DATA SECURITY

Cynalytica Delivers New Solution to Help Combat Cyber Threats to Maritime Navigation and Communication Systems

Cynalytica | September 20, 2021

Cynalytica Inc. announces its SerialGuard AnalytICS Platform now offers monitoring, deep packet inspection (DPI) support, and intrusion detection for legacy NMEA protocols. Its latest extension provides enhanced situational awareness and security to vulnerable maritime Industrial Control Systems (ICS) through NMEA-specific packet evaluations, analysis, and intrusion detection capabilities.

"In addition to the serious threats posed to their OT network, one of the maritime industry's biggest security challenges today is the protection of their navigation and communications systems from persistent cyber threats. Vessels are increasingly vulnerable to cyber attacks that can cause GPS interference and spoofing, AIS spoofing, bridge-to-bridge communications spoofing, and other communications jamming which can have catastrophic kinetic consequences," explains Richard Robinson, CEO of Cynalytica. "Distressingly, many of these navigation and communication instruments rely on NMEA 0183 serial protocols, which do not have authentication, encryption, or validation capabilities. They also lack a sufficient level of real-time visibility and data validation capabilities that would help detect such attacks. These security limitations make the NMEA-connected devices exceptionally susceptible to hackers, and the consequences could prove adverse."

With the SerialGuard® AnalytICS Platform, the maritime industry can now help address critical vulnerabilities within their NMEA-connected instruments and other serial-connected control systems simultaneously. The extended capabilities will provide maritime operators with an unprecedented level of visibility into NMEA-connected devices while empowering them to baseline communications, accurately monitor behavioral patterns, and create alert rulesets to detect cyber attacks and misconfigurations quickly."

Designed to protect serial-connected ICS, the SerialGuard® AnalytICS Platform is a fully-passive and fail-safe monitoring and intrusion detection system (IDS) that brings real-time visibility to high-risk assets. The platform consists of the SerialGuard® sensor that passively taps serial communications, combined with Cynalytica's AnalytICS Engine – a monitoring and intrusion detection system, and data validation tool that enables operators to baseline normal operations and create alert rulesets to detect anomalous behavior.

The SerialGuard AnalytICS Platform is easily deployed across most maritime industries including naval vessels, passenger ships, container ships, tankers, bulk carriers, ports, and many more.

About Cynalytica
Cynalytica, Inc. combines a diverse set of industry expertise with decades of applied research and development experience to deliver pioneering cybersecurity and machine analytics technologies that help protect critical national infrastructure, securely enable Industry 4.0 and help industries accelerate their digital transformation objectives.

Spotlight

Major changes in the way businesses operate today require the adoption of new approaches to IT. In most cases, companies that want to remain competitive must deploy and leverage hybrid cloud environments, increase their analytics capabilities, extend services to mobile workers and customers, make more efficient use of social media and collaboration tools, and provide end-to-end security across the entire organization. To meet these challenges, businesses are embracing “software defined” environments, which enable unparalleled flexibility and ease of management. Setting these up, however, requires a level of expertise not found in most companies. This white paper explores the need for accelerated business operations and the ways that IBM services deliver effective solutions.


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Absolute Software Adds Trellix Endpoint Security to Application Resilience Ecosystem

Absolute Software | September 20, 2022

Absolute Software™ , the only provider of self-healing, intelligent security solutions, today announced a partnership with Trellix, enabling Absolute Resilience® customers to extend its patented Absolute Persistence® technology to Trellix Endpoint Security (ENS). With this latest addition to the company’s Application Resilience™ ecosystem, joint customers can leverage the power of Absolute’s firmware-embedded connection to ensure Trellix’s leading endpoint protection solution remains healthy, installed, and working effectively. Anchored by its unique Persistence technology residing embedded in more than 600 million endpoints, Absolute provides an undeletable digital tether to every device to help ensure the highest levels of resiliency. Absolute Application Resilience leverages this unbreakable, two-way connection to monitor mission-critical security applications’ health and behavior; detect if missing, corrupted, or not running; and automatically repair or reinstall components when necessary - without requiring human intervention. “Our unique intelligence shows that today’s complex and widely distributed device environments have put endpoint agents at constant risk of colliding with other applications, or being disabled by malicious or negligent users. “By joining our Application Resilience ecosystem, Trellix is taking the critical steps needed to enable our joint customers to harden their mission-critical endpoint application and strengthen their overall endpoint security posture.” Edward Choi, SVP of Global Alliances at Absolute Software “We are proud to collaborate with leading software vendors to improve security outcomes for our customers,” said Britt Norwood, Senior Vice President, Global Channels & Commercial at Trellix. “Organizations across the globe rely on Trellix every day to protect, and adapt to, their changing business needs in a dynamic threat landscape. We’re thrilled to see Absolute Software support Trellix ENS in its Application Resilience ecosystem and extend this value to our joint customers.” Trellix Endpoint Security is part of an integrated suite of technologies that uses analytics and machine learning to provide effective protection—including the flexibility to connect to security products from other vendors. Trellix endpoint solutions enable organizations to apply proactive threat intelligence and defenses across the entire attack lifecycle. Absolute’s expansive Application Resilience catalog is comprised of more than 60 security and business applications needed to enable a secure, reliable, and resilient work from anywhere experience. About Absolute Software Absolute Software is the only provider of self-healing, intelligent security solutions. Embedded in more than 600 million devices, Absolute is the only platform offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network connections - helping customers to strengthen cyber resilience against the escalating threat of ransomware and malicious attacks. Trusted by nearly 18,000 customers, G2 recognized Absolute as a leader for the tenth consecutive quarter in the Summer 20022 Grid® Report for Endpoint Management and as a high performer in the G2 Grid Report for Zero Trust Networking.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cerberus Sentinel announces acquisition of NLT Secure

