April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Cyber Security

Plurilock solution to be tested by DoD for identifying intruder attacks

Paterson

VICTORIA, British Columbia June 29, 2017 Plurilock Security Solutions, the AI authentication technology that discriminates between authorized people and intruders by the way they behave on a workplace computer, today announced that the U.S. Department of Defense (DoD) will use BioTracker, their patented cybersecurity technology developed for combat support.

The department recently contracted with Plurilock for its first-of-a-kind "proof-of-presence" cybersecurity software featuring continuous authentication on its workplace computers.

"With BioTracker, CIOs and security professionals finally have control over the insider threat challenge," stated V. Adm. Mike McConnell, USN (Ret.), former Director National Security Agency (NSA) and Director National Intelligence, and independent board director at Plurilock Security Solutions.

He added, "Using sophisticated artificial intelligence (AI), the Plurilock solution enables corporations to prevent, respond, analyze, and report to internal security departments and external compliance agencies on the actions performed by each workplace individual. Plurilock's unique solution proves to any compliance agency that you have full visibility and non-repudiation capabilities for the modern workforce."

Under the agreement, Plurilock will work with the DoD's Defense Innovation Unit Experimental (DIUx), an agency that identifies emerging commercial technologies for the department's use. The DoD plans to strengthen its information security by integrating several multi-factor authentication technologies, including Plurilock's. DIUx has provided a clear and level playing field for the best disruptive technology to make its way into the hands of the warfighter.

The department is evaluating Plurilock's technology as part of an effort to augment or replace the common access card or username/password forms of authentication. The department is creating a family of authenticators, all integrated and available based on time, risk, and environment, providing flexibility and enhancing security beyond the standard two-factor authentication commonly used today.

Plurilock's patented "behavioural biometrics" software uniquely identifies people by the way they use their corporate computing devices, such as laptops, desktops, and servers. After just 20 minutes' tracking a user's keystroke style and speed, mouse use, and other behaviours, Plurilock's software builds a biometric profile unique to that user. Its patented continuous authentication algorithms enable the platform to know who is on the corporate network, where they are, and when they are there—and to detect intruders, in real time.

"Today's systems cannot verify user identity with certainty. Hackers steal passwords and tokens, create fake fingerprint impressions, and even re-route phone authentication codes, fooling computing devices and accounts into providing them with access. As a result, breaches may take months to detect and resolve. Furthermore, vendors now must spend much time and money maintaining records for compliance audits with their partners. For both cases, Plurilock's technology provides immediate solutions," said Plurilock's CEO, Ian Paterson.

"Plurilock's advanced system for determining ongoing proof of presence provides a cybersecurity solution that instantaneously recognizes breaches, helps with corporate forensic investigations, and ensures regulatory compliance," stated Ian Paterson, CEO of Plurilock.

ABOUT PLURILOCK:

Plurilock delivers preventative, instantaneous, and continuous solutions for workplace authentication and regulatory compliance. Its software strengthens workplace cybersecurity using sophisticated behavioural biometrics to identify authorized users and neutralize insider threats. For more information, visit: www.plurilock.com

New Vectra Networks application for Demisto enables quicker responses to attacks

CUPERTINO, CA and SAN JOSE June 28, 2017 Demisto, Inc., an innovator in Security Automation and Orchestration technology, and Vectra Networks, the leader in automating the hunt for in-progress cyber attacks, today announced the availability of the Vectra Active Enforcement application for Demisto. The integrated solution enables security teams to quickly expose a variety of hidden cyber attack behaviors, pinpoint host devices at the center of an attack and block threats before data is compromised or stolen.

The success of security teams often boils down to the speed of incident response. Sophisticated attackers thrive by staying under the radar and detection often requires hours to days of manual threat hunting by highly trained security analysts.

"Demisto shares Vectra's approach of augmenting cybersecurity teams with the most advanced artificial intelligence to create a natural partnership," said Mike Banic, vice president of marketing at Vectra Networks.

Vectra Active Enforcement for Demisto turns automated threat detections into action through a seamless combination of security orchestration, incident management and interactive investigation. Integration with other leading security solutions helps stop attacker traffic and can quarantine compromised host devices. Collaboration and forensic capabilities provide efficiency and advanced investigation features by automating data enrichment and analysis with Demisto scripts.

