Home > News > featured news > GuidePoint Security Launches Industrial Control Systems (ICS) Security Service Offerings

Data Security, Platform Security, Software Security

GuidePoint Security Launches Industrial Control Systems (ICS) Security Service Offerings

GuidePoint Security | September 28, 2022 | Read time : 02:50 min

GuidePoint Security Launches Industrial Control Systems
GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its ICS Security Services. These service offerings include a Security Program Review, Security Architecture Review and ICS Penetration Testing that collectively are designed to provide an organization with a holistic view of their entire ICS security posture.

Traditionally, Operational Technology (OT) environments were kept separate and isolated from the traditional IT infrastructure. Today, ICS environments have emerged from the combination of IT and OT (Industry 4.0), introducing new features and easier management, but also creating new vulnerabilities and attack vectors. For example, an OT environment can be breached by an attack that comes through the IT environment. With GuidePoint’s ICS Security Services, organizations can ensure they have visibility across not only their OT environment, but also their broader organization.

“The convergence of OT and traditional IT infrastructure into ICS environments has led to easier operational oversight, but it also introduces new avenues for attackers to exploit,” said Pascal Ackerman, Sr. Security Consultant - Operational Technology. “Through the combined expertise of our Governance, Risk and Compliance, Security Architecture, and ICS penetration testing practices, we can provide customers with an assessment of their entire ICS security posture, evaluating every angle of their environment.”

GuidePoint’s ICS Security Service offerings include:

  • Security Program Review (SPR): The SPR evaluates and measures an organization’s security program maturity and is based on the framework chosen by the customer, including, but not limited to: NIST Cybersecurity Framework (CSF), NIST 800 82, CIS Controls, ISO/IEC 62443, ISO 27001, C2M2, FERC/NERC-CIP, CISA TSS and ITU CIIP. With GuidePoint’s SPR offering, organizations can better assess their security program and its maturity level, and build or enhance their existing program to ensure it is right-sized to their unique requirements.
  • ICS Security Architecture Review (SAR): The SAR evaluates an organization’s security capabilities to ensure deployed technologies are aligned with relevant compliance requirements. GuidePoint’s team of experts provides industry-recommended enhancements to an organization’s existing solutions as well as recommendations for new controls to augment and further mature security practices.
  • ICS Penetration Testing: This service goes beyond a typical OT pentest by combining best-in-class IT and OT pentesting methodologies to form a holistic offering that will assess all security aspects of the production environment. Organizations gain real-life, actionable results based on proven ICS (IT and OT) penetration testing methods and techniques.

These ICS Security Services round out a complete portfolio of cyber-focused Governance, Risk and Compliance offerings, Security Architecture Reviews, as well as Threat and Attack Simulation Services, to ensure the security of customers’ environments.

About GuidePoint Security
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk.

Spotlight

Building the Business Case for Quantifying Cyber Risk

It's the cybersecurity question every executive and board member wants — and needs — to have answered: How much will it cost if a cybersecurity risk materializes and causes a breach? Provide the answer with confidence by tying cyber threats to business impact using cyber risk quantification. Cyber risk quantification is a powerf

More featured news

Spotlight

Building the Business Case for Quantifying Cyber Risk

It's the cybersecurity question every executive and board member wants — and needs — to have answered: How much will it cost if a cybersecurity risk materializes and causes a breach? Provide the answer with confidence by tying cyber threats to business impact using cyber risk quantification. Cyber risk quantification is a powerf

Related News

Data Security, Platform Security, Software Security

Skyhigh Security Enables Secure Use of AI Applications with Leading Data Protection Technology

