Author: bacohido

Charities and nonprofits are particularly vulnerable to cybersecurity threats, primarily because they maintain personal and financial data, which are highly valuable to criminals.

Related: Hackers target UK charities

Here are six tips for establishing robust nonprofit cybersecurity measures to protect sensitive donor information and build a resilient organization.

•Assess risks. Creating a solid cybersecurity foundation begins with understanding the organization’s risks. Many nonprofits are exposed to potential daily threats and don’t even know it. A recent study found only 27% of charities undertook risk assessments in 2023 and only 11% said they reviewed risks posed by suppliers. These worrying statistics underscore the need to be more proactive in preventing security breaches.

•Keep software updated. Outdated software and operating systems are known risk factors in cybersecurity. Keeping these systems up to date and installing the latest security patches can help minimize the frequency and severity of data breaches among organizations. Investing in top-notch firewalls is also essential, as they serve as the first line of defense against external threats.

•Strengthen authentication. Nonprofits can bolster their network security by insisting on strong login credentials. This means using longer passwords — at least 16 characters, as recommended by experts — in a random string of upper and lower letters, numbers, and symbols. Next, implement multi-factor authentication to make gaining access even more difficult for hackers.

•Train staff regularly. A robust security plan is only as good as its weakest link. In most organizations, that exposure comes from the employees. Roughly 95% of cybersecurity incidents begin with a staff member clicking on an unsuspecting link, usually in an email. A solid cyber security culture requires regular training on the latest best practices so people know what to look out for and what to do.

•Get board involvement. Effective nonprofit cybersecurity starts at the top. Just as it’s common practice to task board members with budget reviews for fraud prevention, organizations can appoint trustees to oversee cybersecurity explicitly. Board involvement can cut through red tape and implement improved safeguards for donor information and funds

Conduct Internal Reviews. In a 2023 survey, 30% of CISOs named insider threats one of the biggest cybersecurity threats for the year. The risk factor is higher among nonprofits, as they store data about high-net-worth donors. A disgruntled employee or persons with malicious intentions can gain unauthorized access to these records to demand payments from patrons, knowing full well they can afford it.

Charity exposures

Threat actors continue to explore new methods to steal information. The usual attack vectors include:

•Data theft: Charities are rich in valuable data, whether in their email list or donor database. The hackers then sell the information or use it themselves for financial gain.

•Ransomware: This attack involves criminals holding a network and its precious data hostage until the enterprise pays the demanded amount.

•Social engineering: These attacks exploit human error to gain unauthorized access to organizational systems. Lack of proper staff training is the biggest culprit in this case.

•Malware: Hackers deploy malicious software designed to cause significant disruptions and compromise data integrity.

Amos

If any of these attacks proves successful, the consequences for nonprofits are often severe and far-reaching. In the immediate, there’s the loss of funds or sensitive information. There’s also the risk of financial penalties for breaching data protection laws. Beyond financial and reputational loss, the ripple effects become more evident with a decline in donor confidence.

Cybersecurity is a must for charities. Cyber attacks have become an increasing concern, so charities and nonprofits must commit to safeguarding private data as part of their success. By adopting proactive measures, they can stay on top of cybersecurity trends and foster enduring relationships with donors.

About the essayist: Zac Amos writes about cybersecurity and the tech industry, and he is the Features Editor at ReHack. Follow him on Twitter or LinkedIn for more articles on emerging cybersecurity trends.

SINGAPORE – Feb. 29, 2024.  In the modern age, large companies are wrestling to leverage their customers’ data to provide ever-better AI-enhanced experiences.

But a key barrier to leveraging this opportunity is mounting public concern around data privacy, as ever-greater data processing poses risks of data leaks by hackers and malicious insiders.

Silence Laboratories is on a mission to create infrastructure to enable complex data collaborations between enterprises and entities, without any sensitive information being exposed to the other engaging parties. Silence Laboratories today announces it has raised an additional $4.1 million funding round led by Pi Ventures and Kira Studio, along with several prominent angel investors.

Leveraging modern cryptography, the company already has one of the fastest distributed signature (authorization) libraries in production (Silent Shard), which has been audited by some of the best security auditing companies like Trail of Bits. These libraries have led to the establishment of strong partnerships with leading digital asset infrastructure and protocol companies like BitGo, MetaMaskEigenLayer, Biconomy, and EasyCrypto.