"The combined solutions transform vast amounts of threat data into actionable answers, empowering security analysts to find and resolve issues quickly while conserving time, money and talent," said Rishi Bhargava, co-founder and vice president of marketing at Demisto.

Other key features of the integrated solution include:

  • Collaborative cybersecurity, ensuring faster, more effective threat investigations
  • Improved investigative efficiency by automating data enrichment and analysis
  • Selective trigger response actions based on threat type, risk and certainty
  • Combined automated behavior-based threat analysis with real-time enforcement
  • High-level of automation, empowering IT and security generalists with advanced analytics for complex investigations and collaboration

Demisto and Vectra Networks are portfolio companies of Wipro Ventures, the strategic investment arm of Wipro Limited. Wipro has built a "Cyber Threat Management Platform" that leverages the technology capabilities of Demisto and Vectra.

"By combining the leading edge automated threat detection and immediate enforcement using perimeter and endpoint security solutions, security teams can reduce their operations response time from days to minutes, preventing damage, leveraging Wipro's Cyber Threat Management Platform," said Sheetal Mehta, vice president and global head, cyber security and risk services at Wipro Limited.

To learn more about Vectra Active Enforcement for Demisto, please read the the joint solution brief or register to attend a jointly hosted webinar, taking place on July 19, at 12:30 p.m. EDT.

About Demisto
Demisto Enterprise is the first and only comprehensive Security Operations Platform to combine security orchestration, incident management and interactive investigation. Demisto's orchestration engine automates security product tasks and weaves in the human analyst tasks and workflows. Demisto enables security teams to reduce mean time to resolution (MTTR), create consistent incident management process, and increase analyst productivity. Demisto is backed by Accel and other prominent investors and has offices in Silicon Valley and Tel Aviv. For more information, visit www.demisto.com or email [email protected].

About Vectra Networks
Vectra Networks is the leader in automating the hunt for in-progress cyber attacks. Using artificial intelligence, Vectra correlates threats against hosts that are under attack and provides unique context about what attackers are doing so organizations can quickly prevent or mitigate loss. Vectra prioritizes attacks that pose the greatest business risk, enabling organizations to make rapid decisions on where to focus time and resources. In 2016, Vectra was named "Most Innovative Emerging Company" in the Dark Reading Best of Black Hat Awards. InformationWeek also named Vectra one of the Top 125 companies to watch in 2016. Vectra investors include Khosla Ventures, Accel Partners, IA Ventures, AME Cloud Ventures and DAG Ventures. The company is headquartered in San Jose, Calif. and has European regional headquarters in Zurich, Switzerland. For more information, visit https://www.vectranetworks.com.   

About Wipro Limited
Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading global information technology, consulting and business process services company. We harness the power of cognitive computing, hyper-automation, robotics, cloud, analytics and emerging technologies to help our clients adapt to the digital world and make them successful. A company recognized globally for its comprehensive portfolio of services, strong commitment to sustainability and good corporate citizenship, we have a dedicated workforce of over 170,000, serving clients across six continents. Together, we discover ideas and connect the dots to build a better and a bold new future.

Barracuda Networks releases artificial intelligence-based solution against spear phishing, cyber fraud

CAMPBELL, CA June 28, 2017 Barracuda Networks, Inc. (NYSE: CUDA), a leading provider of cloud-enabled security and data protection solutions, today announced the availability of Barracuda Sentinel, a comprehensive AI solution for real-time spear phishing and cyber fraud defense. Barracuda Sentinel is delivered as a cloud service and utilizes artificial intelligence to protect people, businesses, and brands from spear phishing, impersonation attempts, business email compromise (BEC), and cyber fraud.

Spear phishing is rapidly becoming the most devastating cybersecurity threat. Tens of thousands of companies and individuals have fallen prey, sending wire transfers and sensitive customer and employee information to attackers impersonating their CEO, boss, or trusted colleague. According to Osterman Research, while CEO Fraud/BEC attacks are less common than phishing or ransomware, 27 percent of organizations have encountered such an attack during the past 12 months. The FBI reports that organizations have already lost $5 billion due to BEC. Beyond the financial impact, these attacks can cause irreparable damage to an organization's reputation and brand. Because the attacks are highly personalized—and typically contain no malicious attachments or links—existing security solutions fail to detect them.

Barracuda Sentinel combines three powerful layers of artificial intelligence technology, domain fraud visibility, and anti-fraud training, into a comprehensive solution that guards against these personalized attacks. Barracuda Sentinel directly connects to communication platforms, such as Microsoft Office 365, which allows immediate access to current and historical data required to understand an organization's existing communication patterns and prevent impersonation attempts.