Businesswire | June 29, 2023

Skyhigh Security today announced it’s enabling organizations to adopt artificial intelligence applications in a secure manner that protects sensitive, confidential, and business critical information through its leading Security Service Edge (SSE) portfolio. Skyhigh Security’s technology protects data and stops threats in the cloud across all websites, Software-as-a-Service (SaaS) applications, Infrastructure-as-a-Service (IaaS) environments and Shadow IT, from a single, cloud-native enforcement point. Skyhigh Security’s purpose-built SSE platform is future-proofed with advanced data protection controls that directly apply to AI apps to protect customers’ business critical data. The same controls will apply to all new and emerging cloud applications in the future to protect against the risks of data loss. Skyhigh Security also delivers the largest and most accurate cloud registry of over 40K+ cloud services, based on a detailed security assessment across more than 75 objective criteria. The Skyhigh Cloud Registry quickly identifies new generative AI apps and the corresponding risk level for each app. According to Skyhigh Security’s global telemetry data from the first half of 2023, close to a million of its users have accessed ChatGPT through corporate infrastructures. The volume of users has increased by 1500 percent from January to June, demonstrating the unprecedented momentum and adoption of generative AI applications across organizations and industries. Because of the risks associated with ChatGPT and similar AI applications, many organizations are seeking ways to ensure data is protected while allowing for productive use of the technology. “Securing corporate data in SaaS applications, like ChatGPT and other generative AI applications, is what Skyhigh Security was built to do,” said Anand Ramanathan, chief product officer, Skyhigh Security. “We currently track more than 500 different AI cloud service providers as part of our registry—a 130 percent increase since January. Through the Skyhigh SSE portfolio, organizations already enjoy granular visibility and control of these apps, protect sensitive data, and meet compliance regulations such as PCIDSS, HIPAA, and GDPR, all in one comprehensive solution. We ensure our customers have the appropriate guardrails in place.” “Skyhigh Security is paving the way forward for organizations to drive productivity and innovation by adopting AI technologies, while reducing risk and protecting critical business data,” said Dan Meacham, CISO, Legendary Entertainment. “At Legendary Entertainment, we use the Skyhigh Cloud Platform to help us monitor our generative AI traffic and prevent inadvertent uploads of regulated data, such as PII or trade secrets, or downloads of fake or malicious apps. It provides crucial insight into the corresponding risk levels of workflows pertaining to different AI tools and applications, along with the amount of data being posted within them. This visibility is essential for us to accelerate business productivity, while ensuring our risk is efficiently mitigated.” The Skyhigh SSE portfolio includes Skyhigh Cloud Access Security Broker (CASB), Skyhigh Secure Web Gateway (SWG), Skyhigh Private Access and other products, integrated into its comprehensive Skyhigh Cloud Platform, with Data Loss Prevention (DLP) as a core capability. Through its CASB for Shadow IT and SWG capabilities, it provides advanced data protection for organizations that allows the use of AI applications, including: Visibility into AI applications in use, as well as their corresponding risk levels. With insights into usage trends, businesses can exercise greater control over their data. Control over the amount of data uploads/in posts, lowering the risk of unintentional access to sensitive data. Flexibility in giving access to AI applications. Block complete access to AI applications for all users or simply block just risky/specific AI applications.Restrict AI applications used within your organization by providing access only to users with a business justification. Improved security awareness across the organization by coaching users on the risks of utilizing AI applications. Add pop ups whenever users access these sites, which direct them to not input any sensitive info in the application and note that it will be monitored by DLP. Reduced risk by automatically disabling and deleting the conversation history within AI applications, like ChatGPT, so that corporate data cannot be used to train the system. Prevent copy/paste of sensitive content into AI applications, like ChatGPT, by leveraging Skyhigh Security’s Web Isolation capabilities. Protect sensitive data from being uploaded to AI applications like ChatGPT. Apply DLP policies to block sensitive data from being posted, including social security numbers, bank account numbers, proprietary IP such as source code, employee and customer names. On July 11 and 13, Skyhigh Security will host a special webinar titled, ChatGPT and AI: Embrace It or Fear It, with Skyhigh Security’s Cloud Security Architect, Nate Brady. Register here to attend the webinar and learn more about how to harness AI and cloud services effectively and responsibly. About Skyhigh Security Skyhigh Security is focused on helping customers secure the world’s data. It protects organizations with cloud-native security solutions that are both data-aware and simple to use. Its market-leading Security Service Edge (SSE) Portfolio goes beyond data access and focuses on data use, allowing organizations to collaborate from any device and from anywhere without sacrificing security. For more information, visit www.skyhighsecurity.com.

