DATA SECURITY
Paubox | July 01, 2021
Zero Trust Email, a new feature to the Paubox Email Suite, is announced by the leader in HIPAA compliant email, Paubox. Zero Trust Email, the only technology of its kind, has the purpose of protecting the sensitive data and information of healthcare organizations from cybersecurity attackers.
A solution for protecting the data and information of healthcare organizations was necessary as at least 93% of healthcare organizations reported one cybersecurity breach during the last three years. Various accounts on servers run by American infrastructure companies such as AWS, GoDaddy, and Mailgun, are being set up by bad actors. This lets cybercriminals to pass virus checks and industry standard spam. Paubox has rolled out Zero Trust Email in response to it.
According to Founder CEO of Paubox, Hoala Greevy, A core tenet of Zero Trust security is multi-factor authentication (MFA). Zero Trust Email needs an additional piece of evidence from the sender’s mail server to pass our Inbound Security checks. This additional layer of verification is critical to keeping bad actors away and under control.
According to Cost of Data Breach report of IBM, in 2019, healthcare industry had almost lost $7 billion USD due to damages from data breaches caused by cyberattacks. Extra network admittance points created by a rising remote work force only open healthcare organizations to more cybersecurity susceptibilities and attacks. Zero Trust Email can minimize the damage due to both internal and external attacks in healthcare organizations.
Read More
PLATFORM SECURITY
GuidePoint Security | April 21, 2022
Cyware, the industry's leading supplier of platform-agnostic Cyber Fusion Centers with next-gen SOC capabilities, today announced a collaboration with GuidePoint Security, a leader of cybersecurity solutions. GuidePoint Security joins a renowned group of Cyware Technology Partner Program solution providers, managed security service providers (MSSPs), and systems integrators in assisting clients in making wiser choices and minimizing risk.
GuidePoint is broadening its threat management portfolio and expanding its service offerings with actionable threat intelligence and incident response solutions as a result of its new relationship with Cyware. GuidePoint's enterprise solutions for Cyware will allow clients to aggregate, analyze, and autonomously exchange data for enhanced threat visibility, as well as provide users with threat response collaboration capabilities.
“Our partnership with GuidePoint couldn’t have come at a better time when the global threat landscape is witnessing a massive deterioration because of high impact threats targeting enterprises globally. Together, GuidePoint and Cyware will enable enterprises, ISACs/ISAOs, MSSPs, and government bodies to bring together siloed security operations, operationalize threat data more efficiently, and collaborate on threat response using next-gen cyber fusion solutions.”
Amit Patel, Senior Vice President, Global Sales, Cyware
The Cyber Fusion Center platform from Cyware combines SOAR and actionable threat intelligence to provide a cohesive, automated, and modular solution for bi-directional threat intelligence sharing, comprehensive case and workflow management, and unified orchestration for enterprises, ISACs/ISAOs, MSSPs, industry groups, National CERTs, and government organisations around the world.
GuidePoint is a renowned cybersecurity adviser and solutions provider, with thousands of businesses around the nation relying on its expertise. Customers can depend on the company's proven experience, customized solutions, and services to help them make smarter cybersecurity choices that reduce risk.
GuidePoint is the most recent multinational IT business to use Cyware as one of the engines powering its security service. Cyware collaborates with some of the world's most notable technology companies to provide enhanced solutions and intelligence.
Read More
SOFTWARE SECURITY
prnewswire | October 28, 2020
Green Hills Software, the worldwide leader in embedded safety and security, announced today it has adopted the two new international security standards and regulations for automotive cybersecurity – ISO/SAE 21434 and UNECE WP.29 for the INTEGRITY real-time operating system (RTOS) and associated products and services. For decades, Green Hills has been an industry-recognized leader helping electronics manufacturers create and deploy embedded systems at the highest levels of safety and security. By offering compliant products and associated evidence reports for these new standards, Green Hills will build upon its proven pedigree as the foundational run-time software provider trusted by OEMs and their Tier 1 suppliers for automotive electronics. Utilizing these new security standards enables manufacturers to design and deploy purpose-built, secure, software-defined systems in connected vehicles, including highly automated driving, high performance compute clusters, domain controllers, vehicle gateways, telematics, keyless entry, diagnostic connections and electric vehicle charging stations, to name a few.
