Cloud Security
Cisco | September 15, 2023
Cisco Secure Application, new to the Cisco Full-Stack Observability Platform, brings application and security teams together to secure cloud-native application development and deployment.
The platform integrates Cisco's industry-leading security products' security intelligence with application performance data to provide business context with security findings.
Cisco-exclusive business risk observability enables IT professionals to identify, assess, and prioritize risk and fix application security concerns based on potential business impact.
Cisco, a worldwide technology leader that offers innovative software-defined networking, cloud, and security solutions, has unveiled the availability of the Cisco Secure Application, formerly known as Security Insights for Cloud Native Application Observability, on the Cisco Full-Stack Observability platform. This integration empowers organizations to seamlessly unite their application and security teams, facilitating the secure development and deployment of modern applications. The latest release of Cisco Secure Application extends its capabilities to securely manage both cloud-native and hybrid applications.
In an effort to assist organizations in bolstering their cloud-native applications security, Cisco has introduced the new Cisco Secure Application offering, which is available on Cisco's recently introduced Full-Stack Observability platform. This solution equips customers with enhanced visibility and intelligent insights regarding business risk in various cloud environments.
As a result, businesses gain the ability to more effectively prioritize and respond to security risks that could impact revenue and reputation in real time, leading to a reduction in overall organizational risk profiles.
As organizations strive to provide smooth digital experiences, IT teams have faced growing demands to transition to modern, distributed applications.
According to a recent study by Cisco, 92% of global technologists acknowledge that the urgency to innovate and adapt to evolving customer needs has often resulted in compromised application security during software development.
As a consequence, organizations have become susceptible to security vulnerabilities and threats. They face broader attack surfaces and gaps in their application security layer due to the isolation of teams. These teams face challenges in obtaining adequate visibility and the necessary business context for prioritizing vulnerabilities. Consequently, organizations are witnessing a surge in security incidents within the modern environment, thereby jeopardizing customer data and the reputation of their businesses.
Mark Leary, Research Director, IDC, stated,
Cisco's extensive domain experience across multi-cloud and hybrid environments and comprehensive full tech stack oversight positions the company well to assist customers bring business risk observability, application observability, and security intelligence data together. Combined, they give customers access to the critical information they need to make smarter decisions about their application security
[Source – Cision PR Newswire]
Senior VP and General Manager of Cisco Full-Stack Observability and AppDynamics, Ronak Desai, said,
An organization's ability to swiftly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they’ll be exploited, and the risk to the business of each issue. This business risk observability can enable IT professionals understand and prioritize those risks and is uniquely delivered by Cisco. The availability of Cisco Secure Application on the Cisco Full-Stack Observability platform is a crucial next step in our commitment to providing customers with the tools they need to provide unmatched and secure digital experiences across multi-cloud and hybrid environments.
[Source – Cision PR Newswire]
Read More
Platform Security
GlobeNewswire | September 29, 2023
Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced it has formed the Veterans Program Advisory Council, made up of a global board of esteemed members from organizations that support the military veterans community across the Five Eyes countries: United States, United Kingdom, New Zealand, Canada, and Australia. Members will provide counsel on how Fortinet can continue meeting the needs of military veterans looking to transition into the cybersecurity field.
Military veterans have many complementary skillsets that make them ideal candidates for cybersecurity roles, including discipline, problem-solving under immense pressure, situational awareness, and an understanding of the importance of maintaining a strong defense posture. With the industry facing a talent shortage with an estimated 3.4 million security roles needing to be filled worldwide, the veteran community can play a key role in filling critical cyber roles with access to training, mentorship, and employment opportunities.
Yet, the Fortinet 2023 Cybersecurity Skills Gap Global Research Report found that 43% of organizations indicated difficulty in recruiting qualified veterans for cybersecurity roles. At the same time, veteran turnover is high in the industry, with one key reason being the shortage of staff, leading to overwork and burnout.
To further address these hurdles veterans face, the esteemed members of the Veterans Program Advisory Council with extensive backgrounds working with the military veteran community and as veterans themselves will help Fortinet strengthen its Veterans Program offerings by providing guidance on how to continue reskilling and upskilling veterans so they can start and stay in various cyber career pathways.
Veterans Program Advisory Council members (listed in alphabetical order) include:
Chris Barlow, Managing Director at Cerco IT Ltd (U.K.)
Marty Donoghue, Chief Executive of the RNZRSA (New Zealand)
Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (U.K.)
Tom Marsland, Board Chairman and CEO at VetSec, Inc. (U.S.)
Heath Moodie, Director of Vets in Cyber (Australia)
James Murphy, Director of TechVets Programme, The Forces Employment Charity (U.K.)
Bryan Radliff, CyberVets Program Manager at Onward to Opportunity, D’Aniello Institute for Veterans and Military Families (U.S.)
Patrick Shaw, Founder of Cyber Catalyst (Canada)
Mark Wilcox, Head of Cyber Training, Permanent Opportunities and Partnership at Cerco IT Ltd (U.K.)
Fortinet’s Commitment to Supporting Veterans to Close the Cyber Skills Gap
The Veterans Program Advisory Council will help build on the Veterans Program's success in providing more cybersecurity training pathways for military veterans with both existing technical background or no IT experience. Fortinet provides Veterans Program members access to its Network Security Experts (NSE) Certification Program curriculum to help them transition into the cybersecurity field and advance in their security careers through access to cyber training, professional development resources, and employment opportunities. This year, the Veterans Program is celebrating five years of helping military service members, veterans, and military spouses receive the fundamental resources they need to transition into cyber roles.
