DATA SECURITY

Cyber Intelligence Expert's Firm Launches New Security Tool to Detect and Defend Threats to Critical National Infrastructure

The Bellwether Group | October 28, 2021

Timed to coincide with the new U.S. focus on cyber security in the critical infrastructure, The Bellwether Group introduces VAULT Systems, a custom hardware and intelligent software platform capable of visualizing data and detecting, defending and mitigating cyber threats to critical national infrastructure.

The announcement coincides with the July 28, 2021, National Security Memorandum issued from the White House that targets cybersecurity threats as "the most significant and growing issues confronting our Nation."

"The Memorandum establishes a voluntary initiative intended to drive collaboration between the federal government and the critical infrastructure community to improve the cybersecurity of control systems. VAULT Systems can help the critical infrastructure community improve their cybersecurity posture,Critical infrastructure includes electric, water, oil and natural gas, transportation, food and beverage distribution, as well as interconnected systems such as maritime and port operations, air traffic control, and dams.

The Bellwether Group CEO and founder Tim Teal

"We are launching VAULT Systems custom hardware and intelligent software platform, specifically designed to decipher, monitor and protect critical infrastructure," said Teal. The new VAULT Systems leverages best-in-class ICS (Incident Command System) and SCADA (Supervisory Control and Data Acquisition) equipment data collection and visualization tools from IoT International, as well as custom cyber network defense and forensics analytics developed by The Bellwether Group, Inc. This combination will enable operators to monitor equipment, and identify and actively deter cyber threats in real time.

Teal recently retired from the U.S. Cyber Command as the Director of J6/J8/J9 of the Cyber National Mission Force at US Cybercommand. He was also a founding member of the National Security Agency's "Hunt Mission," which deployed tactical tools and capabilities to detect and eradicate network adversaries across the Department of Defense. This background and knowledge of cyber operations and defense enables The Bellwether Group to add unparalleled tools and capabilities to protect critical infrastructure.

About The Bellwether Group
Founded two years ago by U.S. cybersecurity expert, Tim Teal, the Bellwether Group is a veteran-owned and operated small business in Maryland. In addition to VAULT Systems, The Bellwether Group also has a custom hardware and software product line called Vimana™. The Vimana™ platforms are designed to support cyber operations globally through advanced artificial intelligence situational awareness software and state of the art cyber tools.

Spotlight

The most important thing to understand about dealing with a true advanced persistent threat (APT) is that it's like having pneumonia; by the time it's diagnosed you've probably had it for a while - sometimes a long while. It's often not easy to cure, and if you try to cure it without the right medication, it can mutate and become resistant. In fact, an APT is worse than ordinary pneumonia - it's like designer pneumonia that's been genetically engineered specifically for you.


Other News
PLATFORM SECURITY

Palo Alto Networks Achieves FedRAMP Authorization for IoT Security Solution

Palo Alto Networks | April 22, 2022

Palo Alto Networks , the global cybersecurity leader, today announced that its IoT Security solution has achieved Federal Risk and Authorization Management Program (FedRAMP) Moderate Authorization. The company's sponsoring agency is the United States Department of Veterans Affairs (VA). U.S. federal agencies are increasingly focused on adopting a Zero Trust architecture to ensure their IoT devices meet federal security compliance requirements. With this authorization, Palo Alto Networks IoT Security can help federal agencies protect their unmanaged IoT devices with ML-powered visibility, threat prevention and Zero Trust enforcement with a single platform. "As cyberattacks become more frequent and sophisticated, the IoT Security solution helps automate Zero Trust security with quick, accurate discovery and best-in-class protection. We are committed to protecting the U.S. government and its federal agencies from all security threats with reliable solutions." Dana Barnes, senior vice president of Public Sector, Palo Alto Networks Digital transformation across all industries is driving massive growth in the use of IoT devices. Palo Alto Networks Unit 42 IoT Threat Report found that 30% of all devices on enterprise networks fall in the IoT category. Unfortunately, IoT devices and their inherent vulnerabilities are often overlooked, which can lead to enterprise-wide exposure to unseen cyber risk. Federal officials have adopted several provisions in recent years to increase overall protection and awareness of IoT device security vulnerabilities, including the Internet of Things Cybersecurity Improvement Act and the National Institute of Standards and Technology's (NIST) IoT Device Cybersecurity Guidance for the Federal Government. The IoT Security solution's Moderate Authorization extends the offerings Palo Alto Networks provides its U.S. government customers. This authorization adds to the portfolio of other authorized products already being deployed today. The IoT Security solution helps U.S. agencies leverage their current Palo Alto Networks Next-Generation Firewalls (NGFWs) to secure all unmanaged IoT devices at scale. Some of the key benefits for government agencies include: Quick and accurate discovery and insights into all devices, even those never seen before Best-in-class protection with behavior analysis to detect risk, compliance, and anomalous activity, and prevention of known and unknown threats Automated Zero Trust security with automated discovery, least-privileged access policies, and 1-click enforcement Workflow automation across existing IT and security solutions and simplified agentless and sensorless deployment About Palo Alto Networks Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.

