SOFTWARE SECURITY

CyberProof Announces Partnership with Radiflow, a Leading Provider of Cyber Security Solutions for OT Systems & Industrial Networks

CyberProof | September 01, 2021

CyberProof Inc., a UST company, announced today that it will be adding Radiflow, a leading provider of cyber security solutions for industrial networks, to its partner network. The new partnership strengthens CyberProof's ability to provide comprehensive Managed Detection & Response (MDR) services for converged IT/OT systems and support the cyber security needs of Distributed Control Systems (DCS)/ICS and SCADA networks. CyberProof, ranked as a "Leader" in the Forrester Wave™ for Midsized Managed Security Services Providers (MSSPs) – uses its proprietary CyberProof Defense Center (CDC) platform to provide a single platform, through which security teams can detect and mitigate threats across both the IT and OT environments.

As seen in several recent, high-profile breaches on Critical National Infrastructure (CNI), attackers often can compromise OT networks without being detected because organizations lack an updated inventory of OT assets, processes, and connections. Working with Radiflow allows CyberProof to discover previously unmapped assets in OT environments, maintain a centralized dynamic inventory, and help customers monitor and detect all traffic and communication within the OT network.

CyberProof's CDC Platform is pre-integrated with Radiflow's iSID industrial threat detection system, enabling real-time visibility into changes to assets, ports, and protocols. This integration supports proactive, real-time monitoring across IT and OT environments with full transparency. It enables CyberProof to search for new and known vulnerabilities leveraging the broadest protocol coverage, providing visibility into all industrial network risk variables for OT, IoT & IIoT.

"By working together with Radiflow, we provide a single view and control point for both IT and OT environments – including an integrated Security Operations Center (SOC)," said Tony Velleca, CEO at CyberProof. "We are able to combine Radiflow's unique technology together with CyberProof's Use Case Factory, a unique agile framework for continuously improving detection and response against relevant attack scenarios," Velleca added.

"The partnership with CyberProof extends security monitoring and managed response into the OT space," said Ilan Barda, CEO at Radiflow. "By integrating Radiflow's solutions, CyberProof is now able to proactively detect and respond to threats in ICS/SCADA networks and lay out a risk mitigation plan for optimal OT security that meets each customer's needs and budget," Barda continued.

About Radiflow
Radiflow's solutions offer full visibility of what and who is threatening your network and where it stands in terms of risk and its potential impact. Radiflow's first OT BAS (breach-attack-simulation) solution uses a data-driven approach to combine the vulnerabilities in your network with the tactics of your adversaries. Radiflow's BAS engine automatically simulates hundreds of WHAT-IF scenarios facilitating ROI-based optimization of your cyber-security roadmap with multiple prioritization keys to fit the various needs of each enterprise. Once a plan is defined, clients receive clear tracking and reporting of the progress. Radiflow's solutions are recognized as strong IEC-62443 enablers.

About CyberProof
CyberProof is a security services company that helps organizations intelligently manage their incident detection and response. Our advanced cyber defense platform enables operational efficiency with complete transparency to dramatically reduce the time needed to respond to security threats and minimize business impact. SeeMo, our virtual analyst, automates and accelerates cyber operations by learning and adapting from endless sources of data and responds to requests by providing context and actionable information. This allows our nation-state cyber experts and your team to prioritize the most urgent incidents and proactively identify and respond to potential threats. We collaborate with our global clients, academia, and the technology ecosystem to continuously advance the art of cyber defense. CyberProof is part of the UST family. Some of the world's largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.

Spotlight

The chances are good that your employees are using personal messaging apps while at work. That might not sound like the end of the world, but what if they are using those apps to send confidential company information? And, you don't know what's being sent, where, or to whom. The research firm Gartner found that 45% of workers not required to use a personal device for work are doing so without their employer's consent. We wanted to dig a little deeper and find out just how prevalent the use of personal messaging apps is in the workplace and the potential risk.