Products on offer by the company include Silent Shard which allows enterprises and users to limit the risk of exposing sensitive private keys and allows advanced authorisation rules to be put in place. Additionally, the newly launched Silent Compute product allows different organisations to collaborate on processing information without needing to expose their secrets and data to third parties and enrich insights while maintaining compliance and trust. Both the products uses multi-party computation (MPC) as its core cryptographic primitives.

Commenting on the announcement, Silence Laboratories CEO and founder Dr. Jay Prakash said: “In today’s digital ecosystem, trust, and privacy are not merely options but imperatives for sustainable growth. With this new injection of funds, Silence Laboratories is poised to redefine privacy by enabling businesses to fully embrace the power of AI while rigorously protecting their most vital asset – customer trust. Our privacy-enhancing technologies assure that collaboration and innovation can flourish in an environment where the confidentiality and integrity of data are uncompromised.”

Prakash

With the market for privacy-enhancing technologies (PETs) growing globally at a compound annual growth rate of 26.6%, there is growing demand for Silence Laboratories offering to provide mathematical guarantees for techno-legal expectations. This would allow companies to work together on processing data, without needing to share data with the other party – allowing more sectors to benefit from new technology, with less risk.

Shubham Sandeep, Managing Director at Pi Ventures, commented: “Secure data collaboration to enable privacy preserving compute is an ever growing problem especially in highly regulated domains such as finance and healthcare. This requires solutions based on zero trust cryptographic guarantees instead of relying on third party data vendors who are prone to security breaches. The MPC infrastructure developed by the world class team at Silence Laboratories is the fastest in the world, easily configurable, application agnostic and provides full control to the user. We are excited to double down on our investment as we have seen the fantastic progress of the company over the last 18 months.”

The funding will be used to scale the company’s tech & business teams and enrich the company’s robust R&D pipeline. Founded in 2021 by Dr. Jay Prakash (CEO), Dr. Andrei Bytes (CTO) and Dr. Tony Quek; the firm has also recently been expanding its global leadership team across cryptography, infrastructure business and engineering.

“The Silence team is an amazing team with deep cryptography expertise and is working on a set of groundbreaking products in privacy and authentication infrastructure and I am really excited to support their journey. Privacy-preserving infrastructure combined with blockchain and fintech rails is going to be huge!” shared Anurag Arjun, from Kira Studio and Ex Co-founder of Polygon.

For further information please contact the Silence Laboratories press office: Bilal Mahmood on b.mahmood@stockwoodstrategy.com or +44 (0) 771 400 7257

About Silence Laboratories: Started in 2021 by Dr. Jay Prakash (CEO) and Dr. Andrei Bytes (CTO), Silence Laboratories is a privacy tech company that enables enterprises to adopt privacy-enhancing technologies through a unique fusion of cryptography and security engineering. Their mission is to enable a global privacy-compliant collaboration infrastructure that would enable enterprises to collaborate, and exchange inferences while removing all single points of failure.

The company has been founded by a strong technical and business team including PhDs and researchers with previous affiliations at the Massachusetts Institute of Technology (MIT), USA; Singapore University of Technology & Design (SUTD) & National University of Singapore (NUS); University of Illinois Urbana-Champaign (UIUC), globally top-ranked Capture The Flag (CTF) teams, and leading tech companies. Learn more about their work: https://silencelaboratories.com

Media contact: Bilal Mahmood, Stockwood Strategy, Mob: +44 (0) 771 400 7257

 

Zurich, Switzerland, Feb. 27, 2024 — Chipmaking has become one of the world’s most critical technologies in the last two decades. The main driver of this explosive growth has been the continuous scaling of silicon technology (widely known as the Moore’s Law).

But these advances in silicon technology are slowing down, as we reach the physical limits of silicon. For this reason, the industry has been investing heavily in nanomaterials like carbon nanotube, graphene and TMDs, which are expected to enable chips with unprecedented functionality. However, making electronic devices with these extremely small materials at speed, with precision, and without compromising on quality has been a long-standing obstacle.

Nanotechnology company Chiral is today announcing a $3.8m funding round to address this challenge head on, innovating the way nanomaterials are integrated into devices. Its expertise in nanotechnology, automation, and high-precision robotics will be pivotal in the industry’s move beyond silicon to the next generation of electronics. The pre-seed funding round was co-led by Founderful (formerly Wingman Ventures) and HCVC and includes grants from ETH Zurich and Venture Kick.

Research has evidenced the use case and impact of nanomaterials across a range of electronics including high-performance transistors, low-power sensors, quantum devices, and many more. However, existing production methods, mostly based on chemistry, are not controllable, which has thus far prevented commercialization of these devices.