Read More

PLATFORM SECURITY

OccamSec Unveils Revolutionary Cybersecurity Platform Set to Change the Industry

OccamSec | May 04, 2022

OccamSec, a leading cybersecurity provider, announced today the launch of their Incenter platform. Incenter identifies the security weaknesses an organization has in real-time, and helps teams develop insights and communicate business context from a security perspective. For today's organizations, the threat landscape is constantly evolving. Penetration testing and vulnerability scanning can help, but with new vulnerabilities and exploits found all the time, infrequent testing means risk data may be outdated. At the same time the industry is trending towards slicing the solution ever thinner, which means costs keep increasing. Incenter combines the functionality of a range of security services in one single solution. The platform provides, in real time, where an organization is vulnerable, and just as critically, what the impact will be if an attack occurs. Incenter utilizes a dual approach. It combines the best in technology with advanced automated testing, and the best in people with OccamSec's security team. Supported by vulnerability research and a threat intelligence team, the burden on clients having to buy multiple services is eliminated. Users have the ability to generate reports that compile real-time information with the touch of a button, rather than waiting for a timed report to be generated. Incenter also provides step-by-step guidance on how to mitigate any risks that are identified, with the tools an organization already has which means no hidden costs. Incenter combines the functionality of a range of security services in one single solution: Manual Penetration Testing Penetration Testing as a Service (PTaaS) Automated Security Validation (ASV) Vulnerability Scanning External Attack Surface Management (EASM) Crowd Source Penetration Testing Threat Intelligence This provides a single source of truth on the exposures an organization faces. Improving the effectiveness of any security team, regardless of size, and at the same time breaking organizations out of ever increasing cyber security expenditure. The platform's focus on the unique business context of each organization means that security teams no longer have to trudge through 1000's of scan findings or determine how relevant a penetration test finding is and how to fix it. At the same time from the dashboard, management can see a high level summary of their organization's exposure, the likelihood of a breach, and how much it's going to cost them. "Over the years we have seen what works, what doesn't and where the gaps are," says OccamSec founder Mark Stamford. "The biggest gap is organizations needing more and more tools and services to effectively secure themselves. The key to effective security is joining the dots, not having ever more dots scattered in ever more places. With Incenter we have combined the talents of our security team and their expert knowledge, with a technical solution that is unrivaled. The result is a win for our clients, regardless of size." About OccamSec OccamSec is a leading provider in the world of cybersecurity. Its clients rely on them to provide information security services that exceed current industry standards. OccamSec provides accurate, actionable information to reduce risk and enable better informed decisions. Its unique end-to-end solutions detect, identify, respond, and protect in order to maximize the effectiveness of security programs.