Cerberus Sentinel | September 07, 2022

Cerberus Cyber Sentinel Corporation , an industry leader as a managed cybersecurity and compliance provider, based in Scottsdale, Ariz., announced that it has completed the acquisition of NLT Secure, a cybersecurity company with headquarters in Providencia, Chile, and U.S. offices in Tampa, Florida. Under the terms of the agreement, NLT Secure became a wholly owned subsidiary of Cerberus Sentinel. NLT Secure provides a broad range of security solutions and managed services to organizations throughout South America. Lorenzo Espinoza, founder and chairman, NLT Secure, will continue to manage the company's team of professionals and will work closely with the leadership team in Latin America. “NLT Secure accelerates our growth strategy into Latin America and is an excellent cultural fit. “As cybersecurity continues to be a global challenge requiring a breadth of capabilities, NLT has made this its mission to help secure businesses and organizations. NLT Secure has partnered with our Arkavia Networks and CUATROi teams, also based in Chile, for several years and compliments our combined service offerings.” David Jemmett, CEO and founder of Cerberus Sentinel "Our vision has always been to protect and guarantee the continuity of operations for our clients considering the challenging scenario of cyber threats they face every day. I want to deeply thank the incredible team of professionals that make up NLT, because it is thanks to their passion and commitment that we have managed to make this dream come true. I´m so excited to take this step together with the incredible team of Cerberus Sentinel, with whom we share a culture and a vision,” said Espinoza. About Cerberus Sentinel Cerberus Sentinel is an industry leader as a managed cybersecurity and compliance provider. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training

Veristor Systems, Inc. | September 28, 2022

Veristor Systems, Inc., a trusted provider of transformative business technology solutions, and SANS Security Awareness, the global leader in providing security awareness training, today announce that Veristor has become a certified provider of SANS Security Awareness' comprehensive suite of products to enable a data-driven approach to cybersecurity training for an organization's end users. "Researchers from Stanford University found that as much as 88% of all data breaches are caused by an employee mistake. "This shows that end users are the most critical vulnerability gap in today's enterprise. Yet if properly trained, they can also be the most resilient security defense – a human firewall. Together with the experts from SANS Security Awareness we are helping customers guard their environments with an army of well-trained employees. With proven training to spot and act when suspicious activity arises, users can take an active role in preventing the growing wave of cyberattacks." Daniel Martin, Principal Security Consultant, vCISO, Veristor The SANS Security Awareness suite of dynamic multilingual computer-based training, games, phishing simulations, and engagement materials teach vital security behaviors to effectively manage human cyber risk. With different training styles to match different corporate cultures, employee comprehension levels, and learning preferences, SANS Security Awareness training equips workforces to recognize and prevent current cyberattacks, including work-from-home threats. The platform delivers valuable metrics to measure the effectiveness of each program, and customization features to tailor training to meet specific organizational needs." With some groups requiring even greater specialized training, in addition to addressing core human behavior risk topics, SANS Security Awareness also offers secure development and coding techniques, understanding NERC CIP compliance requirements, and handling Industrial Control Systems (ICS) incidents. "We are very pleased to be partnering with the cybersecurity experts at Veristor to provide the SANS Security Awareness program to their customers," said Brad Stilling, Director of Global Sales for SANS Security Awareness. "Regular awareness training is an essential activity for organizations looking to ensure security and compliance. When employees feel informed and empowered to recognize and address cyber risks, they can protect the organization. With SANS Security Awareness, Veristor customers are now better positioned to detect and prevent cyber-attacks." For organizations starting their awareness training journey, Veristor delivers a SANS Human Risk Insight assessment to identify program cost reductions, eliminate unneeded staff training, and create risk metrics to baseline and benchmark an organization's human cyber risk. The SANS Security Awareness training solutions are now offered as a part of Veristor's suite of security solutions that are designed to solve business challenges through the intelligent application of next-generation security technology. About Veristor Systems, Inc. Veristor, which recently announced a merger with Anexinet, is a leading provider of transformative business technology solutions that helps its customers accelerate the time-to-value for the software, infrastructure and systems they deploy. We do this by harnessing deep expertise in today's most advanced data center, security, networking, hybrid cloud, and big data technologies and guiding businesses to the right solutions for their most pressing challenges. And with a full suite of design, deployment, support, and managed service offerings, we work shoulder-to-shoulder with our customers at every step of their technology journey to make technology truly work for them. About SANS Security Awareness SANS Security Awareness provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their human cybersecurity risk. SANS Security Awareness has worked with over 1,300 organizations and trained over 6.5 million people around the world. The SANS Security Awareness program offers globally relevant, expert authored tools and training to enable individuals to shield their organization from attacks and a fleet of savvy guides and resources to work with you every step of the way.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

