DATA SECURITY

Cynalytica Delivers New Solution to Help Combat Cyber Threats to Maritime Navigation and Communication Systems

Cynalytica | September 20, 2021

Cynalytica Inc. announces its SerialGuard AnalytICS Platform now offers monitoring, deep packet inspection (DPI) support, and intrusion detection for legacy NMEA protocols. Its latest extension provides enhanced situational awareness and security to vulnerable maritime Industrial Control Systems (ICS) through NMEA-specific packet evaluations, analysis, and intrusion detection capabilities.

"In addition to the serious threats posed to their OT network, one of the maritime industry's biggest security challenges today is the protection of their navigation and communications systems from persistent cyber threats. Vessels are increasingly vulnerable to cyber attacks that can cause GPS interference and spoofing, AIS spoofing, bridge-to-bridge communications spoofing, and other communications jamming which can have catastrophic kinetic consequences," explains Richard Robinson, CEO of Cynalytica. "Distressingly, many of these navigation and communication instruments rely on NMEA 0183 serial protocols, which do not have authentication, encryption, or validation capabilities. They also lack a sufficient level of real-time visibility and data validation capabilities that would help detect such attacks. These security limitations make the NMEA-connected devices exceptionally susceptible to hackers, and the consequences could prove adverse."

With the SerialGuard® AnalytICS Platform, the maritime industry can now help address critical vulnerabilities within their NMEA-connected instruments and other serial-connected control systems simultaneously. The extended capabilities will provide maritime operators with an unprecedented level of visibility into NMEA-connected devices while empowering them to baseline communications, accurately monitor behavioral patterns, and create alert rulesets to detect cyber attacks and misconfigurations quickly."

Designed to protect serial-connected ICS, the SerialGuard® AnalytICS Platform is a fully-passive and fail-safe monitoring and intrusion detection system (IDS) that brings real-time visibility to high-risk assets. The platform consists of the SerialGuard® sensor that passively taps serial communications, combined with Cynalytica's AnalytICS Engine – a monitoring and intrusion detection system, and data validation tool that enables operators to baseline normal operations and create alert rulesets to detect anomalous behavior.

The SerialGuard AnalytICS Platform is easily deployed across most maritime industries including naval vessels, passenger ships, container ships, tankers, bulk carriers, ports, and many more.

About Cynalytica
Cynalytica, Inc. combines a diverse set of industry expertise with decades of applied research and development experience to deliver pioneering cybersecurity and machine analytics technologies that help protect critical national infrastructure, securely enable Industry 4.0 and help industries accelerate their digital transformation objectives.

Spotlight

Detect. Dig. Destroy. Learn how Fidelis Cybersecurity’s network and endpoint products relentlessly pursue attackers no matter how deep they are hiding in your environment.

Spotlight

Detect. Dig. Destroy. Learn how Fidelis Cybersecurity’s network and endpoint products relentlessly pursue attackers no matter how deep they are hiding in your environment.

Related News

SOFTWARE SECURITY

SafeBase Raises $18 Million Series A Round

SafeBase | March 14, 2022

SafeBase, Inc., a smart trust centre that streamlines the security assessment process for B2B SaaS companies, today announced that it has raised $18 million in a Series A round led by global venture capital firm New Enterprise Associates (NEA), with participation from Y Combinator and Comcast Ventures, the corporate venture capital arm of Comcast Corporation. SafeBase has over 100 customers, including Linkedin, Jamf, and Snyk, a cybersecurity firm. The funding will be used to expand the company and hire more employees. SafeBase is a smart trust centre that allows a company's security posture to be shared and critical document access to be automated. The SafeBase portal gives organizations "self-serve" access, enabling InfoSec teams to understand everything about a company's security programme, shortening the sales cycle and increasing client trust by providing total visibility. Enterprise adoption of new technologies has traditionally been hampered by security evaluations. As per a recent survey released by TechBeacon, cybersecurity investment would reach $174 billion in 2024, with 69 percent citing regulatory compliance as the key spending driver. Moreover, third-party breaches are growing more prevalent, with 80% of companies reporting at least one breach in the last year. Assessing overall security is critical when considering new corporate technology from a third-party vendor, but it can be a lengthy and time-consuming procedure. SafeBase is built to automate access and deliver security and compliance data for industry standards like GDPR, HIPAA, and SOC2. Hilarie Koplow-McAdams, Venture Partner, NEA said that "Security reviews are notorious for being disjointed and often complicated—which consequently leads to delayed sales cycles and implementations. SafeBase has developed a long-desired solution that streamlines and automates security reviews within a single platform, giving customers the confidence to make faster decisions for new technology. The product has already displayed impressive market traction and we're thrilled to partner with the SafeBase team as they continue to pioneer the future of vendor security for organizations globally." Al Yang, CEO, and Adar Arnon, CTO, founded SafeBase after meeting at Harvard and being accepted into Y Combinator's accelerator programme during the Pandemic. Adar served in the Israeli Defense Forces Unit 8200 before to Harvard, therefore the business has excellent engineering teams in both the United States and Israel. Al is a serial entrepreneur who has seen the agony and inefficiencies of vendor security evaluations firsthand. They're on a mission to make the world a better place by enabling organizations with strong security systems to earn a competitive advantage in the sales process. "At SafeBase, we want all companies, regardless of size or sector, to be able to easily communicate their security posture to the world. We're very proud that the investors at NEA share our vision and want to help us bring it to every company that's serious about building and maintaining trust with its customers." Al Yang, CEO of SafeBase SafeBase helps business development and sales teams to expedite security and compliance processes for businesses integrating third-party technology providers, in addition to security and compliance challenges in the sales process. From an organized, interactive dashboard, information security personnel may now view all the data of a company's security programme.

