Facial Recognition Biz Clearview AI Suffers Data Breach

Infosecurity | February 27, 2020

A controversial facial recognition company has just informed its customers of a data breach in which its entire client list was stolen. Clearview AI leapt to fame in January when a New York Times report claimed that the start-up had scraped up to three billion images from social media sites to add to its database. That makes it a useful resource for its law enforcement clients, which can query images they capture against the trove. The FBI’s own database is said to contain little more than 600 million images. Now those clients have been exposed after an unauthorized intruder managed to access the Clearview AI’s entire customer list, the number of user accounts those companies have set up, and the number of searches they’ve carried out. However, they apparently didn’t get hold of client search histories. Interestingly, the firm claimed that its own servers, systems and network weren’t compromised.

Spotlight

Web Intelligence is the parsing of millions of sources of Internet connected information in a way that is useful to decision-making. It enables the harnessing of the global information grid and adds predictive power to functions such as strategy development, investment decisions and risk assessment/mitigation. This paper, sponsored by Recorded Future, examines this new category of Web Intelligence in a cyber defense context and provides information you can use in deciding the best ways to integrate Web Intelligence into enterprise cyber security operations.


Other News
PLATFORM SECURITY

OccamSec Unveils Revolutionary Cybersecurity Platform Set to Change the Industry

OccamSec | May 04, 2022

OccamSec, a leading cybersecurity provider, announced today the launch of their Incenter platform. Incenter identifies the security weaknesses an organization has in real-time, and helps teams develop insights and communicate business context from a security perspective. For today's organizations, the threat landscape is constantly evolving. Penetration testing and vulnerability scanning can help, but with new vulnerabilities and exploits found all the time, infrequent testing means risk data may be outdated. At the same time the industry is trending towards slicing the solution ever thinner, which means costs keep increasing. Incenter combines the functionality of a range of security services in one single solution. The platform provides, in real time, where an organization is vulnerable, and just as critically, what the impact will be if an attack occurs. Incenter utilizes a dual approach. It combines the best in technology with advanced automated testing, and the best in people with OccamSec's security team. Supported by vulnerability research and a threat intelligence team, the burden on clients having to buy multiple services is eliminated. Users have the ability to generate reports that compile real-time information with the touch of a button, rather than waiting for a timed report to be generated. Incenter also provides step-by-step guidance on how to mitigate any risks that are identified, with the tools an organization already has which means no hidden costs. Incenter combines the functionality of a range of security services in one single solution: Manual Penetration Testing Penetration Testing as a Service (PTaaS) Automated Security Validation (ASV) Vulnerability Scanning External Attack Surface Management (EASM) Crowd Source Penetration Testing Threat Intelligence This provides a single source of truth on the exposures an organization faces. Improving the effectiveness of any security team, regardless of size, and at the same time breaking organizations out of ever increasing cyber security expenditure. The platform's focus on the unique business context of each organization means that security teams no longer have to trudge through 1000's of scan findings or determine how relevant a penetration test finding is and how to fix it. At the same time from the dashboard, management can see a high level summary of their organization's exposure, the likelihood of a breach, and how much it's going to cost them. "Over the years we have seen what works, what doesn't and where the gaps are," says OccamSec founder Mark Stamford. "The biggest gap is organizations needing more and more tools and services to effectively secure themselves. The key to effective security is joining the dots, not having ever more dots scattered in ever more places. With Incenter we have combined the talents of our security team and their expert knowledge, with a technical solution that is unrivaled. The result is a win for our clients, regardless of size." About OccamSec OccamSec is a leading provider in the world of cybersecurity. Its clients rely on them to provide information security services that exceed current industry standards. OccamSec provides accurate, actionable information to reduce risk and enable better informed decisions. Its unique end-to-end solutions detect, identify, respond, and protect in order to maximize the effectiveness of security programs.

