CYBERUK19: GCHQ Ramps Up Intelligence Sharing with UK Firms

Infosecurity Magazine | April 25, 2019

CYBERUK19: GCHQ Ramps Up Intelligence Sharing with UK Firms
GCHQ boss Jeremy Fleming has revealed how the government listening post has improved its collaboration with UK businesses over the past year, to enable intelligence sharing within seconds. Fleming told an audience of IT security professionals at the government’s CYBERUK conference in Glasgow yesterday that the agency is sharing intelligence with banks to enable real-time customer alerts, as well as the wider business community. “In the last year we have made it simple for our analysts to share time critical, secret information in a matter of seconds. With just one click, this information is being shared and action is being taken,” he added. “In the coming year, we will continue to scale this capability so — whether it's indicators of a nation state cyber actor, details of malware used by cyber-criminals or credit cards being sold on the dark web — we will declassify this information and get it back to those who can act on it.” This is the result of the Industry100 initiative coordinated by GCHQ’s National Cyber Security Centre (NCSC). Fleming claimed it had been so successful that the project will be made permanent in the future.

Spotlight

The security of online services is a topic of increasing interest to enterprises as the number of third party hosted service offerings has expanded in recent years. The emergence of various “cloud computing” concepts and definitions has highlighted not only questions about data ownership and protection, but also how various vendors of cloud computing technologies build and implement their services

Related News

SOFTWARE SECURITY

Aimei Wei of Stellar Cyber is a Cyber Security Award Finalist.

businesswire | December 07, 2020

Heavenly Cyber, the main insightful cutting edge security activities stage fueled by Open XDR, declared today that its originator and SVP Engineering Aimei Wei was named a finalist for the Cyber Security Award for Woman of the Year. The Cyber Security Award is a global rivalry, and Aimei was named a finalist from among many ladies that submitted. The Cyber Security Awards were set up in 2014 to remunerate the best people, groups and organizations inside the network safety industry. An absolutely free occasion, the Cyber Security Awards isn't partnered with any magazines, associations, or items, so its appointed authorities settle on the entirety of their choices on legitimacy alone. Heavenly Cyber's examination, discovery and reaction stage gives investigators 360-degree perceivability over the whole assault surface through standardized and improved metadata from ANY source. It diminishes assault recognition time from days to continuous, permitting improved asset allotment for different undertakings. Pre-constructed detections improve investigator skillsets, empowering them to distinguish and react to complex dangers and making them unquestionably more profitable by drastically decreasing alarm weariness. It is likewise simple to utilize, fusing numerous local security abilities through a solitary comfort with an instinctive client experience, and empowers clients to nightfall independent apparatuses to diminish authorizing expenses and unpredictability. “Our solution helps security operations professionals stop, block and remediate cyberthreats wherever they occur, helping to eliminate alert fatigue and allowing them to be more productive with other projects as well as reducing the time hackers are in their environment,” said Aimei Wei, co-founder and EVP Engineering at Stellar Cyber. “I’m happy to have been named a finalist for this award.”

Read More

DATA SECURITY

Google Announces Cybersecurity Action Team to Support the Security Transformations of Public and Private Sector Organizations

