The U.S Promises Cybersecurity Assistance To Ukraine

Infosecurity | March 05, 2020

  • It is anticipated that the project will raise a total of $38m which will be spent on improving Ukraine's cybersecurity.

  • The cybersecurity assistance funds will be used to develop cyber workforce and regulatory reforms.

  • The two countries also discussed critical infrastructure, 5G network security, and cyber incident response plans.

The U.S State Department has pledged $8 million in cybersecurity assistance funds to Ukraine as part of a “cyber dialogue” held on Tuesday in Kyiv between officials from the two countries.


A new cybersecurity project sponsored by USAID (the US Agency for International Development) will be the beneficiary of the promised injection of American dollars. Over the next four years, it is anticipated that the project will raise a total of $38m, all of which will be spent on improving Ukraine's cybersecurity including workforce development and regulatory reforms.


Back in 2017, as part of the first U.S.-Ukraine cyber dialogue summit, the U. S. had given $10 million as cybersecurity assistance to Ukraine. The two countries met again in 2018 to review their cybersecurity projects.


As per the State Department, the most recent meet was to reaffirm the "our shared commitment to ensure an open, interoperable, reliable, and secure cyberspace in which all states behave responsibly.”


Joseph Pennington, the acting deputy chief of mission at the U.S Embassy in Kyiv, officials from the FBI, Defense, Energy, Homeland Security, and Treasury departments were in the American delegation that participated in the cybersecurity dialogue.


Ruslan Nimchynskyi, Ministry of Foreign Affairs director-general for international security, led Ukraine’s interagency delegation.


READ MORE:  5G and IoT security: why Cybersecurity experts are sounding an alarm


Cybersecurity issues including strengthening critical infrastructure against cyberattacks, 5G network security, and cyber incident response plans were discussed. On the agenda also were cyber-capacity building and international cyber-policy issues, including engagements in multilateral fora and policies around public attribution. 


The new funds were given two months after Ukrainian authorities asked the FBI to assist in investigating an attack on Ukrainian gas company Burisma by Russian military hackers.


Burisma has been in the spotlight in recent months due to the impeachment inquiry into President Trump, which began after an anonymous whistleblower report alleged that Trump had tried to pressure Ukrainian President Volodymyr Zelensky into investigating former Vice President Joe Biden and his son Hunter Biden, who served on the company's board between 2014 and 2019.


Ukraine has also long been seen as a testbed for Russian hackers, particularly in the wake of geopolitical tensions between the two countries in the wake of Russia’s annexation of Crimea.


READ MORE: Singapore announces cyber command to defend on the cyberspace frontier

Spotlight

Eine Zero-Trust-Strategie beinhaltet die Umstrukturierung von Sicherheitsmaßnahmen und -tools zum Aufbau einer zukunftsfähigen Sicherheitsarchitektur, die den Zugriff auf Daten und Ressourcen nach dem Prinzip der minimalen Rechtevergabe sicherstellt. Die Genehmigung von Verbindungen basiert dabei auf einer zuverlässigen Identitä


Other News
PLATFORM SECURITY,SOFTWARE SECURITY

Stellar Cyber Integrates with Netskope to Deliver World-Class User Context, Speeding Investigations and Improving Security Outcomes

