Deloitte | July 12, 2022
To help organizations adopt zero trust more quickly and efficiently, Deloitte is launching a new managed service – Zero Trust Access— that offers a cloud-native approach to securing communications between users, on any device, and enterprise applications, wherever they may reside.
The Zero Trust concept commits to removing implicit trust within an information technology (IT) ecosystem and replacing it with a risk-based approach to accessing organizational resources across identities, workloads, data, networks and devices. This trend is gaining momentum, given legacy approaches to security architecture are no longer suitable to secure the ubiquitous nature of the modern enterprise.
Part of the newly expanded Zero Trust by Deloitte, Zero Trust Access facilitates zero trust adoption and the evolving needs of organizations in protecting their applications, infrastructure, and data. Following the integration of recently acquired talent and technology into existing Deloitte services, the Zero Trust Access managed service connects users to applications through a frictionless cloud-native solution that is inherently scalable, resilient, agile, and secure. Further, the managed service is available standalone, integrated with other Deloitte offerings, or as part of a broader solution leveraging technologies from Deloitte's alliances ecosystem.
"As perimeter-based approaches are no longer suitable to secure the modern enterprise, many organizations are working to enhance protection for their IT ecosystems via zero trust. "Zero Trust Access was built as a turnkey managed service helping ourselves and our clients accelerate adoption of this transformative security framework. Our goal was to create a cost-effective solution that can be delivered standalone or complementary to a broader ecosystem and ultimately help decrease the burden on IT and security teams who likely need to manage multiple heterogenous solutions to achieve similar outcomes."
Andrew Rafla, Deloitte Risk & Financial Advisory's zero trust offering leader and principal, Deloitte & Touche LLP
With innovative data protection leveraging device-level secure microcontainer technology, Zero Trust Access helps protect infrastructure while also enabling organizations to protect sensitive enterprise data and enforce least privilege through dynamic access control to enterprise assets. The managed service can replace remote access solutions inclusive of virtual private network (VPN), virtual desktop infrastructure (VDI), and desktop as a service (DaaS), all of which typically require significant capital expenditure for infrastructure, high operating costs, and technology management overhead.
Zero Trust Access includes features such as ephemeral connectivity built upon secure peer-to-peer (P2P) communication, conditional access and continuous authorization, as well as robust data protection for data at-rest, in-use, and in-transit are consistently applied to each session, regardless of the type or location of the applications being accessed (e.g., legacy hosted applications, software as a service (SaaS), thick-client, web-based applications). Implementation of Zero Trust Access can help organizations leverage outcome-based solutions that improve business agility, enhance user productivity, and reduce cost and complexity of security operations.
"Beginning zero trust adoption isn't simple, fast or easy for most organizations," Deborah Golden, Deloitte Risk & Financial Advisory Cyber and Strategic Risk leader and principal, Deloitte & Touche LLP. "We're launching Zero Trust Access as the first in many adoption-enabling services and solutions to come, so that our clients are better able to modernize their security programs, enable agile operations and confidently advance with emerging technologies and transformative risk management principles that can build more resilient security practices."
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world's most admired brands, including nearly 90% of the Fortune 500® and more than 7,000 private companies. Our people come together for the greater good and work across the industry sectors that drive and shape today's marketplace — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthier society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them.
Cerberus Sentinel | July 07, 2022
Cerberus Cyber Sentinel Corporation (NASDAQ: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., announced that it has completed the acquisition of CyberViking, a cybersecurity company based in Georgia and Oregon. Upon the closing of the transaction, CyberViking became a wholly owned subsidiary of Cerberus Sentinel.
CyberViking founder and cyber lead for the company is Carric Dooley. CyberViking specializes in application security services, incident response and threat hunting, and the creation and management of security operations centers. They have advised many Fortune 100 companies worldwide.
