SparkCognition and Siemens to Co-Develop AI-driven Cybersecurity System

SparkCognition | June 15, 2020

  • SparkCognition and Siemens today announced a new collaboration on a cybersecurity system, DeepArmor Industrial, fortified by Siemens.

  • Designed to protect endpoint, or remote, operational technology (OT) assets across the energy value chain by leveraging artificial intelligence (AI) to monitor and detect cyberattacks.

  • Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security.


SparkCognition and Siemens today announced a new collaboration on a cybersecurity system, DeepArmor Industrial, fortified by Siemens, which is designed to protect endpoint, or remote, operational technology (OT) assets across the energy value chain by leveraging artificial intelligence (AI) to monitor and detect cyberattacks. The innovative AI-driven system will deliver next-generation antivirus, threat detection, application control, and zero-day attack prevention to endpoint power generation, oil and gas, and transmission and distribution assets, which for the first time brings fleet level cybersecurity monitoring and protection capabilities to the energy industry.


Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security, business operations, and the critical infrastructure that powers communities throughout the world," said Leo Simonovich, Head of Industrial Cybersecurity at Siemens. "Many energy companies with remote, endpoint assets have struggled to defend their environment because they either lacked the visibility to detect, or the agility to mitigate, cyberattacks that threaten operational technologies.



Read more: CYBERATTACKS ON CRITICAL INFRASTRUCTURES WITNESS SHARP RISE DURING THE PANDEMIC

Together with Siemens, we are excited to bring next-generation endpoint protection that is specifically designed to increase the cyber resilience of OT networks and prevent advanced threat actors from impacting critical infrastructure.

~ SparkCognition


This new partnership combines Siemens' cybersecurity expertise in securing operational technology with SparkCognition's expertise in artificial intelligence to deliver the energy industry's first solution capable of detecting and protecting remote assets against cyberattacks. Through our extensive work with the energy industry, we've seen the pain points and challenges the industry is facing right now," said Sridhar Sudarsan, Chief Technology Officer at SparkCognition. "The industry needs security solutions that can both operate autonomously and are designed with the modern industrial environment in mind.


The threat of mega cyberattacks targeting critical infrastructure is worsening, according to a joint study conducted by the Ponemon Institute and Siemens that surveyed global energy industry executives on a wide range of threats, vulnerabilities, and strategies required to protect oil and gas assets. The study found that 67 percent of respondents believe the risk level to industrial control systems over the past few years has substantially increased because of cyber threats. The study also found that 61 percent of respondents said their organization's industrial control systems protection and security was not adequate.


Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security, business operations.


OT assets operating in the field today are particularly vulnerable to cyberattacks as much of the energy industry's critical infrastructure was engineered before the widespread digitization of industrial control systems. This leaves portions - or entire fleets - without the ability to be patched or cost effectively updated with new security defenses. With award-winning machine learning technology, a multinational footprint, and expert teams focused on defense, IIoT, and finance, SparkCognition builds artificial intelligence systems to advance the most important interests of society. Our customers are trusted with protecting and advancing lives, infrastructure, and financial systems across the globe.


Siemens Gas and Power GmbH & Co. KG is the global energy business of the Siemens group, which has been working with its customers on solutions for the evolving demands of industry and society for more than 150 years. With planned stock listing, Siemens' energy business will operate independently as Siemens Energy in the future. It will offer broad expertise across the entire energy value chain, along with a comprehensive portfolio for utilities, independent power producers, transmission system operators, the oil and gas industry, and other energy-intensive industries.


Read more: SMALL AND MEDIUM BUSINESSES NEED TO IMPROVE THEIR CYBERSECURITY POST COVID-19 LOCKDOWN

Spotlight

When it comes to IoT initiatives, having an innovative idea is not enough. Time to market, security, scalability, and what to do with IoT data all need to be considered up front. This document discusses seven areas with direct impact on IoT success—from hardware choices to connectivity options to managing devices on-premises vs in the cloud.

Download the checklist and see if you covered all key decision factors in your IoT project.


