DATA SECURITY

Cybersecurity expert Andrew Turner joins Booz Allen Hamilton to lead commercial customer secure digital transformations.

businesswire | December 23, 2020

Booz Allen Hamilton (NYSE: BAH) reported today that digital industry pioneer Andrew Turner has joined the firm as a chief VP and market technique pioneer in the association's worldwide business. Turner brings twenty years of network protection, danger insight, and corporate-flexibility experience to Booz Allen to assist customers with defeating their most basic digital difficulties in the midst of a dynamic danger climate. Turner joins Booz Allen from Fidelity National Information Services (FIS), where he filled in as boss security official, regulating corporate security, business versatility, and the organization's digital and character programs.

Turner brings broad experience and a firsthand comprehension of how online protection groups work. In a profession traversing various worldwide undertakings—basically engaged in the exceptionally controlled and profoundly focused on monetary administrations area—he has been liable for defending customers' most esteemed data and developed societies of change related to security. Turner assumed a basic job in making sure about three organizations as they traveled through multi-billion-dollar consolidations and acquisitions, effectively wedding dissimilar online protection frameworks on a worldwide scale while proceeding to develop at speed.

“Demonstrating to our clients that we understand their organizational needs and have walked in their shoes has been a cornerstone of our relationships and success. We are thrilled that Andrew will bring his C-level experience and perspective as a cybersecurity practitioner to our team,” said Bill Phelps, executive vice president and leader of Booz Allen’s global commercial cyber business. “As our clients continue to embark on ambitious digital transformation journeys, we know that a successful digital transformation must be done securely to produce the results it purports to deliver. With Andrew’s advanced skills, diverse background, and keen understanding of the client’s perspective, he will be an asset to Booz Allen as we continue to help clients defend against the most consequential cyber threats.”

Before joining FIS, Turner was boss security official at installment processor Worldpay (earlier Vantiv). There, he drove the organization's security capacities, managing all parts of corporate and data security while building up big business wide information arrangements and norms. Preceding FIS, he was the head of worldwide network safety at Visa. There, he drove the development of the organization's worldwide network safety program and was answerable for securing one of the world's biggest installment brands, which prepared more than $7 trillion in installment card exchanges yearly. Before Visa, Turner drove the digital insight work inside Microsoft's online protection program expanding on experience picked up from the get-go in his vocation supporting public security missions.

Turner has likewise served in an assortment of warning jobs, applying his digital mastery most as of late as an individual from an Advisory Board for the Bank of England's Operational Resilience board in the United Kingdom. In 2014, Turner was delegated by Virginia Governor Terry McAuliffe to serve on the Virginia Cyber Security Commission, distinguishing how the general population and private area can team up to reinforce Virginia's network protection industry.

“Technology is evolving rapidly, and with these positive innovations comes more sophisticated and complex cyber threats. Organizations must understand their vulnerabilities as they prepare for a new wave of industry advancements so they can reap the full benefits of digitization without putting valuable assets at risk,” said Turner. “As one of the world’s largest cybersecurity solution providers, Booz Allen is uniquely positioned to solve our clients’ toughest security challenges. I am eager to join such a strong team and support the needs of clients through transformative, industry-leading strategies.”

As leader VP at Booz Allen, Turner will answer to Bill Phelps. Under Phelps' authority, Booz Allen's U.S. business conveys profoundly considerable digital administrations for Fortune 500 and Global 2000 customers across numerous ventures. Booz Allen's profound mastery is procured through continuous digital activities, driving edge specialized developments, basic enormous scope occurrence reactions, and progressed digital danger knowledge.

About Booz Allen

For more than 100 years, business, government, and military leaders have turned to Booz Allen Hamilton to solve their most complex problems. As a consulting firm with experts in analytics, digital, engineering and cyber, we help organizations transform. We are a key partner on some of the most innovative programs for governments worldwide and trusted by the most sensitive agencies. We work shoulder to shoulder with clients, using a mission-first approach to choose the right strategy and technology to help them realize their vision. With global headquarters in McLean, Virginia, our firm employs about 27,200 people globally, and had revenue of $7.5 billion for the 12 months ended March 31, 2020.

Spotlight

We show you the type of attack, or rather the type of vulnerability, the component, and how many times it occurred. Here, the alert, again, while it shows you things like the resolution and the references, the path that it existed in, the method in which this was invoked, there's some actual cool stuff that we show here on the right hand side. We collect things like the method. In this case, it was a post. The confidence level, the evidence, but we also show you the request and response. Here you can see what the request header was, the request body, the response header, as well as the response body. Now from a developer's perspective, if they wanted to replay this, we provide this really nifty command, or rather curl command. When you click this, you actually get a curl command with the actual post url, as well as all the header parameters that were passed to it to be able to simulate this on your local development environment. This makes it very easy for the developer to be able to see what's going on.

Spotlight

We show you the type of attack, or rather the type of vulnerability, the component, and how many times it occurred. Here, the alert, again, while it shows you things like the resolution and the references, the path that it existed in, the method in which this was invoked, there's some actual cool stuff that we show here on the right hand side. We collect things like the method. In this case, it was a post. The confidence level, the evidence, but we also show you the request and response. Here you can see what the request header was, the request body, the response header, as well as the response body. Now from a developer's perspective, if they wanted to replay this, we provide this really nifty command, or rather curl command. When you click this, you actually get a curl command with the actual post url, as well as all the header parameters that were passed to it to be able to simulate this on your local development environment. This makes it very easy for the developer to be able to see what's going on.

