DATA SECURITY

Radiflow's New Version of CIARA - OT Risk Platform Transforms Industrial Cybersecurity

Radiflow | May 31, 2021

Radiflow has received extensive industry appreciation for its one-of-a-kind, fully IEC62443-compliant Cyber Industrial Automated Risk Analysis Platform (CIARA), enabling CISOs to optimize their cybersecurity expenditure non-intrusively simulating breach attempts in industrial automation networks and prioritizing the most effective mitigation measures.

In accordance with Radiflow's ongoing mission of "Taking the guesswork out of OT cybersecurity," the latest edition of CIARA allows users to further customize their cybersecurity optimization with additional operational and budgetary criteria.

Ilan Barda, CEO of Radiflow, announced the new features: "CIARA was warmly received in the market as the first-of-its-kind OT BAS solution (breach attack simulation). Since its release, we have seen an increase in demand for risk prioritization in the dynamic OT/ICS threat landscape. Our new edition responds to the critical need for data-driven decision-making. We are delighted to assist CISOs in developing the best budget-driven mitigation strategy."

Users of the updated version of CIARA can now:

Customize their OT-security optimization: Users can now choose from a wide range of factors to find a balance between security, compliance, and budget. CIARA prioritizes security requirements for mitigation measures (SRs) that match the chosen criterion to maximize their cybersecurity ROI. Among the current optimization criteria are:

• Zone impact: What is the financial impact of a disruption in that zone?

• Which zone has the lowest tolerated risk (as specified by the user)?

• Which zones have the highest disparity between real security measures and those prescribed by the IEC62443 standard?

New supply chain threats are included in attack simulations: Supply chain attacks, such as the SolarWinds breach, take advantage of vendor networks' vulnerabilities. In addition to the fundamental requirement control groups in IEC62443, CIARA users can now add a security control group for Supply Chain attacks (NIST 800-161) to CIARA's breach simulations, including such attack strategies prioritize the effectiveness of relevant mitigation measures.

Budget and Plan :

CIARA's new OT security project planner generates a complete quarterly mitigation plan based on the user's optimization preferences, balancing the estimated cost of mitigation controls against the quarterly budget constraints.

About Radiflow

These new features enhance Radiflow's objective to eliminate the guesswork from OT security. Radiflow is committed to assisting CISOs in prioritizing their activities by providing industrial threat detection and risk management solutions.

Spotlight

Now that many organizations are on board with the basics of business mobility, users are hungry for more. Companies everywhere are turning to mobile business apps to empower employees on the go and kickstart productivity. But as these organizations move beyond Mobile Device Management (MDM), IT must ensure that the chosen apps can secure corporate data while enabling efficiency. Here are 10 things to consider as you move forward with mobile business apps.

Spotlight

Now that many organizations are on board with the basics of business mobility, users are hungry for more. Companies everywhere are turning to mobile business apps to empower employees on the go and kickstart productivity. But as these organizations move beyond Mobile Device Management (MDM), IT must ensure that the chosen apps can secure corporate data while enabling efficiency. Here are 10 things to consider as you move forward with mobile business apps.

Related News

SOFTWARE SECURITY

To address the increasing demand for sensitive data protection, Netwrix and Stealthbits merge to address

prnewswire | January 04, 2021

Netwrix, a network safety merchant that makes information security simple, today declared a consolidation with Stealthbits, a network safety pioneer that shields delicate information and qualifications from assailants. The joined substance will keep on contribution its total arrangement of in excess of about six security arrangements pointed toward recognizing and distinguishing information security hazard just as ensuring, reacting and recuperating from network safety assaults. Terms of the exchange were not uncovered. Divided arrangements in the information security market keep associations from building thorough security techniques to ensure their delicate and managed information. To address this test, Netwrix and Stealthbits are uniting to use each other's mastery to widen item abilities and improve client experience. This will empower the consolidated association to offer seven center items crossing all components of information and data security, put resources into development to surpass the assumptions for existing clients and accomplices, and grow its client base worldwide. With more than 500 representatives and clients from in excess of 50 nations, the consolidated organization will work as Netwrix with Steve Dickson proceeding to fill in as its CEO and on the organization's Board of Directors. Steve Cochran, organizer and administrator of Stealthbits, will be a speculator in Netwrix and will serve on its Board of Directors. "We couldn't be more thrilled to be merging with the people and products of Stealthbits. Our combined organization can now offer data security solutions for any organization anywhere in the world," said Steve Dickson, CEO at Netwrix. "Stealthbits has always been driven to work with our customers to solve their most challenging credential and data security requirements. Combining our breadth of products and depth of expertise with that of Netwrix means our customers can quickly strengthen their security posture and address multiple projects and requirements through a single provider," said Steve Cochran, founder and chairman of Stealthbits. For a long time to come, clients, prospects and accomplices of each organization will keep on collaborating with each organization as they do today for deals, backing and accomplice action. Both Netwrix and Stealthbits are focused on straightforwardness and will educate their clients, prospects and accomplices of operational changes through this cycle throughout the next few months. About Netwrix Netwrix makes data security easy, thereby simplifying how professionals can control sensitive, regulated and business-critical data, regardless of where it resides. More than 10,000 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers. Founded in 2006, Netwrix has earned more than 150 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S. About Stealthbits Stealthbits Technologies, Inc. is a customer-driven cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements, and decrease operational expense.

Read More

DATA SECURITY

CompTIA Launches Critical Cybersecurity Information Sharing and Analysis Organization in the U.K.