Read More

DATA SECURITY

Years of Growth Lead to Covail Acquisition by Cybersecurity Firm GoSecure

Covail | December 23, 2021

Covail, a Columbus-based cybersecurity and digital optimization firm founded by Central Ohio’s largest companies, is being acquired by a leading Managed Detection and Response firm. Covail announced today that it has agreed to be acquired by cybersecurity and managed detection and response (MDR) services provider GoSecure. The transaction is estimated to close in December 2021. Terms of the acquisition were not disclosed. “Since our founding six years ago as the Columbus Collaboratory, our goal has been to find ways to leverage collaboration to deliver successful AI, cybersecurity and cloud-based software solutions to our Fortune 500 clients,With this acquisition by GoSecure, our clients will now have access to an even broader set of capabilities and expertise thanks to our ability to leverage GoSecure’s class-leading capabilities and solutions. This will also help to further accelerate market penetration for our leading-edge security products and AI capabilities.” Covail CEO Matt Wald Covail, as Columbus Collaboratory, was born out of the aspiration of seven of the largest companies in central Ohio – American Electric Power (AEP), Battelle, Cardinal Health, Huntington Bank, L Brands (now Bath & Body Works), Nationwide, and OhioHealth – in partnership with One Columbus. The goal of the endeavor was to solve common automation, AI, and cybersecurity challenges across multiple industries. “The diversity and maturity of these founding companies made Covail the innovative, value-driven, solutions partner that it is today”, said Michael Krouse, SVP of Strategy and Transformation at Ohio Health and Chairman of the Covail Board. “Covail accelerated the cybersecurity and AI capabilities of the founding companies, upskilled critical tech talent for the region, and built a high-growth company that contributed to our region’s economic growth engine. It’s exciting to be able to leverage this strategic relationship to secure Columbus as the Midwest’s premier cybersecurity hub.” Through its ecosystem of collaborators and commercial partners, Covail’s technology teams executed over 1,000 engagements and collaboration sessions that solved complex business challenges using machine learning and the latest cyber defense practices. The firm’s work attracted top technology talent to the region, Wald said, and led to the development of software products that enabled advanced cyber threat detection and continuous risk management. GoSecure is a recognized cybersecurity leader and innovator. The company is the first and only to integrate endpoint, network and email threat detection into a single Managed Detection and Response (MDR) service. GoSecure plans to leverage Covail’s talent, proprietary technology, and client relationships to build a regional presence in Central Ohio that will help accelerate its momentum in the US market. GoSecure’s access to technology talent and partnerships made Columbus an attractive, economically viable location for a cybersecurity hub, Wald said. Wald said partnership with the original companies in the Covail firm will continue, along with an expansion to additional businesses with the goal of making Central Ohio a major U.S. cybersecurity operations center. About Covail Covail™ is a trusted solutions partner, enabling organizations to optimize through Intelligent Operations solutions that lower total risk and cost for key business functions, equipping them to transform from a position of strength. Since 2015, Covail’s experts in Cybersecurity, Artificial Intelligence (AI), and Automation have been delivering business results for leading Fortune 500 companies across industries. Trustworthy, Intelligent Operations. Accelerated. Learn more at covail.com. About GoSecure GoSecure is a recognized cybersecurity leader and innovator, pioneering the integration of endpoint, network, and email threat detection into a single Managed Detection and Response service. The GoSecure TitanTM platform delivers predictive multi-vector detection, prevention, and response to counter modern cyber threats. Titan MDR offers a detection to mitigation speed of less than 15 minutes, delivering rapid response and active mitigation services that directly touch the customers’ network and endpoints. For over 10 years, GoSecure has been helping customers better understand their security gaps and improve their organizational risk and security maturity through MDR and Advisory Services solutions delivered by one of the most trusted, skilled and experienced teams in the industry.

Read More

Thought leaders come together to discuss the futureof developer relations in a remote-first world

