DATA SECURITY

GBA to Launch Cyber Supply Chain Threat Mitigation Subsidiary

Global Business Alliance | July 19, 2021

The Global Business Alliance (GBA) has announced the launch of GBA Sentinel.  It is a wholly-owned subsidiary that focused on assisting worldwide companies in identifying and addressing possible supply chain and cyber susceptibilities rapidly.

Global companies know it is authoritative for the private sector to cooperate with federal agencies to confirm a safer atmosphere. Through GBA Sentinel, worldwide businesses can gain access to industry-leading supply chain risk management compliance tools of Fortress Information Security. Fortress exclusively delivers actionable risk visions on the supply chain ecosystem of resources and sellers, thereby allowing companies to alleviate their cybersecurity risks and assure controlling compliance logically.

Today, Fortress secures the supply chains of dangerous infrastructure for more than 40 percent of the U.S. power grid. In addition, it works carefully with key federal agencies to improve their supply chain cyber flexibility. This inventiveness is a first for the Global Business Alliance, representing 200 of the major global companies operating in the US.

About the Global Business Alliance

The Global Business Alliance (GBA), as the premier voice of international companies in the United States, energetically encourages and protects an open economy that welcomes global companies to invest in America. Our associates are American companies with worldwide heritage and a crucial part of our nation's economic success. When America is open for business, we all take advantage of it.

Spotlight

Phishing, ransomware, and advanced persistent threats (APTs) are a serious and growing problem. The FBI estimates that ransomware alone cost businesses more than $200M in 2016— and is projected to bring in a cool billion dollars in 2017. This big money game is allowing attackers to invest significant sums to develop even more sophisticated attacks. IT administrators and CISOs urgently need to put in place advanced, comprehensive security solutions that are engineered for the cloud era and defend against the most sophisticated new threats.


Other News
DATA SECURITY

Rubrik Launches Rubrik Security Cloud to Secure Data, Wherever it Lives, Across Enterprise, Cloud, and SaaS

Rubrik | May 18, 2022

Rubrik, the Zero Trust Data Security™ Company, today announced Rubrik Security Cloud to secure customers’ data, wherever it lives, across enterprise, cloud, and SaaS. Ransomware is on the rise and cyberattacks are getting more sophisticated. Despite investments in infrastructure security tools, cybercriminals are still getting through to the data. And when they take the data down, they take down the entire business. It’s time for a new approach. The next frontier in cybersecurity pairs the investments in infrastructure security with data security giving companies security from the point of data. Rubrik is a pioneer in data security and the Rubrik Security Cloud delivers three unique capabilities: Data Resilience: Safeguards data by providing immutable, logically air-gapped data protection with multi-factor authentication-based access control. Data Observability: Continuously monitors risks and investigates threats to data including Ransomware Monitoring and Investigation powered by machine learning to detect data anomalies, encryptions, deletions, and modifications; Sensitive Data Monitoring to find and classify the most sensitive data, and assess exfiltration risk; and Threat Monitoring and Hunting to identify indicators of compromise and find the last known clean copy of data. Data Recovery: Quickly contains threats and recovers data, whether it’s a file, application data or a mass recovery for the entire organization. Rubrik’s new Threat Containment capability quarantines malware and restricts user access to infected data to support safer recovery. As organizations continue to struggle with cyberattacks that compromise data, Rubrik also launched the Data Security Command Center to easily assess whether data is safe and capable of being recovered from a cyberattack. Now, customers can see which data is at risk and get recommendations to make their data more secure. “Every company in the world is vulnerable as cybercriminals get more savvy every day. With Rubrik Security Cloud, we are strengthening customers' defenses so they can secure their business across enterprise, cloud, and SaaS workloads. Our data security platform enables our customers to defend their data, recover quickly, and prevail in this new cyber landscape.” Bipul Sinha, Rubrik CEO and co-founder “INTEGRIS Health is proud to be the largest not-for-profit health care system in Oklahoma, with eighteen hospitals in our network and more than a million patients that rely on us every year for their health care needs. With the expansive network we support, it’s paramount that our data is resilient, and we maintain a strong data security posture to keep our hospital moving. As a CIO, I believe Rubrik is an important service and helps us provide excellent patient care. As a Rubrik customer, we’re thrilled to see the continued innovation with Rubrik Security Cloud and the company’s ongoing focus on keeping customer data safe and making it easy to recover in the face of cyber-attacks, like ransomware,” said Bill Hudson, CIO of INTEGRIS Health. "NJ TRANSIT delivered more than a quarter of a billion annual passenger trips before the pandemic and is responsible for our riders’ safety, mobility, and livelihoods every day. It’s imperative that nothing interrupts our business, so we’ve prioritized a strong data security strategy in partnership with Rubrik. We’re committed to the ongoing and necessary work that gives our data resilience and helps us reduce our risk as we face ever evolving, and inevitable, cyber threats,” said Rafi Khan, CISO of NJ TRANSIT. Research and Development Fuels Additional Capabilities As part of Data Observability, Sensitive Data Discovery for Microsoft 365 discovers and classifies sensitive data within Microsoft 365 to better assess risk and help maintain compliance with regulations. These latest integrations build on the joint collaboration between Rubrik and Microsoft. Last year, Rubrik Cloud Vault built on Microsoft Azure was launched to help customers better defend against cyberattacks using a fully managed, secure and isolated cloud vault service. Since launch, Rubrik has seen strong demand for Rubrik Cloud Vault across key industries including Healthcare and Life Sciences, Manufacturing, State and Local Government, and Financial Services as customers build Zero Trust solutions to defend against and recover from ransomware. “Businesses need a data resiliency strategy to keep their data secure in the face of escalating cyber threats,” said Jurgen Willis, Vice President Microsoft Azure. “Rubrik's Security Cloud, which builds on integrations with Rubrik Cloud Vault and Microsoft Azure, will help customers accelerate their Zero Trust journey.” Rubrik Security Cloud is available now and new enhancements will be available in the months ahead. About Rubrik Rubrik, the Zero Trust Data Security™ Company delivers data resilience, data observability, and data recovery for organizations. Rubrik keeps your data safe and easy to recover in the face of cyber attacks and operational failures. Now you can recover the data you need, however and whenever you need it to keep your business running.