Read More

Enterprise Security, Platform Security, Software Security

Cyware Raises $30 Million to Accelerate Expansion of AI-Powered Global Cyber Fusion and Threat Sharing Networks

Businesswire | July 05, 2023

Cyware, the leading provider of AI-powered Cyber Fusion platforms for enterprises and MSSPs, and automated threat intelligence sharing for information sharing networks, today announced a $30 million Series C financing round led by Ten Eleven Ventures, a leading multi-stage investment firm specializing in cybersecurity. Also participating are previous investors including Advent International, Zscaler, Emerald Development Managers, Prelude (the venture practice at Mercato Partners) and Great Road Holdings. The Series C financing comes as Cyware has experienced strong year-over-year growth propelled by robust market adoption, excellent customer retention, and extraordinarily large market access. Since Series A financing, Cyware has shown growth of 6x and consolidated its position as an industry leader for threat intelligence automation, security orchestration, and collaborative threat response solutions. Earlier this year, Cyware achieved FedRAMP Ready status for its Cyber Fusion platform and was named one of the most innovative and promising cybersecurity companies by JMP Cyber 66, as well as being recognized in the 2022 Deloitte Technology Fast 500 as one of the Fastest Growing Technology Firms in North America. Cyware’s cloud-based platform is leveraged by top Fortune 1000 and MSSP security teams to transform their legacy SOCs into Cyber Fusion Centers. The platform seamlessly integrates the AI-powered threat intelligence platform (TIP) with data orchestration and workflow automation (SOAR), to facilitate and synchronize actions between cloud and on-premises security tools and technologies. This enables security teams to connect the dots on emerging threats by correlating actionable threat intelligence with detection, threat hunting, vulnerability management, and incident response operations. Cyware’s Cyber Fusion platform is modular, and the underlying TIP, SOAR, and Collaborative Threat Response components can be leveraged in combination or individually by security teams providing them greater flexibility in transforming conventional SOCs. The Cyware platform has become the backbone of global Threat Sharing Networks. Almost all major ISACs (Information Sharing and Analysis Centers), ISAOs, and CERTs use Cyware’s platform to automate threat intelligence sharing, analysis, and actioning for more than 30,000 enterprise members and government entities. The platform also enables large conglomerates, industry groups, and private communities to activate and share threat intelligence with their distributed businesses, clients, and suppliers, and benefit from automated collective defense against ransomware, supply chain attacks, and zero-day vulnerabilities. “Security teams today face an overwhelming amount of data, but silos across data, processes, and technologies make it very challenging to see the bigger picture and proactively stop threats," said Anuj Goel, Cyware CEO and Co-founder. “Our mission at Cyware is to break down these silos, integrate threat intelligence into SOC operations, make it easy for teams to automate response, and act immediately to anticipate and stop threats.” “Threat actors thrive because the rest of us don’t collaborate enough,” said Alex Doll, Founder and Managing Member of Ten Eleven Ventures. “Only Cyware allows overstretched security teams to expand their risk visibility beyond their borders with innovative threat intelligence collaboration while dramatically improving response with vendor-agnostic orchestration and low-code automation. As seasoned investors in the cybersecurity field, we recognize that Cyware’s remarkable platform, revenue growth, and vast customer base – including over 20 ISACs – puts them in an enviable market position.” Cyware plans to leverage this new round of funding to fuel further growth and accelerate channel business and strategic alliances while expanding its global footprint. About Cyware Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat intelligence sharing platform for global ISACs and CERTs.

