Federal government launches cybersecurity certification program for SMBs

IT World Canada | August 12, 2019

The federal government on Monday launched the long-awaited cybersecurity certification for small and mid-sized businesses in hopes of increasing the attention SMBs pay to cybersecurity as well as increasing the confidence of online shoppers who buy from Canadian sites. The CyberSecure Canada program allows organizations to prove to a certification body approved by the Standards Council of Canada that they meet certain minimum standards. Those that pass are entitled to use a logo on websites and promotional material attesting that they have met the standard. They will also be listed in a searchable registry available for consumers and partners. The program is tailored specifically for SMBs (up to 499 employees) because they have fewer IT resources, and they account for a significant number of data breaches. According to StaySafeOnline.org, which is overseen by Public Saftey Canada, 71 per cent of data breaches happen to small businesses. It figures nearly half of all Canadian small businesses have been the victim of a cyberattack.

Spotlight

Cyber attacks, data breaches, and vulnerabilities have gone from esoteric ideas to a mainstream problem. With that in mind, it would be quite attractive to predict attacks before they happen. Prediction could allow us to adjust defenses rather than perform expensive and reactive incident response which can include everything from deep forensics to throwing out millions of dollars worth of equipment. And not to mention massive reputation repair campaigns.

Spotlight

Cyber attacks, data breaches, and vulnerabilities have gone from esoteric ideas to a mainstream problem. With that in mind, it would be quite attractive to predict attacks before they happen. Prediction could allow us to adjust defenses rather than perform expensive and reactive incident response which can include everything from deep forensics to throwing out millions of dollars worth of equipment. And not to mention massive reputation repair campaigns.

Related News

SOFTWARE SECURITY

McAfee and Telstra Partner to Bring Privacy, Identity and Security Solutions to Customers Across Australia

McAfee | July 11, 2022

Today, McAfee Corp., a global leader in online protection, announced a multi-year partnership with Telstra, Australia’s leading telecommunications and technology company, to deliver comprehensive protection to safeguard the privacy and identity of consumers across activities, devices, and locations. The partnership will grant new and existing Telstra customers easy access to McAfee’s leading security solutions to deliver holistic security and privacy protection through its integrated suite of services including Antivirus, Parental Controls, Identity Protection, Secure VPN and more, to protect and secure multiple devices including mobiles, PCs and laptops. “A recent McAfee study found 27% of Australians surveyed reported attempted account theft and 23% had experienced financial account information leaks. “As the proliferation of life online accelerates, we are thrilled to be partnering with Telstra who are showing through this collaboration, a commitment to innovation and to their customers by investing in new infrastructure and technologies that safeguard their mobile and broadband subscribers.” Pedro Gutierrez, Senior Vice President of Global Sales and Operations at McAfee McAfee’s integrated consumer security platform offers a wide array of mobile security solutions to protect customers’ privacy and identity while blocking viruses, malware, spyware, and ransomware attacks. This partnership allows Telstra’s customers to take advantage of these capabilities and protect themselves from additional threats including potential hacks, identity theft and broader gaps in online and mobile security so they can live life confidently online. “In today’s increasingly connected world the risk of cyber threats continues to grow. To counter the risk, Telstra is committed to providing our customers with the safety and security features needed to protect them online,” said Matthew O’Brien, Cyber Security Executive and Group Owner at Telstra. “This partnership with McAfee helps drive our mission to build a safe and secure connected future where everyone can thrive, and further complements Telstra’s T25 ambition to extend our network leadership position by delivering greater value to our customers.” To activate Device Security, Telstra customers can simply go in-store, online or to their MyTelstra app. The full suite of McAfee features supported include Antivirus/System Scan, Safe Browsing, Protection Center, Identity Protection, Password Manager, Parental Controls, Protection Score and Secure VPN. All eligible Telstra customers can try Device Security for three months on Telstra, then auto-roll onto $10/month after. About McAfee McAfee Corp. is a global leader in online protection. Focused on protecting people, not just devices, McAfee’s solutions adapt to users’ needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protect their families and communities with the right security at the right moment.