Other News
DATA SECURITY

Security Tops Retailers’ Wish Lists this Holiday Season

Futurex | November 17, 2021

Record sales expected in 2021, along with hackers; Futurex recommends point-to-point encryption for retailers to protect cardholder data BULVERDE, Texas, November 17, 2021 — As we enter the biggest retail season of the year, transactions are increasing, as are the numbers of hackers and skimmers — targeting shoppers’ cardholder data. The last thing retailers need to worry about is cyber threats that lead to ransomware or data breaches, as they welcome shoppers and juggle supply chain disruptions. Futurex, a leader in hardened, enterprise-class data security solutions, recommends retailers implement point-to-point encryption (P2PE) to encrypt cardholder data at the point of sale to keep it safe from malware that might be spying on network traffic and capturing credit card numbers. Futurex secures transactions for several of the nation’s largest retailers, protecting shoppers’ sensitive cardholder data and payment information. U.S. retail sales now through December are expected to grow 10.5% to a record $859 billion, compared to 2020, according to the National Retail Federation. Meanwhile, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned about the increase of cyber threats, including ransomware, around the holidays. “Behind every gift, every purchase, and every payment, retailers and consumers depend on secure transactions to protect payment information,” said Ryan Smith, vice president, global business development, at Futurex. “As the critical security backbone of the global financial ecosystem, we work with the world’s largest retailers and financial institutions to safeguard data in transit and at rest." The use of hardware security modules (HSMs) in transaction processing is critical, as payment HSMs provide the cryptographic functions needed to support end-to-end data security, including encryption and cryptography key management. In a compliant P2PE environment, sensitive data is encrypted from the point of interaction and decrypted only within the secure boundary of a FIPS 140-2 Level 3 or PCI HSM-validated HSM. Learn more about point-to-point encryption. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

DATA SECURITY

Rubrik Launches Rubrik Security Cloud to Secure Data, Wherever it Lives, Across Enterprise, Cloud, and SaaS

Rubrik | May 18, 2022

Rubrik, the Zero Trust Data Security™ Company, today announced Rubrik Security Cloud to secure customers’ data, wherever it lives, across enterprise, cloud, and SaaS. Ransomware is on the rise and cyberattacks are getting more sophisticated. Despite investments in infrastructure security tools, cybercriminals are still getting through to the data. And when they take the data down, they take down the entire business. It’s time for a new approach. The next frontier in cybersecurity pairs the investments in infrastructure security with data security giving companies security from the point of data. Rubrik is a pioneer in data security and the Rubrik Security Cloud delivers three unique capabilities: Data Resilience: Safeguards data by providing immutable, logically air-gapped data protection with multi-factor authentication-based access control. Data Observability: Continuously monitors risks and investigates threats to data including Ransomware Monitoring and Investigation powered by machine learning to detect data anomalies, encryptions, deletions, and modifications; Sensitive Data Monitoring to find and classify the most sensitive data, and assess exfiltration risk; and Threat Monitoring and Hunting to identify indicators of compromise and find the last known clean copy of data. Data Recovery: Quickly contains threats and recovers data, whether it’s a file, application data or a mass recovery for the entire organization. Rubrik’s new Threat Containment capability quarantines malware and restricts user access to infected data to support safer recovery. As organizations continue to struggle with cyberattacks that compromise data, Rubrik also launched the Data Security Command Center to easily assess whether data is safe and capable of being recovered from a cyberattack. Now, customers can see which data is at risk and get recommendations to make their data more secure. “Every company in the world is vulnerable as cybercriminals get more savvy every day. With Rubrik Security Cloud, we are strengthening customers' defenses so they can secure their business across enterprise, cloud, and SaaS workloads. Our data security platform enables our customers to defend their data, recover quickly, and prevail in this new cyber landscape.” Bipul Sinha, Rubrik CEO and co-founder “INTEGRIS Health is proud to be the largest not-for-profit health care system in Oklahoma, with eighteen hospitals in our network and more than a million patients that rely on us every year for their health care needs. With the expansive network we support, it’s paramount that our data is resilient, and we maintain a strong data security posture to keep our hospital moving. As a CIO, I believe Rubrik is an important service and helps us provide excellent patient care. As a Rubrik customer, we’re thrilled to see the continued innovation with Rubrik Security Cloud and the company’s ongoing focus on keeping customer data safe and making it easy to recover in the face of cyber-attacks, like ransomware,” said Bill Hudson, CIO of INTEGRIS Health. "NJ TRANSIT delivered more than a quarter of a billion annual passenger trips before the pandemic and is responsible for our riders’ safety, mobility, and livelihoods every day. It’s imperative that nothing interrupts our business, so we’ve prioritized a strong data security strategy in partnership with Rubrik. We’re committed to the ongoing and necessary work that gives our data resilience and helps us reduce our risk as we face ever evolving, and inevitable, cyber threats,” said Rafi Khan, CISO of NJ TRANSIT. Research and Development Fuels Additional Capabilities As part of Data Observability, Sensitive Data Discovery for Microsoft 365 discovers and classifies sensitive data within Microsoft 365 to better assess risk and help maintain compliance with regulations. These latest integrations build on the joint collaboration between Rubrik and Microsoft. Last year, Rubrik Cloud Vault built on Microsoft Azure was launched to help customers better defend against cyberattacks using a fully managed, secure and isolated cloud vault service. Since launch, Rubrik has seen strong demand for Rubrik Cloud Vault across key industries including Healthcare and Life Sciences, Manufacturing, State and Local Government, and Financial Services as customers build Zero Trust solutions to defend against and recover from ransomware. “Businesses need a data resiliency strategy to keep their data secure in the face of escalating cyber threats,” said Jurgen Willis, Vice President Microsoft Azure. “Rubrik's Security Cloud, which builds on integrations with Rubrik Cloud Vault and Microsoft Azure, will help customers accelerate their Zero Trust journey.” Rubrik Security Cloud is available now and new enhancements will be available in the months ahead. About Rubrik Rubrik, the Zero Trust Data Security™ Company delivers data resilience, data observability, and data recovery for organizations. Rubrik keeps your data safe and easy to recover in the face of cyber attacks and operational failures. Now you can recover the data you need, however and whenever you need it to keep your business running.

