April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Cyber Security

Former FireEye executive joins Axon board, brings cybersecurity expertise

Cullivan

SCOTTSDALE, AZ July 20, 2017 Axon (Nasdaq: AAXN), the global leader in connected law enforcement technologies, today announced the addition of Julie Anne Cullivan to its Board of Directors effective July 19, 2017.

Ms. Cullivan recently joined ForeScout Technologies, Inc., a leading Internet of Things (IoT) security company, as SVP, Business Operations and CIO where she is responsible for leading the cross functional initiatives and information security strategy to support the fast-growing company. Formerly EVP, Business Operations and CIO at FireEye, Inc., Ms. Cullivan was a member of the executive team that set the company's strategy. With responsibility for both Business Operations and Information Technology, Ms. Cullivan helped scale FireEye from a private company with $80 million in revenue, through its successful IPO, to a global publicly traded company with revenues of over $700 million and a $2.7 billion valuation.

A thought leader in sales, channel, cloud, cyber security, and business digitization, she is adept at implementing innovative technology solutions to enable such strategic imperatives. Ms. Cullivan has held executive positions focused on sales, channel and marketing operations at Autodesk, McAfee, EMC, and Oracle. She is a recognized leader in the cyber security field and a sought-after speaker on topics including women in security, security as a boardroom imperative, innovation, and building high impact teams. Ms. Cullivan has a B.S. degree in Finance from Santa Clara University and brings extensive business, information technology and cyber security expertise to the Axon Board.

"I'm extremely happy to welcome Ms. Cullivan to Axon's Board of Directors," said Axon CEO and founder Rick Smith. "Her combined extensive business, sales operations, IT and cyber security expertise brings huge value to the Axon Board of Directors. The value of such expertise can hardly be overstated at a time when our company continues to grow, expand and evolve." 

"I look forward to contributing to Axon's success as the company continues on its mission to protect life," said Julie Anne Cullivan. "I am most excited about how they are leveraging Artificial Intelligence and Cloud technologies to deliver on this vision."

Axon believes that diversity at all levels of the business should reflect the diversity of society as a whole. The company proactively reached out to The Athena Alliance whose mission is to help enable gender diversity in the boardroom by directly connecting boards to top executive women. In the future, the board wishes to continue to enhance diversity on the board not just through gender, but through other factors as well. 

About the Athena Alliance

The Athena Alliance is a national nonprofit organization dedicated to advancing gender diversity in the boardroom by directly connecting boards to the right powerhouse woman for their board. The Athena Alliance has a curated network of over 500 C-Level women from top tier companies. Sponsors include Autodesk, Intuit, OpenView Venture Partners, PwC and more. Founded in April 2016, the Athena Alliance is headquartered in Half Moon Bay, Calif. For more information, visit http://athenaalliance.org.

About Axon

The Axon network is a network of devices, apps, and people that helps law enforcement become smarter and safer. Our mission is to protect life. Our technologies give law enforcement the confidence, focus, and time they need to keep their communities safe. Our products impact every aspect of an officer's day-to-day experience:

  • In the field - Our Smart Weapons offer a less-lethal intermediate use of force response and our body-worn and in-car cameras collect video evidence to capture the truth of an incident; and our mobile applications enable simple evidence collection.
  • At the station - Our secure, cloud-based digital evidence management solution allows officers and command staff to manage, review, share and process digital evidence using forensic, redaction, transcription, and other tools.
  • In the courtroom - Our solutions for prosecutors make collaborating across jurisdictions and agencies easy so that cases can be resolved quickly. 

We work hard for those who put themselves in harm's way for all of us. To date, there are more than 100,000 licensed users from around the world and more than 185,000 lives and countless dollars have been saved with the Axon network of devices, apps and people. Learn more at www.axon.com or by calling (800) 978-2737.

Axon, the "Axon Delta" logo, Axon Network, Smart Weapons, and Evidence.com are trademarks of Axon Enterprise, Inc., some of which are registered in the U.S. and other countries. For more information, visit www.axon.com/legal. All rights reserved.

