Cyber security expert weighs in on recent LA OMV cyberattack

KLFY News | December 04, 2019

Two weeks ago, several Louisiana DMV’s were the victim of a ransomware attack that hit computer servers and disrupted critical functions across the state. Many of the DMV branch locations remain closed as state workers try to recover. News 10 spoke with a cyber security expert about the recovery process and why the government industry continues to be a prime target. Kierk Sanderlin, Head of Engineering with Check Point Software, said, “Typically, what we see is that malware like a virus gets introduced into the environment and it may be delivered through an email like a phishing email. It may be a link embedded on a website, but somebody clicks on something. Somebody opens the file that contains this malware which ultimately infects their mobile device laptop.” Louisiana’s Office of Motor Vehicles Commissioner Karen St. Germain told The Advocate that 28 percent of her agency’s 79 locations are up and running, and another six planned to open Monday. St. Germain says officials worked through the thanksgiving weekend on service restorations and the agency is opening offices “as fast as we possibly can.”

Spotlight

Backing up transactional databases is often views as a complicated matter. It’s not enough to ensure backups are being performed; they need to be successful for data to be completely and accurately restored and recovered. This white paper discusses a data loss recovery appliance that provides continuous data protection, combined with off-site replication and efficient backup and recovery. Read on to discover how this model can not only simplify your data management, but also reduce your enterprise’s RPO and RTO in the event of a disaster.

Spotlight

Backing up transactional databases is often views as a complicated matter. It’s not enough to ensure backups are being performed; they need to be successful for data to be completely and accurately restored and recovered. This white paper discusses a data loss recovery appliance that provides continuous data protection, combined with off-site replication and efficient backup and recovery. Read on to discover how this model can not only simplify your data management, but also reduce your enterprise’s RPO and RTO in the event of a disaster.

Related News

PLATFORM SECURITY

Morganfranklin Launches Cybersecurity Innovation Center

Morganfranklin | June 14, 2022

MorganFranklin Consulting, a management consulting business located in Washington, DC, has opened a new cybersecurity innovation center (CIC). Customers will be able to obtain insight into how security technologies will perform in their environment and how cyberattacks will influence their systems thanks to the bespoke, interactive lab environment. “As ever-increasing and more sophisticated attacks combine with rapid digital transformation, cybersecurity preparation has never been more challenging or more important. The MorganFranklin Cybersecurity Innovation Center is a powerful new way to help our clients answer essential questions that improve their security operations, upskill their teams, and address their most pressing threats.” John Fung, a director in MorganFranklin’s cybersecurity operations practice area Clients can duplicate their live systems and troubleshoot countermeasures to the most recent attack vectors prior to deployment. Customers can also assess how different security products from different vendors perform alone and together in order to optimize program spending. The CIC will enable MorganFranklin to produce continual threat information and optimize its cybersecurity practices. The extended cybersecurity practice of the consultancy offers services in program planning, governance, risk, and compliance; identity and access management; cybersecurity operations; incident response; business and technology resilience; risk intelligence; and managed security. MorganFranklin offers accounting and risk advisory services, strategic transformation and program execution, supply chain and retail management, technological enablement, and cybersecurity consultancy. The company employs over 600 workers across eight locations in the United States.

Read More

SOFTWARE SECURITY

Salt Security Joins AWS ISV Accelerate Program

Salt Security | July 13, 2022

Salt Security, the leading API security company, today announced that it has been accepted as part of the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, a co-sell program for AWS Partners who provide software solutions that run on or integrate with AWS. Acceptance validates the proven integration of the Salt Security API Protection Platform with AWS and provides Salt Security with direct access to additional AWS resources to optimize solutions for joint customers. Many Salt Security customers, including Armis, Xolv, bp Launchpad, TripActions, and others rely on the Salt platform to secure API-driven environments in AWS. "By joining AWS ISV Accelerate, we strengthen our existing alliance with AWS, augmenting our status as Advanced Technology Partner and as a significant cybersecurity ISV Partner. "We are thrilled to work closely with AWS to help joint customers with their cloud journey by protecting critical data and services with the industry's leading API security solution." Gilad Barzilay, head of business development for Salt Security AWS ISV Accelerate helps drive new business globally and accelerate sales cycles by connecting participating ISVs with the AWS sales organization, providing better customer outcomes, and assuring mutual commitment from AWS and partners. Customers tap the Salt platform to discover their APIs, protect them during runtime, and improve their API security posture. The Salt Security API Protection Platform correlates user behavior over time to pinpoint and stop attackers, using its rich context about reconnaissance activities to create a single alert, eliminate false positives, and allow incident response teams to quickly take action. Only Salt Security applies cloud-scale big data, with the industry's most time-tested AI and ML algorithms, to provide the insights needed for API security. Through its patented API Context Engine (ACE) architecture, the platform can identify the early indicators of an attack, stop attackers from advancing and turn attackers into penetration testers, leading to valuable feedback for security teams to identify and eliminate API vulnerabilities. About Salt Security Salt Security protects the APIs that form the core of every modern application. Its API Protection Platform is the industry's first patented solution to prevent the next generation of API attacks, using machine learning and AI to automatically and continuously identify and protect APIs. Only Salt Security has the ability to correlate activities across millions of APIs and users over time and provide real-time analysis of all that data. Deployed in minutes, the Salt Security platform learns the granular behavior of a company's APIs and requires no configuration or customization to pinpoint and block API attackers.