As reliance on vehicle connectivity grows and demand for software-defined services rises, the risk of cyberattacks against connected vehicles continues to rise. With over 100 ECUs and hundreds of millions of lines of code, connected vehicles are a target-rich platform for cyberattacks. Multiple points of entry to modern connected vehicles provide opportunities for malicious vehicle control, fraud, and data-breaches that threaten companies, drivers, and road users. A single exploited security vulnerability could put an entire fleet of vehicles at risk, numbering in the millions. With nearly 80% of new cars connected1 to the internet, cybersecurity breaches have the potential to put billions of dollars in sales and lawsuits at risk – not to mention the damage to brand reputation.
As a result, governmental bodies and independent regulators are drafting two related measures for managing cybersecurity threats throughout a connected vehicle's lifecycle. Green Hills is collaborating with its customers and adopting cybersecurity assessment policies for the following:
The draft ISO/SAE 21434 "Road vehicles – Cybersecurity engineering" Standard was recently published by SAE International and ISO (Organization for Standardization). It is a baseline for vehicle manufacturers and suppliers to ensure cybersecurity risks are managed efficiently and effectively from both a product lifecycle and organizational perspective spanning concept, development, production, operation, maintenance, and decommissioning.
The WP.29 regulations from the United Nations Economic Commission for Europe (UNECE) make OEMs responsible for cybersecurity mitigation in four cybersecurity areas spanning the entire vehicle lifecycle: managing cyber risks; securing vehicles by design; detecting and responding to security incidents; and providing safe and secure over-the-air (OTA) software updates. While WP.29 defines concrete examples of threats and mitigations, OEMs can choose how they show the threats are addressed, such as complying with ISO/SAE 21434. The regulation is expected to be finalized in early 2021 and applied initially to many member nations including European nations, South Korea, UK, and Japan, and will likely influence vehicle homologation polices in the US, Canada and China.
WP.29 will be legally binding within adopting countries, and while the ISO/SAE 21434 standard is not a regulation, it is expected to be widely accepted in the global industry like ISO 26262 is today.
"Connected cars bring significant risks and rewards to OEMs and their suppliers," said Chris Rommel, Executive Vice President, IoT & Industrial Technology at VDC Research. "Green Hills has earned a high stature in the industry for supplying security-critical foundational software to companies building life-critical systems like aircraft avionics, vehicle ADAS and medical equipment, and its support of these new cybersecurity standards is noteworthy."
"ISO/SAE 21434 and WP.29 are valuable additional steps towards protecting connected vehicles from cybersecurity vulnerabilities," said Dan Mender, VP of Business Development at Green Hills Software. "Green Hills has decades of experience developing and delivering security-certified technologies at the highest levels. Adopting these standards expands our offerings to global automotive OEMs and their suppliers bringing the industry's leading secure software run-time environment to next-generation connected vehicle electronics."
Reference
(1) Source: VDC Research Group, Inc.: Automotive Cybersecurity Software & Services Market report, 2019 Strategic Insights Security & The Internet of Things Research Program.
About Green Hills Software
Founded in 1982, Green Hills Software is the worldwide leader in embedded safety and security. In 2008, the Green Hills INTEGRITY-178 RTOS was the first and only operating system to be certified by NIAP (National Information Assurance Partnership comprised of NSA & NIST) to EAL 6+, High Robustness, the highest level of security ever achieved for any software product. Our open architecture integrated development solutions address deeply embedded, absolute security and high-reliability applications for the military/avionics, medical, industrial, automotive, networking, consumer and other markets that demand industry-certified solutions. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom.
Green Hills, the Green Hills logo and INTEGRITY are trademarks or registered trademarks of Green Hills Software in the U.S. and/or internationally. All other trademarks are the property of their respective owners.
Read More