Software Security
Business Wire | September 27, 2023
Today, Cyolo, provider of the fastest and most secure zero-trust access and connectivity solution for hybrid organizations with IT and OT, in partnership with KuppingerCole, released an industry analysis focused on zero trust and remote access for operational technology (OT) environments.
The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks.
OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and Supply Chains as vectors – while experiencing expanded OT-specific threats. While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions.
Cyolo can help organizations with OT infrastructure to define and manage access control to those complex environments, said John Tolbert, Lead Analyst at KuppingerCole.
Overall key insights include:
OT Threat Landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being.
Core Cybersecurity Regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework.
OT Security Architectures and Key Functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol level threats.
As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and making the product easier than ever to use for both administrators and end users in the industrial space.
With Cyolo 4.3, industrial organizations will be able to extend their multi-factor authentication (MFA) across environments through an integration with Duo Security to support their physical tokens as required. Additionally, the company has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. Cyolo is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using SCIM.
“Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organizations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O'Donnell, Vice President ICS/OT of Cyolo. “With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defenses against evolving cyber threats.”
The announcement of Cyolo 4.3 highlights the company’s commitment to advancing zero-trust capabilities and it comes on the heels of Cyolo being listed as a Representative Vendor in the 2023 Gartner® “Market Guide for Zero Trust Network Access” report for the second consecutive year and recognized by Frost & Sullivan with the 2023 North American New Product Innovation Award for Secure Remote Access to Operational Infrastructure and Industrial Control Systems (OT/ICS).
As the threats to critical infrastructure continue to evolve, Cyolo zero-trust access solution continues to provide the utmost protection and ease of use. To learn more about Cyolo 4.3, visit here. Access the report for a full view of the industry here.
Register here to attend the joint webinar from Cyolo and KuppingerCole on how to achieve secure remote access for OT environments, to be held on Tuesday, October 10 at 7 a.m. PT.
About Cyolo
Cyolo helps hybrid organizations in the IT and OT spaces to stay safe, secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.
Read More
Software Security
Lacework | September 15, 2023
Lacework, a company specializing in data-driven cloud security, and Snowflake, a prominent Data Cloud company, have jointly announced an expanded partnership. This partnership aims to propel the evolution of cloud infrastructure while enhancing cloud security automation at scale. Through this extended collaboration, security teams gain direct access to their Lacework cloud security data using Snowflake's secure data sharing, thus enabling unified visibility and tailored automation.
Ulfar Erlingsson, Chief Architect, Lacework, said,
Snowflake has been a dedicated platform partner as Lacework has scaled our business to support over 900 customers — ranging from small, early-stage startups to some of the most sophisticated enterprises running in the cloud space today — whose operations result in tremendous volume, variety, and velocity of security-relevant data.
[Source – Cision PR Newswire]
Erlingsson mentioned that, over the past seven years, Lacework had successfully conducted timely and efficient data processing by utilizing the Snowflake Data Cloud, even among a highly skewed set of customers. He further explained that their extended partnership with Snowflake would enhance their ability to serve joint customers at a cloud scale. This would apply whether customers needed them to handle only a small amount of security data or data processing at rates as high as 10s of gigabytes per second.
As generative AI advances and becomes more accessible across various industries, the frequency and severity of cybersecurity threats are on the rise. This trend is driven by businesses accelerating their development processes and increasing cloud data generation. Addressing this new era of cloud security necessitates a fundamentally fresh approach, and Lacework's platform is designed to efficiently manage the substantial volume of data within an organization's cloud ecosystem. This includes data related to code, identities, containers, and multi-cloud infrastructure, with Snowflake serving as a critical platform partner.
Through the combined capabilities of Lacework's security platform and Snowflake's Data Cloud, customers gain the ability to extend the value of cloud security data throughout their organization. This enables organizations to thoroughly assess their security and compliance status.
Head of Cybersecurity Strategy at Snowflake, Omer Singer, said,
Among the many potential advantages of generative AI is the ability for enterprises to deploy new applications faster, which places even more emphasis on the need to have scalable infrastructure and solutions. The combination of Snowflake and Lacework will continue to assist organizations scale their cloud businesses securely in the new era.
[Source – Cision PR Newswire]
About Lacework
Lacework protects organizations in the cloud, enabling them to innovate with greater speed and assurance. Lacework's platform is designed to scale with the variety, volume, and velocity of cloud data across an organization's cloud environment, including code, containers, identities, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a connected and prioritized end-to-end view that identifies the most significant hazards and security events.
About Snowflake
The Snowflake enables all organizations to mobilize their data with its Data Cloud. Customers utilize the Data Cloud to integrate disparate data sources, power data applications, discover and securely share data, and implement a variety of AI/ML and analytic workloads. Snowflake provides a singular data experience that transcends multiple clouds and geographies, regardless of where data or users reside. Snowflake Data Cloud is used by thousands of customers across numerous industries, including 639 of the 2023 Forbes Global 2000 as of July 31, 2023.