Chiral has built high-speed, automated, robotic machines that integrate nanomaterials into devices. These machines can robotically place micrometer-sized (or even nanometer-sized) materials on small chips. Repeating these motions in a fast and automated manner requires a very high level of engineering, which, when done right, ensures the precision and control that conventional chemistry-based methods lack.

The development of Chiral’s technology started as a national research project conducted at the Swiss Federal Institutes of Technology (ETH Zurich, EPFL, and Empa), in which the company’s co-founders, Seoho Jung, Natanael Lanz, and Andre Butzerin participated as PhD students. After 4 years of R&D, the research team finished its first prototype machine, which was 100 times faster than the other systems available at the time. The immediate reaction of the market to the prototype, which quickly led to the company’s first batch of pilot customers, convinced the co-founders that they should continue their activity as a company. They incorporated Chiral in June 2023 as a result.

Jung

Seoho Jung, Co-founder and CEO at Chiral commented“At Chiral, we are pioneering the next generation of electronic devices across industry. Chipmakers are aware of the potential of nanomaterials and we’re bringing that potential to life. This funding will accelerate the development of our next machine, which will unlock new market opportunities with its versatility and performance. We are also excited to scale our team to keep up with the growing demand and customer base.”

The global nanotechnology market size is projected to grow from $79.14 billion in 2023 to $248.56 billion by 2030, at a CAGR of 17.8% (Fortune business insights research). One of the largest chipmakers in the world, Taiwan Semiconductor Manufacturing Company (TSMC) presented its development roadmap showing nanomaterial-based transistors as its future architecture.

Pascal Mathis, Founding Partner at Founderful, commented: “We’re thrilled to join forces with Chiral alongside HCVC. Chiral’s AI- and robotics-based technology lets us envision a future where nanomaterial-based chips are being produced at the scale needed for commercialization – a major bottleneck up until now. We look forward to supporting Seoho, Natanael and André in their journey to introduce a new paradigm of chips beyond silicon.”

Alexis Houssou, Founding Partner at HCVC, commented: “With the current boom in AI applications, we stand at a pivotal moment where the slowdown of Moore’s law threatens to decelerate the pace of technological progress significantly. The team at Chiral has embarked on a critical mission to pave the way toward a groundbreaking post-silicon era, promising to transcend current limitations and unlock new possibilities for advancement. We couldn’t be more excited to support their mission, in collaboration with Founderful, as they build the future of computing infrastructure.”

Seoho Jung added: “In the future, it will be normal for electronic devices or chips to contain nanomaterials. The development roadmaps of the world’s leading chipmakers like TSMC, Samsung, and Intel all share our vision. We are confident that Chiral technology will empower the industry to make this transition faster.”

About Chiral: Chiral is a nanotechnology company that produces advanced electronic devices with nanomaterials. The core of the company’s technology is its robotic machines that enable the fully automated integration of clean nanomaterials with unprecedented precision and speed. Incorporated in 2023, the company is a spin-off from ETH Zurich and Empa, and is headquartered in Zurich, Switzerland. Learn more about Chiral here: https://www.chiralnano.com/ 

About Founderful: Founderful is Switzerland’s leading pre-seed fund. We give every founder our deepest understanding and highest levels of support, and together, we’re building the future of the Swiss startup ecosystem. For more information, please visit https://www.founderful.com/ or follow via LinkedIn.

About HCVC: HCVC is a venture capital firm that helps founders tackle hard problems with capital, resources and collaboration with $130m in assets under management. With offices in Paris, London and San Francisco, HCVC invests in pre-seed and seed companies that leverage breakthrough technology to digitize, automate and decarbonize the world. For more information, please visit https://www.hcvc.co/

Media contact: Bilal Mahmood, Stockwood Strategy, Mob: +44 (0) 771 400 7257

Achieving “digital trust” is not going terribly well globally.

Related: How decentralized IoT boosts decarbonization

Yet, more so than ever, infusing trustworthiness into modern-day digital services has become mission critical for most businesses. Now comes survey findings that could perhaps help to move things in the right direction.

According to DigiCert’s 2024 State of Digital Trust Survey results, released today, companies proactively pursuing digital trust are seeing boosts in revenue, innovation and productivity. Conversely, organizations lagging may be flirting with disaster.