Read More

Enterprise Security, Platform Security, Software Security

ReasonLabs Joins Microsoft Active Protections Program to Enhance Cybersecurity for Millions of Consumers Worldwide

Prnewswire | July 04, 2023

ReasonLabs, the cybersecurity pioneer equipping families and individuals with the same level of cyber protection used by major global companies, today announced that it has joined Microsoft Active Protections Program (MAPP), a program that allows security software providers early access to security data from Microsoft to enable them to provide faster updates to their customers. As a member of MAPP, ReasonLabs will receive advanced access to security vulnerability data from the Microsoft Security Response Center (MSRC) ahead of Microsoft's monthly security update. This information will allow ReasonLabs to better mitigate zero- and one-day vulnerabilities for their users prior to official patches from Microsoft and others. "ReasonLabs is proud to be a member of the Microsoft Active Protections Program, joining the ranks of leading organizations working to strengthen cyber protections for consumers and businesses around the world," said Kobi Kalif, CEO of ReasonLabs. "The data we will receive from Microsoft Security Response Center will enable us to better protect our customers and ensure our products remain on the cutting edge of the industry." "Receiving the latest vulnerability updates from Microsoft's Security Response Center will help us provide even greater protection to our users located in more than 180 countries worldwide. Pairing this information with ReasonLab's research arm, the Threat Intelligence Center, will solidify its place in the industry at the front line of threat intelligence research and prevention," said Yaniv Dudu, VP of Security at ReasonLabs. About ReasonLabs ReasonLabs is a cybersecurity pioneer equipping tens of millions of families and individuals worldwide with the same level of cyber protection utilized by Fortune 500 companies. Its AI-powered, next-generation antivirus engine scans billions of files around the world to predict and prevent cyberattacks in real-time, 24/7. Its flagship product, RAV Endpoint Protection, together with its other products combine to form a multilayered solution that safeguards home users against next-generation threats. Co-Founded in 2016 by seasoned cybersecurity expert Andrew Newman—an architect of Microsoft's native cybersecurity program, Microsoft Defender—ReasonLabs is based in New York and Tel Aviv.

Read More

Data Security, Platform Security, Software Security

Skyhigh Security Enables Secure Use of AI Applications with Leading Data Protection Technology