Read More

SOFTWARE SECURITY

Thrive Integrates SOAR Technology into their Security Operations to Enhance Real-Time Cyber Threat Detection

Thrive | May 20, 2022

Thrive, one of the leading Managed Security Services Providers (MSSPs) in the world, has made a significant investment to upgrade their 24x7x365 eyes-on-glass Security Operation Center (SOC) by integrating a Security Orchestration, Automation, and Response (SOAR) engine. The SOAR capabilities will enable the Thrive global security team to better navigate today's complex, risk-laden environment for clients via tool aggregation and coordinated response, unified operations, reduced alert fatigue, and Artificial Intelligence (AI). This will result in a significant reduction of incident response times for client threats and provide higher quality information for the Thrive SOC to combat intricate cyber risks in real time. By 2025, the amount lost to cyber theft is expected to reach $10.5 trillion annually, which is the single greatest transfer of wealth in history, according to a report from AT&T. These glaring statistics indicate why cybersecurity has become imperative in the world of commerce. "Cybersecurity threats and vulnerabilities are constantly multiplying, due to not only more sophisticated social engineering but also a rise in micro-ransomware incidents, That means vigilance against attacks of all kinds must also evolve. Incorporating a SOAR into our robust global security operations unit will allow Thrive clients to have a stronger defense system in place against cybersecurity attacks and enable our team to respond more expeditiously to any issues should they arise." Mike Gray, CTO of Thrive Thrive's integrated managed cybersecurity solutions provide a proactive and expert approach to security management for identifying and remediating security issues. Powered by next-gen technology, proven frameworks and service-driven experts, Thrive's unified cybersecurity platform enables Thrive's 24x7x365 SOC to automatically address critical security issues without client intervention. By creating a stress-free experience that solves for the technical complexity and talent shortage mid-market enterprises face, Thrive's cybersecurity solutions fortify the digital transformation initiatives that propel business growth. About Thrive Thrive is a leading provider of NextGen managed services designed to drive business outcomes through application enablement and optimization. The company's Thrive5 Methodology utilizes a unique combination of its Application Performance Platform and strategic services to ensure each business application achieves peak performance, scale, uptime, and the highest level of security.

