EU Parliament Approves Controversial Copyright Law

Infosecurity Magazine | March 27, 2019

The European Parliament approved major new changes to EU-wide copyright laws which critics claim could lead to de facto mass censorship of online content. Tech giants like Google and Amazon have been mobilizing their users for months to protest ahead of the vote, but in the end the Copyright in the Digital Single Market directive was voted in by 348 MEPs to 274. Most controversial is Article 13, which requires sites and internet platforms to filter any user-generated content that is being uploaded without permission, or else be held liable for infringement. Although they already scan for unlicensed content, this will put a greater liability on such sites for doing so. While artists have claimed that the new law will help protect their content from infringement, advocates of internet freedom argue that it could amount to backdoor censorship of the web — although memes and use of copyrighted content for parody are excluded.

Spotlight

We've witnessed companies across industries suffer serious reputational and financial damage due to legal and regulatory compliance failures. Most had what they considered reasonable compliance processes, but somehow they didn't work. More and more corporate resources are spent on compliance, with greater attention in the Csuite and board room, but still concern lingers - and justifiably so.

Spotlight

We've witnessed companies across industries suffer serious reputational and financial damage due to legal and regulatory compliance failures. Most had what they considered reasonable compliance processes, but somehow they didn't work. More and more corporate resources are spent on compliance, with greater attention in the Csuite and board room, but still concern lingers - and justifiably so.

Related News

PLATFORM SECURITY

Axonius Adds Key Integrations with AWS

Axonius | July 25, 2022

Axonius, a cybersecurity asset management provider, today announced integrations with Amazon Macie, Amazon GuardDuty, and AWS SecurityHub while extending its Amazon Inspector functionality. These new integrations will help customers to better understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure. By connecting to both AWS first-party and ISV-third party security solutions, Axonius provides comprehensive visibility and management of assets across AWS cloud, multi-cloud, and on-premises. The latest integrations provide the following capabilities: Identify Exposed Amazon S3 Buckets: Axonius fetches findings from Amazon Macie to help customers identify exposed Amazon S3 buckets to maintain data integrity and compliance. Detecting Malicious Activity & Compromised Security Controls: By integrating with Amazon GuardDuty, Axonius helps customers detect malicious activity to protect AWS accounts, workloads, and data and help them understand which assets have compensating security controls. Helping Meet Security Best Practices: With insights from AWS SecurityHub, customers can compare against correlated data to verify whether assets that don't meet best practice standards have a compensating security control. Comprehensive View of Cloud Security Posture: Axonius delivers a complete inventory of assets from more than 450 correlated data sources giving customers a comprehensive view of their cloud security, including vulnerability data from Amazon Inspector. "As companies continue to shift workloads to the cloud, they're also increasingly leveraging cloud provider-native security service offerings. "Yet customers are still exhausted by the highly-manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius and AWS, customers finally have a unified view of their assets while dramatically strengthening their security posture." Mark Daggett, Vice President of Worldwide Channels and Alliances at Axonius About Axonius Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps, and automatically validates and enforces policies. Deployed in minutes, the Axonius cyber asset attack surface management (CAASM) solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions, and informing business-level strategy. Cited as one of the fastest growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of devices for customers around the world.