Businesswire | June 29, 2023

Skyhigh Security today announced it’s enabling organizations to adopt artificial intelligence applications in a secure manner that protects sensitive, confidential, and business critical information through its leading Security Service Edge (SSE) portfolio. Skyhigh Security’s technology protects data and stops threats in the cloud across all websites, Software-as-a-Service (SaaS) applications, Infrastructure-as-a-Service (IaaS) environments and Shadow IT, from a single, cloud-native enforcement point. Skyhigh Security’s purpose-built SSE platform is future-proofed with advanced data protection controls that directly apply to AI apps to protect customers’ business critical data. The same controls will apply to all new and emerging cloud applications in the future to protect against the risks of data loss. Skyhigh Security also delivers the largest and most accurate cloud registry of over 40K+ cloud services, based on a detailed security assessment across more than 75 objective criteria. The Skyhigh Cloud Registry quickly identifies new generative AI apps and the corresponding risk level for each app. According to Skyhigh Security’s global telemetry data from the first half of 2023, close to a million of its users have accessed ChatGPT through corporate infrastructures. The volume of users has increased by 1500 percent from January to June, demonstrating the unprecedented momentum and adoption of generative AI applications across organizations and industries. Because of the risks associated with ChatGPT and similar AI applications, many organizations are seeking ways to ensure data is protected while allowing for productive use of the technology. “Securing corporate data in SaaS applications, like ChatGPT and other generative AI applications, is what Skyhigh Security was built to do,” said Anand Ramanathan, chief product officer, Skyhigh Security. “We currently track more than 500 different AI cloud service providers as part of our registry—a 130 percent increase since January. Through the Skyhigh SSE portfolio, organizations already enjoy granular visibility and control of these apps, protect sensitive data, and meet compliance regulations such as PCIDSS, HIPAA, and GDPR, all in one comprehensive solution. We ensure our customers have the appropriate guardrails in place.” “Skyhigh Security is paving the way forward for organizations to drive productivity and innovation by adopting AI technologies, while reducing risk and protecting critical business data,” said Dan Meacham, CISO, Legendary Entertainment. “At Legendary Entertainment, we use the Skyhigh Cloud Platform to help us monitor our generative AI traffic and prevent inadvertent uploads of regulated data, such as PII or trade secrets, or downloads of fake or malicious apps. It provides crucial insight into the corresponding risk levels of workflows pertaining to different AI tools and applications, along with the amount of data being posted within them. This visibility is essential for us to accelerate business productivity, while ensuring our risk is efficiently mitigated.” The Skyhigh SSE portfolio includes Skyhigh Cloud Access Security Broker (CASB), Skyhigh Secure Web Gateway (SWG), Skyhigh Private Access and other products, integrated into its comprehensive Skyhigh Cloud Platform, with Data Loss Prevention (DLP) as a core capability. Through its CASB for Shadow IT and SWG capabilities, it provides advanced data protection for organizations that allows the use of AI applications, including: Visibility into AI applications in use, as well as their corresponding risk levels. With insights into usage trends, businesses can exercise greater control over their data. Control over the amount of data uploads/in posts, lowering the risk of unintentional access to sensitive data. Flexibility in giving access to AI applications. Block complete access to AI applications for all users or simply block just risky/specific AI applications.Restrict AI applications used within your organization by providing access only to users with a business justification. Improved security awareness across the organization by coaching users on the risks of utilizing AI applications. Add pop ups whenever users access these sites, which direct them to not input any sensitive info in the application and note that it will be monitored by DLP. Reduced risk by automatically disabling and deleting the conversation history within AI applications, like ChatGPT, so that corporate data cannot be used to train the system. Prevent copy/paste of sensitive content into AI applications, like ChatGPT, by leveraging Skyhigh Security’s Web Isolation capabilities. Protect sensitive data from being uploaded to AI applications like ChatGPT. Apply DLP policies to block sensitive data from being posted, including social security numbers, bank account numbers, proprietary IP such as source code, employee and customer names. On July 11 and 13, Skyhigh Security will host a special webinar titled, ChatGPT and AI: Embrace It or Fear It, with Skyhigh Security’s Cloud Security Architect, Nate Brady. Register here to attend the webinar and learn more about how to harness AI and cloud services effectively and responsibly. About Skyhigh Security Skyhigh Security is focused on helping customers secure the world’s data. It protects organizations with cloud-native security solutions that are both data-aware and simple to use. Its market-leading Security Service Edge (SSE) Portfolio goes beyond data access and focuses on data use, allowing organizations to collaborate from any device and from anywhere without sacrificing security. For more information, visit www.skyhighsecurity.com.

Read More

Enterprise Security, Platform Security, Software Security

Cyware Raises $30 Million to Accelerate Expansion of AI-Powered Global Cyber Fusion and Threat Sharing Networks