Read More

PLATFORM SECURITY

Zscaler Achieves Zero Trust Security-as-a-Service FedRAMP High Authorization

Zscaler | August 02, 2022

Zscaler, Inc., the leader in cloud security, today announced that Zscaler Internet Access™ (ZIA™) achieved Federal Risk and Authorization Management Program (FedRAMP) High Authority to Operate from the FedRAMP Joint Authorization Board (JAB). This federal government certification enables ZIA to meet civilian agencies’ high security requirements, as well as those of the Department of Defense (DoD) and other intelligence organizations. ZIA is currently the only Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution that has achieved FedRAMP’s highest authorization. FedRAMP High authorization indicates to federal decision-makers that ZIA and ZPA have undergone rigorous audits of critical security controls to protect the government’s most sensitive unclassified data in remote cloud computing environments. The company’s Zscaler Private Access™ (ZPA™), the other key component of the Zscaler Zero Trust Exchange platform, is also JAB High authorized, and along with ZIA, comprise the JAB High authorized Zscaler Zero Trust Exchange™ for federal customers. The certification confirms that ZIA can securely connect government users to external applications, including SaaS applications and internet destinations, regardless of device, location, or network, providing superior cyber and data protection for mission-critical government information. With both ZIA and ZPA now JAB-High authorized, agencies can resolve ongoing user experience and cost challenges associated with securing the explosive use of cloud-based applications. These challenges include continued poor user experience through VPNs, security risks from users who bypass VPNs leading to a lack of visibility and protection, and increased network usage costs associated with backhauling the growing volume of internet traffic flowing through the government's TIC. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE) – a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the Moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including zero trust, as well as met TIC 3.0 use cases. "This FedRAMP High authorization elevates Zscaler and our support of the US government as currently the only cloud security company with two FedRAMP High JAB authorizations in the market," said Drew Schnabel, Vice President of Federal at Zscaler. Federal agencies, DoD commands, and federal contractors can now take full advantage of the Zero Trust Exchange at the JAB High or Moderate level. Customers can align their security posture with their workload requirements and meet Executive Order 14028 zero trust goals at all levels available under the FedRAMP program. “Delivering zero trust and SASE through FedRAMP authorized platforms at the highest impact levels is crucial for the security of our nation's future. “Zscaler committed to our customers that we would deliver a comprehensive zero trust and SASE platform at the High and Moderate baseline levels. Today, we are proud to announce we have met that commitment. The Zscaler team continues to follow the guidance of Executive Order 14028, CISA’s TIC 3.0 and zero trust use cases, DOD/DISA’s National Defense Authorization Act, and our customers and partners. We are delivering FedRAMP High authorized cloud platforms, while helping agencies modernize and transform their legacy cybersecurity environments to cloud-based SASE and zero trust solutions.” Stephen Kovac, Chief Compliance Officer at Zscaler “FedRAMP High is a must-have for many federal agency deployments,” said Zeus Kerravala, Founder and Principal Analyst at ZK Research. “We see more and more CISOs and CIOs across state and local government, education, and the private sector recognizing the value of a third-party validated security assessment.” The Zero Trust Exchange is a cloud-native security platform that securely connects any user, device, and application, regardless of location. Following the principle of least-privileged access, the platform establishes trust through user identity and context – including location, device, application, and content – and then creates secure, direct connections based on policy enforcement. The platform supports IT federal mission transformation by reducing costs, eliminating the internet attack surface, and preventing lateral movement of threats while providing an excellent user experience. The Zscaler Zero Trust Exchange is powered by the world’s largest security cloud, with more than 10 years of operational excellence enabling the processing of more than 240 billion daily transactions and stopping over seven billion threats and policy violations per day for the largest, most demanding organizations around the globe. Today’s news builds on recent announcements including: Zscaler Private Access Achieves DoD Impact Level 5 (IL5) Zscaler is chosen to run a pilot program in support of Executive Order 14028 by the National Institute of Standards and Technology (NIST) Zscaler is First Zero Trust Remote Access Cloud Service to Achieve FedRAMP-High JAB Authorization ZIA™ receives Authorization to Operate (ATO) at the Moderate Impact level Zscaler is a Leader in the 2022 Gartner Magic Quadrant for Security Service Edge (SSE), following up 10 consecutive years as a Leader in the Gartner Magic Quadrant for Secure Web Gateway About FedRAMP FedRAMP is a government-wide program with input from numerous departments, agencies, and government groups. The program’s primary decision-making body is the Joint Authorization Board (JAB), comprised of the CIOs from DOD, DHS, and GSA. In addition to the JAB, other organizations such as OMB, the Federal CIO Council, NIST, DHS, and the FedRAMP Program Management Office (PMO) also play key roles in effectively running FedRAMP. Using a “do once, use many times” framework, the program ensures information systems/services used government-wide have adequate information security; eliminates duplication of effort and reduces risk management costs; and enables rapid and cost-effective procurement of information systems/services for federal agencies. About Zscaler Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Read More