Other News
DATA SECURITY,NETWORK THREAT DETECTION,PLATFORM SECURITY

Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch

Pathlock | September 27, 2022

Pathlock, the leading provider of application security and controls automation for critical business applications, today announced the acquisition of Grey Monarch, a UK-based specialist SAP Partner dedicated to SAP Process Automation. The acquisition will strengthen Pathlock's vision of providing the industry's most complete 360-degree platform for application security and controls automation for the SAP ecosystem. Since 2008, Grey Monarch has developed expertise in SAP Security, Segregation of Duties, SAP Licence Optimization, SAP Background Processing Automation and Secure Managed File Transfer. With this acquisition, the SAP community will benefit from the very best SAP Process Automation advice, implementation skills, and software and training capabilities, improving levels of security, enhancing their users' experience and streamlining audit, compliance and control procedures. "It's now more imperative than ever for organizations to utilize a holistic view of user access and privileges so they can be managed, monitored and controlled to ensure the maximum protection of data, business processes and intellectual property," said David Lloyd, Director and Co-Founder, Grey Monarch. "Combining Grey Monarch's capabilities with the Pathlock family of expertise, resources and product portfolio will provide our customers, existing and new, with an unsurpassed visibility into their business applications." "We're thrilled to complete the acquisition of Grey Monarch. "We continue to see a strong demand for our globally recognized application security and controls automation solutions, and know that with Grey Monarch's specialization in SAP process automation we can continue to enable our global customers to revolutionize the way they secure their sensitive financial and customer data." Piyush Pandey, CEO of Pathlock In May 2022, Pathlock announced a $200M capital raise sponsored by Vertica Capital Partners alongside a merger with Appsian and Security Weaver and the acquisition of Belgium-based CSI Tools and Germany-based SAST SOLUTIONS. The company has successfully doubled in size in terms of revenue and employees and is now servicing over 1,400 customers across all major industries on a global scale with offices across the United States, Belgium, the UK, Germany, Israel and India. About Pathlock Pathlock is the leader in application security and controls automation. With Pathlock, enterprises can manage all aspects of access governance via a single platform, across applications, including user provisioning, ongoing User Access Reviews, segregation of duties, control testing, and audit preparation. Today, many of the world's most respected, global 2000 companies rely on Pathlock to protect their critical digital assets from financial, operational, regulatory and security threats, ensure corporate compliance and improve performance. Our customers have saved millions in employee productivity, labor costs, audit fees and data loss prevention.

Read More

SOFTWARE SECURITY

GrammaTech and T.E.N. Announce Call for Nominations for Product Security Executive of the Year Awards

GrammaTech | August 16, 2022

GrammaTech, a leading provider of application security testing products and software research services, and T.E.N., founder of the Information Security Executive® (ISE®) of the Year Awards, today announced the Product Security Executive (PSE) of the Year Awards. This annual competition will recognize individuals whose contributions have delivered advancements in security for embedded or commercial software products. Nominations are now being accepted through October 10, 2022 at The judging panel includes: Edna Conway, Vice President, Security & Risk Officer, Cloud Infrastructure at Microsoft, former CSO, Cisco Global Value Chain and a member of the Executive Committee of the U.S. Department of Homeland Security Task Force on ICT Supply Chain Risk Management. Malcolm Harkins, Chief Security & Trust Officer with Epiphany Systems, former Chief Security and Privacy Officer (CSPO) and the first CISO at Intel Corporation. Troy Rydman, Senior Practice Leader - Global Strategic Accounts, Security, Risk, & Compliance for Amazon Web Services (AWS) and former cybersecurity executive with Silicon Valley Bank, with fourteen years of increasing cybersecurity leadership. “In a world of increasingly autonomous products, from cars to appliances to robots, managing the integrity of the software that enables our connected world is critical. The Product Security Executives who drive quality, security and safety of our many devices are pivotal to the digital economy. “It is time to recognize these individuals and the significant contributions they make in securing the software at the heart of our hyper-connected world.” Edna Conway, VP, Security & Risk Officer, Microsoft Cloud Infrastructure Eligibility U.S.-based executives, including those with director, vice president, chief product security officer or similar titles, who are responsible for product security management are eligible for consideration. This includes individuals overseeing security at all stages of the product development lifecycle for software, firmware and/or embedded code; as well as secure product design, risk and vulnerability management and standards/regulatory compliance. There is no cost to enter. “There’s an increased emphasis on maintaining the safety and security of embedded software across virtually all industries, which is becoming the responsibility of a Product Security Executive whether or not the title exists,” said Andrew Meyer, Chief Marketing Officer for GrammaTech. “We collaborated with T.E.N. to create this award competition and recognize the men and women on the front lines of this new discipline, honor their accomplishments and share their best practices with the industry.” “The number of IoT devices is in the billions and we will continue to see an ever-growing number of devices become smart and connected,” explains Marci McCarthy, CEO and President of T.E.N. “Every device is at risk for cyberattacks, and threat actors are taking advantage of every opportunity to exploit product security vulnerabilities. Demand for product security has thus grown across multiple industries, especially consumer electronics, automotive and healthcare. Because product security is a relatively new concept whose time has come, we are thrilled to partner with GrammaTech to recognize individuals for advancements and innovations leading to more secure products going to market.” About T.E.N. T.E.N. is an award-winning technology and security networking and marketing firm that hosts relationship-building events between top Information Security executives, industry pioneers and innovative solution providers within the cybersecurity industry. Its flagship program, the nationally acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals, honoring both leading executives and deserving project teams. About GrammaTech GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Concentric AI Included in Newly Created Data Security Posture Management Category in Recent Gartner® Hype Cycle™ Report