"Spear phishing is rampant. It's no longer just the large enterprises or C-suite that need to be on high alert—everyone is a target," said Asaf Cidon, vice president of content security services at Barracuda Networks. "We see novel combinations of highly personalized tactics—spoofing your domain, impersonating your CEO, engaging in convincing conversations with your employees. In today's dynamic threat environment, the best defense includes a combination of people and technology. Barracuda Sentinel leverages artificial intelligence to give customers—people—a comprehensive way to stop spear phishing and cyber fraud attacks in real time."

AI for Real-Time Spear Phishing and Cyber Fraud Defense
Barracuda Sentinel is powered by a multi-layer AI engine that detects and blocks spear phishing attacks in real time and identifies which employees are at highest risk of spear phishing. Barracuda Sentinel examines information from multiple signals to learn the unique communications patterns of each company and to analyze the content of the messages for sensitive information. Barracuda Sentinel combines this messaging intelligence to determine with a high degree of accuracy whether an email is part of a spear phishing attack.

"As our research shows, CEO fraud / BEC attacks are on the rise. Attackers are constantly evolving their tactics to evade defenses, and are more frequently targeting lower-level employees who might have access to sensitive information or who might have authority to authorize or send payments," said Michael Osterman, president of Osterman Research. "Barracuda Sentinel's ability to learn an organization's unique communication patterns is important for any organization looking to identify high-risk employees and have comprehensive protection from these types of attacks."

Domain Fraud Visibility and Protection
In a significant percentage of successful spear phishing attacks, attackers spoof the domain of a company to impersonate one of the employees. In addition, attackers frequently exploit domain spoofing to send emails on behalf of the company to its customers and partners to steal their credentials and gain access to their accounts. Barracuda Sentinel gives companies visibility into domain fraud and protects against spoofing by setting up DMARC (Domain-based Message Authentication Reporting & Conformance). DMARC allows companies to monitor emails sent from their domain, ensures deliverability for legitimate email traffic, and prevents unauthorized messages from being sent from company domains. Barracuda Sentinel delivers visibility and analysis of DMARC reports, which prevents spoofing-based spear phishing and brand hijacking.

Anti-Fraud Training for High-Risk Individuals
Barracuda Sentinel leverages intelligence gathered from its machine learning engine to identify high-risk individuals within an organization. Once identified, Barracuda Sentinel offers a set of tools to periodically and automatically train and test the security awareness of these employees with simulated spear phishing attacks.

Cloud-Delivered Functionality, Zero Impact on Network Performance
Barracuda Sentinel is delivered as a cloud service, without any hardware or software to install or maintain. Barracuda Sentinel works alongside existing email security solutions, including native Microsoft Office 365, Barracuda Essentials, or other email security solutions. Barracuda Sentinel's API-based architecture is designed to make it easy to extend protection beyond email, to additional communications platforms such as G Suite, Slack, social media, and others. Barracuda Sentinel is available today for Microsoft Office 365 users. For additional information, visit https://www.barracudasentinel.com.  

Resources
Introducing Barracuda Sentinel: Blog – http://cuda.co/19306, Video – http://cuda.co/ytjw3q

Spear Phishing Blog: https://blog.barracuda.com/spear-phishing/

Blog: Can your security system overcome user confidence – http://cuda.co/19308

Blog: Threat Spotlight: Real-World Spear Phishing, Initiating the Attack and Email Spoofing – http://cuda.co/19319

Blog: Best Practices for Dealing with Phishing and Ransomware – http://cuda.co/wpphishing

Blog: Threat Spotlight: W-2 Phishing Scam – http://cuda.co/18600

Blog: Threat Spotlight: The airline phishing attack – http://cuda.co/18452

About Barracuda Networks, Inc. 
Barracuda (NYSE: CUDA) simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications and data, regardless of where they reside. These powerful, easy-to-use and affordable solutions are trusted by more than 150,000 organizations worldwide and are delivered in appliance, virtual appliance, cloud and hybrid deployment configurations. Barracuda's customer-centric business model focuses on delivering high-value, subscription-based IT solutions that provide end-to-end network and data protection. For additional information, please visit barracuda.com.  

eResilience offers summary, upcoming webinar regarding DFARS cybersecurity requirements

ALEXANDRIA, VA June 23, 2017 The Department of Defense held an "Industry Information Day" today to provide information regarding the DFARS 252.204-7012 clause, which requires all DoD contractors who work with Covered Defense Information (CDI) to implement all 110 security controls specified under the NIST Special Publication 800-171 before the end of this year.