"With the addition of CyberViking, we take a next step in expanding our international reach as well as broadening our expertise for our cybersecurity healthcare and industrial controls systems customers. "Carric is an innovative thinker who is well respected by customers for solving and preparing for challenging cybersecurity threats. The team is the very embodiment of our commitment to a culture of security."
David Jemmett, founder and CEO, Cerberus Sentinel
"We are looking forward to helping shape a global strategy for incident response, as well as driving new capabilities in application security," said Dooley. "We believe in the development of the cybersecurity community and have actively participated as trainers and presenters at global conferences. Our two organizations share a vision in helping our customers rise above the cybersecurity challenges inherent in threats today and in the future, and to get them to a place where they can concentrate on growing their business."
About Cerberus Sentinel
Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.
DataBridge Sites | June 15, 2022
QuSecure, Inc., a pioneer in post-quantum cybersecurity (PQC), announced today a collaboration with DataBridge Sites, a cutting-edge data center provider that serves off-site business critical IT environments, to demonstrate its Quantum-as-a-Service (QaaS) orchestration platform QuProtect. QuProtect is the industry's first end-to-end post-quantum cybersecurity software-based solution that uses quantum secure channels to safeguard encrypted communications and data with quantum resilience.
As an outcome of the collaboration, QuProtect is the first and only PQC solution provided as a live service in a data center. Business, IT, and security executives may quickly learn more about a successful PQC implementation by offering an accessible and tangible example of advanced PQC at datacenters like DataBridge. According to Shor's algorithm, any quantum computer with sufficient power would ultimately overcome all present global encryption. As a result, in order to secure data and communications, all business and government bodies must update to quantum-resistant equipment. Furthermore, data stolen now can be decoded in the future by a quantum computer, thus major enterprises must begin the strategic and information collecting stages of transitioning their cybersecurity to assure quantum resilience. The QuSecure/Databridge collaboration offers a technique for demonstrating quantum resilience.
“Our team is very excited to now be home to the QuSecure environment, which is the first PQC software that is currently live in a data center. Our company sees the quantum computing industry as a rapid growth area that can be used widespread through the commercial and federal marketplace. QuSecure’s unique offering will add to our ecosystem of service providers for clients to utilize.”
Mike Lozupone, DataBridge Sites director of business development
He further added, “DataBridge sees this partnership as being mutually beneficial, and we feel fortunate to work with companies like QuSecure as their business continues to grow. We expect new customers to be driven to our facility to benefit from the combination of QuSecure’s quantum security offerings and the infrastructure scale and physical security provided by DataBridge Sites.”
QuProtect delivers quantum-resistant cryptography at any time, on any device. QuProtect employs an end-to-end, quantum-security-as-a-service (QSaaS) architecture that addresses the most vulnerable aspects of the digital ecosystem by combining zero-trust, next-generation post-quantum cryptography, quantum-strength keys, high availability, simple deployment, and active defense into a detailed and coherent cybersecurity suite. The end-to-end method is built around the full data lifecycle, including data storage, communication, and consumption.
Skip Sanzeri, QuSecure Founder and COO said that “DataBridge is a world-class organization, and we are pleased to partner with them to provide the first instance of post-quantum cybersecurity available in a data center. The quantum threat, or Q-Day, is coming at us rapidly, and in May the White House published two initiatives to actively build U.S. quantum computing and post-quantum cybersecurity programs. Our partnership with DataBridge is another big step along the way to National Security in line with the White House memos.”
QuProtect is the most sophisticated PQC solution in the market, offering quantum-resilience for many of today's key use cases such as network, IoT, edge devices, and satellite communications. QuProtect may be hosted on-premises or in the cloud, giving the most suitable solution to the post-quantum dilemma and addressing today's complicated compliance concerns, such as BYOD and work-from-home regulations. PQC can be implemented across all network devices with minimum interruption to existing systems, defending against present and future quantum assaults that might irrevocably destroy industries and infrastructures in the government and commercial sectors.