Follow Axon here:

Darktrace partners with CITIC Telecom CPC to deliver cybersecurity solution in Asia

HONG KONG July 11, 2017 Darktrace, the leader in Enterprise Immune System technology, has today announced it has entered into a strategic partnership with industry-leading managed security services provider (MSSP) CITIC Telecom CPC, a wholly owned subsidiary of CITIC Telecom International Holdings Limited (SEHK:1883), to bring next-generation cyber defense to businesses across Asia Pacific. Impressed by Darktrace's advanced machine learning and proven ability to catch and mitigate threats inside its own network, CITIC Telecom CPC will now bring Darktrace to market as a leading MSSP partner in APAC, across its multiple branches.

"After witnessing the power of Darktrace's technology first-hand, CITIC Telecom CPC wanted to share the value of this disruptive AI for cyber defense on a large scale," commented Mr Daniel Kwong, Senior Vice President, Information Technology and Security Services at CITIC Telecom CPC. "As we have seen from the headlines, humans are consistently outpaced by increasingly automated threats, organizations increasingly recognize that traditional defenses focussed on past threats only provide the most essential protection. 

"Companies in Asia Pacific need a new approach to remain resilient in the face of brazen, never-seen-before advanced attacks. With Darktrace, our customers can successfully defend against all manner of novel threats. This strategic partnership will enable our customers in Asia Pacific to benefit from Darktrace's world-leading AI technology and CITIC Telecom CPC's managed security services expertise and around-the-clock Security Operation Centers, all under the TrustCSI(TM) Secure AI umbrella."

As the cyber-climate intensifies, Asia Pacific businesses are battling fierce attacks on a daily basis. New-age attacks, like polymorphic malware, constantly evolve to evade traditional securities and human eyes at the border. Other stealthy actors can move laterally across the network, looking for the crown jewels before they strike. Meanwhile, loud and indiscriminate attacks, like ransomware, can wreak havoc within minutes as criminals grind business operations to a halt in an attempt to extort money from crippled organizations. China's educational institutions and smaller Asian enterprises were hard hit in the recent WannaCry outbreak, prompting businesses to safeguard against future attacks. 

Mimicking the self-learning intelligence of the human immune system, the Enterprise Immune System builds an understanding of the 'pattern of life' of every user and device on a network. It can then identify emerging threats in real time and issue an autonomous response akin to 'digital antibodies' to neutralize an attack before it has inflicted damage. Coupled with CITIC Telecom CPC's innovative approach to cyber security and post-threat intelligence capabilities, Darktrace's AI technology for cyber defense empowers regional businesses of all sizes to effectively defend against even the most sophisticated cyber-threats, including 'unknown unknowns''. 

"As the Asian economy grows from strength to strength, local businesses need to prepare today for tomorrow's threat," commented Nicole Eagan, CEO at Darktrace. "Proven across over 2,400 deployments, Darktrace is the world's first and only AI able to automatically fight back against in-progress threats. We are excited to extend our transformative technology within the Asian market with best-in-class MSSP, CITIC Telecom CPC. This new partnership will further strengthen our ability to respond to the overwhelming demand for our cutting-edge machine-learning technology across the Asia-Pacific region, enabling companies to inoculate themselves against threats from within." 

About Darktrace

Darktrace is the world's leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide. For more information, please visitwww.darktrace.com 

About CITIC Telecom CPC

CITIC Telecom International CPC Limited ("CITIC Telecom CPC"), a wholly owned subsidiary of CITIC Telecom International Holdings Limited (SEHK: 1883), serves multinational enterprises the world over by addressing their specific ICT requirements with highly scalable tailored solutions built upon the company's flagship technology suites comprising TrueCONNECT(TM) MPLS VPN services, TrustCSI(TM) information security solutions, DataHOUSE(TM) global unified cloud data center solutions, and SmartCLOUD(TM) cloud computing solutions.

As one of the first service providers in Hong Kong to achieve ISO 9001, 14001, 20000, 27001, and 27017 ICT-related certifications, CITIC Telecom CPC delivers on its superior quality commitment through a broad global footprint encompassing some of the highest growth markets in Asia, Europe and America, with over 140 points of presence, 15+ Cloud service centers, 30+ data centers, and two dedicated 24x7 Security Operations Centers.