Although contractors had held out hope that the December 31st deadline would be extended, today's Industry Day briefings made it clear that there will be no extension, so contractors interested in remaining eligible to bid on DoD contracts should take action now in order to complete their implementation of DFARS requirements before year's end.  

"Implementation of the NIST standards and other requirements of DFARS 7012 can be challenging for even the most experienced contractors," said Nelson Kanemoto, founder of eResilience, a division of Referentia Systems. "For small and medium sized businesses it's even more difficult because of limited time and resources. Today's news that there won't be any extension of the deadlines makes it critical for contractors to get started ASAP, especially since it's not guaranteed that government contract officers will accept a System Security Plan and POAM for implementing DFARS regulations as an alternative to timely compliance. If you're non-compliant at the end of the year you risk having to stop work."

A summary of highlights from the Industry Day event can be found at www.eresilience.com/IndustryDay

To help contractors navigate these regulations, eResilience has partnered with the Cyber Collaboration Center (CCC), a non-profit organization fostering collaboration between industry, academia, and government on cybersecurity issues.  The Cyber Collaboration Center is producing a series of free, live streaming webinars focused on providing updates and information about DFARS compliance.

The first session in the series, "DFARS 7012 Cybersecurity Requirements Update for Contract Managers" will be presented on Wednesday, July 12, 2017 at 1400 PST by McCarter & English, LLP, a law firm with specific expertise on DFARS contract regulations, and will include a briefing on highlights from today's DFARS Industry Day. 

Access to the webinar series is available at www.cybercollaborationcenter.org. The suggested audience includes Executives, Contracts Managers (from both industry and government), Program Managers, IT Managers, and Facility Security Officers.  There is no cost or obligation associated with attending the webinars.  For more information, contact Larry Lieberman at (808) 840-8580 or [email protected]

About eResilience (www.eresilience.com):  eResilience is a new division of Referentia Systems, a National Security Agency (NSA) Trusted Integrator, focused on commercial cybersecurity solutions, risk management and DFARS compliance services.

FICO/Ovum survey indicates overconfidence might stifle cybersecurity investment

Shiflet

SAN JOSE, CA June 20, 2017 Senior executives at US firms may be overconfident in their cybersecurity protection, according to a new survey conducted by research and consultancy firm Ovum for Silicon Valley analytics firm FICO. Twenty-seven percent of executives from US firms said they were better prepared than their competitors, and an additional 27 percent of these executives said their firm was a top performer. US respondents were more likely to rate their firms as above average than respondents in Canada.

More information: http://subscribe.fico.com/cybersecurity-views-from-the-c-suite

Telecommunications providers were the most confident of all. Ninety-one percent of respondents said they were better prepared than their competitors, with 55 percent calling their firm a top performer.

Healthcare institutions, in contrast, showed the least amount of confidence in their protection, with 32 percent unsure of how they stack up against competitors and 16 percent rating their firm below industry average, while only 11 percent rated their firm above average.

"The danger in overconfidence is that it can impact investment," said Bob Shiflet, who oversees fraud and financial crime solutions at FICO. "We would encourage firms to continue their diligence and not allow confidence to turn into complacency."

Ovum conducted the survey for FICO through telephone interviews with 350 CXOs and senior security officers in the US, Canada, the UK and the Nordics in March and April 2017. Respondents represented firms in financial services, telecommunications, retail, ecommerce and media service providers. FICO's solutions for cybersecurity include the FICO® Enterprise Security Score, which firms use to benchmark their own cybersecurity posture as well as that of vendors and partners.

About FICO
FICO (NYSE: FICO) powers decisions that help people and businesses around the world prosper. Founded in 1956 and based in Silicon Valley, the company is a pioneer in the use of predictive analytics and data science to improve operational decisions. FICO holds more than 170 US and foreign patents on technologies that increase profitability, customer satisfaction and growth for businesses in financial services, telecommunications, health care, retail and many other industries. Using FICO solutions, businesses in more than 100 countries do everything from protecting 2.6 billion payment cards from fraud, to helping people get credit, to ensuring that millions of airplanes and rental cars are in the right place at the right time.