SlashData | September 19, 2020

For immediate release London, United Kingdom Media contact at SlashData Ltd. Viktorija Ignataviciute viktorija@slashdata.co Best practises engaging Open Source and DevOps developers Developer trends; Tracking Covid effect on the industry While industries, businesses and individuals are being challenged significantly, the Future Developer Summit is determined to turn this into an enhanced learning opportunity, open to all Developer Relations, Marketing and Advocacy community members. Traditionally hosted in the Bay Area, CA, the 5th Future Developer Summit invites its guests to join the event remotely on 29-30 Sep & 6-7 Oct, ensuring the safety of all stakeholders. For the first time this year, the Summit offers 2 tracks: Open Source and DevOps. Thought leaders at the Future Developer Summit Industry leaders are coming together to discuss the future of developer marketing and developer relations. Director and VP level representatives from CNCF, Google, Microsoft, Comcast, HashiCorp, Intel, Salesforce, Facebook, MongoDB, Futurewei, Eclipse Foundation, Indeed.com, Expedia, Nutanix, and more. Jono Bacon - author of “People Powered” and Mary Thengvall - Director of Developer Relations at Camunda are joining as event’s co-hosts. Follow new announcementsat futuredeveloper.io/ Keynotes by: • Mike Milinkovich, Executive Director at Eclipse Foundation • Nithya Ruff, Executive Director, OSPO at Comcast • Stormy Peters, Director of Open Source Programs Office at Microsoft • Adam FitzGerald, VP, Developer Relations at HashiCorp Lightning talks - hear about successes and failures from: • Melissa Evers-Hood - VP, Intel Architecture, Graphics and Software at Intel • Priyanka Sharma - General Manager at CNCF • Chris Kelly - Director, Open Source and Engineering Engagement at Salesforce • Grace Francisco - VP, Global Developer Relations & Education at MongoDB • Anni Lai - Head of Open Source Operations and Marketing, Cloud at Futurewei • Duane O'Brien - Head of Open Source at Indeed.com • Tobie Langel - Principal and founder, UnlockOpen • Satya Singh - Principal Product Manager - Platform & Marketplaces at Expedia • Mark Lavi - DevOps and Automation Solutions Architect at Nutanix • Tamao Nakahara - Head of Developer Experience at Weaveworks • Amr Awadallah - VP, Developer Relations at Google The highlights • On 29-30 Sep & 6-7 Oct. Full agenda at futuredeveloper.io/ • The highest rated industry event with a Net Promoter Score - 94! • Co-hosts: - Jono Bacon - author of “People Powered” - Mary Thengvall - Director of Developer Relations at Camunda • Remote friendly event for the global tech leaders community • Summit offers 2 tracks: Open Source and DevOps • 2 networks to join: Community and Exclusive • Registration is free for all attendees. We do invite you to voluntarily contribute to Black Girls Code • This year’s Summit coincides with SlashData’s 10-year anniversary of developer research. Join us to celebrate together! ▶ Reporters can redeem the Media Pass here. ▶ General Admission is available here. *Senior audience only Exclusive edition - announcement The Future Developer Summit is opening its doors in 2 weeks! Don’t miss a chance to join an outstanding crew of industry thought leaders bringing the best learning experience for Developer Relations, Marketing and Advocacy community members. Exclusive edition on 6-7 October Your Unique Executive Networking Opportunity in a remote-first world Two industry panels How do industry leaders approach contribution to open source? Speakers: • Sam Ramji - Chief Strategy Officer at DataStax • Chris DiBona - Director of Open Source at Google • Nithya Ruff - Executive Director, OSPO at Comcast • Stormy Peters - Director of Open Source Programs Office at Microsoft The diversity of DevOps approaches and how customers are adopting it? Speakers: • Kelsey Hightower - Staff Developer Advocate, Google Cloud Platform at Google • Greg Wilson - Director of Cloud Developer Relations at Google • Nicole Forsgren - VP, Research and Strategy at GitHub • TBA very soon! Two fireside chats with: • Jono Bacon - author of “People Powered” • Kathy Kam - Head of Open Source & Developer Advocacy at Facebook Two Master Classes Using practical examples, and a lot of data as usual, we will be demonstrating how you can increase your DevRel ROI by taking data-backed decisions and what are the key reasons for using data in your decision making process. Availability is limited → Secure Your Executive Seat

Read More

DATA SECURITY

HackNotice Releases First-Ever Combined Security and Threat Awareness Service for Free

HackNotice | February 07, 2022

HackNotice, the world's leading threat awareness company, announced the first-ever security and threat awareness combined service, accessible to new and existing users. The added security awareness training course enables individuals to deepen their understanding of good cyber hygiene practices. The course offers 50 training videos, a security exam, and a certification. Cybersecurity training is mostly offered to company employees, often costing hundreds of thousands of dollars for intensive, week-long seminars and lectures. However, having good security awareness is vital for any individual. The newly released self-paced course ensures that anyone online can learn good cyber practices. "What makes the combined service great is that our threat modeling and security awareness course work together. When someone faces a large amount of personal information exposure, we recommend more phishing training. When someone has several passwords stolen, we have them focus on our password training. Now, users can receive the critical training that they need instantly, tailored to their specific risks," Steve Thomas, CEO, and Co-Founder of HackNotice For customers of HackNotice Teams, HackNotice's security and threat awareness service, the new course is an excellent addition for companies looking to strengthen their enterprises' security programs. Quick, in-the-moment, lessons are a perfect way to engage employees and business departments within the organization. Clients can also access dynamic reports to see user and departmental progress, and areas of improvement. About HackNotice Hacknotice is the only company-wide threat awareness platform, making employees more cautious online. Users monitor, review, and take swift actions against their real cyber-threats. The platform focuses on bridging the gap between security teams and other employees through real-time alerts, around-the-clock monitoring, recovery recommendations, and additional education. HackNotice's mission is to make all employees threat aware, creating a resilient culture of security.

Read More

Spotlight

Web Intelligence is the parsing of millions of sources of Internet connected information in a way that is useful to decision-making. It enables the harnessing of the global information grid and adds predictive power to functions such as strategy development, investment decisions and risk assessment/mitigation. This paper, sponsored by Recorded Future, examines this new category of Web Intelligence in a cyber defense context and provides information you can use in deciding the best ways to integrate Web Intelligence into enterprise cyber security operations.

Resources