Related News

SECURITY AUDIT AND COMPLIANCE, WIRELESS AND MOBILE SECURITY

Forescout Announces Launch of Forescout XDR

Forescout Technologies Inc. | March 02, 2023

On March 1, 2023, Forescout Technologies, a leading automated cybersecurity solutions provider, launched Forescout XDR to enhance enterprises' investigation, detection, and response capabilities against advanced threats across their extended enterprises. Currently, security operation centers (SOCs) are inundated with an average of 450 alerts per hour, and analysts often spend precious time correlating low-fidelity alerts and chasing false positives. Forescout XDR uses data science and automation to generate a single high-fidelity alert every hour from 50 million logs ingested, reducing the number of alerts that warrant further investigation and thus enabling analysts to focus on legitimate attacks. Forescout XDR is vendor- and EDR-agnostic and collects data from over 170 sources, including security, cloud/SaaS infrastructure and enrichment sources, as well as dozens of leading vendors. Forescout XDR contains over 70 threat information sources and 1500 confirmed detection rules and models. With data onboarding included, customers may become operational in hours, actively identifying, investigating, and responding to risks. SOCs till now have excluded critical devices that are increasingly common points of attack, such as industrial control systems (ICS), operational technology (OT), building management systems (BMS), and IoT and medical devices. Furthermore, the technological stack on which SecOps teams have been forced to rely has made it impossible to respond to these threats promptly and thoroughly. The technology integration with Forescout's network access control solution facilitates proactive prevention of attacks by reducing the attack surface through restriction of compromised or non-compliant devices from connecting to their networks and automating response workflows that can immediately touch every connected device throughout the enterprise. Thus helping reduce the blast radius of an attack in real-time, allowing proper mitigation or remediation measures to be completed. Forescout XDR includes a multi-tenant architecture and supports local data storage while also providing an aggregated global view of threats and SOC performance. It is ideal for large firms, global corporations, and organizations with regional managed security service providers (MSSPs) and SOCs. The SaaS licensing pricing model is based on the total amount of endpoints in the enterprise, offering customers the flexibility to leverage the data sources they need to support their use cases without concern for fluctuating costs associated with cloud log storage. About Forescout Technologies Inc. Forescout Technologies, Inc. protects the Enterprise of Things through comprehensive identification, segmentation, and enforcement of compliance with every connected device. The company's enterprise-class platform has been widely deployed across managed and unmanaged IT, IoT, and OT devices, making it a trusted choice for Fortune 1000 companies. Forescout provides organizations with the most extensive device intelligence in the world, enabling them to classify risks precisely, detect irregularities, and promptly remediate cyber threats without harming essential business assets.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Cloudflare Announces New Suite of Email Security and Data Protection Solutions

Cloudflare | January 12, 2023

On 11 Jan 2023, Cloudflare, Inc., a leading cybersecurity solutions provider focused on building a better internet, announced multiple new Zero Trust email security tools, compatible with any email provider. The solution prevents sensitive data exfiltration via email, guard employees against multichannel phishing attacks, and help businesses simplify and accelerate deployments. Cloudflare offers organizations simple and reliable phishing and malware protection that is deeply incorporated with its Zero Trust platform, helping organizations secure all their data and applications. “You can’t have a complete Zero Trust solution without securing email, given that a huge proportion of all cyberattacks begin with phishing,” stated the Co-Founder and CEO of Cloudflare, Matthew Prince. “In 2022, Cloudflare Area 1 identified and kept almost 2.3 billion unwanted messages out of customer inboxes. Today we’re filling a void in the marketplace that has been underinvested in for the last ten years, with the first set of deeply integrated solutions that bring together Cloudflare Area 1 email security and our Zero Trust platform,” he added. (Source: Businesswire) Email is one of the most pervasive and exploited tools used by businesses daily. According to the FBI’s most recent Internet Crime Report, email account compromise and business email compromise led to U.S. companies losing nearly US$ 2.4 billion. In addition, email is one of the most complex tools for businesses to secure, involving a massive drain on IT team resources, multiple vendors, and complex deployments. Cloudflare’s Zero Trust SASE platform will allow customers to deploy email security and data protection tools that are comprehensively linked with their current security stack and compatible with any email service provider. Cloudflare One offers a comprehensive Zero Trust SASE platform that is built into Cloudflare’s global network, which spans over 275 cities in over 100 countries. This deeply embedded approach makes it easy to set up in just a few clicks without switching email providers. With Cloudflare Area 1’s new solutions, companies can automatically isolate questionable email attachments and links, identify and prevent data leaks, and rapidly onboard new Microsoft 365 domains. About Cloudflare Headquartered in San Francisco, California, Cloudflare safeguards and speed up any Internet-based application without installing software, adding hardware, or modifying a single line of code. As a result, the company’s clients experience significant improvement in performance and a reduction in spam and other attacks. Founded in 2009, the organization ranks amongst the 50 most innovative companies worldwide by Fast Company, is acknowledged by the World Economic Forum as a Technology Pioneer, and has been named the Most Innovative Network & Internet Technology Company for two consecutive years by the Wall Street Journal.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More