At CITIC Telecom CPC, "Innovation Never Stops." For more information please visitwww.citictel-cpc.com.

California university receives NATO grant to conduct research on cybersecurity

Mondin

California State University, Los Angeles has been awarded a $380,000 grant from the North Atlantic Treaty Organization (NATO) to conduct research designed to improve cyber security.

Cal State LA will collaborate with NATO experts, as well as scientists from Italy, Israel, and Pakistan on the project.

“We are looking forward to collaborating with these partners to foster research, innovation, and knowledge in an effort to address today’s security challenges,” said Marina Mondin, who is the grant’s principal investigator and an associate professor of electrical and computer engineering at Cal State LA.

NATO’s Science for Peace and Security (SPS) Program has provided funding for a three-year period. The program also provides expert advice and support to security-relevant activities jointly developed by a NATO member and partner country.

“The research conducted at Cal State LA, in collaboration with other institutions, will help advance the field and lead to greater cybersecurity,” said Cal State LA President William A. Covino. “We’re pleased to be a part of this important effort.”

The collaborative research project focuses on the design and implementation of a practical Quantum Key Distribution (QKD) system between two major cities in northern Italy.

QKD uses quantum mechanics to exchange secret information. Quantum mechanics is the science dealing with the behavior of matter and light on the atomic and subatomic scale.

In QKD systems, individual photons are used to exchange cryptographic key data between a sender and a receiver. Each photon represents a single piece of data. After a key has been created, it can then be used to encrypt messages that are being communicated over an insecure channel.

It is the only known technique against cyberattacks that is secure based on the current understanding of laws of physics.

“QKD systems have reached a maturity level that allows their potential full realization and implementation for creation of a secure network backbone. The scientists at the Italian National Institute of Metrological Research (INRIM) are at the forefront of experimental research in the field of quantum optics,” said Mondin.

Quantum optics is a field of research that uses semi-classical and quantum-mechanical physics to investigate phenomena involving light and its interactions with matter at submicroscopic levels.

Researchers will also focus on the advancement of all related technologies for both fiber optics and free space optical systems. Free space optics is the technology associated with using a light source to wirelessly transmit data.

Mondin is an expert in signal processing for communications, modulation and coding, simulation of communication systems, and quantum communications. She has been associate editor for the Institute of Electrical and Electronics Engineers’ Transactions on Circuits and Systems and has been a member of the technical-scientific committees of various international conferences.

Other researchers involved in the grant project include Marco Genovese, of Italian National Institute of Metrological Research, Torino, Italy; Shlomi Arnon, of Ben-Gurion University of the Negev, Beer-Sheva, Israel; and Inam Bari, of National University of Computer and Emerging Sciences, Peshawar, Pakistan.  

Over the past five years, the NATO SPS program has initiated 450 collaborative activities in more than 40 partner countries from cyber security in Jordan to defense against chemical, biological, radiological or nuclear agents, and energy security in Ukraine.

Infrastructure group calls for investment, innovation in smart grid development

WASHINGTON July 12, 2017 American infrastructure is an ever-evolving industry, requiring pioneers to embrace new technology to bolster existing sectors, and usher in improvements needed across the country. The Alliance for Innovation and Infrastructure laud and encourage the electric energy industry, to embrace new technology as the smart grid continues to progress.

Aii is proud to release its latest policy analysis, "Building a Smarter Electric Grid: How Investing in Smarter Electricity Infrastructure Will Energize America." The paper identifies priorities for future investment to help companies and governments smooth the transition to a more digitized grid and safely and efficiently integrate DER, energy storage, electric vehicles, and other advanced energy technologies such as smart hardware, software, and analytic capabilities.

The grid itself is the backbone and platform that can facilitate the coordinated adoption of these emerging technologies and processes to achieve a cleaner, more modern, efficient, reliable and secure power system. However, to accomplish this transition, grid infrastructure needs to be properly modernized to safely and efficiently facilitate the flow and storage of the energy and information that makes the smart grid possible.

This costly and complex challenge will require both Utilities and State and Federal Regulators to work together, with investments and improvements to protect reliable energy and a strong economy.