“The gap between the leaders and the laggards is growing,” says Brian Trzupek, DigiCert’s senior vice president of product. “If you factor in where we are in the world today with things like IoT, quantum computing and generative AI, we could be heading for a huge trust crisis.”

DigiCert polled some 300 IT, cybersecurity and DevOps professionals across North America, Europe and APAC. I sat down with Trzupek and Mike Nelson, DigiCert’s Global Vice President of Digital Trust, to discuss the wider implications of the survey findings. My takeaways:

Bungled innovation

Digital trust refers to companies meeting the reasonable expectation that the digital services they offer not only protects users, but also upholds societal expectations and values. The tech sector has been preaching this for several years, acknowledging the fact that preserving trust, as digital services advance, is proving to be extremely difficult — yet crucial nonetheless.

“Trust has become absolutely paramount in the world,” Nelson observes. “Trust can be lost when you introduce digital connectivity — and digital connectivity is everywhere.”

DigiCert’s survey presents hard evidence that trust can be the basis of a winning business model. The top 33 percent of digital ‘trust leaders’ identified in DigiCert’s poll said they can respond more effectively to outages and incidents and found themselves to be in a much better position to effectively leverage innovation. Meanwhile, the bottom 33 percent found it increasingly difficult to tap into innovation.

This tug-and-pull is happening in an operating environment where digital innovation, from a global perspective, is being bungled. That’s the assessment of the 2024 Edelman Trust Barometer, a study highlighting the rapid erosion of digital trust, to the point of exacerbating polarized political views.

Trzupek

In such an environment, companies have a terrific opportunity to set themselves apart as being trustworthy, Trzupek argues. “The companies we view as the most trustworthy on the planet are able to provide very reliable digital services in consistent ways,” he says. “They’re able to connect people through trusted experiences.”

Emerging standards

Indeed, advanced technologies, new protocols and emerging best practices are at hand to help companies build and sustain trust.

And supply chain participants and individual consumers are eager recipients, naturally gravitating to trusted services, Nelson observes. Digital trust has, in fact, become a crucial factor in consumer purchasing decisions and corporate procurement strategies, he says.

This dynamic is highlighted by support of the Matter smart home devices standard. Matter is part of a fresh slate of technical standards that must take hold to enable massively interconnected, highly interoperable digital systems.

Since it was introduced two years ago, Matter has been embraced by some 400 manufacturers of IoT devices and close to one million Matter certificates have been issued, Nelson told me. “It’s not just in smart homes,” he says. “We’re building trust into devices in automotive and we’re seeing it in healthcare, as well.”

For its part, DigiCert has continued to advance it’s DigiCert ONE platform of tools and services to help companies manage their digital certificates and Public Key Infrastructure (PKI.) DigiCert’s clients and prospects are steadily modernizing the way digital connections get authenticated and sensitive assets get encrypted, Trzupek told me.

“In visiting our customers over the past 18 months, I’ve seen a newfound energy for closely examining and more effectively managing PKI infrastructure, both internally and externally,” he says.  “Companies are moving to update decades old PKI systems because they realize how pivotal this is to digital trust and everything they do.”

DigiCert has also been a leader in championing the concept of “crypto agility” —the capacity to update and adapt cryptographic routines swiftly—something Trzupek and Nelson argued is rapidly becoming a business imperative.

A starting point

Nelson

Leveraging advanced tools and embracing emerging best practices is all well and good for the trust leaders. But what about the laggards? For the organizations just starting down the path towards achieving and sustaining digital trust, Nelson outlined this framework:

•Knowledge and inventory: Begin with taking inventory of cryptographic assets and understanding how they’re utilized within the organization.

•Policies and enforcement: Next, establish organizational policies that outline appropriate and inappropriate behaviors regarding digital assets. Assure that these policies are enforceable.

•Centralized security: Streamline control over various business units that may have disparate practices, thereby improving visibility and the ability to mitigate risks.

•Factor in business impact: Finally, prioritize security efforts based on the potential business impact. Evaluate the consequences should certain assets go offline; focus on protecting the most critical areas first.

Lagging really is no longer an option. Geo-political conflict, remote work exposures, unpredictable usage of generative AI; these all stand to further undermine digital trust for months and years to come.

Will the laggards follow the trust leaders? I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

AI chatbots are computer programs that talk like humans, gaining popularity for quick responses. They boost customer service, efficiency and user experience by offering constant help, handling routine tasks, and providing prompt and personalized interactions.

Related: The security case for AR, VR

AI chatbots use natural language processing, which enables them to understand and respond to human language and machine learning algorithms. This helps them improve their performance over time by gaining data from interactions.