Learn more at http://www.fico.com

About Ovum

Ovum is a market-leading research and consulting firm focused on helping digital service providers and their vendor partners thrive in the connected digital economy. Through its 150 analysts worldwide, it offers expert analysis and strategic insight across the IT, telecoms, and media industries. Founded in 1985, Ovum has one of the most experienced analyst teams in the industry and is a respected source of guidance for technology business leaders, CIOs, vendors, service providers, and regulators looking for comprehensive, accurate, and insightful market data, research, and consulting. With 23 offices across six continents, Ovum offers a truly global perspective on technology and media markets and provides thousands of clients with insight including workflow tools, forecasts, surveys, market assessments, technology audits, and opinion.

Ovum is part of the Business Intelligence Division of Informa plc, a leading business intelligence, academic publishing, knowledge and events group listed on the London Stock Exchange. https://ovum.informa.com/

Team8 adds Intel to its growing global cyber syndicate

Zafrir

TEL AVIV June 21, 2017 Team8, Israel's leading cybersecurity think tank and company creation platform, announced today it has added Intel to its global cyber syndicate. This new strategic relationship will help Team8 develop disruptive companies that address the biggest problems in cybersecurity and provide organizations with an advantage over cyber threats.

Intel will join current Team8 cyber syndicate members Microsoft, Cisco, Qualcomm, AT&T, Citigroup, Accenture, Nokia, Temasek, Mitsui, Bessemer Venture Partners, Eric Schmidt's Innovation Endeavors and Marker LLC. The companies in the cyber syndicate work closely with Team8 during the exploration, ideation and validation phases of its company creation process.

Intel will work with Team8 to secure future computing, IoT, Mobile, Automotive and Cloud technologies. Intel and Team8 will collaborate to identify security gaps in future networks, technologies and infrastructures with a view to developing new cyber paradigms to address these challenges. Intel will also explore new business opportunities with the ensuing companies created by Team8's foundry.

"Intel is committed to cybersecurity and we are always looking for the best and the brightest to further our capabilities and provide industry leading security," said Rick Echevarria, Vice President, Software and Services Group and General Manager, Platform Security Division at Intel Corporation. "Team8 provides a unique vantage point and deep experience that makes them a natural fit for future Intel's security offerings."

"Our mission is to tackle the biggest problems in cybersecurity and give organizations the advantage over cyber attackers. Adding Intel to our syndicate is a critical extension that will give us a unique insight to the security challenges associated with the mobile, cloud and IoT revolutions," said Nadav Zafrir, Co-Founder and CEO of Team8 and former Commander of Israel's Technology & Intelligence Unit 8200.

Team8 was founded by veterans of the IDF's Intelligence & Technology Unit 8200; Nadav Zafrir (former head of the unit), Israel Grimberg (former head of its cyber division) and Liran Grinberg (former distinguished officer). Since its launch in 2014, it has announced the launch of two companies, illusive networks and Claroty, with several more companies currently operating in stealth. illusive networks specializes in deception technology used to detect targeted attacks, while Claroty's industrial security platform secures and optimizes critical industrial infrastructure sites such as power grids, steel mills, chemical, food and beverage sites and oil refineries.

About Team8: 

Team8, Israel's most prestigious cybersecurity think tank and company creation platform, develops disruptive companies that challenge the biggest problems in cybersecurity today. The Team8 innovation process combines a research team with intimate knowledge of both offensive and defensive aspects of cybersecurity, access to the best cyber talent, and a global syndicate that provides access to customers, partners and key influencers. Team8 was founded by leading cybersecurity experts Nadav Zafrir, Israel Grimberg and Liran Grinberg, all with deep ties to Israel's famous IDF Technology & Intelligence Unit 8200. It is backed by Microsoft Ventures, Cisco, AT&T, Accenture, Qualcomm, Nokia, Citigroup, Temasek, Mitsui, Bessemer Venture Partners, Eric Schmidt's Innovation Endeavors and Marker LLC. For more information on Team8, please visit http://www.team8.vc

ZingBox offers free advice on 'Hidden Cobra' threat to healthcare entities

MOUNTAIN VIEW, CA June 21, 2017 In the wake of the devastating WannaCry ransomware attack, ZingBox, a leading Internet of Things (IoT) security solution provider, is offering recommendations to the healthcare industry on how to best protect itself from the newest potential threat originating from 'Hidden Cobra'.