Aii Chairman, Brigham McCown stated, "At a time when cybersecurity is of utmost importance, shoring-up the grid is critical for the security of all Americans."

The paper can be downloaded here: www.aii.org

The Alliance for Innovation and Infrastructure (Aii) consists of two non-profit organizations, The National Infrastructure Safety Foundation (NISF) a 501(c)(4), and the Public Institute for Facility Safety (PIFS) a 501(c)(3). The Foundation and the Institute focus on non-partisan policy issues and are governed by separate volunteer boards working in conjunction with the Alliance's own volunteer Advisory Council.

EclecticIQ partnership to leverage Group-IB unique data on Russian hackers

Volkov

AMSTERDAM July 12, 2017 Group-IB, a global leader in high-grade threat intelligence and best-in-class anti-fraud solutions, and EclecticIQ, the leading vendor of products and services dedicated to augmenting threat analysts' capabilities, today announced a partnership to integrate Group-IB's unique data on Russian-language hackers into EclecticIQ Platform. With this new integration, threat analysts, threat hunters, SOC analysts, and incident responders can add detailed context and immediately refine their investigations into cyber threats originating from Russian-speaking cybercriminals.

Russian underground communities are dominating the cyber world. These communities are defined by their native language and their technical and logical peculiarities, rather than by affiliation with nation-state actors.

"Detailed threat intelligence is always local—not in the geographical sense, but in terms of the communities the bad guys belong to," says Dmitry Volkov, Co-Founder of Group-IB and Head of Group-IB's Investigation Department and Intelligence Service. "It's impossible to get valuable information about an underground community without a deep understanding of the region and of cybercriminals' motives, psychology, and language."

"The devil is in the detail," Volkov adds. "It takes years to build an effective intelligence network into a regular channel of reliable information. We've been following Russian-language underground hacking communities since 2003, making Group-IB the absolute leader in the field."

EclecticIQ has now integrated Group-IB's unique intelligence on Russian-speaking hackers into EclecticIQ Platform, which helps IT security professionals and threat intelligence analysts to optimize their efforts in analyzing huge amounts of information from different sources; and EclecticIQ Fusion Center, which fuses and configures intelligence feeds, automatically enriches this data, and delivers threat intelligence directly into IT security controls.

"Russian-speaking cybercriminals are considered among the most advanced in the world, and taking that into account forms an essential component of any threat intelligence strategy for organizations targeted by these groups," says Joep Gommers, CEO & Founder of EclecticIQ. "By partnering with Group-IB, we're benefitting our customers with the most reliable information for analysis and proactive cyber defense against Russian-language attackers."

From within EclecticIQ Platform, threat analysts, threat hunters, SOC analysts, and incident responders now have access to timely intelligence on Russian-language hackers sourced from underground communities. Using intelligence including patterns of behavior, motives, methods, and techniques, cybersecurity professionals can build effective defensive strategies that help their organization to stay one step ahead of the criminals.

Threat intelligence from Group-IB will also be packaged into thematic bundles of cyber threat intelligence available through EclecticIQ Fusion Center.

Threat Intelligence is one of the fastest-growing areas in cybersecurity across multiple industries including financial services, government, oil and gas, and defense.

Considering the increasing frequency and severity of attacks by Russian cybercriminals on bank ATMs and other channels, financial institutions continue to be one of the largest consumers of threat intelligence. Cybersecurity analysts at financial institutions proactively identify threats and reduce operational risks with comprehensive threat intelligence that encompasses statistics, damage evaluations, trend reports, forecasts, detailed attack analyses, and analytics tailored to an organization's operational footprint.

About Group-IB

Group-IB, a global leader in preventing and investigating high-tech crimes and online fraud, runs the largest computer forensics laboratory in Eastern Europe and is recommended by the Organization for Security and Co-operation in Europe (OSCE).

Group-IB products and services are used by global clients, including Fortune 500 companies in the US, Western Europe, Middle East, Asia and Australia. Group-IB's clients include top-tier banks and financial intuitions, FMCG brands and industrial corporations, oil and gas companies, software and hardware vendors, and telecommunications service providers from Australia, Canada, Latin America, EU, Russian Federation, UK, and USA. Read more at www.group-ib.com

About EclecticIQ

EclecticIQ helps organizations to turn cyber threat intelligence into business value through products built for cyber security professionals in threat intelligence, threat hunting, SOC, and Incident Response.

