systems. VAULT Systems can help the critical infrastructure community improve their cybersecurity posture,Critical infrastructure includes electric, water, oil and natural gas, transportation, food and beverage distribution, as well as interconnected systems such as maritime and port operations, air traffic control, and dams.

The Bellwether Group CEO and founder Tim Teal

"We are launching VAULT Systems custom hardware and intelligent software platform, specifically designed to decipher, monitor and protect critical infrastructure," said Teal. The new VAULT Systems leverages best-in-class ICS (Incident Command System) and SCADA (Supervisory Control and Data Acquisition) equipment data collection and visualization tools from IoT International, as well as custom cyber network defense and forensics analytics developed by The Bellwether Group, Inc. This combination will enable operators to monitor equipment, and identify and actively deter cyber threats in real time.

Teal recently retired from the U.S. Cyber Command as the Director of J6/J8/J9 of the Cyber National Mission Force at US Cybercommand. He was also a founding member of the National Security Agency's "Hunt Mission," which deployed tactical tools and capabilities to detect and eradicate network adversaries across the Department of Defense. This background and knowledge of cyber operations and defense enables The Bellwether Group to add unparalleled tools and capabilities to protect critical infrastructure.

About The Bellwether Group
Founded two years ago by U.S. cybersecurity expert, Tim Teal, the Bellwether Group is a veteran-owned and operated small business in Maryland. In addition to VAULT Systems, The Bellwether Group also has a custom hardware and software product line called Vimana™. The Vimana™ platforms are designed to support cyber operations globally through advanced artificial intelligence situational awareness software and state of the art cyber tools.

Spotlight

This video explains all the parameters to take into account to be prepared for any cyberattack. Assystem offers a great expertise in cybersecurity and propose to its customers the best solution according to their systems, the nature of the risks and the economical background.

Related News

DATA SECURITY

Google Announces Cybersecurity Action Team to Support the Security Transformations of Public and Private Sector Organizations