HHS's Office for Civil Rights (OCR) recently issued a cyber notice to the healthcare industry about a potential threat to critical infrastructure sectors, such as healthcare, by a malicious cyber group called Hidden Cobra, also known as Lazarus Group suspected to be behind the WannaCry attack.  The threat relates to the same type of vulnerability that allowed WannaCry to spread. Importantly, simply installing Microsoft patches will not necessarily protect from Hidden Cobra since they use a wide range of vulnerabilities. And despite Microsoft releasing several patches, the vulnerabilities exploited do not only apply to Microsoft OS. Software such as Silverlight, Adobe Flash and Hangul Word Processor are also exploited by this threat actor.

"Although many of the affected vulnerabilities are more commonly found on devices with browsers, infection of just one such device can cause a new wave of attacks against connected medical devices," said Xu Zou, CEO and Co-founder of ZingBox. "ZingBox recommends healthcare organizations ensure no browsers are used on connected medical devices move PCs to non-IoT device networks."

To assist the many organizations struggling with the successful navigation and management of their security vulnerabilities, ZingBox is offering their SaaS-based IoT Security solution at no cost to healthcare organizations for a limited time use. "We have been contacted by many healthcare organizations since the WannaCry outbreak.  We are making a commitment to assist these organization gain the much-needed visibility and security of their IoT environment with no strings attached," said Xu Zou.

IoT Guardian, ZingBox's SaaS-based security solution, leverages machine learning to discover, assess risk, baseline normal behavior, detect anomalous activities and provide real-time remediation across an organization's entire IoT footprint. The patent-pending solution has a deep grasp of each IoT device's personality, analyzing communication to and from every device, watching constantly for deviations in behavior and providing alerts for suspicious behavior.

For more information, visit www.zingbox.com. To take advantage of the free services offered by ZingBox, visit https://www.zingbox.com/resources/free-service/.

ZingBox Social Media
Twitter: @ZingBoxSecurity
LinkedIn: http://bit.ly/2iKU8wE

About ZingBox

Enabling the Internet of Trusted Things, ZingBox provides hospitals, companies and manufacturing facilities with Internet of Things (IoT) security software that helps ensure service delivery. ZingBox's new approach is based on Deep Learning and enforcement of trusted behavior. Founded by Silicon Valley veterans with expertise in cybersecurity, IoT, Deep Learning, and networking, ZingBox was selected by the Stanford StartX program, was named one of NetworkWorld's hottest security startups, and was most recently named a “Cool Vendor in IOT Security, 2017” by Gartner For more information, visit www.zingbox.com .

About ZingBox
Enabling the Internet of Trusted Things, ZingBox provides hospitals, companies and manufacturing facilities with Internet of Things (IoT) security software that helps ensure service delivery. ZingBox's new approach is based on Deep Learning and enforcement of trusted behavior. Founded by Silicon Valley veterans with expertise in cybersecurity, IoT, Deep Learning, and networking, ZingBox was selected by the Stanford StartX program, was named one of NetworkWorld's hottest security startups, and was most recently named a “Cool Vendor in IOT Security, 2017” by Gartner For more information, visit www.zingbox.com.

Comodo names former White House CIO as cyber vice president

CLIFTON, NJ June 21, 2017 Comodo, a global innovator and developer of cybersecurity solutions and the worldwide leader in digital certificates, announced today the appointment of Carlos Solari as vice president of cyber security services.  Carlos will help lead efforts to expand on a growing Managed Security Services (MSS) line of business. MSS as it relates to the web, the Internet of Things and Industrial Control Systems is at the front lines of cyber security.

Solari has a vast knowledge of IT and national cyber security, most notably serving as CIO for the White House from 2002-2005, where he was instrumental in the development and implementation of the strategy and enterprise architecture for major systems renovation, covering all aspects of the enterprise computing serving the White House and its supporting offices. Prior to joining the White House, Solari had 20+ years of public service experience, including 13 years in the army and six with the FBI's Criminal Investigation Division managing several large-scope, full life-cycle IT programs for the FBI.

Solari's previous roles in the private sector include Mission Secure Inc, where he focused on the security of industrial systems, with Computer Science Corp where he served as GM/VP of global security services for Fortune 500 companies and government clients and as cyber security lead at Alcatel Lucent / Bell Labs Solari. It was at Bell Labs that he and colleagues worked to define the methods for design of security embedded in systems – security by design – where he wrote (with contributors) Security in a Web 2.0+ World.