Read More

Thought leaders come together to discuss the futureof developer relations in a remote-first world

SlashData | September 19, 2020

For immediate release London, United Kingdom Media contact at SlashData Ltd. Viktorija Ignataviciute viktorija@slashdata.co Best practises engaging Open Source and DevOps developers Developer trends; Tracking Covid effect on the industry While industries, businesses and individuals are being challenged significantly, the Future Developer Summit is determined to turn this into an enhanced learning opportunity, open to all Developer Relations, Marketing and Advocacy community members. Traditionally hosted in the Bay Area, CA, the 5th Future Developer Summit invites its guests to join the event remotely on 29-30 Sep & 6-7 Oct, ensuring the safety of all stakeholders. For the first time this year, the Summit offers 2 tracks: Open Source and DevOps. Thought leaders at the Future Developer Summit Industry leaders are coming together to discuss the future of developer marketing and developer relations. Director and VP level representatives from CNCF, Google, Microsoft, Comcast, HashiCorp, Intel, Salesforce, Facebook, MongoDB, Futurewei, Eclipse Foundation, Indeed.com, Expedia, Nutanix, and more. Jono Bacon - author of “People Powered” and Mary Thengvall - Director of Developer Relations at Camunda are joining as event’s co-hosts. Follow new announcementsat futuredeveloper.io/ Keynotes by: • Mike Milinkovich, Executive Director at Eclipse Foundation • Nithya Ruff, Executive Director, OSPO at Comcast • Stormy Peters, Director of Open Source Programs Office at Microsoft • Adam FitzGerald, VP, Developer Relations at HashiCorp Lightning talks - hear about successes and failures from: • Melissa Evers-Hood - VP, Intel Architecture, Graphics and Software at Intel • Priyanka Sharma - General Manager at CNCF • Chris Kelly - Director, Open Source and Engineering Engagement at Salesforce • Grace Francisco - VP, Global Developer Relations & Education at MongoDB • Anni Lai - Head of Open Source Operations and Marketing, Cloud at Futurewei • Duane O'Brien - Head of Open Source at Indeed.com • Tobie Langel - Principal and founder, UnlockOpen • Satya Singh - Principal Product Manager - Platform & Marketplaces at Expedia • Mark Lavi - DevOps and Automation Solutions Architect at Nutanix • Tamao Nakahara - Head of Developer Experience at Weaveworks • Amr Awadallah - VP, Developer Relations at Google The highlights • On 29-30 Sep & 6-7 Oct. Full agenda at futuredeveloper.io/ • The highest rated industry event with a Net Promoter Score - 94! • Co-hosts: - Jono Bacon - author of “People Powered” - Mary Thengvall - Director of Developer Relations at Camunda • Remote friendly event for the global tech leaders community • Summit offers 2 tracks: Open Source and DevOps • 2 networks to join: Community and Exclusive • Registration is free for all attendees. We do invite you to voluntarily contribute to Black Girls Code • This year’s Summit coincides with SlashData’s 10-year anniversary of developer research. Join us to celebrate together! ▶ Reporters can redeem the Media Pass here. ▶ General Admission is available here. *Senior audience only Exclusive edition - announcement The Future Developer Summit is opening its doors in 2 weeks! Don’t miss a chance to join an outstanding crew of industry thought leaders bringing the best learning experience for Developer Relations, Marketing and Advocacy community members. Exclusive edition on 6-7 October Your Unique Executive Networking Opportunity in a remote-first world Two industry panels How do industry leaders approach contribution to open source? Speakers: • Sam Ramji - Chief Strategy Officer at DataStax • Chris DiBona - Director of Open Source at Google • Nithya Ruff - Executive Director, OSPO at Comcast • Stormy Peters - Director of Open Source Programs Office at Microsoft The diversity of DevOps approaches and how customers are adopting it? Speakers: • Kelsey Hightower - Staff Developer Advocate, Google Cloud Platform at Google • Greg Wilson - Director of Cloud Developer Relations at Google • Nicole Forsgren - VP, Research and Strategy at GitHub • TBA very soon! Two fireside chats with: • Jono Bacon - author of “People Powered” • Kathy Kam - Head of Open Source & Developer Advocacy at Facebook Two Master Classes Using practical examples, and a lot of data as usual, we will be demonstrating how you can increase your DevRel ROI by taking data-backed decisions and what are the key reasons for using data in your decision making process. Availability is limited → Secure Your Executive Seat