Read More

PLATFORM SECURITY

Zscaler Achieves Zero Trust Security-as-a-Service FedRAMP High Authorization

Zscaler | August 02, 2022

Zscaler, Inc., the leader in cloud security, today announced that Zscaler Internet Access™ (ZIA™) achieved Federal Risk and Authorization Management Program (FedRAMP) High Authority to Operate from the FedRAMP Joint Authorization Board (JAB). This federal government certification enables ZIA to meet civilian agencies’ high security requirements, as well as those of the Department of Defense (DoD) and other intelligence organizations. ZIA is currently the only Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution that has achieved FedRAMP’s highest authorization. FedRAMP High authorization indicates to federal decision-makers that ZIA and ZPA have undergone rigorous audits of critical security controls to protect the government’s most sensitive unclassified data in remote cloud computing environments. The company’s Zscaler Private Access™ (ZPA™), the other key component of the Zscaler Zero Trust Exchange platform, is also JAB High authorized, and along with ZIA, comprise the JAB High authorized Zscaler Zero Trust Exchange™ for federal customers. The certification confirms that ZIA can securely connect government users to external applications, including SaaS applications and internet destinations, regardless of device, location, or network, providing superior cyber and data protection for mission-critical government information. With both ZIA and ZPA now JAB-High authorized, agencies can resolve ongoing user experience and cost challenges associated with securing the explosive use of cloud-based applications. These challenges include continued poor user experience through VPNs, security risks from users who bypass VPNs leading to a lack of visibility and protection, and increased network usage costs associated with backhauling the growing volume of internet traffic flowing through the government's TIC. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE) – a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the Moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including zero trust, as well as met TIC 3.0 use cases. "This FedRAMP High authorization elevates Zscaler and our support of the US government as currently the only cloud security company with two FedRAMP High JAB authorizations in the market," said Drew Schnabel, Vice President of Federal at Zscaler. Federal agencies, DoD commands, and federal contractors can now take full advantage of the Zero Trust Exchange at the JAB High or Moderate level. Customers can align their security posture with their workload requirements and meet Executive Order 14028 zero trust goals at all levels available under the FedRAMP program. “Delivering zero trust and SASE through FedRAMP authorized platforms at the highest impact levels is crucial for the security of our nation's future. “Zscaler committed to our customers that we would deliver a comprehensive zero trust and SASE platform at the High and Moderate baseline levels. Today, we are proud to announce we have met that commitment. The Zscaler team continues to follow the guidance of Executive Order 14028, CISA’s TIC 3.0 and zero trust use cases, DOD/DISA’s National Defense Authorization Act, and our customers and partners. We are delivering FedRAMP High authorized cloud platforms, while helping agencies modernize and transform their legacy cybersecurity environments to cloud-based SASE and zero trust solutions.” Stephen Kovac, Chief Compliance Officer at Zscaler “FedRAMP High is a must-have for many federal agency deployments,” said Zeus Kerravala, Founder and Principal Analyst at ZK Research. “We see more and more CISOs and CIOs across state and local government, education, and the private sector recognizing the value of a third-party validated security assessment.” The Zero Trust Exchange is a cloud-native security platform that securely connects any user, device, and application, regardless of location. Following the principle of least-privileged access, the platform establishes trust through user identity and context – including location, device, application, and content – and then creates secure, direct connections based on policy enforcement. The platform supports IT federal mission transformation by reducing costs, eliminating the internet attack surface, and preventing lateral movement of threats while providing an excellent user experience. The Zscaler Zero Trust Exchange is powered by the world’s largest security cloud, with more than 10 years of operational excellence enabling the processing of more than 240 billion daily transactions and stopping over seven billion threats and policy violations per day for the largest, most demanding organizations around the globe. Today’s news builds on recent announcements including: Zscaler Private Access Achieves DoD Impact Level 5 (IL5) Zscaler is chosen to run a pilot program in support of Executive Order 14028 by the National Institute of Standards and Technology (NIST) Zscaler is First Zero Trust Remote Access Cloud Service to Achieve FedRAMP-High JAB Authorization ZIA™ receives Authorization to Operate (ATO) at the Moderate Impact level Zscaler is a Leader in the 2022 Gartner Magic Quadrant for Security Service Edge (SSE), following up 10 consecutive years as a Leader in the Gartner Magic Quadrant for Secure Web Gateway About FedRAMP FedRAMP is a government-wide program with input from numerous departments, agencies, and government groups. The program’s primary decision-making body is the Joint Authorization Board (JAB), comprised of the CIOs from DOD, DHS, and GSA. In addition to the JAB, other organizations such as OMB, the Federal CIO Council, NIST, DHS, and the FedRAMP Program Management Office (PMO) also play key roles in effectively running FedRAMP. Using a “do once, use many times” framework, the program ensures information systems/services used government-wide have adequate information security; eliminates duplication of effort and reduces risk management costs; and enables rapid and cost-effective procurement of information systems/services for federal agencies. About Zscaler Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Read More

PLATFORM SECURITY

Cyber Security Innovator Coro Launches Incubiz, a Unique Incubator Program to Discover and Develop the Next-Generation of Cyber Security Entrepreneurs

