SOFTWARE SECURITY

IPKeys Power Partners Announces New Grid Cyber Security Breakthrough

IPKeys | September 09, 2021

IPKeys Power Partners, the leading cybersecurity, cyber compliance, and smart grid technology company, announced today the release of its groundbreaking SigmaFlow Beacon platform to provide utilities, generators, and grid operators a simple, unified solution for cybersecurity monitoring and compliance requirements.

The SigmaFlow Beacon platform is built specifically to help organizations align with North American Electric Reliability Corp. (NERC) compliance mandates. It provides NERC registered entities with a single solution to advance, simplify and improve existing cybersecurity and monitoring requirements.

"We are pleased to provide utilities, generators and grid operators a system that ensures unification of cybersecurity monitoring and NERC-CIP compliance requirements," said Robert Nawy, CEO IPKeys. "It is long past time for the worlds of compliance and cyber defense to converge to provide cyber assurance for our power grid. The SigmaFlow Beacon unites needed capabilities of real-time cybersecurity monitoring with governance and regulation."

The SigmaFlow Beacon provides one, purpose-built solution for NERC baseline management, collecting the critical cyber data in real time and seamlessly incorporating the approval process within the SigmaFlow workflow and evidence platform. SigmaFlow Beacon technology is built for rapid deployment, making it faster and easier to implement than current monitoring solutions. It will save utilities valuable time, and provide seamless Critical Infrastructure Protection, improved cybersecurity, and audit ready results.

Today, NERC registered entities must use multiple vendors and systems to monitor baseline security and compliance data. These solutions are not connected to workflow, making the correlation between change management and baseline authorization next to impossible because multiple changes could be made since the facilities' last scan.

"SigmaFlow Beacon is a major step towards our vision of bringing compliance and security teams together, at the same time simplifying the act of maintaining compliance while enhancing real world cybersecurity," said Louis Riendeau, IPKeys Vice President, Operations & Product Management.

"Many of our clients and Governance & Regulation communities tend to get a sense of false cybersecurity validation by passing NERC compliance audits, SigmaFlow Beacon and the entire IPKeys Cyber Lab-as-a-Service platform introduces automated NERC compliance and advancement in real cybersecurity protection," said Trey Kirkpatrick, VP, NERC Implementation Services and Consulting.

Benefits of a Unified Approach between Cybersecurity and Compliance

Improved cybersecurity: The fewer moving parts, the fewer opportunities for errors—and the fewer cracks for hackers to get in through. With cybersecurity and compliance in sync, there is a shared knowledge between organizations.

Time Savings: When a crisis strikes, immediate action is vital. With unified security and compliance, there is less risk of misunderstanding or miscommunication between organizations, less need for work to be redone, and fewer questions about completion.

Seamless CIP management: Unified end-to-end management of security and compliance ensures consistent CIP management, while providing more efficient and accessible records, greater access to critical information, and reducing data errors, missed assignments or due dates.

Always audit-ready: All data is stored in one secure location, and is consistent, connected, complete and primed for scrutiny.

Large cybersecurity incidents like the SolarWinds breach or the Colonial Pipeline hack garner most of the attention, but hundreds of smaller attacks have impacted businesses, municipalities, and utilities across the country - and the threat is accelerating. According to Statescoop, between 2013 and 2018, 180 documented cyberattacks occurred, while 236 incidents have been reported since 2019.

About IPKeys Power Partners
IPKeys Power Partners' industry-leading, secure OT and IoT intelligence platform addresses the complex cybersecurity, data, and communications challenges faced by operators of mission-critical networks for customers in the energy, government, and industrial markets. The company's suite of solutions encompass cybersecurity and cyber compliance for dynamic OT/IT environments, data analytics, secure energy management, and public safety network monitoring. The company is headquartered in New Jersey and has offices in California, Louisiana, Maryland, Texas, and Virginia.