Read More

SOFTWARE SECURITY

Sysdig Open Source Is Extended to Secure Cloud Services

Sysdig | May 16, 2022

Sysdig, the unified container and cloud security leader, announced that Sysdig open source, the incident response standard for containers, has been extended to the cloud. Using system calls, Sysdig open source (Sysdig OSS) traditionally offers deep observability into running applications, as well as file system access and network activity, which speeds incident response and troubleshooting. Teams can quickly filter information from Sysdig OSS and take action. With the announcement of this new integration, these capabilities have been extended beyond containers to any cloud environment. Today, Sysdig announced Edd Wilder-James has joined Sysdig from Google to lead the company’s open source ecosystem team. The complexity of cloud-native applications – with countless components and variables – makes it extremely difficult for security analysts and system administrators to quickly triage alerts and debug problems. Sysdig OSS captures process, file system, and network activity in real time and with a high degree of granularity. The tool, which has nearly two million downloads and 6,850 GitHub stars, surfaces everything from executed commands and file system activity to network activity. Sysdig OSS then offers advanced filtering and troubleshooting capabilities, supporting root cause analysis for security and performance issues.Using a new plugin framework – originally developed by the open source community for the CNCF project Falco – Sysdig extends the number of sources Sysdig OSS can be connected with to anything that generates logs or events, including Azure, Google, and AWS CloudTrail logs. Going forward, every plugin developed for Falco can also be leveraged by Sysdig OSS. Using one tool, like Sysdig OSS, to observe events from the entire cloud-native environment streamlines investigations. Using a different tool for each environment adds complexity, which makes it massively harder to troubleshoot. Sysdig’s Commitment to Open Source Sysdig was founded as an open source company and Sysdig Secure and Sysdig Monitor were both built on an open source foundation to address the security challenges of modern cloud applications. Both projects were created by Sysdig to leverage deep visibility as a foundation for security, and they have become standards for container and cloud threat detection and incident response. Falco, which was contributed to the CNCF in 2018, is now an incubation-level hosted project with more than 45 million downloads. Sysdig OSS and Falco can be used together as a powerful open source solution to reduce risk at runtime. Sysdig OSS acts as a flight recorder, capturing a detailed record for inspection. Falco acts as a security camera, continuously detecting unexpected behavior, configuration changes, intrusions, and data theft in real time. Teams can use Sysdig OSS and Falco together to detect and respond to threats. “If you want to see what is going on inside an application, Sysdig OSS gives you that record. “Sysdig open source was the inspiration for Falco. While Falco will monitor and alert based on your policies, Sysdig open source will tell you what happened at a particular time, before and after the event. Having the ability to use both open source tools in the cloud is extremely powerful.” Loris Degioanni, Founder and CTO of Sysdig About Sysdig Sysdig is driving the standard for cloud and container security. The company pioneered cloud-native runtime threat detection and response by creating Falco and Sysdig as open source standards and key building blocks of the Sysdig platform. With the platform, teams can find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions and compliance. From containers and Kubernetes to cloud services, teams get a single view of risk from source to run, with no blind spots, no guesswork, no black boxes. The largest and most innovative companies around the world rely on Sysdig.