Stellar Cyber | December 20, 2022

Stellar Cyber, the innovator of Open XDR, today announced a new integration with Netskope, a global leader in secure access service edge (SASE). This powerful integration makes it easy for enterprise and MSSP users of the Stellar Cyber Open XDR platform to improve visibility of risks and threats by incorporating the rich user-centric data generated by Netskope in every investigation conducted by their security analysts. Under this integration, Netskope maintains visibility and control across five lanes of user traffic, including web, managed SaaS, unmanaged SaaS, cloud service providers, and public-facing custom apps in one single-pass cloud architecture. At the same time, Stellar Cyber ingests, normalizes, and analyzes Netskope data and all other collected data to identify potential threats creating prioritized, investigation-ready incidents. As security analysts complete incident investigations, Stellar Cyber automatically initiates response actions to third-party products integrated into the solution, including Netskope. “Making it easy for our customers that use Stellar Cyber to incorporate Netskope’s valuable user insights into their investigations is another way for us to bring them new levels of security visibility. “Making security analysts more productive means attacker dwell time decreases, reducing the risk of breach across our customer's environment.” Andy Horwitz, VP of Business Development at Netskope “Automatically incorporating Netskope’s rich user data into every investigation in the Stellar Cyber platform adds critical context that previously required significant manual effort, which should be especially important to customers with lean security teams focused on reducing the workload on their SOC analysts,” said Andrew Homer, VP, Technology Alliances at Stellar Cyber. “With this integration, we continue to deliver what our customers, and the market, expect.” About Stellar Cyber Stellar Cyber’s Open XDR platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

KnowBe4 Launches New Mobile Learner App for Anytime, Anywhere Cybersecurity Learning

KnowBe4 | November 29, 2022

KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it is launching the new KnowBe4 Mobile Learner App to empower end users by introducing security awareness and compliance training on the go at no additional cost to customers, improving user engagement and strengthening security culture. With a large majority of the world's population using smartphones today, mobile training revolutionizes the way people learn. This new app will enable end users to complete their security awareness and compliance training conveniently from their tablets or smartphones, giving them 24/7/365 access. "The KnowBe4 Mobile Learner App is the first of its kind to launch in the security awareness and compliance training space, making it easier than ever to train users while subsequently strengthening an organization's security culture. "This new app will enable IT and security teams to improve engagement and completion rates for required training thanks to a seamless user experience. This will also help users to associate security with their personal devices, keeping it top of mind all the time rather than only when they are at work on their computers. We are making this substantial new capability available at no additional cost to all subscription levels as a show of our commitment to supporting our customers' security and human risk management objectives." Stu Sjouwerman, CEO, KnowBe4 Based on subscription levels, KnowBe4 offers 100+ Mobile-First training modules that were designed specifically for mobile. The KnowBe4 Learner App supports push notifications for custom announcements, updates on assigned training as well as KnowBe4 newsletters. About KnowBe4 KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by more than 54,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Safe Security Launches First Cybersecurity MGA to Underwrite Cyber Insurance Based on Continuous “Inside-Out” Cyber Risk Telemetry

Safe Security | December 19, 2022

Safe Security Inc., global leader in cyber risk quantification and management (CRQM), today launched SafeInside Insurance, the first cybersecurity Managing General Agent (MGA) leveraging API-based cyber risk telemetry and quantified insights to underwrite cyber insurance. Backed by an AM Best “A-rated” carrier and panel of prominent, global reinsurance partners, SafeInside is introducing dynamic insurance policies for companies hosted in one or a combination of the leading public cloud service providers and leading SaaS solutions. For example, Amazon Web Services, Microsoft Azure and Microsoft Office 365, Google Cloud Platform and Google Workspace, Salesforce, and Zoom. “Safe Security is thrilled to become the world’s first MGA for cyber insurance using actual cyber telemetry for underwriting. Our vision is to establish a new, de-facto industry standard for how cyber insurance is underwritten, and to provide more transparency between the investment in cybersecurity and cyber insurance. “We are paving the way for a sustainable, profitable cyber insurance ecosystem based on trust and certainty for all stakeholders. Safe Security looks forward to helping insurance buyers get the right cyber insurance policy at the right price for their organization’s specific requirements, as well as assisting brokers and underwriters make more informed decisions and dynamically adjust their portfolios.” Saket Modi, co-founder and CEO, Safe Security The underwriting process through SafeInside takes less than 20 minutes to assess an organization. All insureds also receive access to the SAFE CRQM platform, winner of the 2022 CISO Choice Award for Risk Management, which simultaneously accumulates signals using APIs from existing cybersecurity products, external threat intelligence, and business context to provide unprecedented visibility into possible areas of cyber exposure, and the exact financial risk associated with those cyber exposures. With an objective of improving underwriting standards across the industry, Safe Security will also provide access to its cyber risk quantification platform to other carriers and reinsurers. Safe Security recently announced a partnership with Mosaic Insurance to offer real-time cyber risk evaluation. “Safe Security’s inside-out approach is differentiated from existing market offerings by focusing on the most common techniques used by attackers and examining how attackers think and behave, not how internal IT teams think they behave,” added Steven Schwartz, VP of Insurance Strategy and Underwriting, Safe Security. “This approach removes subjectivity, allowing companies to answer questions about their security controls with precision instead of guess work, at all times. We are working with the entire insurance ecosystem to improve the standards of cyber underwriting.” About Safe Security Safe Security Inc. is a leader in cyber risk quantification and management (CRQM), with a mission to build a safer digital future. Safe Security’s CRQM platform – SAFE – enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Malwarebytes and Stellar Cyber Partner to Investigate and Mitigate Cyber Threats