Read More
Platform Security
PR Newswire | October 04, 2023
BeyondID, a leading managed identity solutions provider, today announced the industry's first solution that accurately conveys the true nature of identity within the zero trust security framework. BeyondID's Identity Fabric Model for Zero Trust promises optimal threat detection, investigation, and round-the-clock remediation via the BeyondID Security Operations Center (SOC).
The Zero Trust Maturity Model by CISA has gained widespread acceptance and acknowledges the importance of identity as a pillar in modern security, but it undervalues the critical role of identity in ensuring security, stated Arun Shrestha, co-founder and CEO of BeyondID. The effectiveness of your security posture depends on how quickly and accurately you can detect behavioral discrepancies, as recent high-profile security breaches demonstrate. Zero trust cannot be achieved without identity as the fabric.
BeyondID is the first managed identity services provider delivering a holistic approach to zero trust. Its Identity Fabric Model supports seamless user experience outcomes by implementing a strong digital identity strategy across the board from devices to network, to apps and workload, to data. This holistic approach ensures optimal threat detection, continuous compliance, risk mitigation, and a high return on IT and security investments.
The company also announced that it can provide organizations with the breach protection they need, including a service that can identity, isolate and remediate threats in as little as seven days. Utilizing BeyondID's SOC enables companies to get their zero trust solution up and running quickly, offering 24x7 protection from the persistent threat of cybersecurity attacks.
As an esteemed Okta Apex Partner and Okta's most trusted implementation ally, BeyondID is committed to modernizing identity management and digital transformation. BeyondID is launching its next-gen zero trust services at Oktane23. Oktane23 attendees will be offered an exclusive, complimentary Zero Trust Assessment.
About BeyondID
BeyondID is a leading managed identity services provider that the most successful brands trust to bring their digital identity strategies to life. BeyondID helps organizations streamline their adoption process and ensure their implementations are secure, agile, and future proof. A few of the valued customers that trust BeyondID to keep their organizations secure include ATN International, Discount Tire, Johnson Financial Group, Major League Baseball, Mayo Clinic, Northern Trust, TDECU, and VF Corp. More information about BeyondID can be found at www.BeyondID.com.
Read More
Cloud Security
Business Wire | October 06, 2023
SafeGuard Cyber today launched the next generation of its industry-leading integrated cloud communications security and compliance platform to investigate and remediate unmonitored communications in minutes. Powered by Contextual AI, the FirstSight platform alerts security teams to high frequency and costly attacks such as credential theft, impersonation, phishing, malware, policy violations, and insider threats across the expanding communication attack surface. FirstSight protects business communications and manages risk across email, collaboration, conferencing, messaging and social channels. The platform enables security and compliance teams to have visibility across all employee communications, while maintaining privacy, to keep organizations secure and compliant. FirstSight detects threats and policy violations, provides actionable evidential data to analysts, understands the threats potential magnitude of impact to an organization, and helps analysts make informed responses to communication threats wherever they exist.
Hackers are using AI to mount more automated, aggressive, and coordinated language-based attacks across multiple communication channels, making it challenging for today’s resource-constrained security teams to respond to every detected threat, said Chris Lehman, CEO, SafeGuard Cyber. The key to a better defense is to prioritize remediation efforts based on the potential damage each threat could cause. With the most advanced threat impact analysis capabilities in messaging security, SafeGuard Cyber FirstSight is a game-changer for security teams to respond to the most impactful threats across business communication channels.
FirstSight protects employees wherever they are communicating while maintaining their privacy through fine-grained access controls and workflow optimizations. Key capabilities of the platform include:
Unified Visibility: The only platform on the market to provide unified visibility across the entire communications attack surface, eliminating visibility gaps and saving security and compliance teams time and money by replacing siloed solutions. With deep visibility into communication channels – from Microsoft 365 email to Slack, Teams, Zoom, Telegram, and WhatsApp – security teams can detect and investigate risks in a centralized view.
Contextual AI: Built on an ontological architecture that utilizes LLMs, behavioral analysis, social knowledge graphs, and generative AI, FirstSight incorporates domain-specific knowledge about the customer's enterprise. This, combined with understanding the relationships between threats, vulnerabilities, and available countermeasures, enables customers to react more quickly and effectively to threats.
Threat Impact Analysis: Provides threat risk score, categories of potential impact – such as financial, business disruption, brand damage, data loss, and data theft – and suggested actions for remediation. With the platform’s threat impact capabilities, resource-constrained organizations can effectively prioritize remediation of the most significant risks to a business and make informed responses to multi-channel threats.
About SafeGuard Cyber
SafeGuard Cyber’s industry-leading integrated cloud communications security and compliance platform empowers organizations to proactively mitigate regulatory policy violations and threats such as credential theft, phishing, and insider threats across email, mobile, and web messaging apps, collaboration apps, and social platforms. Powered by contextual AI and built on an ontological architecture, the SafeGuard Cyber Platform utilizes LLMs, behavioral analysis, social knowledge graphs, and generative AI to enable security and compliance teams to have visibility across all employee communications, detect attacks, review evidential data, understand the magnitude of impact, and make informed responses to threats. SafeGuard Cyber is the only platform to provide unified visibility across the entire communication attack surface.
Read More