Cybersecurity Action Team | October 13, 2021

Google announced the Google Cybersecurity Action Team. Made up of experts from across the company, the Google Cybersecurity Action Team will be the world's premier security advisory team with the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises and small businesses. To deliver on this mission, the Google Cybersecurity Action Team will provide: Strategic advisory services for customers' security strategies, including transformation workshops and educational content. This function will advise customers on the structure of their digital security transformation and provide program management and professional services support. Trust and compliance services that map our global compliance certifications to industry control frameworks, enabling customers to simplify their compliance journey. Security customer and solutions engineering that deliver proven blueprints and architectures for deploying Google Cloud products and services securely and in accordance with regulatory requirements, as well as comprehensive solutions for autonomic security operations, cyber resilience and more. Threat intelligence and incident response services, which include threat briefings, preparedness drills, incident support and rapid response engagements to stay on top of the evolving security landscape. The vision of this team is to guide customers through the cycle of security transformation - from their first transformation roadmap and implementation, through increasing their cyber-resilience preparedness for potential events and incidents, and engineering new solutions as requirements change. This effort will begin within Google Cloud, building on our close partnerships with organizations of all sizes, and will evolve to bring Google security to more organizations as it progresses. "Cybersecurity is at the top of every C-level and board agenda, given the increasing prominence of software supply chain exploits, ransomware, and other attacks. To address these unprecedented security challenges facing organizations in every industry today, we are announcing the creation of the Google Cybersecurity Action Team," said Thomas Kurian, CEO of Google Cloud. "The Google Cybersecurity Action Team is part of our ongoing commitment to be the best partner for our enterprise and government customers along their security transformation journey." Recent attacks like USAID, Colonial Pipeline, and Solarwinds all speak to a major shift in the needs of threat protection. In August, Google dedicated $10 billion over the next five years to strengthen cybersecurity, including expanding zero trust programs, securing software supply chain frameworks, enhancing open-source security and strengthening the digital security skills of the American workforce. The Google Cybersecurity Action team is one of our efforts under these commitments. "The Cybersecurity and Infrastructure Security Agency (CISA) recently established the Joint Cyber Defense Collaborative (JCDC). This initiative will unite government and private sector entities to enhance efforts to prevent and respond to malicious cyber activity against the nation's critical infrastructure," said CISA Director Jen Easterly. "It's great to see a large company like Google Cloud orient itself to support the cybersecurity of all organizations large and small through its Cybersecurity Action Team, and as part of the JCDC and other initiatives, we look forward to partnering with them and other tech companies in this vital effort." "Google Cloud has been a critical partner in the BBVA security journey, helping us protect our customers' sensitive and proprietary data with modern frameworks like zero trust and secure-by-default products like Google Workspace," said Alvaro Garrido, Chief Security Officer at BBVA. "We look forward to the strategic services and guidance the Google Cybersecurity Action Team will deliver as we continue on our security transformation." Under the Google Cybersecurity Action Team, Google Cloud will deliver full spectrum security and customer engineering solutions that will help organizations address business and security challenges. These will build on existing offerings like Autonomic Security Operations, which helps businesses transform their organization's Security Operations Center (SOC) and Web App and API Protection, which provides customers a comprehensive solution for protecting against modern internet threats. Today, Google Cloud announced a new security and resiliency framework that delivers customers a comprehensive security management program with cloud technologies that are aligned to the National Institute of Standards and Technology's Cybersecurity Framework. Additionally, Google also announced its new Work Safer offering, designed to help organizations, their employees, and partners collaborate and communicate securely and privately in today's hybrid work environment. It uniquely brings together the cloud-native, zero-trust solutions of Google Workspace with industry-leading solutions from across Google and its cybersecurity partners, CrowdStrike and Palo Alto Networks. Customers need a consistent approach to preparing for and defending against cybersecurity threats,Our comprehensive suite of security solutions delivered through our platform and amplified by the Google Cybersecurity Action Team will help protect organizations against adverse cyber events with capabilities that address industry frameworks and standards. Phil Venables, Vice President and Chief Information Security Officer at Google Cloud and founder of the Google Cybersecurity Action Team About Google Cloud Google Cloud accelerates organizations' ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Read More

Cisco Makes Webex More Secure, Triples Video Call Capacity

Cisco | June 18, 2020

Cisco has revealed its video conferencing platform Webex will receive a host of new security facilities designed to better reflect the new business reality. Cisco Live! 2020, the firm announced it would build upon existing security facilities by extending its data loss prevention (DLP) retention. Like competitors Zoom and Microsoft Teams, Cisco was well-positioned to capitalize on the sudden dependence on cloud-based collaboration services. Cisco has revealed its video conferencing platform Webex will receive a host of new security facilities designed to better reflect the new business reality, amid an unprecedented surge in demand. At Cisco Live! 2020, the firm announced it would build upon existing security facilities by extending its data loss prevention (DLP) retention, Legal Hold and eDiscovery to Webex Meetings. The service will also see AES 256 Bit encryption with GCM mode added to its end-to-end encryption options - a move designed to deliver superior protection for meeting data and resistance to tampering. The company also revealed it has scaled Webex’s global capacity dramatically in recent weeks, and is now running the service at three times the previous capacity. The platform supported half a billion meeting participants in April alone, accounting for 25 billion meeting minutes. Read more: CISCO TO SECURE ITS BLOCKCHAIN-AS-A-SERVICE (BAAS) PLATFORM FOR ENTERPRISE SECURITY Think this is the opportunity, this is the time to build out a more robust technology infrastructure to prepare for what’s next, because we don’t know what will come next ~ Robbins said, Cyber Security What we know is possible now versus what we believed 6 months will fundamentally change how we think about work in the future. Period.It’s time to think about how our wider network architecture really needs to change, based on these incredibly different traffic flows we see today, versus the way they were when we architected this infrastructure 15-20 years ago. Like competitors Zoom and Microsoft Teams, Cisco was well-positioned to capitalize on the sudden dependence on cloud-based collaboration services. Having scaled rapidly to match the explosion in demand, the firm is now looking to cement its position with a heightened emphasis on security - an issue that has defined recent debates around video collaboration. When it comes to business meetings, learning in classrooms, doctors appointments, government hearings - those need safeguarding,” said Javed Khan, VP and GM of Cisco’s Collaboration Group. Security has to be core to who you are as a company. It is not something that can be bolted on top as an afterthought. It’s time to think about how our wider network architecture really needs to change, based on these incredibly different traffic flows we see today, versus the way they were when we architected this infrastructure. According to the firm, dynamism defines the new enterprise environment, and security measures should reflect this new reality. Cybercriminals have launched a new series of phishing attacks which attempt to steal the account credentials of Cisco Webex users by utilizing fake certificate error warnings. Just as other video conferencing software has seen a huge uptick in usage by remote workers during the pandemic, so to has Cisco's video and team collaboration solution. So far the campaign, which uses graphics and formatting taken from legitimate Cisco emails to impersonate the company, has already sent out phishing emails to up to 5,000 Webex users according to the email security firm Abnormal Security. The attackers try to lure in users by inducing a sense of urgency in their phishing emails that are designed to closely resemble the automated SSL certificate error alerts that the company sends out to its customers. The phishing emails used in the campaign warn unsuspecting users that they need to verify their accounts as they are blocked by the administrator as a result of Webex Meeting SSL certificate errors. Users are then asked to click on an embedded “Log in” hyperlink in the message and sign in in order to unlock their accounts. Abnormal Security provided more details on the link contained in the campaign's phishing emails in an advisory, saying. Read more: GOOGLE TOP CHOICE FOR CYBERCRIMINALS FOR BRAND-IMPERSONATION SPEAR-PHISHING CAMPAIGNS