Spotlight

The year of 2022 presented both new and evolving trends. We primarily recognized significant activity in five main areas – Russia’s war in Ukraine and its underground implications, the continued popularity and evolution of ransomware, the rise and endurance of initial access brokers (IABs), developments in the malware threat lan

Spotlight

The year of 2022 presented both new and evolving trends. We primarily recognized significant activity in five main areas – Russia’s war in Ukraine and its underground implications, the continued popularity and evolution of ransomware, the rise and endurance of initial access brokers (IABs), developments in the malware threat lan

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

BlueVoyant Research Reveals Defending Digital Supply Chains Remains a Business Challenge

BlueVoyant | November 14, 2022

BlueVoyant, an industry-leading cyber defense company that combines internal and external cybersecurity, today released the findings of its third annual global survey into supply chain cyber risk management. The study reveals that 98% of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain. This is up slightly from 97% of respondents last year. Digital supply chains are made of the external vendors and suppliers who have network access that could be compromised. "The survey shows that supply chain cybersecurity risk has not decreased and, in fact, more enterprises than ever have reported being negatively impacted by a cybersecurity disturbance in their supply chain," said Adam Bixler, BlueVoyant's global head of supply chain defense. "The good news is that across industries and regions, organizations are making supply chain defense a priority, but these organizations need to better monitor suppliers and work with them to remediate issues to reduce their supply chain risk." Other key survey findings include: 40% of respondents rely on the third-party vendor or supplier to ensure adequate security. In 2021, 53% of companies said they audited or reported on supplier security more than twice per year; that number has improved to 67% in 2022. These numbers include enterprises monitoring in real time. Budgets from supply chain defense are increasing, with 84% of respondents saying their budget has increased in the past 12 months. The top pain points reported are internal understanding across the enterprise that suppliers are part of their cybersecurity posture, meeting regulatory requirements, and working with suppliers to improve their security. "While supply chain defense is a challenge, there are solutions for enterprises to better defend against this risk," said James Rosenthal, BlueVoyant's CEO and co-founder. "Enterprises should continuously monitor their supply chain to be able to quickly remediate threats. As companies are being negatively impacted by supply chain disturbances, they must prioritize this risk with the appropriate budget." The study was conducted by independent research organization, Opinion Matters, and recorded the views and experiences of 2,100 chief technology officers (CTOs), chief security officers (CSOs), chief operating officers (COOs), chief information officers (CIOs), chief info security officers (CISOs), and chief procurement officers (CPOs) responsible for supply chain and cyber risk management in organizations with more than 1,000 employees across a range of industries. These include: business services, financial services, healthcare and pharmaceutical, manufacturing, utilities and energy, and defense. It covered 11 countries: U.S., Canada, Germany, Austria, Switzerland, France, the Netherlands, the United Kingdom, Australia, the Philippines, and Singapore. The 2021 research was also conducted by Opinion Matters and recorded the views and experiences of 1,200 CTOs/CSOs/COOs/CIOs/CISOs/CPOs in similar enterprises and the same industries. It covered six countries: U.S., Canada, Germany, the Netherlands, the U.K., and Singapore. Analysis of the responses from different commercial sectors revealed considerable variations in their experiences of supply chain risk: While healthcare and pharmaceutical was the third-highest vertical in terms of experiencing greater board scrutiny for supply chain risk at 42%, the sector also indicates the lowest likelihood to increase budget for external resources to bolster supply chain cybersecurity, by a margin of 7% below the next closest vertical. This sector is also the least likely of any vertical (34%) to have no way of knowing if an issue arises with a third party's environment. The energy sector was most likely to report negative impact from at least one supply chain breach in the last year (99%) but 49% are monitoring supply chain cyber risk regularly or in real time, and 44% are updating senior leadership monthly or more frequently. In addition, energy companies say they are increasing their budget for supply chain cyber risk by an average of 60%. In manufacturing, 64% of respondents say that supply chain cyber risk is on their radar and 44% say they have established an integrated enterprise risk management program. About BlueVoyant BlueVoyant combines internal and external cyber defense capabilities into an outcomes-based platform called BlueVoyant Elements™. Elements is cloud-native and continuously monitors your network, endpoints, attack surface, and supply chain plus the clear, deep, and dark web for vulnerabilities, risks, and threats; and takes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independent solutions or together as a full-spectrum cyber defense platform. BlueVoyant's approach to cyber defense revolves around three key pillars — technology, telemetry, and talent — that deliver industry-leading cybersecurity to more than 700 clients across the globe.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Searchlight Security Launches New Ransomware Group Module With Threat Intelligence from the Dark Web