Read More

WEB SECURITY TOOLS

Star Atlas Launches Initiative to Establish Web3 Security Framework

Star Atlas | May 25, 2022

Star Atlas, a next-gen metaverse with triple-A game design and Unreal Engine 5 graphics built on the Solana blockchain, today announced an expanded focus on security to ensure consumer protection and digital safety in the metaverse. This multi-pronged initiative includes signing Kudelski Security, the cybersecurity division of the Kudelski Group - the world leader in digital security, and the forefront leader in providing security solutions for major blockchain-based applications, exchanges, and ecosystems - as its security partner. Kudelski Security will perform ongoing audits and analysis to help ensure the integrity of the Star Atlas metaverse is maintained and both partners will work together to explore setting standards for web3 security. "We are pleased to partner with the team at Kudelski Security to advance the digital security of our fast-expanding metaverse," said Michael Wagner, Co-Founder and CEO of ATMTA, Inc., the principal development studio of Star Atlas. "We understand there is a lot of skepticism when it comes to web3 and security, so we want to be proactive by partnering with one of the top cybersecurity firms to help make sure our community feels safe. Protection of assets is paramount, and we look forward to working with Kudelski Security to establish the best practices for security when it comes to web3 gaming." As security auditor of record, Kudelski Security will increase the safety and security of the Star Atlas metaverse by testing the protocols and looking for potential vulnerabilities to be addressed. Star Atlas players will have greater assurance that the metaverse has been built securely and tested rigorously, and that Star Atlas has taken the necessary action to become the leader in the web3 space when it comes to security. The relationship with Kudelski Security goes beyond the hardening of the Star Atlas environment. Star Atlas is looking to expand collaborations with the wider Group to focus on new standards that can help to transition companies and projects into web3, including security standards, tokenization, and best practices in web3 gaming. By developing standard technology and processes that enable safe and secure on-chain gaming, players will be protected from the hacks that currently plague web3 and some of the main barriers to wider stakeholder adoption will be lowered. "Web3 is growing rapidly, and we are seeing more need for developing a security standard that is adopted across the industry to act as a framework. This is why we are excited to partner with a native web3 leader like Star Atlas and to come together to solve potential security issues before they arise." Andrew Howard, CEO of Kudelski Security In addition to Kudelski Security's blockchain and cybersecurity experience, the Kudelski Group is recognized as global leaders in digital security – with specialized expertise in encryption, anti-piracy, watermarking, cryptography, and digital rights management. Executives from Star Atlas, the Kudelski Group, Kudelski Security, and NAGRA Kudelski are meeting during the World Economic Summit in Davos, Switzerland, to further discuss establishing a framework for securing the web3 ecosystem. ABOUT STAR ATLAS Star Atlas is a next-gen gaming metaverse emerging from the confluence of state of the art blockchain, real-time graphics, multiplayer video game, and decentralized financial technologies. Real-time graphics technology using Unreal Engine 5's Nanite allows for cinematic quality video game visuals. Blockchain technology using the Solana protocol establishes a largely serverless and secured gameplay experience. Non-fungible tokens obtained and traded within Star Atlas creates an economy that replicates the tangibility of real world assets and ownership.

Read More

Spotlight

Phishing, ransomware, and advanced persistent threats (APTs) are a serious and growing problem. The FBI estimates that ransomware alone cost businesses more than $200M in 2016— and is projected to bring in a cool billion dollars in 2017. This big money game is allowing attackers to invest significant sums to develop even more sophisticated attacks. IT administrators and CISOs urgently need to put in place advanced, comprehensive security solutions that are engineered for the cloud era and defend against the most sophisticated new threats.

Resources