Coro | July 28, 2022

Coro, the all-in-one cyber security platform for mid-market organizations, growing businesses, and lean IT teams, today announced the launch of its unique Incubiz program. This program is designed to help entrepreneurs build and grow a successful business in one of the hottest markets today - cyber security - with zero risk, upfront costs, or experience needed. Incubiz will debut in Chicago, Illinois, the location of Coro’s newest U.S. office. Small businesses account for 99.6% of Illinois' private enterprise, making them a vital part of the state's economy. Additionally, Illinois is the 7th largest tech employer in the country, employing over 318 thousand people. According to Zoominfo, Chicago and the surrounding suburbs are home to about 219,000 small to mid sized businesses and more than 4,000 mid-market companies. It is also one of the hottest startup markets in the U.S. With more than six thousand technology companies and 378 startups founded in the city in the past five years, these companies are all vying for cybersecurity help, making Chicago the perfect hub for the next step in Coro’s growth. Driven by a robust talent pipeline, the state of Illinois is on the way to achieving Tier-1 tech hub status. In 2021, it had the fourth largest increase in technology job postings, and only three states added more tech jobs than Illinois over the past decade. But with the state’s employment opportunities shifting away from manufacturing and toward service- and knowledge-based work, many medium-wage jobs have been eliminated and many workers do not have the skills or education to attain higher-wage employment. A recent Illinois Future of Work report found that there is a need to create “stronger on-ramps for high wage jobs” in the state, citing that not having a bachelor’s degree is holding many back from being considered for higher-earning positions. This is further polarizing the job market, given that only 35.5% of Illinois adults have a bachelor’s degree. In support of the state’s drive to make higher-earning jobs available for more workers, to build off Chicago’s tech momentum, and to close the cyber security skills gap our nation is facing, Coro has created an innovative, one-of-a-kind program to provide job opportunities in one of the hottest markets today, without any prior cyber security experience or college education. The Incubiz program is open to entrepreneurs looking to start a cyber security business, buy into a franchise, or start a managed service provider/managed security service provider (MSP/MSSP) that provides outsourced security monitoring and management. Incubiz provides the potential for employees to achieve higher earnings without the prerequisite of many similar job openings. Individuals accepted into Coro’s 18-month Incubiz program will be provided with the training, support, and infrastructure needed to build a valuable skill set and ultimately launch their own cyber security business. Not only are there no costs to participants, they will be paid a competitive salary as a Coro Authorized Security Consultant. Upon completion of the program, participants will be able to operate independently, but with access to continued support and residual income from any customers brought in during the incubation period. “Coro’s mission is to continually innovate and develop the best cyber security tools possible. We’re excited to offer our expertise and resources to help the next generation of cyber entrepreneurs through our new Incubiz program. “The Illinois job market is at a crossroad, and this program is a great opportunity for workers to attain a higher-paying job without needing a predefined skillset or degree. Chicago is the perfect market to launch IncuBiz, and we are eager to add to the city’s flourishing tech scene and offer more equitable employment opportunities within the state.” Jim Tarantino, Chief Revenue Officer at Coro Coro developed its powerful cyber security platform to address the noticeable cyber security gaps in the mid-market and SMB segments, making enterprise-grade security accessible to any business at a fraction of the cost of other solutions. Coro is one of the fastest growing cyber security companies today and has seen significant momentum with 300% year-over-year growth for each of the past three years and into 2022. Earlier this year, Coro announced $80M in funding and a rapid expansion in the Chicago market. About Coro Coro is one of the fastest growing security solutions for the mid-market, providing all-in-one protection that empowers organizations to defend against malware, ransomware, phishing, and bots across devices, users, and cloud applications. More than 5,000 businesses depend on Coro for holistic security protection, unrivaled ease of use, and unmatched affordability. Built on the principle of non-disruptive security, the Coro platform employs innovative AI technology to identify and remediate the many security threats that today's distributed businesses face, without IT teams having to worry, investigate, or fix issues themselves. Investors in Coro include Balderton Capital, JVP, MizMaa Ventures, and Ashton Kutcher’s Sound Ventures.

Read More