"I'm truly thrilled to join the Comodo team where security innovation is the one constant, in the DNA of the company, for solving very difficult cyber challenges," said Solari. "One can't help but get caught up in the energy of this young, vibrant, multi-national company bringing security solutions to market that challenge the status quo of old thinking with the new and innovative."

About Comodo 
The Comodo organization is a global innovator of cybersecurity solutions, protecting critical information across the digital landscape. Building on its unique position as the world's largest certificate authority, Comodo authenticates, validates and secures networks and infrastructures from individuals to mid-sized companies to the world's largest enterprises. Comodo provides complete end-to-end security solutions across the boundary, internal network and endpoint with innovative technologies solving the most advanced malware threats, both known and unknown. With global headquarters in Clifton, New Jersey, and branch offices in Silicon Valley, Comodo has international offices in China, India, the Philippines, Romania, Turkey, Ukraine and the United Kingdom. For more information, visit comodo.com.

Comodo and the Comodo brand are trademarks of the Comodo Group Inc. or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The current list of Comodo trademarks and patents is available at comodo.com/repository.

Keep up to date with the latest Comodo News from the Comodo blog at https://blog.comodo.com/ and on Twitter @ComodoNews.

Connect with Comodo on LinkedIn at https://www.linkedin.com/company/comodo.

Elevate Security receives $2M in seed funding, brings 'fresh approach' to inside cyber threat

Fly

SAN FRANCISCO June 21, 2017 Elevate Security, a platform that focuses on shifting human behavior and responses to security threats to prevent breaches, today publically launched backed by $2M in funding from Costanoa Ventures and Webb Investment Network.  Led by Masha Sedova and Robert Fly, former Salesforce senior cybersecurity experts, Elevate Security leverages what they learned developing behavior-based programs at Salesforce that had significant impact on improving people's responses to phishing scams and increasing reporting rates of suspicious activity.

As the technology industry races to create new technologies to thwart attacks and stay ahead of hackers, one of the biggest weakness remains employees themselves.   Password reuse, working on personal devices, and refusal to use multi-factor authentication are just a few of the behaviors hackers exploit to gain access to companies around the globe. According to a recent study by Verizon, 63% of all attacks involve password reuse and a similar study by IBM found that 95% of all attacks involve both technology and human exploits.

"The approach the vast majority of companies use to train their employees on cybersecurity is so old-fashioned and out of date that it actually does more harm than good," said Fly, CEO and co-founder of Elevate Security.  "Force-feeding a 60-minute video with questions at the end isn't going to achieve much more than getting people to tune out the message.  If employees don't feel invested in protecting digital assets, you might as well just leave the front door of your company open to hackers."

"Masha and Robert bring a fresh approach to solving the Achilles heel of cybersecurity," said Neill Occhiogrosso, Partner at Costanoa Ventures.  "So much energy has been placed in building walls and moats around companies – we liked that Elevate focused on the biggest potential defense of all – the employee.  Elevate will reinvent how to fight hackers at their own game."

More information on Elevate's technology platform will be available later this fall.

About Elevate
Elevate Security provides a web-based platform that focuses on shifting human behavior and responses to security threats in order to prevent breaches. This is the first people-centric solution that is based on behavioral science and is designed to transform the human element as a core defense strategy for organizations. Elevate is based in San Francisco and is hiring! To learn more, please visit www.elevatesecurity.com.

About Costanoa Ventures
Costanoa Ventures backs tenacious and thoughtful founders who change how business gets done. Costanoa seeks to be a long-term partner to entrepreneurs building durable companies leveraging data to solve complex business problems. For more information, please visit www.costanoavc.com.

About Webb Investment Network
Webb Investment Network (WIN) is the seed/early-stage investment vehicle of Maynard Webb (former COO of eBay, and currently on the boards of Salesforce, Visa and Yahoo!). WIN's goal is to invest in transformational technology companies across enterprise and cloud applications, mobile, marketplaces, and payments. WIN is also able to leverage its 80+ member Affiliate Network, comprised of seasoned technology operating executives who have worked with Maynard, to provide on-demand advice and mentorship to the WIN portfolio. To learn more, please visit winfunding.com.