Malwarebytes | November 28, 2022

Malwarebytes, a global leader in real-time cyber protection, today announced a new partnership with Stellar Cyber, an industry-leading Open XDR platform that delivers comprehensive, unified security without complexity. The partnership helps resource-constrained teams produce consistent security outcomes across all environments; on-premises, cloud and anything in between. The partnership comes at a critical time in the cybersecurity landscape, as security products become more complex and IT teams spend more time maintaining their security controls, instead of investigating and mitigating cyber threats. According to a 2020 report from Palo Alto Networks, only 46 percent of security operations decision makers are satisfied with their current ability to detect threats. "They point to wasted time chasing false leads, poorly integrated security tools, and a large learning curve for effectively using those tools," according to the report. "Every security team should be able to deliver continuous, consistent security regardless of their skills or experience. "By tightly integrating Malwarebytes' cutting-edge EDR technology with the Stellar Cyber Open XDR platform, IT teams are able to close the gaps between security controls that attackers exploit." Andrew Homer, Vice-President of Technology Alliances at Stellar Cyber The integration pairs Malwarebytes' EDR solution–which collects detailed threat information for analysis and investigation–with the Stellar Cyber Open XDR Platform that ingests, normalizes, and enriches security data, including endpoints, network, cloud and logs into a single repository. Malwarebytes EDR collects critical endpoint and server data and sends it to Stellar Cyber, which analyzes the data to identify potential threats. As security analysts complete investigation in Stellar Cyber, response actions are sent to Malwarebytes to eliminate the threat. "Today's IT and security teams spend more time sifting through data than eliminating actual threats. Organizations need real-time data sharing and visibility to enable decisive actions before attackers are successful," said Brian Thomas, Malwarebytes Vice President of Worldwide MSP and Channel programs. "Stellar Cyber shares our mission to simplify cybersecurity for resource-constrained organizations. Together we uniquely deliver an intelligent and automated solution that allows security teams to be more efficient, and organizations more productive and protected." About Stellar Cyber Stellar Cyber Open XDR platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to successfully secure their environments. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, that mission has expanded to provide cyberprotection for every one. Malwarebytes provides consumers and organizations with device protection, privacy, and prevention through effective, intuitive, and inclusive solutions in the home, on-the-go, at work, or on campus.

Read More

Spotlight

Eine Zero-Trust-Strategie beinhaltet die Umstrukturierung von Sicherheitsmaßnahmen und -tools zum Aufbau einer zukunftsfähigen Sicherheitsarchitektur, die den Zugriff auf Daten und Ressourcen nach dem Prinzip der minimalen Rechtevergabe sicherstellt. Die Genehmigung von Verbindungen basiert dabei auf einer zuverlässigen Identitä

Resources