Balbix | November 17, 2022

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the general availability of support for Google Cloud Platform (GCP). Security teams can now use Balbix to easily quantify, prioritize and mitigate risks in their Google Cloud environments. With this announcement, Balbix has also extended its Cyber Asset Attack Surface Management (CAASM) solution to support multi-cloud environments that span both GCP and Amazon Web Services. The rapid move to the cloud has made IT environments more complex to manage and secure. As a result, security teams struggle to get a consolidated view of risk. Yet, 63 percent of organizations say they look at security posture in the cloud separately from on-premises, according to Cybersecurity Insiders' 2002 State of Security Posture Report. "Our customers' environments can include over 1 million assets, spread across multiple clouds and their own facilities. Managing an attack surface this large is no longer a human-scale problem. "With Balbix's new support for GCP, our customers can use automation to manage cybersecurity posture across more of their environment." Gaurav Banga, Founder and CEO of Balbix Cyber Security Posture Automation for Google Cloud Platform Balbix now provides support for popular Google Cloud services, including Compute Engine, Cloud Storage, Cloud SQL, Google Kubernetes Engine (GKE) Cluster & Deployments, Cloud Functions, Cloud Key Management Service (KMS), Pub/Sub and Secret Manager. As a result, Balbix customers with Google Cloud environments can use automation and advanced analytics to: Get comprehensive, near real-time visibility of their Google Cloud assets. Combine data from Google Cloud with their other IT and security tools to gain security and business context for their assets. Discover misconfigurations – the most exploited attack vector for the cloud – as well as unpatched software vulnerabilities, weak credentials and trust issues. Measure risk in terms of breach likelihood and business impact in order to prioritize remediation. Calculate and report on cyber risk quantified in dollars (or other currencies) instead of risk scores Cyber Asset Attack Surface Management for Multi-Cloud Environments The addition of support for GCP extends Balbix's CAASM solution to multi-cloud environments. Security practitioners no longer need to use multiple tools or combine data manually from these tools in a custom spreadsheet to understand their security posture. They can see the relationships between assets, applications and users no matter where the assets are in the cloud or on-premises. They can also identify any gaps in coverage for security controls. Balbix provides more than just visibility. Unlike other vendors, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) solutions so security teams are able to immediately take action to reduce their cyber risk. They can continuously identify, prioritize and mitigate security issues as they emerge, while quantifying and tracking residual cyber risk in dollars. Daily cybersecurity decisions – operational as well as executive – can be made using a unified and up-to-date view of cyber risk. "By adding support for Google Cloud, Balbix has broadened its risk model to be inclusive of multiple public cloud platforms and allowed organizations to better measure their overall cyber risk," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "Customers can leverage this unified risk model to quantify cyber risk by business unit, geography, site, asset type or business owner – and quickly remediate those risks." The API-based Balbix Connector for Google Cloud Platform collects asset inventory and misconfiguration data and is available now. Visibility into other types of vulnerabilities is provided by optional Balbix sensors. These sensors also catalog the software bill of materials (SBOM) of applications running in GCP. Data collected by Balbix connectors and sensors is automatically deduplicated, correlated and inferenced to provide security teams with an accurate and unified view of risk. About Balbix Balbix enables businesses to reduce cyber risk by identifying and mitigating their riskiest cybersecurity issues faster. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate inventory of their cloud and on-premise assets, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data not opinions.

Read More

Spotlight

Major changes in the way businesses operate today require the adoption of new approaches to IT. In most cases, companies that want to remain competitive must deploy and leverage hybrid cloud environments, increase their analytics capabilities, extend services to mobile workers and customers, make more efficient use of social media and collaboration tools, and provide end-to-end security across the entire organization. To meet these challenges, businesses are embracing “software defined” environments, which enable unparalleled flexibility and ease of management. Setting these up, however, requires a level of expertise not found in most companies. This white paper explores the need for accelerated business operations and the ways that IBM services deliver effective solutions.

Resources