MKACyber picks former HHS official as its new president

Kwon

FAIRFAX, VA June 20, 2017 MKACyber, a rapidly expanding Managed Security Operations Services Provider (MSSP) and security consulting firm with elite SOC expertise, today announced the addition of Cindy Gagliano as president. Teaming with MKACyber Founder and CEO Mischel Kwon, Ms. Gagliano will oversee all MKACyber customer engagements and the teams responsible for delivering technical defensive security, security operations and information assurance services.

Bringing two decades of security and consulting experience to MKACyber, Ms. Gagliano has held senior roles with organizations that include the Consumer Financial Protection Bureau, the U.S. Department of Health and Human Services and Booz Allen Hamilton. Her career has been focused on helping organizations mature their enterprise-wide risk management and incident management programs, strengthening their protection and response capabilities to threats and related vulnerabilities.

In addition to Ms. Gagliano – and to accommodate its strong customer growth – MKACyber has expanded its leadership team with several key hires. With substantial experience in security operations, financial administration and marketing in the private and public sectors, the new executives include:

  • Christen Gentile, Chief Marketing Officer – Ms. Gentile is responsible for the strategic direction and execution of all marketing and communication efforts. She brings to MKACyber more than 10 years of wide-ranging corporate and agency marketing and communications experience from organizations such as Kaspersky Lab, Globalscape and Lois Paul & Partners. 
  • Ron Fleming, Director of Security Operations and Services – Mr. Fleming oversees the delivery of state-of-the-art managed security operations solutions to private and public sector organizations. He comes to MKACyber with over 20 years of IT operations and cybersecurity experience from companies that include General Dynamics, CSC and First Information Technology Services.
  • Nazia Khan, Director of Assessments – Ms. Khan oversees the delivery of consulting services for assessing and improving customer cybersecurity operations programs. She joins MKACyber with over a decade of IT security and assessment experience, most recently serving as Security Assessment Manager for the U.S. Department of Health and Human Services, working within the department and across external agencies to improve their security programs.
  • Katherine Baylor, Director of Finance – Ms. Baylor oversees all functions relating to accounting, finance and tax. She joins MKACyber with nearly a decade of financial and operations experience, most recently serving as a Tax Manager in PricewaterhouseCoopers LLP’s asset management practice, focusing primarily on venture capital clients.

Underscoring MKACyber’s growth, the company also recently announced Series A funding and the appointment of several internationally recognized security industry leaders to its board of directors.

“I am thrilled with the high-caliber and diverse talent that we consistently attract to MKACyber. Cindy, Christen, Ron, Nazia and Katherine are welcome additions to MKACyber and further bolster an already world-class team,” said Ms. Kwon. “Their collective expertise will help us continue to deliver on our mission to help global enterprises and leading government organizations modernize their security operations centers, detection capabilities and incident response processes.”

MKACyber provides Managed Security Operations Services (MSSP) and consulting to help organizations modernize their security operations in a holistic and cost-effective manner. Founded in 2010 by Ms. Kwon – following her successes in such positions as Director of the U.S. Computer Emergency Readiness Team (US-CERT) and Vice President of Public Sector Security for RSA Security – the company works closely with commercial and federal government customers across executive and technical levels to vastly improve how organizations currently approach security operations.

Recognized for bringing much-needed innovation and repeatable processes to a critically important part of the security market, the company’s comprehensive MSSP offering and consulting services include:

  • Managed Security Operations Services – Based on its proprietary risk-driven SOC Methodology, driven by threat intel and focused on detection and incident response, MKACyber offers fully-managed services for threat monitoring/detection, vulnerability management and incident response/remediation.
  • Assessment and Consulting – End-to-end consulting services for assessing, building and/or repairing operational security capabilities; this includes establishing and/or augmenting threat intelligence and vulnerability management programs as well as physical SOC architecture and implementation.

MKACyber is a woman-owned business. In addition to her role with the company, Ms. Kwon is founder of the Cybersecurity Diversity Foundation, which is committed to supporting educational and workplace diversity in the field of cybersecurity.

About MKACyber

MKACyber delivers strong, defensive operational cybersecurity capabilities to enterprise and government organizations. Providing SOC assessments, high-touch managed SOC services and CISO advisory and collaboration support capabilities, the company arms its customers with best-in-class solutions that address the most pressing needs of groups ranging from boards of directors and executive teams to technical staffs. Visit us at www.mkacyber.com.  

Pages

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...