In 2022, 88% of users relied on chatbots when interacting with businesses. These tools saved 2.5 billion work hours in 2023 and helped raise customer satisfaction to 69% for $0.50 to $0.70 per interaction. Forty-eight percent of consumers favor their efficiency prioritization.

Popular AI platforms

Communication channels like websites, messaging apps and voice assistants are increasingly adopting AI chatbots. By 2026, the integration of conversational AI in contact centers will lead to a substantial $80 billion reduction in labor costs for agents.

This widespread integration enhances accessibility and user engagement, allowing businesses to provide seamless interactions across various platforms. Examples of AI chatbot platforms include:

•Dialogflow: Developed by Google, Dialogflow is renowned for its comprehension capabilities. It excels in crafting human-like interactions in customer support. In e-commerce, it facilitates smooth product inquiries and order tracking. Health care benefits from its ability to interpret medical queries with precision.

•Microsoft Bot Framework: Microsoft’s offering is a robust platform providing bot development, deployment and management tools. In customer support, it seamlessly integrates with Microsoft’s ecosystem for enhanced productivity. E-commerce platforms leverage its versatility for order processing and personalized shopping assistance tasks. Health care adopts it for appointment scheduling and health-related inquiries.

IBM Watson Assistant: IBM Watson Assistant stands out for its AI-powered capabilities, enabling sophisticated interactions. Customer support experiences a boost with its ability to understand complex queries. In e-commerce, it aids in crafting personalized shopping experiences. Health care relies on it for intelligent symptom analysis and health information dissemination.

Checklist of vulnerabilities

Potential attack vectors can be exploited in AI chatbots, such as:

Input validation and sanitation: User inputs are gateways, and ensuring their validation and sanitation is paramount. Neglecting this can lead to injection attacks,, jeopardizing user data integrity.

Authentication and authorization vulnerabilities: Weak authentication methods and compromised access tokens can provide unauthorized access. Inadequate authorization controls may result in unapproved interactions and data exposure, posing significant security threats.

Privacy and data leakage vulnerability: Handling sensitive user information requires robust measures to prevent breaches. Data leakage compromises user privacy and has legal implications, emphasizing the need for stringent protection protocols.

Malicious intent or manipulation: AI chatbots can be exploited to spread misinformation, execute social engineering attacks or launch phishing. Such manipulation can harm user trust, tarnish brand reputation and have broader social consequences.

Machine learning helps AI chatbots adapt to and prevent new cyber threats. Its anomaly detection identifies suspicious behavior, proactively defending against potential breaches. Implement systems that continuously monitor and respond to security incidents for swift and effective defense.

Best security practices

Implementing these best practices establishes a robust security foundation for AI chatbots, ensuring a secure and trustworthy interaction environment for organizations and users:

Amos

Guidelines for organizations and developers: Conduct periodic security assessments and penetration testing to identify and address vulnerabilities in AI chatbot systems.

Multi-factor authentication: Implement multi-factor authentication for administration and privileged users to enhance access control and prevent unauthorized entry. Using MFA can prevent 99.9% of cyber security attacks.

•Secure communication channels: Ensure all communication channels between the chatbot and users are secure and encrypted, safeguarding sensitive data from potential breaches.

•Educating users for safe interaction: Provide clear instructions on how users can identify and report suspicious activities, fostering a collaborative approach to security.

•Avoiding sensitive information sharing: Encourage users to refrain from sharing sensitive information with chatbots, promoting responsible and secure interaction.

While AI chatbots have cybersecurity vulnerabilities, adopting proactive measures like secure development practices and regular assessments can effectively mitigate risks. These practices allow AI chatbots to provide valuable services while maintaining user trust and organizational security.

About the essayist: Zac Amos writes about cybersecurity and the tech industry, and he is the Features Editor at ReHack. Follow him on Twitter or LinkedIn for more articles on emerging cybersecurity trends.

Rochester, N.Y. Feb. 15, 2024 Harter Secrest & Emery LLP, a full-service business law firm with offices throughout New York, is pleased to announce that it has been selected as a NetDiligence-authorized Breach Coach®, a designation only extended to law firms that demonstrate competency and sophistication in data breach response.

Through its Breach Coach® designation, NetDiligence recognizes Harter Secrest & Emery as an industry leader and enhances the firm’s reputation as a trusted resource for clients navigating the complex landscape of data incident response. Harter Secrest & Emery is one of only approximately 25 firms in the world to be recognized with this designation, highlighting the firm’s deep experience and steadfast commitment to its clients.