Fortinet has also been recognized as a 2023 VETS Indexes Recognized Employer, further underscoring the company’s commitment to supporting the veteran community throughout their careers.
Veterans Program Advisory Council Members Biographies
Chris Barlow, Managing Director at Cerco IT Ltd (U.K.)
Chris Barlow joined Cerco in 2003, and has since established a recruitment division for graduates through Cerco Training, a large proportion of which were British forces veterans. Chris acquired the entire business in 2017, and the company has continued to grow, prosper, and develop further. The vision for Cerco is to become a market leader in taking novice talent and guiding them to the highest levels of IT support and cybersecurity. Chris has made employment connections for new engineers with global IT companies such as Fujitsu, Hewlett-Packard, and IBM.
Marty Donoghue, Chief Executive of the RNZRSA (New Zealand)
Marty Donoghue has been chief executive of the RNZRSA since October 2020. Marty has a 35-year track record of transformational leadership, successfully building and managing teams and mobilizing volunteers in New Zealand and internationally across defense, sport, science, and in the not-for-profit sector. Marty served in the New Zealand Army for 25 years and is a veteran of Bosnia, Angola, Bougainville, and Iraq.
Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (U.K.)
Colin Grimes joined TechVets from the education sphere, where he worked as a primary school teacher with particular responsibility for computing across the curriculum. During his time in education, he also worked as a consultant to schools for the National Centre of Computing Education, delivering training to schools in computing and remote learning, leaning on lessons learned during the COVID-19 pandemic. Before this, he enjoyed a 24-year career as an air battle management specialist in the Royal Air Force. He also served as an instructor within the U.K. School of Air Battle Management, where he was responsible for training the next generation of air surveillance specialists.
Tom Marsland, Board Chairman and CEO at VetSec, Inc (U.S.)
Tom Marsland is a cybersecurity professional with over 21 years of experience in the information technology and nuclear power industry. He has also served over 21 years in the U.S. Navy and has a BS in IT security and an MS in cybersecurity. He is the board chairman of VetSec and the VP of technology and technical services at Cloud Range.
Heath Moodie, Director of Vets in Cyber (Australia)
Heath is the director of Vets in Cyber, where he is helping to build a mentoring program, running community events, and partnering with industry-leading training providers to offer employment assistance to veterans. As a five-year Australian Army infantry veteran, Heath transitioned into cybersecurity and was immediately confronted with the different cultures between the military community and civilian life. Wanting to be the change that he needed, Heath created a grassroots organization, Vets in Cyber, which is focused on helping to build a community around veterans to offer them the support they need within the cybersecurity industry.
James Murphy, Director of TechVets Programme, The Forces Employment Charity (U.K.)
James Murphy joined TechVets from Government Digital Services in the Cabinet Office, where he was employed as the head of threat intelligence, providing strategic cyber threat intelligence advice to key decision makers within central government with specific focus on protecting national infrastructure. Prior to this, James served for 19 years in the British military, deploying to Northern Ireland, East Africa, and Afghanistan with the infantry, receiving lifelong injuries as a result of enemy action. James then served the remainder of his service in intelligence, developing the army’s exploitation capability, providing support to U.K. Defence Engagement in East Asia before delivering strategic support to global joint military operations.
Bryan Radliff, CyberVets Program Manager at Onward to Opportunity (O2O) (U.S.)
Bryan Radliff serves as the CyberVets program manager in the Onward to Opportunity Program for the D’Aniello Institute for Veterans and Military Families (IVMF) at Syracuse University. CyberVets is a skills-to-job pathway that aims to fast-track veterans into high-demand cyber careers by providing no-cost employment training, industry certifications, and career services to transitioning service members, veterans, and military spouses. Bryan is a 31-year veteran of the U.S. Army, serving as an enlisted medical supply specialist, infantryman, and an armor/cavalry officer before retiring as a lieutenant colonel.
Patrick Shaw, Founder of Cyber Catalyst and Tech Vets (Canada)
Founder of Cyber Catalyst and co-founder of Coding For Veterans (CFV), Pat initiated Cyber Catalyst Talent Solutions to assist veterans achieve meaningful and rewarding careers using the skills developed through their upskilling or reskilling studies. Pat curated the CFV secure software development and the cybersecurity curriculum and established the learning approach aligning widely recognized industry certification exams to meet the cyber talent needs of employers. Cyber Catalyst Talent Solutions offers job-focused microcredentialing and certifications in support of job placement. Tech Vets Canada engages veterans and military family members with career mentorship and learning support.
Mark Wilcox, Cyber Training, Opportunities and Partnership at Cerco IT Ltd (U.K.)
Mark has over 30 years of commercial software development experience, the majority of which has involved web technologies. Throughout his career, Mark has developed and supported complex systems for a range of clients, including the London Stock Exchange, Lloyds Bank, Ryman stationers, Debenhams, and Woolworths. In January 2022, Mark joined Cerco IT to head up the cybersecurity training and employment division. As a key architect of Cerco's Cradle to Cyber training program, an initiative to provide advanced network security skills to Cerco’s trained graduates (many of whom are ex-armed forces), Mark continues to forge relationships with internationally renowned tech and training partners, such as Fortinet and CompTIA.
About Fortinet
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.
Read More
Data Security
Oracle | September 20, 2023
Oracle to participate in an industry-wide initiative to design a new open network and data security standard.
Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges.
This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture.
Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks.
Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities.
Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said,
Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds.
[Source – Cision PR Newswire]
As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security.
This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access.
Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said,
The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes.
[Source – Cision PR Newswire]
Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.
Read More