EclecticIQ Platform is the analyst-centric threat intelligence platform based on STIX/TAXII that meets the full spectrum of intelligence needs.

EclecticIQ Fusion Center enables the acquisition of thematic bundles of cyber threat intelligence from leading suppliers with a single contract.

The company won Deloitte's Technology FAST50 Rising Star Award for "Most Disruptive Innovator."

EclecticIQ is headquartered in Amsterdam, The Netherlands.

Read more at: www.eclecticiq.com.

Black Hat announces details about 20th annual security conference

Stamos

SAN FRANCISCO July 12, 2017 Today, Black Hat, the world's leading producer of information security events, announces its newest programming features for its 20th annual event. New offerings will span expanded diversity programs, a Keynote in the larger Events Center, a two-story business hall, dedicated accommodations for families onsite, yoga and more.

Black Hat USA will take place July 22 – 27, 2017 at the Mandalay Bay Convention Center. For more information and to save $100 on a Briefings Pass by July 21, please visit: blackhat.com/us-17/ 

New in 2017

Keynote in the Events Center (Wednesday, July 26) 
For the first time, the Black Hat USA Keynote will be held at the Mandalay Bay Events Center. This expansive venue will offer premium viewing and acoustics for Alex Stamos' 2017 Keynote presentation, Stepping up our game: Re-focusing the security community on defense and making security work for everyone.

For more information on this year's Keynote, please visit: ubm.io/BHKeynote

Business Hall (Wednesday, July 26 – Thursday, July 27) 
This year's Business Hall will expand to both Level 1 and Level 2 to accommodate a wider range of programming.

  • Level 1: will provide access to nearly 300 of the leading security companies providing hands on learning, demonstrations and education of the latest products and technologies that help keep organizations safe.  Attendees can experience deep dive sessions presented by vendors in the Business Hall Theaters, and network with peers in the Microsoft Expo Lounge.
  • Level 2: features several focused areas for attendee, vendor and community engagement, with program such as: Innovation City, providing access to the hottest security start-ups; Arsenal, which serves as a destination for independent researchers and open source tools presentations; the Career Zone, for companies looking to hire talent or attend Career sessions; and the Business Center, for private meeting room space. 

To learn more about this year's Business Halls, visit: blackhat.com/us-17/sponsors.html

Expanded Diversity Programs 
To welcome a wider range of InfoSec professionals to the Black Hat community and shine a light on professional gaps, this year's diversity offerings will provide a platform to discuss current issues and a source for opportunities that assist individuals in jump starting their careers and continuing their education in the space.

To learn more about each of these programs, please visit: blackhat.com/us-17/diversity-programs.html

Day Care and Mothers Room 
To support families attending the event, Black Hat is offering child day care services, and accommodations for mothers, through Kiddie Corp. Please note, that attendees under the age of 18 are not permitted to attend the event.

To sign up and for more information, visit: ubm.io/daycare

Deep House Yoga (Thursday, July 27) 
To encourage heathier activities during the week of Black Hat, the event will be partnering with Deep House Yoga SF to create a truly unique experience for the community. Deep House Yoga SF is a movement which combines Vinyasa Yoga with a live DJ--based around building strong healthy communities and celebrating health.

To register, visit: e.sparxo.com/Blackhat--Deep-House-Yoga--Silent-Disco-Black-Hat.

DEF CON Badge Distribution (Thursday, July 27) 
Badge pickup will begin at 07:00 for Black Hat attendees on Level 2 at the built-in counters (across from Mandalay Bay J). Recipients will need to present the DEF CON voucher portion of their badge. DEF CON badges must be pre-purchased as a part Black Hat registration and are not available for sale onsite at Black Hat.

For more information, please visit: blackhat.com/us-17/defcon.html

Merchandise Store on Level 3 (Monday, July 24 – Thursday, July 27) 
The official Black Hat USA Merchandise Store will be located on Level 3 in the Palm Foyer. Attendees can visit this location to purchase t-shirts, outwear, gifts, hats, and more - branded Black Hat items are only available onsite at Black Hat events.