Cybersecurity Action Team | October 13, 2021

Google announced the Google Cybersecurity Action Team. Made up of experts from across the company, the Google Cybersecurity Action Team will be the world's premier security advisory team with the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises and small businesses. To deliver on this mission, the Google Cybersecurity Action Team will provide: Strategic advisory services for customers' security strategies, including transformation workshops and educational content. This function will advise customers on the structure of their digital security transformation and provide program management and professional services support. Trust and compliance services that map our global compliance certifications to industry control frameworks, enabling customers to simplify their compliance journey. Security customer and solutions engineering that deliver proven blueprints and architectures for deploying Google Cloud products and services securely and in accordance with regulatory requirements, as well as comprehensive solutions for autonomic security operations, cyber resilience and more. Threat intelligence and incident response services, which include threat briefings, preparedness drills, incident support and rapid response engagements to stay on top of the evolving security landscape. The vision of this team is to guide customers through the cycle of security transformation - from their first transformation roadmap and implementation, through increasing their cyber-resilience preparedness for potential events and incidents, and engineering new solutions as requirements change. This effort will begin within Google Cloud, building on our close partnerships with organizations of all sizes, and will evolve to bring Google security to more organizations as it progresses. "Cybersecurity is at the top of every C-level and board agenda, given the increasing prominence of software supply chain exploits, ransomware, and other attacks. To address these unprecedented security challenges facing organizations in every industry today, we are announcing the creation of the Google Cybersecurity Action Team," said Thomas Kurian, CEO of Google Cloud. "The Google Cybersecurity Action Team is part of our ongoing commitment to be the best partner for our enterprise and government customers along their security transformation journey." Recent attacks like USAID, Colonial Pipeline, and Solarwinds all speak to a major shift in the needs of threat protection. In August, Google dedicated $10 billion over the next five years to strengthen cybersecurity, including expanding zero trust programs, securing software supply chain frameworks, enhancing open-source security and strengthening the digital security skills of the American workforce. The Google Cybersecurity Action team is one of our efforts under these commitments. "The Cybersecurity and Infrastructure Security Agency (CISA) recently established the Joint Cyber Defense Collaborative (JCDC). This initiative will unite government and private sector entities to enhance efforts to prevent and respond to malicious cyber activity against the nation's critical infrastructure," said CISA Director Jen Easterly. "It's great to see a large company like Google Cloud orient itself to support the cybersecurity of all organizations large and small through its Cybersecurity Action Team, and as part of the JCDC and other initiatives, we look forward to partnering with them and other tech companies in this vital effort." "Google Cloud has been a critical partner in the BBVA security journey, helping us protect our customers' sensitive and proprietary data with modern frameworks like zero trust and secure-by-default products like Google Workspace," said Alvaro Garrido, Chief Security Officer at BBVA. "We look forward to the strategic services and guidance the Google Cybersecurity Action Team will deliver as we continue on our security transformation." Under the Google Cybersecurity Action Team, Google Cloud will deliver full spectrum security and customer engineering solutions that will help organizations address business and security challenges. These will build on existing offerings like Autonomic Security Operations, which helps businesses transform their organization's Security Operations Center (SOC) and Web App and API Protection, which provides customers a comprehensive solution for protecting against modern internet threats. Today, Google Cloud announced a new security and resiliency framework that delivers customers a comprehensive security management program with cloud technologies that are aligned to the National Institute of Standards and Technology's Cybersecurity Framework. Additionally, Google also announced its new Work Safer offering, designed to help organizations, their employees, and partners collaborate and communicate securely and privately in today's hybrid work environment. It uniquely brings together the cloud-native, zero-trust solutions of Google Workspace with industry-leading solutions from across Google and its cybersecurity partners, CrowdStrike and Palo Alto Networks. Customers need a consistent approach to preparing for and defending against cybersecurity threats,Our comprehensive suite of security solutions delivered through our platform and amplified by the Google Cybersecurity Action Team will help protect organizations against adverse cyber events with capabilities that address industry frameworks and standards. Phil Venables, Vice President and Chief Information Security Officer at Google Cloud and founder of the Google Cybersecurity Action Team About Google Cloud Google Cloud accelerates organizations' ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Read More

DATA SECURITY

IronNet launches AWS Marketplace Premium Professional Services

prnewswire | December 09, 2020

IronNet Cybersecurity, an innovator in Network Detection and Response and Collective Defense, reported today that it is one of the principal Amazon Web Services (AWS) autonomous programming sellers to offer its expert administrations in AWS Marketplace. AWS clients would now be able to discover and buy Red Team, Hunt, and Security Advisory administrations from IronNet in AWS Marketplace, a curated computerized list of programming, information, and administrations that makes it simple to discover, test, purchase, and convey programming and information items that sudden spike in demand for AWS. IronNet offers AWS clients the capacity to handily cite and agreement benefits in AWS Marketplace that assist clients with surveying their cloud and organization security. Inside AWS Marketplace, AWS clients can likewise investigate IronNet's security arrangements, which help ensure undertakings against the most basic digital dangers focusing on enterprises today. As associations relocate to the cloud, they are searching for top tier security capacities and expert administrations, similar to those offered by IronNet. With proficient administrations from IronNet accessible in AWS Marketplace, clients have an improved method to buy and be charged for both programming and related administrations in a brought together spot. Clients can additionally smooth out their acquisition of programming with standard agreement terms to improve and quicken acquirement cycles. "IronNet is honored to participate in this launch and to offer our professional services through AWS Marketplace," said IronNet co-CEO Bill Welch. "Our team is dedicated to helping companies evaluate their overall cybersecurity posture and develop customized strategies to enhance their defenses with our Network Detection and Response and Collective Defense capabilities. We're pleased to be able to make it as easy as possible for AWS customers to obtain these critical services and software from one centralized location, in AWS Marketplace." About IronNet Cybersecurity Founded in 2014 by GEN (Ret.) Keith Alexander, the former Director of the National Security Agency and Founding Commander of United States Cyber Command, IronNet Cybersecurity is a global security leader that revolutionizes how organizations secure their networks by delivering the first-ever Collective Defense platform operating at scale. Employing a large number of former NSA and U.S. Cyber Command cybersecurity operators with offensive and defensive cyber experience in both the government and the private sector, IronNet integrates deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing enterprises today.

Read More

Spotlight

The security of online services is a topic of increasing interest to enterprises as the number of third party hosted service offerings has expanded in recent years. The emergence of various “cloud computing” concepts and definitions has highlighted not only questions about data ownership and protection, but also how various vendors of cloud computing technologies build and implement their services