Data Security

NERC CIP Security Assessment Secures OT Remote Operations at XONA

XONA, the world's initial zero-trust distant activities stage for basic foundation, was discovered agreeable with NERC CIP appraisal, including an engineering survey, gadget survey, and counterfeit review.

Cybersecurity has taken on restored significance in 2021 as organizations progressively depend on distant admittance to screen, survey, and connect with basic OT framework. This the truth was on full presentation in February 2021 when a programmer distantly got to a water treatment framework in Oldsmar, Florida, highlighting the potential weaknesses related with far off activities limit.

XONA NERC CIP Compliance Demonstrates Readiness to Secure Against Cybersecurity Risks at Crucial Time

Understanding the centrality of cybersecurity while sending distant tasks limit, XONA's review shows the organization's digital preparation.

XONA's CSG apparatus was evaluated from both an inspector's and SCADA designer's points of view. Simultaneously, manual and robotized checking was performed to gather, recognize, and examine potential weaknesses that may affect NERC CIP consistence and data security pose.

Moreover, XONA mentioned an arrangement and approach assessment, guaranteeing that the organization's inner conventions are reliable with progressing consistence orders. Securicon discovered XONA agreeable with necessities surveyed and tracked down no basic high, medium, or okay weaknesses identified with the XONA CSG.

Regions and Critical Infrastructures Expanding Remote Operations Rely on XONA as Secure, Compliant Solution

"We are eager to impart our consistence confirmation to our clients. This certificate mirrors the XONA group's diligent effort and our persistent obligation to ensuring our clients' IT framework," clarifies Bill Moore, author and CEO of XONA.

He adds, "As districts and other basic framework OT administrators seek after or grow far off activities abilities, we need to routinely show that XONA is a protected, secure arrangement."

Continuous financial vulnerability and restricted admittance to cybersecurity faculty makes it more significant than any other time that basic framework tasks can depend on distant activities answers for secure their OT climate.

To find out about XONA's client access arrangement worked for OT that sets these exercises in motion, plan a demo.

About XONA

As the world's initial zero-trust far off tasks stage for basic framework, industry-driving associations all throughout the planet in energy, oil and gas, assembling and government trust XONA to guarantee basic and secure admittance to their operational innovation from anyplace.

XONA consistently and safely empowers secure versatile admittance to your most basic frameworks and applications while likewise lessening operational and digital dangers and expanding operational effectiveness.

Spotlight

The challenges and risks of an everywhere world Every day, enterprise technology leaders are expected to support the digital imperative to work, develop, and deliver everything, everywhere — by bringing together distributed workforces, devices, clouds, systems, applications, and networks. But, there’s a problem. Technology teams

Spotlight

The challenges and risks of an everywhere world Every day, enterprise technology leaders are expected to support the digital imperative to work, develop, and deliver everything, everywhere — by bringing together distributed workforces, devices, clouds, systems, applications, and networks. But, there’s a problem. Technology teams