Black Hat USA Trainings – Register Now to Save $100: Black Hat will offer its largest Trainings lineup to date, with deeply technical, hands-on courses led by the information security industry's top trainers and professionals. Courses will span topics such as Android hacking, automobile systems hacking, penetration testing, advanced infrastructure hacking, and more. For information on the lineup, please visit: blackhat.com/us-17/training/index.html.

Top sponsors of Black Hat USA 2017 include: Diamond Sponsors: Cisco, FireEye, Forcepoint, LogRhythm, McAfee, Qualys, RSA and Tenable Network Security; Platinum Plus Sponsors: AlienVault, Arbor Networks, Carbon Black, CrowdStrike, Cylance, DarkMatter, Digital Guardian, ESET North America, Fidelis Cybersecurity, Fortinet, IBM, Leidos, Palo Alto Networks, Raytheon Foreground Security and Symantec; Platinum Sponsors: Code42 Software, Core Security, Cybereason, Darktrace, F5 Networks, iboss cybersecurity, Malwarebytes, NSFOCUS, Optiv Security, Proofpoint, Inc., Rapid7, SentinelOne, StackPath, Tanium, Trend Micro and Webroot.  For all sponsorship opportunities, visit: blackhat.com/us-17/sponsors.html

Connect with Black Hat (#BlackHat and #BHUSA)

Future Black Hat Dates and Events

  • Black Hat Europe 2017, London, England, December 4-7
  • Black Hat Asia 2018, Singapore, March 20-23

About Black Hat 
For 20 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia. More information is available at: blackhat.com. Black Hat is organized by UBM plc. UBM is the largest pure-play B2B Events organizer in the world. Our 3,750+ people, based in more than 20 countries, serve more than 50 different sectors. Our deep knowledge and passion for these sectors allow us to create valuable experiences which enable our customers to succeed. Please visit www.ubm.com for the latest news and information about UBM. 

Cloud security expert offers course at upcoming SANS San Francisco training event

Shackleford

BETHESDA, MD July 12, 2017 SANS Institute, the global leader in information security training, today announced its new SEC545: Cloud Security Architecture and Operations course will be offered for the first time at SANS San Francisco Fall 2017 taking place September 5 - 10.  Cloud security expert and author/instructor of the SEC545 course, Dave Shackleford, will provide detailed insight into the tools, controls, and design models needed to properly secure the cloud during this five day immersion style training.

According to Shackleford, "Organizations of all types are moving data and workloads into the cloud, and this trend will only continue. Security teams need to understand the core design principles that can help these transitions proceed smoothly, without sacrificing hard-won security controls and processes we've developed over the years. SEC545 aims to educate students on everything from policy and contracts to security architecture and operations, with special emphasis on DevSecOps and automation. There are lots of practical hands-on exercises in AWS throughout the class, too, which will reinforce the lessons from class."

For more information on the SEC545: Cloud Security Architecture and Operations course, or to register, visit here: www.sans.org/u/tZm

SANS San Francisco Fall 2017 will hands-on information security courses taught by the industry's top instructors. Included among the courses offered are SEC401: Security Essentials Bootcamp Style, SEC501: Advanced Security Essentials - Enterprise Defender, SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling, SEC566: Implementing and Auditing the Critical Security Controls - In-Depth, FOR585: Advanced Smartphone Forensics, and MGT414: SANS Training Program for CISSP® Certification. Bonus evening discussions led by SANS instructors will round out the agenda. Cyber security expert, Paul Henry, will deliver the keynote address on Evolving Threats.

For a complete list of courses, or to register for SANS San Francisco Fall 2017, please visit: www.sans.org/u/tZr

About SANS Institute 
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cybersecurity training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cybersecurity training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (www.SANS.org)

Internet Promise Group provides critical security encryption for military and government applications

TORRANCE, CA July 7, 2017 Internet Promise Group, Inc. (IPG), a leading provider of security software, secure data storage and cyber security systems has introduced Random Dance Keys (RDK), a new class of scalable encryption keys so virulent and ephemeral they are impervious to brute force attacks.