Read More

DATA SECURITY

Cybersecurity Startup BitTrap Develops Groundbreaking Detection Technology to Address Surge in Cyberattacks

BitTrap | October 05, 2021

Startup company BitTrap has announced a blockchain-based cybersecurity solution that leverages attackers' motivations to provide singular detection capabilities. This approach differs from cybersecurity paradigms that focus on trying to keep attackers from breaking in. Instead, it assumes some have already made their way inside a network, undetected, and is designed to identify them and reduce hacker dwell time in the compromised system. The system works by deploying a vast network of wallets in every endpoint or cloud instance. Each wallet contains a risk-adjusted bounty of cryptocurrency assets calibrated, based on research from the BitTrap Attacker Behavioral Labs, to ensure it will capture an attacker's attention. Collecting the bounty triggers an incident-response operation that alerts the organization of the breach, effectively causing the hacker to reveal their presence. The vulnerability can be quickly assessed and patched while avoiding ransomware and data exfiltration altogether. BitTrap began operations in 2020 after cyberattacks multiplied during the global pandemic. The company's founders, who combine decades of industry experience in cybersecurity and expertise in attacker behavior, developed the groundbreaking technology to help companies actually benefit from cyberattacks. "It is very important to capitalize on security incidents, using each opportunity to learn and prioritize efforts," said BitTrap CTO Ariel Futoransky. "We need to understand our adversaries' main motivation and use it to overcome our challenges and reduce the impact of attacks. With our unique approach, we can tackle both issues at the same time. We go a long way beyond intrusion detection or deception." The company is particularly proud of the new solution. Through the company's Attacker Behavioral Labs, Altszul said, "We intend to keep investing and developing the most sophisticated capacity in the industry to understand attacker behavior. After our initial success, we are getting ready to raise a new round of financing to fuel our expansion in the market. BitTrap CEO Jonatan Altszul About BitTrap BitTrap is a cybersecurity solution company with a groundbreaking crypto approach, changing how companies face and resolve attacks while saving money along the way. BitTrap triggers immediate alarms using risk-adjusted economic incentives to reveal vulnerabilities without compromising performance. We go far beyond deception technology.

Read More

Spotlight

This video explains all the parameters to take into account to be prepared for any cyberattack. Assystem offers a great expertise in cybersecurity and propose to its customers the best solution according to their systems, the nature of the risks and the economical background.