Concentric AI | August 29, 2022

Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security posture management, today announced it has been listed as a Sample Vendor in the newly created Data Security Posture Management category in the recently published Gartner Hype Cycle for Data Security, 2022 report.1 Concentric AI also appears in the Data Access Governance and Data Discovery and Management categories in the Gartner Hype Cycle for Data Security, 2022 report.1 According to the Hype Cycle for Data Security, 2022: “Data security posture management (DSPM) provides visibility as to where sensitive data is, who has access to that data, how it has been used and what the security posture of the data store or application is.”1 Organizations use DSPM as the basis for data risk assessment and to optimize data security governance implementations. The new Data Security Posture Management category has a Benefit Rating of Transformational, which Gartner defines as, “Enables new ways of doing business across industries that will result in major shifts in industry dynamics.”1 According to Gartner: “Organizations face challenges mitigating data security and privacy risks as data rapidly proliferates across multi-cloud and hybrid IT architectures. Identifying meaningful data risk is impossible to solve without combining metrics from data sensitivity, data lineage, infrastructure configurations that create data risks and access risk into a common view. This is an urgent problem that is encouraging rapid growth in the availability and maturation of this technology.”1 “We believe being recognized by Gartner as a Sample Vendor in Data Security Posture Management validates that organizations need visibility of into their sensitive data across datasets and locations, as well as a consolidated view into the risk associated with inconsistent access privileges, permissions, activity, and location to protect their data from loss. “Organizations using Concentric AI benefit from the company’s AI-assisted deep learning autonomous data security solution to reduce their data risk by discovering, evaluating, and remediating security issues.” Karthik Krishnan, Founder and CEO, Concentric AI Concentric AI secures data-centric work using AI to protect business-critical information hidden in the millions of files and databases used by today’s distributed workforce. The company’s unique deep learning solution autonomously and accurately finds sensitive content, assesses risk, and remediates security issues, allowing organizations across industries to meet their data security needs for the first time. Concentric AI’s Semantic Intelligence™ automates unstructured and structured data security using deep learning to categorize data, uncover business criticality and reduce risk. Its Risk Distance™ analysis technology uses the baseline security practices observed for each data category to spot security anomalies in individual files. It compares documents of the same type to identify risk from oversharing, third-party access, wrong location, or misclassification. Organizations benefit from the expertise of content owners without intrusive classification mandates, with no rules, regex, or policy maintenance needed. Gartner Disclaimer Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. About Concentric AI With Concentric AI, organizations can finally address their unmet data security needs by discovering and protecting business-critical content. Concentric AI protects intellectual property, financial documents, PII/PCI content, customer data, business confidential data and more, across on-premises and cloud-based data stores, as well as messaging and communication applications. The Concentric AI Semantic Intelligence™ Data Security Posture Management solution uses deep learning and Risk Distance™ analysis to accurately categorize data, assess risk, and remediate security issues – without relying on upfront rules or complex configuration. Concentric AI is venture-backed by leading Silicon Valley VCs and is headquartered in San Jose, Calif.

Read More

DATA SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

DartPoints Launches Enhanced Managed Detection and Response (MDR) Security Solution

DartPoints | September 21, 2022

DartPoints®, the leading edge digital infrastructure provider, launches its updated managed detection and response (MDR) product, which combines MDR, endpoint detection and response (EDR), security orchestration, automation and response (SOAR), and extended detection and response (XDR) into one complete solution with support and monitoring by DartPoints experts. With ransomware and other cybersecurity incidents striking more than ever, DartPoints' MDR solution quickly detects threats 24x7 across endpoints, network, cloud, and SaaS applications. "Executives and security leaders know they need a multi-layered cybersecurity strategy that combines MDR, EDR, SOAR, and XDR solutions, but increasingly, they don't have the in-house resources to make that happen. "Plus, with the hundreds of tools and providers on the market, analysis paralysis sets in. We are proud to help our clients by bringing these best-in-class security vendors and technologies together into one comprehensive, airtight solution." Brad Alexander, CTO for DartPoints DartPoints' enhanced MDR offering addresses many weaknesses in legacy antivirus and security solutions, including the overwhelming high volume of alerts and false positives. Offering advanced threat detection, continuous threat hunting, and 24x7 monitoring and investigations, the solution is built for high-risk, compliance-sensitive verticals, including finance, government, manufacturing, education, and healthcare. Organizations with compliance, standard, or framework requirements, those looking to obtain or renew cyber insurance, and those without their own security operations center will find the enhanced product especially beneficial. Outlined in Accenture's State of Cybersecurity Resilience 2021 report, a global survey of nearly 4,800 executives found an average of 270 cyberattacks per company in 2021, a jump of 31% compared with the previous year. Meanwhile, ransomware attacks nearly doubled in 2021. IBM's latest Cost of a Data Breach Report finds that the average cost of a data breach is at an all-time high in 2022: $4.35 million. About DartPoints DartPoints is the leading digital infrastructure provider enabling next-generation applications at the edge. By weaving together cloud, interconnection, colocation, and managed services, DartPoints enables edge ecosystems for enterprises, carriers, and cloud and content providers. DartPoints is building tomorrow's distributed digital infrastructure while serving today's cloud and colocation needs — and helping to bridge the digital divide.

Read More

Spotlight

When it comes to IoT initiatives, having an innovative idea is not enough. Time to market, security, scalability, and what to do with IoT data all need to be considered up front. This document discusses seven areas with direct impact on IoT success—from hardware choices to connectivity options to managing devices on-premises vs in the cloud.

Download the checklist and see if you covered all key decision factors in your IoT project.

Resources