Businesswire | July 05, 2023

Cyware, the leading provider of AI-powered Cyber Fusion platforms for enterprises and MSSPs, and automated threat intelligence sharing for information sharing networks, today announced a $30 million Series C financing round led by Ten Eleven Ventures, a leading multi-stage investment firm specializing in cybersecurity. Also participating are previous investors including Advent International, Zscaler, Emerald Development Managers, Prelude (the venture practice at Mercato Partners) and Great Road Holdings. The Series C financing comes as Cyware has experienced strong year-over-year growth propelled by robust market adoption, excellent customer retention, and extraordinarily large market access. Since Series A financing, Cyware has shown growth of 6x and consolidated its position as an industry leader for threat intelligence automation, security orchestration, and collaborative threat response solutions. Earlier this year, Cyware achieved FedRAMP Ready status for its Cyber Fusion platform and was named one of the most innovative and promising cybersecurity companies by JMP Cyber 66, as well as being recognized in the 2022 Deloitte Technology Fast 500 as one of the Fastest Growing Technology Firms in North America. Cyware’s cloud-based platform is leveraged by top Fortune 1000 and MSSP security teams to transform their legacy SOCs into Cyber Fusion Centers. The platform seamlessly integrates the AI-powered threat intelligence platform (TIP) with data orchestration and workflow automation (SOAR), to facilitate and synchronize actions between cloud and on-premises security tools and technologies. This enables security teams to connect the dots on emerging threats by correlating actionable threat intelligence with detection, threat hunting, vulnerability management, and incident response operations. Cyware’s Cyber Fusion platform is modular, and the underlying TIP, SOAR, and Collaborative Threat Response components can be leveraged in combination or individually by security teams providing them greater flexibility in transforming conventional SOCs. The Cyware platform has become the backbone of global Threat Sharing Networks. Almost all major ISACs (Information Sharing and Analysis Centers), ISAOs, and CERTs use Cyware’s platform to automate threat intelligence sharing, analysis, and actioning for more than 30,000 enterprise members and government entities. The platform also enables large conglomerates, industry groups, and private communities to activate and share threat intelligence with their distributed businesses, clients, and suppliers, and benefit from automated collective defense against ransomware, supply chain attacks, and zero-day vulnerabilities. “Security teams today face an overwhelming amount of data, but silos across data, processes, and technologies make it very challenging to see the bigger picture and proactively stop threats," said Anuj Goel, Cyware CEO and Co-founder. “Our mission at Cyware is to break down these silos, integrate threat intelligence into SOC operations, make it easy for teams to automate response, and act immediately to anticipate and stop threats.” “Threat actors thrive because the rest of us don’t collaborate enough,” said Alex Doll, Founder and Managing Member of Ten Eleven Ventures. “Only Cyware allows overstretched security teams to expand their risk visibility beyond their borders with innovative threat intelligence collaboration while dramatically improving response with vendor-agnostic orchestration and low-code automation. As seasoned investors in the cybersecurity field, we recognize that Cyware’s remarkable platform, revenue growth, and vast customer base – including over 20 ISACs – puts them in an enviable market position.” Cyware plans to leverage this new round of funding to fuel further growth and accelerate channel business and strategic alliances while expanding its global footprint. About Cyware Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat intelligence sharing platform for global ISACs and CERTs.

Read More

Enterprise Security, Platform Security, Software Security

ReasonLabs Joins Microsoft Active Protections Program to Enhance Cybersecurity for Millions of Consumers Worldwide

Prnewswire | July 04, 2023

ReasonLabs, the cybersecurity pioneer equipping families and individuals with the same level of cyber protection used by major global companies, today announced that it has joined Microsoft Active Protections Program (MAPP), a program that allows security software providers early access to security data from Microsoft to enable them to provide faster updates to their customers. As a member of MAPP, ReasonLabs will receive advanced access to security vulnerability data from the Microsoft Security Response Center (MSRC) ahead of Microsoft's monthly security update. This information will allow ReasonLabs to better mitigate zero- and one-day vulnerabilities for their users prior to official patches from Microsoft and others. "ReasonLabs is proud to be a member of the Microsoft Active Protections Program, joining the ranks of leading organizations working to strengthen cyber protections for consumers and businesses around the world," said Kobi Kalif, CEO of ReasonLabs. "The data we will receive from Microsoft Security Response Center will enable us to better protect our customers and ensure our products remain on the cutting edge of the industry." "Receiving the latest vulnerability updates from Microsoft's Security Response Center will help us provide even greater protection to our users located in more than 180 countries worldwide. Pairing this information with ReasonLab's research arm, the Threat Intelligence Center, will solidify its place in the industry at the front line of threat intelligence research and prevention," said Yaniv Dudu, VP of Security at ReasonLabs. About ReasonLabs ReasonLabs is a cybersecurity pioneer equipping tens of millions of families and individuals worldwide with the same level of cyber protection utilized by Fortune 500 companies. Its AI-powered, next-generation antivirus engine scans billions of files around the world to predict and prevent cyberattacks in real-time, 24/7. Its flagship product, RAV Endpoint Protection, together with its other products combine to form a multilayered solution that safeguards home users against next-generation threats. Co-Founded in 2016 by seasoned cybersecurity expert Andrew Newman—an architect of Microsoft's native cybersecurity program, Microsoft Defender—ReasonLabs is based in New York and Tel Aviv.

Read More

More featured news