With more than 20 years of experience in cyber, NetDiligence® specializes in cyber risk readiness and response services. NetDiligence-authorized Breach Coach® firms are selected based on their experience, competency, thought leadership, and industry engagement.

Greene

Led by partner F. Paul Greene, CIPP/US, CIPP/E, CIPM, FIP, Harter Secrest & Emery’s Privacy and Data Security practice group helps clients respond to data security incidents of all kinds. The group creates strategies and protocols to help clients identify and mitigate risk, proactively protect their most sensitive information, prepare for a broad array of incidents, and respond effectively and efficiently to incidents when they do occur.

Harter Secrest & Emery’s privacy and data security clients range from Fortune 100 corporations to closely-held businesses in a wide range of industries, including healthcare, financial services, data analytics/big data, retail, education, manufacturers, defense contractors, and employers of all sizes. The firm operates its own 24-hour Cybersecurity Incident and Breach Response Line to assist companies and organizations responding to a cyberattack or data breach. The response line, 1-800-232-3021, connects callers directly with an attorney from the firm’s Privacy and Data Security group for response and remediation support, including in relation to topics pertaining to crisis management and communication, post-breach reporting and notice, potential litigation and regulatory enforcement.

About Harter Secrest & Emery LLP: Harter Secrest & Emery LLP is a full-service business law firm with attorneys throughout New York representing clients ranging from individuals and family-owned businesses to Fortune 100 companies and major regional institutions. With offices in Rochester, Buffalo, Albany, Corning, and New York City, New York, the firm and its attorneys are consistently recognized by the industry’s leading law firm and attorney ranking programs, including Chambers and Partners, Best Law Firms® and The Best Lawyers in America®. www.hselaw.com.

Media contact: Phil Pantano, Pantano & Associates, 716.601.4128 or phil@pantanoPR.com

Lehi, Utah – Feb. 14, 2024  – DigiCert, a leading global provider of digital trust, today announced new additions to its executive leadership team with the appointments of Jugnu Bhatia as Chief Financial Officer (CFO) and Dave Packer as Chief Revenue Officer (CRO).

“DigiCert just closed its largest quarterly bookings in the company history, and I am thrilled to have such exceptional leaders joining our executive team at an important stage in our growth,” said Amit Sinha, CEO of DigiCert. “Jugnu and Dave bring deep operational and leadership experience at scale. With our continued digital trust innovation and go-to-market execution, these leaders will play a critical role as we drive to $1 billion and beyond in annual recurring revenue.”

With extensive experience in leading corporate and operational finance for both private and publicly traded companies, Bhatia joins DigiCert from Zscaler, Inc., where he most recently served as SVP, Finance and Chief Accounting Officer. During his eight-year tenure, Zscaler grew from a private company to a NASDAQ-100 company, scaling from $100 million in ARR to more than $2 billion in ARR. Prior to Zscaler, Bhatia spent nearly 20 years in finance, strategy, and operational roles with organizations such as Oracle and PricewaterhouseCoopers LLP, where he also served industry leading clients like Cisco, Agilent, and Sony.

Bhatia

“At a time when data is currency and security is paramount, cultivating trust becomes the bedrock upon which relationships and innovation thrive, unlocking avenues for growth,” said Bhatia. “I am looking forward to realizing this massive opportunity as part of DigiCert‘s executive leadership team.”

Packer brings to DigiCert more than 30 years of tech industry experience spanning leadership roles in sales, field operations, alliances, professional services, customer success, and support. Drawing from his diverse background in ERP, security, and data management, he will lead DigiCert’s go-to-market expansion efforts to capitalize on the massive market opportunity in digital trust. Prior to DigiCert, Packer led Worldwide Field Operations at Matillion, as well as Ping Identity and E2open—both of which had successful IPOs.

Packer

“Digital trust is not just a foundation, it’s the cornerstone of a tremendous market opportunity that I see for DigiCert,” said Packer. “The need for digital trust is only going to keep growing as the tectonic shifts from quantum computing and GenAI continue to impact every part of work and life, and DigiCert is in the prime position to address these growing needs.”

About DigiCert: DigiCert is a leading global provider of digital trust, enabling individuals and businesses to engage online with the confidence that their footprint in the digital world is secure. DigiCert® ONE, the platform for digital trust, provides organizations with centralized visibility and control over a broad range of public and private trust needs, securing websites, enterprise access and communication, software, identity, content and devices. DigiCert pairs its award-winning software with its industry leadership in standards, support and operations, and is the digital trust provider of choice for leading companies around the world. For more information, visit www.digicert.com or follow @digicert.