CompTIA | October 12, 2021

CompTIA, the nonprofit association for the global information technology (IT) industry, today expanded the CompTIA ISAO (Information Sharing and Analysis Organization) to the United Kingdom to serve as the focal point for dealing with cyber-threats to technology vendors, MSPs, solution providers, integrators, distributors, and business technology consultants. We are in a time of unprecedented and malicious hacking activity, much of which is targeted specifically at technology product, service and solution companies,CompTIA aims to improve the cybersecurity landscape in the U.K. by bringing together the know-how and power of the industry to deliver timely, relevant, actionable threat intelligence that companies can use to protect themselves and more importantly, to keep their customers safe and secure. said MJ Shoer, senior vice president, executive director of the CompTIA ISAO The CompTIA ISAO, which launched in the United States in 2020, currently has over 1,200 member companies and growing. Axcient, ConnectWise, Dark Cubed, Dell Technologies, and Sophos are Industry Partners of the CompTIA ISAO. The CompTIA ISAO is a member led initiative governed by three co-equal councils, the Executive Advisory Council, the MSP Champions Council and the SME (Subject Matter Expert) Champions Council representing all categories of CompTIA ISAO membership. "In the current climate of cybercrime, one of the best ways to sharpen the industry's defences against today's cyberattacks, including ransomware, is through industry experts sharing threat intelligence. This move to launch the CompTIA ISAO in the UK will advance industry collaboration and innovation, and Sophos is proud to be a part of this effort," said James Wilson, product director, Sophos. "Having access to SophosLabs Intelix within the ISAO gives members easy and quick access to actionable, relevant threat intelligence from Sophos. Research from SophosLabs continually highlights how adversaries are constantly adapting their tactics, techniques and procedures (TTPs) to breach targets and carry out attacks and emphasises how essential it is for us to work together." Additionally, innovative partnerships have been forged with the Information Technology-Information Sharing and Analysis Center (IT-ISAC) and TruSTAR to build out the threat intelligence feed and custom reporting that will serve as the backbone of the CompTIA ISAO. This ensures that members will receive critical, targeted, real-time information in a way that's easy to understand and act upon. "Raising the cybersecurity resilience of the global tech industry is important for everyone," Shoer explained. "This is how, together, we will fight back against this existential threat and do the right thing for our industry and the global economy." The CompTIA ISAO is dedicated to advancing the cybersecurity resiliency of the global technology industry. It is a resource where organizations in the business of technology can share real-time threat intelligence, analysis of potential impacts, coordinated countermeasure response efforts, cybersecurity best-practice adoption, and workforce education. In addition to the latest cybersecurity intelligence data, all CompTIA ISAO members will receive full access to CompTIA corporate member benefits, including all the resources, communities and tools designed to help a technology business thrive. About CompTIA The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world's economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce.

Read More

DATA SECURITY

Cohere Cyber Secure and SecurityScorecard Partner to Improve Cybersecurity of Financial Sector

Cohere Cyber Secure and SecurityScorecard | September 24, 2021

Cohere Cyber Secure today announced a partnership with SecurityScorecard, the global leader in cybersecurity ratings, to deliver cyber ratings to customers and jointly drive market penetration with a single integrated solution. These include the most recognized companies globally across financial services, including various groups surrounding Registered Investment Advisors of Real Estate, Private Equity, Portfolio Managers, Hedge and LBO funds. As part of the partnership, Cohere will embed SecurityScorecard's monitoring capabilities into our security operations via Cohere's SIEM technology to continuously monitor and mitigate potential cyber threats, both on-premise and in the cloud. "Financial organizations are the biggest target for cyber criminals, and security teams need a comprehensive and compliant cybersecurity strategy that provides in-depth intelligence," says Aleksandr Yampolskiy, CEO at SecurityScorecard. "This partnership provides real actionable insights into the real-time threats facing financial organizations, and ensures that they will maintain the strongest possible security posture and conform to industry compliance standards." The combined solution from Cohere delivers a 360-degree view and addresses critical security concerns including vulnerability assessment and risk management, threat detection with real-time monitoring, incident response, and regulatory reporting. Partnership customers can review their SecurityScorecard rating and extend this support to their portfolio and vendor firms. This complete solution allows for continuous monitoring that provides an outside-in view into security practices, ensuring that organizations can continue to provide their clients the most secure financial services. Additionally, as a tightly-coupled solution, customers can generate comprehensive monthly or on-demand Cyber health reports for governance boards and regulators. Security organizations are often hamstrung by only looking within their cyber borders with an inside-out view into their vulnerabilities, and often have to break up monitoring tools with multiple outside vendors. Investors, customers, regulators, CISO's and compliance officers can rest easier knowing our solution keeps your company safe and secure. Steven Francesco, Chairman and CEO at Cohere Cyber Secure Scoring more than 11 million companies continuously and on a daily basis, SecurityScorecard provides an objective, outside-in view of cyber risk based on publicly-available data. In addition, the company's technology uses non-intrusive proprietary methods and data feeds continuously monitor covered entities based on 10 risk factors, including endpoint security, patching cadence, and network security, and ultimately delivers an "A" through "F" rating. About Cohere Cyber Secure Cohere Cyber Secure is a trusted, single-source provider of technology solutions including, Cybersecurity, Cloud Hosting, Managed IT and UCaaS Services. From its New York City headquarters, Cohere maintains data center facilities throughout North America and key global locations. Additionally, Cohere performs cyber protection assessments and advises companies on regulatory compliance requirements. Our clients include global enterprises that demand high availability, operating diversity and tailored IT solutions. In addition, Cohere's Consulting services provide unparalleled IT expertise that enable strategic planning in Cyber and Compliance Policies, Managed IT and Data Protection Services, Crisis Management/Incident Response, Risk Management and Business Continuity. Cohere's enhanced solutions and dedicated staff simplify the everyday challenges of complex business technologies. About SecurityScorecard Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 11 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 22,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More