Unlike current data security methods that focus on creating more advanced encryption algorithms, RDK provides breakthrough innovation in the encryption key space itself that until now was the standard key size of such as 256 random sequences of bits.

RDK encryption keys are engineered not only to be unbreakable by brute force methods, but impossible to steal or hack by focusing on the innovation in the encryption key itself rather than the encryption algorithm. They are generated randomly for every data block within in a secure communication channel, are unique per data packet or time slice, per direction and based on six layers of random separation for in-depth defense.

In addition, this next-generation of a sequence of encryption keys are:

  • Created instantly when needed for encrypting or decrypting a dataset using an algorithm
  • Never stored anywhere and are instantly discarded
  • Engineered to protect data without disruption to existing encryption systems to ensure ease and usability within current systems
  • Designed to provide seamless integration with current systems, protocols, or environments using wireless nationwide networks and combination of wireless and landline networks

"Generated at the time of actual use for encryption or decryption and immediately discarded after one time use to ensure data communications security, RDK nullify threats by eliminating the value of stolen or leaked data," said Tara Chand, chairman and Chief Executive Officer of Internet Promise Group.

How do they work? RDK creates and uses a random wave envelope that generates a perpetual sequence of uniquely random encryption keys at both ends of any communications channel. The advanced key management solution of RDK uses existing encryption algorithms and an existing encryption key as a seed, without displacing current methods. RDK are easy to use, scalable and are deployable within a few days.

RDK offers multiple applications and solutions to eliminate privacy and end-to-end security issues for communications across computers including wireless networks, cloud storage services, other external storage systems, business networks and financial institutions. RDK also provides advanced solutions for critical security network communications and data storage by military, defense and government agencies.

For military use RDK can provide shared encryption keys among U.S. forces and its allies collaborating in military operations in the Middle East and other war zones around the globe. Patented RDK technology may be licensed for commercial, military and government hardware, firmware and software applications. For information please call (310) 787-1400 or visit www.internetpromisegroup.com.

# # #

About Internet Promise Group

Founded in 2014, Internet Promise Group, Inc. (IPG) develops and markets a wide range of mobile, security and information systems applications. IPG has invested $5 million in research and development to engineer products and services that secure transactions, authenticate identity, increase safety and save lives. IPG and its wholly-owned subsidiaries hold 50 patents and more than 100 patents pending for advanced technology solutions for consumers, business and government.

Portnox ransomware response solution disconnects infected devices during attacks

July 11, 2017 Portnox, a market leader for network visibility, today announced “Rapid Ransomware Response and Control” as part of its on-premise and cloud-based Network Access Control (NAC) Solutions, Portnox CORE and CLEAR. In light of recent EternalBlue exploit attacks, known as the ‘Petya’ or ‘NotPetya’ cyberattacks, which targeted known vulnerabilities in the server message block protocol in Microsoft Windows, Rapid Ransomware Response and Control allows organizations of all sizes to quickly recover from ransomware and malware attacks.

Rapid Ransomware Response and Control allows for quick recovery by automatically disconnecting infected devices, as well as those devices that are prone to infection or missing necessary patches, to prevent the lateral spread of the ransomware throughout the network. By providing full visibility into all network devices, Rapid Ransomware Response and Controlenables organizations to identify unpatched devices and those lacking anti-virus updates, and automatically install updates across the network. It also identifies unmanaged devices, which cannot be patched and pose significant risk – a major factor in the EternalBlue exploit attacks – automatically removing them to a firewalled or segmented network with limited network access.

Remediation capabilities include disconnecting or quarantining managed network devices that have been infected or are likely to be infected; activating a script for patching those machines, pushing a specific patch to update a machine, and segmenting or isolating infected devices into a separate part of the network with limited Internet connection and restricted access to sensitive company information. In addition, Rapid Ransomware Response and Control remotely disconnects ports on all network devices to control the lateral spread of the attack throughout the organization, and to minimize the IT resource burden of manually disconnecting network devices.