Read More

DATA SECURITY

Flashpoint Acquires Vulnerability Intelligence Leader Risk Based Security

Flashpoint | January 13, 2022

Flashpoint, the trusted leader in threat intelligence and risk prevention, today announced it has acquired Risk Based Security (RBS), a Richmond, Virginia-based company specializing in vulnerability and data breach intelligence, as well as vendor risk ratings. The integration of RBS’s collections and technology into the Flashpoint platform offers a wide range of cybersecurity practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps, and vendor risk management teams—the contextual threat intelligence and automation they need to detect, prioritize, and thwart emerging cyber risks rapidly and holistically. “I am incredibly excited to welcome the RBS team to Flashpoint,This acquisition will enable our clients to rapidly detect critical vulnerabilities before they are widely known, and then automate how they prioritize and remediate these issues. This is a game changer for security teams and represents a vital step towards achieving Flashpoint’s vision of being the single vendor that enterprises can rely on to mitigate all types of security risks and protect critical assets.” Flashpoint CEO Josh Lefkowitz Since its founding in 2011, Risk Based Security has partnered with a diverse group of clients, including Microsoft, BlackRock, Northrop Grumman, Swisscom, American Electric Power, Amtrak, and numerous other enterprises across the technology, financial, insurance, and consumer goods sectors. To date, RBS possesses over 90,000 vulnerabilities in its collections that are not assigned CVE IDs and therefore do not exist in the National Vulnerability Database (NVD). RBS’s proprietary technology consistently identifies vulnerabilities before they are commonly known—and maps those vulnerabilities to an enterprise’s software—providing clients with a critical edge and head-start on potential adversaries. “We’re thrilled to join forces with Flashpoint,” said Jake Kouns, CEO of RBS. “It’s rare to find two organizations so similar in culture with a mutual drive to get things done. Our visions align perfectly, and we are excited to collaborate with them to bring a holistic, risk-based intelligence offering to a broad market.” AN ASSET-BASED APPROACH TO INTELLIGENCE AND RISK MANAGEMENT RBS’s extensive vulnerability, data breach, and proprietary vendor risk ratings empower security teams to quickly assess and remediate vulnerabilities based on their unique risk profile—making it the only vulnerability management tool on the market that provides scanless, real-time vulnerability intelligence with vendor and product risk ratings. With this technology, Flashpoint will be able to reveal a customer’s exposure to critical vulnerabilities and supply chain weaknesses, provide contextual awareness into how these vulnerabilities are being exploited by threat actors, and prioritize and automate the actions needed to remediate potential threats. In light of recent critical vulnerabilities like the highly-publicized disclosure of Log4j, early detection and rapid prioritization of risks is more important than ever. Moving beyond a reactive approach to threats, a combined Flashpoint and RBS solution will drive immediate and differentiated value to all types of security practitioners who are focused on protecting critical assets and infrastructure. ABOUT FLASHPOINT Trusted by governments and the Fortune 500, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks such as cyber threats, ransomware, fraud, physical threats, and more. Leading security practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps and vendor risk management teams—rely on Flashpoint's intelligence platform to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. ABOUT RISK BASED SECURITY Risk Based Security (RBS) provides detailed information and analysis on Vulnerability Intelligence, Vendor Risk Ratings and Data Breaches. Our product, the Risk Based Security Platform, combines VulnDB and Cyber Risk Analytics (CRA), providing organizations access to the most comprehensive security intelligence knowledge bases available, including advanced search capabilities, access to raw data via API, and email alerting to assist organizations in taking the right actions in a timely manner.

Read More

ENTERPRISE SECURITY

SecurityScorecard and Marsh McLennan Collaborate to Elevate Cybersecurity in Challenging Risk Landscape

SecurityScorecard | January 28, 2022

SecurityScorecard, the global leader in cybersecurity ratings, today announced a collaboration with Marsh McLennan, the world's leading professional services firm in the areas of risk, strategy and people, to enable organizations around the world to improve their cyber resilience. As part of the collaboration, Marsh McLennan's Cyber Risk Analytics Center will leverage SecurityScorecard's data and analytics to gain real-time cyber risk insights and define risk mitigation strategies for the Company's global client base. The companies will also collaborate on joint research aimed at increasing awareness of cyber risk and educating the market on risk management strategies. "We are excited to work with Marsh McLennan, which understands that to stay competitive, you must stay innovative," said Prashant Pai, Senior Vice President and General Manager of Strategic Initiatives at SecurityScorecard. "Given how fast the cyber risk landscape evolves, it's essential that business leaders have access to the most up-to-date and complete view of a client's cybersecurity posture." "Cyber risk evolves minute-to-minute, making it challenging to build data-driven risk management strategies,SecurityScorecard's data and analytics are a valuable addition to our proprietary insights, furthering our ability to help our clients stay on top of emerging vulnerabilities and threats that may impact their businesses." Scott Stransky, Managing Director, Marsh McLennan Cyber Risk Analytics Center SecurityScorecard continuously monitors millions of entities worldwide and non-intrusively assesses their security posture across 10 risk categories including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security and patching cadence. About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More

Spotlight

The most important thing to understand about dealing with a true advanced persistent threat (APT) is that it's like having pneumonia; by the time it's diagnosed you've probably had it for a while - sometimes a long while. It's often not easy to cure, and if you try to cure it without the right medication, it can mutate and become resistant. In fact, an APT is worse than ordinary pneumonia - it's like designer pneumonia that's been genetically engineered specifically for you.

Resources