Read More

SOFTWARE SECURITY

GTT Launches Secure Connect to Enhance Enterprise Cloud Security

GTT | March 23, 2022

GTT Communications, Inc., a leading global cloud networking provider to multinational clients, has announced its new Secure Connect offering to extend and strengthen the protection of the enterprise network connecting to the internet and accessed by users from any location. The new service is based on the SASE framework and integrates with GTT Managed SD-WAN. GTT Secure Connect leverages a single cloud platform for agile and ubiquitous delivery of network security, offering a range of features that include CASB (Cloud Access Security Broker), SWG (Secure Web Gateway), ZTNA (Zero Trust Network Access) and FWaaS (Firewall as a Service) capabilities. GTT Secure Connect addresses the growing requirement for secure access to enterprise resources in an environment characterized by the widespread use of digital technologies, broad adoption of cloud applications and a remote workforce. GTT Secure Connect utilizes a cloud delivery model that provides centralized policy control at a site and user level for improved scalability and extends the security perimeter to any network endpoint. Additionally, the integration of security with the functionality of GTT Managed SD-WAN improves performance and simplifies network management. The comprehensive SASE-based feature set can be tailored to meet individual enterprise requirements for anti-virus, firewall and anti-malware protections, more effective blocking of malicious sites, augmented cloud security monitoring, and prevention of unauthorized access to network resources in a work-from-anywhere model. With GTT Secure Connect, network access is based on user, device and application identity — rather than the physical location or IP address — enabling seamless and secure networking between users, private, SaaS and public clouds, and the enterprise data center. “In an enterprise environment where digital business and the use of cloud applications has become more critical, coupled with the challenge of supporting a hybrid workforce and an intensifying cyber-threat landscape, customers are demanding network integrated security solutions that are comprehensive with an improved user experience. GTT Secure Connect has been designed to meet these customer requirements, leveraging our industry-leading SD-WAN capability combined with state-of-the-art, cloud-based security technologies, delivering a more effective and efficient solution that provides next-generation connectivity and protection managed all in one place.” Don MacNeil, GTT COO According to industry research firm Omdia, only 15 percent of enterprises globally have a fully developed approach to cybersecurity and digital risk. Further research by the firm shows that when SD-WAN is combined with security, enterprises report an extra boost in perceived value over just SD-WAN. “Omdia finds securing networks a consistent area of enterprise concern and investment. Enterprise network transformation needs to address the complexity of securing internet VPNs, cloud applications and a remote workforce,” said Cindy Whelan, practice leader, enterprise network services at Omdia. “GTT’s new Secure Connect brings together network and security, supported by professional services, to help enterprises with their security and performance needs in a period of rapid digital transformation and an intensifying cyber-threat landscape.” The underlying technology platform of GTT Secure Connect is Prisma® Access provided by Palo Alto Networks, an industry leader in global cybersecurity. GTT Secure Connect integrates Prisma Access with GTT’s software-defined networking solutions and global Tier 1 IP network. GTT Secure Connect is complemented by GTT Professional Services, which offers the technical expertise and operational experience to support the complete solution from initial design to installation and ongoing service management. This includes project management, technical management and incident management support. Through EtherVision, GTT’s unified customer management portal, GTT Secure Connect provides customers with the insights and control they need to operate their network and manage their security environment. About GTT GTT provides secure global connectivity, improving network performance and agility for your people, places, applications and clouds. We operate a global Tier 1 internet network and provide a comprehensive suite of cloud networking and managed solutions that utilize advanced software-defined networking and security technologies. We serve thousands of businesses with a portfolio that includes SD-WAN and other WAN services, internet, security and voice services. Our customers benefit from a customer-first service experience underpinned by our commitment to operational excellence.

Read More

Spotlight

The chances are good that your employees are using personal messaging apps while at work. That might not sound like the end of the world, but what if they are using those apps to send confidential company information? And, you don't know what's being sent, where, or to whom. The research firm Gartner found that 45% of workers not required to use a personal device for work are doing so without their employer's consent. We wanted to dig a little deeper and find out just how prevalent the use of personal messaging apps is in the workplace and the potential risk.

Resources