Searchlight Security | December 16, 2022

Searchlight Security, the dark web intelligence company, has today launched Ransomware Search and Insights, a new strategic enhancement to its Cerberus platform. Ransomware Search and Insights automatically collates data from active ransomware groups to help organizations and law enforcement agencies to investigate, track, and gather intelligence on live ransomware activity. This curated view of ransomware groups means that patterns in tactics, incidents, and victimology can be observed in real-time, helping analysts to bolster their threat intelligence, and gain the upper hand on ransomware groups. "Although ransomware has been one of the most pressing threats for several years, it still remains persistent because security teams and law enforcement agencies have been on the back foot, playing catch-up with the ever changing tactics and profiles of ransomware groups. “With visibility into the dark web presence of active ransomware threat actors, analysts can better understand how they are currently operating, therefore gaining a critical advantage over groups.” Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security Enabling Enterprises to Pre-empt Attacks Ransomware Search and Insights allows organizations to observe the victims of threat actors, posts on leak sites, and track known group members, all in one place - significantly reducing time and resources spent individually researching each threat group. With previously unseen insight into ransomware activity as it is happening, they can also identify which ransomware groups are targeting organizations that match their profile (e.g. industry, geography, business size) and tailor their defenses with a better understanding of which group is most likely to attack them. Empowering Law Enforcement Cerberus’ Ransomware Search and Insights provides investigators with the most up-to-date intelligence for their fight back against cybercrime. Ransomware groups pose a significant risk to national security through the persistent threat to critical infrastructure. As ransomware groups use the dark web to conduct their campaigns with impunity, tracking the activity of prolific threat actors on marketplaces and forums can help law enforcement agencies’ efforts to disrupt and take down these groups. “The Ransomware Search and Insights module was born from our work with national law enforcement agencies who require real-time insights to investigate and take down ransomware groups. We have listened to and collaborated with them to address these needs and bring the next evolution of threat hunting to life,” explained Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security. “Investigators can now work smarter, not harder, with live intelligence on ransomware operators collated and delivered to them.” Ransomware Intelligence for MSSPs Dark web monitoring is emerging as one of the fastest growing offerings amongst Managed Security Service Providers (MSSPs), driven in no small part by increased customer demand to stay one step ahead of attackers and prevent disruptive ransomware incidents. Ransomware Search and Insights provides MSSPs with a valuable tool that integrates into their existing offering, with the ability to deliver easy-to-digest overviews of ransomware activity to customers, or action intelligence internally to protect their client base from emerging threats. Ransomware Search and Insights is now available on Cerberus. For more information on the threat intelligence that can be gathered from Ransomware Search and Insights, download our free report: Dark Web Profiles: The Most Prolific Ransomware Groups of 2022. About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

IronNet Enhances Network Detection and Response Solution, IronDefense

IronNet, Inc. | January 05, 2023

IronNet, Inc., a pioneer in transforming cybersecurity through collective defenseSM, has announced that its network detection and response (NDR) solution, IronDefense, now has more features. IronDefense, awarded the best possible grade by SE Labs for Enterprise Advanced Security NDR Detection, enables advanced and early visibility of unidentified cybersecurity threats that have evaded endpoint and firewall detection and infiltrated the network, regardless of whether it is on-premises or in the cloud. With IronNet's most recent NDR enhancements, Security Operations Center (SOC) analysts can use IronDefense to identify VPN misuse, including high abnormal login times, password spraying, and unsuccessful logins, all of which may be suggestive of brute force attacks or unauthorized access attempts. Additional analytics enhancements enable the identification of ongoing patterns of both randomized-timing and fixed-interval beacon activity, as well as the detection of DNS tunnels utilizing innovative encoding techniques employed by cybercriminals. The IronNet product development team has also improved IronDefense's usability. Specifically, new sensors can now be automatically commissioned and upgraded without the intervention of SOC personnel. IronDefense allows customers utilizing SentinelOne endpoint detection and response (EDR) to remotely establish and update network inventory and isolate a device in a SentinelOne-deployed network through the Entity page of the IronDefense user interface. CarbonBlack and Crowdstrike endpoints offer equivalent capabilities. About IronNet, Inc. IronNet, Inc., founded in 2014 by GEN (Ret.) Keith Alexander, is a global leader in cybersecurity that is revolutionizing how enterprises safeguard their networks by providing the first-ever Collective Defense technology operating at scale. IronNet, which employs a number of ex-NSA cybersecurity operators with both offensive and defensive cyber experience, incorporates extensive tradecraft knowledge into its industry-leading technologies to address the world's most difficult cyber problems.

Read More