Read More

DATA SECURITY

Cyber Threat Intelligence to be Launched by TruKno for the 99%

TruKno | July 15, 2021

TruKno has announced a new Cyber Threat Intelligence SaaS subscription. The subscription aims at helping various organizations to reduce the risk of cyber threats by empowering their entire IT security staff with actionable, easy-to-use, and real-time cyber threat dashboards. Powered by digitization of commerce across the globe, growth of remote workers, the exponential rise of internet-connected devices, and surge in nation-state adversaries and well-financed organized cyber-crime groups, cybersecurity has become one of the main risks facing enterprises and organizations. New high-profile breaches have exposed that challengers are abusing zero-day or known susceptibilities to penetrate enterprise networks via aiming critical OT infrastructure, cryptojacking cloud environments, highly sophisticated supply chain attacks, etc. Solution of TruKno can be consumed as SaaS-based threat dashboards or via easy-to-use Application Programming Interfaces (APIs) that enable enterprises to directly integrate TruKno Threat Intelligence into their existing security and risk management technologies & workflows. Further, TruKno is vigorously building a system of ‘out of the box’ product combinations for SIEM (Splunk Enterprise Security, LogRhythm, etc.), IOC enrichment (VirusTotal is available today), and Susceptibility Management (Tenable, Qualys, etc.). About TruKno TruKno is the leading and the first platform built from the ground up to take Cyber Threat Intelligence to the grassroots. Based in Denver, TruKno provides actionable, easy-to-use, and real-time APIs and cyber threat dashboards to allow security teams to decrease the jeopardy of breach by effortlessly keeping up with the ever-dynamic cyber threat setting.

Read More

DATA SECURITY

Mayorkas to Announce the Largest Cybersecurity Hiring Initiative in DHS History

Mayorkas | July 06, 2021

Alejandro N. Mayorkas, Secretary of Homeland Security, has announced its onboarding of 300 cybersecurity professionals and an extension of other 500 tentative job offers in the Department’s largest cybersecurity hiring initiative in its history. This initiative is part of a 60-day Cybersecurity Workforce Sprint, aiming to build a more diverse and multi-talented cybersecurity workforce. According to Secretary Mayorkas, cyber threats and crimes are increasing, so we should prepare well to defend it by hiring more talents. In early May, Secretary Mayorkas set a goal to hire around 200 new cybersecurity personnel in the Department by July 1. The achievement of the Cybersecurity Workforce Sprint shows a strong wish by our country's highest cyber talent to bestow them to public service and support blocks some of the most compound trials we come across today. DHS is dedicated to confirming its staff represents the varied communities it assists. To this end, the Cybersecurity Workforce Sprint is stranded in diversity, equity, and inclusion most acceptable practices, and comprises targeted outreach to underserved communities. Secretary Mayorkas, this month, will also launch an Honors Program starting with an initiative to recruit recent graduates with degrees in cybersecurity-related arenas for a one-year specialized development program at DHS. Participants who productively complete this program will be qualified for enduring, full-time cybersecurity positions at the Department. Additionally, the Department's Cybersecurity and Infrastructure Security Agency (CISA) is mounting its K-12 initiative to nurture the next generation of diverse cybersecurity professionals. Secretary Mayorkas, in March, outlined his dream for the Department's cybersecurity urgencies during a virtual address hosted by RSA Conference in corporation with Hampton University and Girl Scouts of the USA. The Secretary highlighted a series of full sprints intended to raise existing work, eliminate roadblocks to development, and take off new initiatives and partnerships to attain DHS’s cybersecurity assignment and implement the Biden-Harris Administration's primary concern. The first sprint was concentrated on raising consciousness about the cumulative risk of ransomware.

Read More