Uncategorized

San Mateo, Calif., Feb. 13, 2023 – The U.S. White House announced groundbreaking collaboration between OpenPolicy and leading innovation companies, including Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network.

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) Artificial Intelligence Safety Institute Consortium (AISIC) will act as a collaborative platform where both public sector and private sector leading organizations will provide guidance on standards and methods in the development of trustworthy AI.

The Kiteworks platform provides customers with a Private Content Network that enables them to employ zero-trust policy management in the governance and protection of sensitive content communications, including the ingestion of sensitive content into generative AI (GenAI).

Kiteworks unifies, tracks, controls, and secures sensitive content moving within, into, and out of organizations. With Kiteworks, organizations can significantly improve risk management and ensure regulatory compliance on all sensitive content communications.

Raimondo

The consortium, AISIC, brings together over 200 of the nation’s foremost AI stakeholders to support the development and deployment of trustworthy and safe AI technologies. This initiative aligns with President Biden’s Executive Order on Artificial Intelligence, focusing on key priorities, such as red-teaming, capability evaluations, risk management, safety, and security guidelines, and watermarking synthetic content.

According to U.S. Commerce Secretary Gina M. Raimondo, “Through President Biden’s landmark Executive Order, we will ensure America is at the front of the pack – and by working with this group of leaders from industry, civil society, and academia, together we can confront these challenges to develop the measurements and standards we need to maintain America’s competitive edge and develop AI responsibly.”

Freestone

Tim Freestone, Chief Strategy Officer at Kiteworks, expressed his enthusiasm about the collaboration: “Kiteworks’ selection underscores our commitment to protect sensitive content from being ingested into public GenAI large language models (LLMs). Kiteworks is very excited to play a pivotal role as a groundbreaking member of the NIST AI Safety Institute Consortium, tapping our expertise in data security and compliance to help guide the responsible development and management of AI solutions.”

For further insights into this groundbreaking collaboration and Kiteworks’ involvement, Kiteworks’ Freestone is available for interviews and discussions.

About Kiteworks: Kiteworks’ mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. The Kiteworks platform provides customers with a Private Content Network that delivers content governance, compliance, and protection. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communications. Headquartered in Silicon Valley, Kiteworks protects over 100 million end users for over 3,650 global enterprises and government agencies.

Every industry is dealing with a myriad of cyber threats in 2024. It seems every day we hear of another breach, another scam, another attack on anything from a small business to a critical aspect of our nation’s infrastructure.

Related: The case for augmented reality training

Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate, especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams.

And the solution they are turning to is not one that will solve their problems in the long run: handing cybersecurity responsibilities to internal IT teams.

It’s a tale as old as the first computer. When a technical issue arises, hand it over to IT. However, from the sheer amount of regulations coming down the pipeline to the tools necessary to counter threat actors, internal IT is not the right resource for this monumental task.

Regulatory overload

Firms in the financial services industry are staring down the bottom of the regulatory barrel coming into 2024. From identity theft to greater oversight on risk management, internal IT teams will be taking the brunt of these incoming regulations. This comes after the second highest year of enforcement actions from the Securities and Exchanges Commission (SEC).

The SEC’s incoming rules on handling cybersecurity are sweeping to say the least, ranging from 24/7 real-time monitoring to new documentation requirements to new security and vulnerability scanning and remediation requirements. The list goes on. No matter the size of your organization, this influx of regulations is a daunting task to keep up with on top of normal IT personnel responsibilities.

Cocanower

In order to maintain compliance in the coming months, new tools never used by IT workers will need to be implemented to have a secure cybersecurity strategy. To put it plainly, if you hand a tennis novice Serena Williams’ racket, their chances of winning the U.S. Open are slim to none. Experience, on top of the right tools, are necessary to withstand the onslaught of cyber threats currently bombarding the finance sector.

Resources, manpower

Not only are internal IT teams not versed in the necessary tools to counteract threat actors, businesses are not even hiring enough people with the skill sets needed to meet these regulations. Historically, these teams have been structured to focus on day-to-day operational IT tasks, lacking the specialized training and resources required to navigate the intricacies of the latest cybersecurity mandates. And that’s not even to mention the fact that cyberthreats need to be monitored 24/7/365.