Related News

Software Security

Picus Launches New MSSP Program to Make Starting Security Validation Simple

Picus Security | December 12, 2023

Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced the Picus Managed Security Services Provider (MSSP) Partner Program. Picus has a long-standing 100% channel approach and works closely with MSSPs to deliver security validation services that quantify risk and reduce threat exposure. Now, it's easier than ever for MSSPs and their customers to get started with security validation to measure the effectiveness of security controls with real-world attack simulations and then scale up testing programs to perform validation checks consistently. The new Picus MSSP Program provides the flexibility MSSPs need to introduce automated validation services and generate new recurring revenues quickly. Designed for customers of varying levels of cyber maturity, the program features interval-based and continuous licensing options. With interval-based licensing, MSSPs can purchase credits that allow an entry cadence for validation assessments. Then, once customers are ready to advance their security program maturity and increase the frequency of assessments they can easily switch to a continuous licensing model. The program means MSSPs can help customers to 'crawl,' 'walk,' and then 'run' with validation. "With this new MSSP program, it's never been simpler for managed service providers to get the consistent and accurate validation insights needed to improve security outcomes for clients," said Ryan Kunker, Picus Security, Senior Director of Channels and Alliances. "By shining a light on security effectiveness in areas such as security control validation, automated security validation presents an enormous opportunity for MSSPs to improve security outcomes for clients and identify new upsell opportunities." Security validation powered by BAS is a core pillar of Continuous Threat Exposure Management (CTEM). It helps security teams to understand if security controls provide the coverage needed to defend organizations against the latest threats, including ransomware and Advanced Persistent Threats. Gartner estimates that security services providers that adopt cybersecurity validation assessments will see an improvement of over 5% in their acquisition, retention and upsell rates.* "We are constantly looking for new ways to provide real actionable value to our clients," said Perry Schumacher, Chief Strategy Officer at Ridge IT. "We evaluated Picus in our cyber range against our best practice configurations and it showed us opportunities to improve beyond today's best tools and practices. The Picus platform helps us provide better security for our clients by increasing our effectiveness. Our clients who purchase Picus begin a continuous improvement journey for their cyber security and are always in a cyber-ready state." In addition to real-world threat simulation, the Picus platform also offers asset and vulnerability discovery, attack path mapping, detection engineering as code, and AI-based threat profiling - capabilities that help MSSPs to manage customers' threat exposure even more efficiently. To enable MSSPs to validate the security of multiple clients simultaneously, the platform also offers a multi-tenant portal. "Now more than ever, every dollar spent in the security budget must be carefully weighed on merit and returned value," said Darren Humphries, Acora Group CISO and MSSP Cyber Portfolio CTO. "For strengthening the security of our own company portfolio and that of our customers, Picus is a key tool that helps us measure the efficacy of the protective security tools we use as well as our detective SOC and SIEM capabilities. Picus is a true force multiplier." About Picus Security Picus Security helps security teams consistently and accurately validate their security posture. Our Security Validation Platform simulates real-world threats to evaluate the effectiveness of security controls, identify high-risk attack paths to critical assets, and optimize threat prevention and detection capabilities. As the pioneer of Breach and Attack Simulation, we specialize in delivering the actionable insights our customers need to be threat-centric and proactive. Picus has been named a 'Cool Vendor' by Gartner and is recognized by Frost & Sullivan as a leader in the Breach and Attack Simulation (BAS) market.

Read More

Data Security

CrowdStrike Announces General Availability of Falcon Data Protection to Disrupt Legacy DLP

CrowdStrike | December 18, 2023

CrowdStrike (NASDAQ: CRWD) today announced the general availability of CrowdStrike FalconData Protection, liberating customers from legacy data loss prevention (DLP) products with a modern, frictionless approach to data security that prevents adversary exfiltration and accidental leakage. With this latest offering for the AI-native CrowdStrike Falcon XDR platform, customers can consolidate costly and ineffective DLP point products with CrowdStrike’s single, revolutionary lightweight agent. Organizations struggle with legacy DLP solutions that are difficult to deploy, complex to manage and unable to comprehensively track data in the modern cloud and AI era. This results in risky monitor-mode only deployments that fail to stop data theft. CrowdStrike Falcon Data Protection harnesses the CrowdStrike Falcon platform’s industry-leading visibility and protection for the epicenter of productivity and risk – the endpoint – to secure critical data from insider threats and adversaries. With CrowdStrike Falcon Data Protection, enterprises can now: Deploy data protection immediately from their existing Falcon agent to consolidate legacy DLP point products, reduce complexity and gain nearly instant time to value. Instantly expand visibility of data flows across the enterprise to rapidly identify and shut down data exfiltration or accidental leakage. Accelerate detection and response with a single console and unified workflow that saves security analysts time investigating potential data theft. “Today's DLP market is where legacy AV was when we started CrowdStrike: ripe for disruption. With this release, we’re bringing to market the future of data protection as part of a unified platform,” said Raj Rajamani, head of products at CrowdStrike. “We’re proud to have partnered with some of the largest organizations in the world to develop a groundbreaking approach to data protection that enables customers to stop the breach, while consolidating legacy DLP tools. Customers can deploy Falcon Data Protection immediately from their existing agent with near zero configuration requirements.” About CrowdStrike CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More