“Complete visibility into the network health of managed and unmanaged network devices can prevent an additional wave of ransomware attacks in the future, and that, if attacked, organizations can effectively control damage to their assets by initiating automated remediation measures across all relevant endpoints,” said Ofer Amitai, CEO, Portnox. “With Ransomware Response and Control, IT teams will release a sigh of relief knowing that, in the unfortunate event of a network breach, they have full visibility and control over the emerging and real threats to their network.”

Rapid Ransomware Response and Control is available now. For more information or to request a demo, visit: http://l.portnox.com/core-demo-request-1-0-0/.

About Portnox
Portnox helps connected organizations secure corporate networks by utilizing its next-generation network access control and management solutions. Portnox solutions manage any Internet of Things (IoT) connected devices or any user devices accessing the network, including remote locations and whether on mobile, BYOD or managed devices.

For over a decade, Portnox has been providing satisfied customers worldwide with a complete view of device and network visibility, reducing security risk and improving network control. Portnox offers two solutions – CORE for On-Premise NAC and CLEAR for cloud-based NAC - allowing companies to grow, optimize, and evolve their infrastructure while ensuring security and compliance. The company is recognized by Gartner as a pure-play security vendor of network access control solutions and is a recipient of the 2016 Global Frost & Sullivan Award for Competitive Strategy Innovation and Leadership. Portnox has offices in the U.S. and in Europe.

www.portnox.com

Homeland Security awards $220K cybersecurity research grant to University of Tulsa

WASHINGTON July 7, 2017 The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) awarded $220,209 to the University of Tulsa to study data production and usage by cybersecurity researchers, information that will help quantify the value of data-sharing and improve sharing incentives to address the interdependency of cyber-risk environments.

The award was made through the S&T Cyber Security Division’s (CSD) Cyber Risk Economics (CyRiE) project. CyRiE supports measurement and modeling research into the business, legal, technical and behavioral aspects of the economics of cyber-threats, vulnerabilities and controls. Its primary focus is research into investment, impact, value and incentives related to cybersecurity risk management. This focus will provide relevant, timely, accurate and comprehensive data to help shape effective policy, optimize cybersecurity risk management and advance understanding of the cyber-risk landscape.

“Cybersecurity is a data-driven research field that demands access to large and varied data resources held by other researchers,” said Acting DHS Under Secretary for Science and Technology William N. Bryan. “This project will help facilitate enhanced data-sharing among cybersecurity researchers, which will enable researchers to better quantify risks and identify new cyber-defenses.”

Through a project titled “The Economics of Cybersecurity Research Data-Sharing,” the university will examine published research to identify what data is available, how the research community is failing to exploit the wealth of data it produces, and ultimately recommend how data-sharing can be improved to enhance evidence-based policy and technology solutions. Additionally, the project will analyze usage of the research data stewarded by CSD’s Information Marketplace for Policy and Analysis of Cyber-risk & Trust project to understand the return on investment for existing, shared datasets that are being leveraged by others.

The CyRiE project is working to improve value-based decision-making by those who own, operate, protect, and regulate the nation’s vital data assets and critical infrastructure. The project goes beyond the traditional economic-based view of incentives for cybersecurity to approach cybersecurity risk as a multidimensional problem that requires multidisciplinary perspectives. In this way CyRiE research and development (R&D) can more effectively address strategy and tactics for optimal cyber-risk avoidance, acceptance, mitigation and transfer.

“An open secret of cybersecurity R&D is that while empirical data is the lifeblood of developing, testing and evaluating solutions, its ready availability is falsely assumed and its value is grossly understated,” said CyRiE Program Manager Erin Kenneally. “Quantifying what data is being used and produced by cybersecurity researchers and developers is critical to measuring the gaps and value proposition for data-sharing.”

CSD’s mission is to enhance the security and resilience of the nation’s critical information infrastructure and the Internet by developing and delivering new technologies, tools and techniques to defend against cyberattacks. The division, which is part of S&Ts’ Homeland Security Advanced Projects Agency, conducts and supports technology transitions and leads and coordinates R&D among the R&D community, which includes DHS customers, government agencies, the private sector and international partners. For more information about CSD, visit https://www.dhs.gov/cyber-research.

Pages

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...