Read More

PLATFORM SECURITY

Vectra Becomes AWS Security Competency Partner

Vectra | June 30, 2022

Vectra AI, a pioneer in threat detection and response, said today that it has been an Amazon Web Services (AWS) Security Competency Partner, proving its technical knowledge and demonstrated customer success when it comes to further protecting AWS environments. The competence designation acknowledges Vectra's strong cloud security experience and proven technology, which assists clients in further enhancing their security measures across hybrid architectures and cloud environments. Vectra's AWS Security Competency distinguishes it as an AWS Partner Network (APN) member that delivers specialized threat detection technologies to assist organizations in adopting, developing, and deploying complex security projects on AWS. To be eligible for this distinction, APN members must have extensive AWS knowledge and be able to offer solutions on AWS effortlessly. Vectra earned AWS Security Competency accreditation after a thorough qualification process based on references and customer feedback. "Becoming an AWS Security Competency Partner is an exciting milestone for Vectra and for many of our customers who leverage AWS as a critical component in their everyday operations. Solving threat detection and response challenges for our customers is top priority and this competency further validates our ability to do that in the cloud and wherever organizations choose to configure their environments." Michael Porat, Vectra SVP, Corporate and Business Development "We are an AWS shop. Using AWS VPC Traffic Mirroring, Vectra gives us full visibility into our Nitro-based instances," said Mirza Baig, IT Security Manager at Municipal Property Assessment Corporation (MPAC). To monitor all infrastructure-as-a-service traffic, the Vectra platform interfaces with AWS Virtual Private Cloud (VPC) traffic mirroring. It also integrates with AWS Security Hub to publish Vectra detections as findings, enabling security teams to correlate Vectra attacker detections with other data sources for faster threat hunting and incident investigations. "Achieving the AWS Security Competency validates Vectra for its technical expertise and ability by enabling customers to further secure their journey through the different stages of cloud adoption—from migration through day-to-day management," said Dudi Matot, Security Segment Lead at AWS.

Read More

SOFTWARE SECURITY

Syscoin Launches Network Rollup Facility

Syscoin | June 13, 2022

Syscoin, a cutting-edge base layer protocol that incorporates the composability of Ethereum-style smart contracts with the Bitcoin Network's industry-leading security, announced today the upcoming release of Rollux, a suite of developer-ready scaling solutions for developing decentralized applications at the speed of Web2 architectures. “At Syscoin, we are constantly improving the architecture of our platform to offer the most capable solution for developers who want to build with Bitcoin’s security, Ethereum’s flexibility, and, beginning today, Syscoin’s own scaling solutions. The launch of our in-house Layer 2 rollup suite marks a major milestone in the evolution of the Syscoin Network toward being the ultimate foundation for applications aimed at individuals, global enterprises and even governments around the world.” Jag Sidhu, Syscoin Foundation’s lead developer and president Moreover, Syscoin uses its unique Proof-of-Data-Availability (PoDA) breakthrough with Rollux to secure accessible off-chain data for rollups. Apart from Ethereum, Syscoin will be one of the first chains to host optimistic rollups and the only one to use Bitcoin's gold-standard proof-of-work hashing for its own security. As Ethereum evolves toward a proof-of-stake consensus paradigm, this difference will become more relevant. Syscoin's development plan is divided into three segments. The first phase concluded in December with the release of Syscoin's Network-Enabled Virtual Machine (NEVM). Syscoin's NEVM parallel Layer 1 chain allows developers to construct Ethereum-compatible, smart-contract-based decentralized apps on the Syscoin Network. Rollux is Syscoin's in-house Layer 2 rollup suite and marks the next step in the company's evolution. Rollux will provide scaling solutions to applications that use the Syscoin Platform foundation layer in order to provide decentralized services at Web2-like speeds. Furthermore, the Rollux suite will be a comprehensive Layer 2 solution that covers the full range of scaling methods. Rollux will first provide Optimistic rollouts before extending to include ZK rollups when they become practicable. When it is released, Rollux's optimistic rollup utility will use modular scaling technologies to provide the most efficient, cost-effective, scalable, and secure Layer 2 available. Syscoin will unleash performance and scalability 50 times that of existing Layer 2s and 5000 times that of the Ethereum mainnet with direct EVM counterparts like Arbitrum's Nitro and Optimism's Cannon. This powerful platform will continue to progress the sector for many years to come, ultimately ushering in stateless Layer 2 systems that offer a significant advancement in scalability and security. Syscoin Rollux will represent the cutting edge of scaling technology for Solidity-based smart contracts, with Layer 2 scaling coupled to Bitcoin's security standard. Moreover, since the smart contract layer is entirely EVM-compatible, it will be straightforward to onboard applications from Ethereum that want to add Bitcoin's security at scale. Finally, since the non-profit Syscoin Foundation is releasing the Rollux suite, the project will avoid charging excessive fees and using token schemes that add friction and costs to consumers.

Read More