Cybersecurity threats don’t stop when you clock out. In fact, that’s most likely when they will happen. For those in IT, schedules and budgets will have to drastically change to accommodate new requirements like real-time monitoring. All factors point to IT teams being in a precarious position, where the demands of complying with new regulations far exceed their available resources and manpower.

This mismatch not only impedes their ability to effectively safeguard against evolving cyber threats but also risks the potential for regulatory non-compliance, leaving financial institutions — and even the IT specialist’s own job security —  vulnerable on multiple fronts.

Assisting your IT team

In order to not overwhelm IT workforces, education and professional development opportunities will be crucial for a secure financial institution. This can also extend to your workforce as a whole.

Regular training sessions for all employees on cybersecurity best practices, potential threats, and the importance of compliance can help ensure that cybersecurity is a shared responsibility, contributing to a more robust defense against cyber threats and regulatory breaches.

Other tactics firms can employ include the adoption of new tools such as security incident and event monitoring (SIEM), real-time vulnerability scanning, endpoint detection and response (EDR) and many others.  Not only will IT teams need to evaluate all of the tools available in the marketplace to find the best  ones for their firm, but they will also need to take time away from their existing responsibilities to garner subject matter expertise around these tools.

The road ahead

Going into 2024, the current resources allocated to internal IT teams underscores a critical need for a strategic overhaul, where financial services firms must either significantly invest in upskilling their internal teams or seek external cybersecurity expertise to ensure alignment with the evolving regulatory landscape.

If companies are willing to provide the necessary support and resources to their internal IT teams to handle these incoming responsibilities and threats, they will be able to weather the regulatory storms ahead.

About the essayist: Michael Cocanower is founder and chief executive officer of AdviserCyber, a Phoenix-based cybersecurity consultancy serving Registered Investment Advisers (RIAs). He has earned certifications as both an Investment Adviser Certified Compliance Professional and as a Certified Ethical Hacker. He also has served on the United States Board of Directors of the International Association of Microsoft Certified Partners and the International Board of the same organization for many years, as well as served on the Microsoft Infrastructure Partner Advisory Council.

Kenilworth, NJ, Feb. 8, 2024 – Diversified, a leading global technology solutions provider, today announced a partnership and trio of solutions with GroCyber.

Together, the companies are empowering AV and media companies to improve their cybersecurity stance by providing a “clean bill of health” for their digital media environments, ensuring hardware and software are current, and protecting media storage and devices against the threat of malware.

Newfield

“Diversified has deep expertise in AV and media, and our conversations with clients have made clear that they want and need help navigating the complex cybersecurity landscape. However, until now, there was nothing in the market that addressed the unique cybersecurity and performance requirements of the media and AV worlds,” said Mat Newfield, president and chief commercial officer of Diversified. “Diversified and GroCyber have joined forces to fill that gap.”

Kidd

The new Diversified-GroCyber cybersecurity solutions include:

•Cyber certification. For this offering, GroCyber works as the independent third party to test and certify that the broadcast environments and components of Diversified customers are operating in accordance with the NIST Cyber Security Framework (CSF).

•Cyber hygiene and monitoring.This new Diversified managed service monitors the hardware and software at a business to ensure it has the latest security patches, configuration and access control – minimizing the enterprise’s cyber risk exposure.

•Vulnerability management. This new service provides guidance on how to create a secure architecture and performs scanning and penetration testing to identify and alert Diversified customers of vulnerabilities quickly so they can protect their media assets.

“It is absolutely critical for enterprises today to protect the integrity of their media assets, which are key to their business operations and can represent hundreds of millions of dollars in intellectual property,” said Alison Kidd, managing partner of GroCyber, which was founded by 25-plus-year legends in cybersecurity who have brought together a team of cybersecurity experts to solve some of enterprises’ most complex problems. “Traditional approaches like air gapping no longer work in our connected, IP-based world, and patching alone is not enough.”

About Diversified: At Diversified, we leverage the best in technology and ongoing advisory services to transform businesses. Our comprehensive suite of solutions are engineered to help our clients build connections that make a difference – whether by inspiring viewers, engaging associates, motivating audiences, or streamlining and safeguarding operations. We connect people, technology and experiences, where and when it matters most. Our solutions reach millions every day. Founded in 1993, we’re a global organization serving local needs with 2,000+ employees worldwide. Learn more at onediversified.com and follow us on LinkedIn and Twitter.

Media contact: Gordon Evans. gordon@bospar.com

Uncategorized