Author: Jane Devry

Infinidat, a leading provider of enterprise storage solutions, has introduced a new automated cyber resiliency and recovery solution that will revolutionize how enterprises can minimize the impact of ransomware and malware attacks. Infinidat’s InfiniSafe® Automated Cyber Protection (ACP) is a first-of-its-kind cybersecurity integration solution that is designed to reduce the threat window of cyberattacks, such as ransomware. Sophisticated cyberattacks, including new sinister forms of AI-driven attacks, are increasingly targeting the data storage infrastructure of enterprises.

Infinidat’s InfiniSafe ACP enables enterprises to easily integrate with their Security Operations Centers (SOC), Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR) cybersecurity software applications, and simple syslog functions for less complex environments. A security-related incident or event triggers immediate automated immutable snapshots of data, providing the ability to protect InfiniBox® and InfiniBox™ SSA block-based volumes and/or file systems and ensure near instantaneous cyber recovery.

“The merging of cybersecurity and data infrastructure has been compelling CIOs, CISOs and IT team leaders to rethink how to secure enterprise storage across hybrid multi-cloud deployments in light of increasing cyberattacks. Enterprises need proactive strategies, seamless integration across IT domains, and the most advanced, automated technologies to stay ahead of cyber threats,” said Eric Herzog, CMO at Infinidat. Recognized as a cyber secure storage expert, Herzog is coming off participation in a string of cybersecurity panel discussions, roundtables and conference events.“Infinidat has carved out a very unique leadership position as the only storage vendor to offer an automated enterprise storage cyber protection solution that seamlessly integrates with cyber security software applications,” said Chris Evans, Principal Analyst at Architecting IT. “Infinidat’s newly launched InfiniSafe Automated Cyber Protection that easily meshes with the SIEM, SOAR or Security Operations Centers is exactly what enterprises need to include enterprise storage as a comprehensive approach to combat cyber threats.”

Infinidat’s new InfiniSafe ACP capability orchestrates the automatic taking of immutable snapshots of data, at the speed of compute, to stay ahead of cyberattacks by decisively cutting off the proliferation of data corruption.

Evans added, “This proactive cyber protection technique is extremely valuable, as it enables taking immediate immutable snapshots of data at the first sign of a potential cyberattack. This provides a significant advancement to ensure enterprise cyber storage resilience and recovery are integral to an enterprise’s cybersecurity strategy. ACP enhances an enterprise’s overall cyber resilience by reducing the threat window and minimizing the impact of cyberattacks on enterprise storage environments.”

The InfiniSafe Automated Cyber Protection is one of the biggest innovations of the year in cybersecurity because it unlocks the full potential of an enterprise’s security posture and maximizes the investments that an enterprise has made in protecting the business. By plugging into existing security mechanisms and continuous monitoring, InfiniSafe ACP bridges the gaps between enterprise storage and cybersecurity strategies that can transform the way CIOs and CISOs think about enterprise data infrastructures.

Information technology leaders have identified this ability to automate data snapshot commands and data pathways as critical to early detection and worry-free cyber recovery that minimizes the effects of even the most vicious and deceptive cyberattacks of malicious actors. An enterprise’s security team can put all its information from security operations through an enterprise storage intelligence grid to create the most sensitive triggers that often get missed by existing technologies and techniques.

Paul Rapier, VP of Information Technology at the Detroit Pistons, stated, “Infinidat’s efforts in enhancing cyber resilience for enterprises, particularly through the new InfiniSafe Automated Cyber Protection, are noteworthy for data security.”Allen Shahdadi, Vice President of Global Sales at Sycomp, said, “Infinidat has become synonymous with guaranteed cyber resilient storage. Infinidat continues to deliver powerful solutions that solve critical cyber issues for enterprises and service providers around the globe. The InfiniSafe Automated Cyber Protection solution brings much needed capabilities to fight more effectively against cyberattacks. The automatic capture of immutable snapshots of primary data could be the difference between your data being held ransom and the rapid recovery of your data. Before international cybercriminals, hackers and fraudsters can gain an advantage, Infinidat’s InfiniSafe reduces the threat window decisively.”

The InfiniSafe Automated Cyber Protection solution is the latest in a string of cybersecurity capabilities that Infinidat has brought forward to strengthen enterprise storage in the face of constant threats of a tsunami of cyberattacks. Infinidat has also unveiled the following extensions of its state-of-the-art cyber resilient capabilities:

  • InfiniSafe Cyber Detection for VMware – Access to InfiniSafe cyber resilience capabilities to combat cyberattacks has been expanded into VMware environments. The impact of a cyberattack can be readily determined through this cyber detection capability, with highly granular insights by leveraging AI and machine learning whether or not a VMware datastore and the VM’s they encompass have been compromised.
  • InfiniSafe Cyber Detection for InfiniGuard® – Cyber detection will be extended onto the InfiniGuard purpose-built backup appliance to help enterprises resist and quickly recover from cyberattacks. This proven capability provides highly intelligent scanning and indexing to identify signs of cyber threats in backup environments, helping ensure that data has integrity. The enhanced version will be available in 2H 2024.

As a leader in cyber resilient storage, Infinidat first unveiled its InfiniSafe software-based platform two years ago with a set of cybersecurity functions. This solution has won numerous awards and has been proven by large global enterprises. The comprehensive cyber resilience capabilities of InfiniSafe technology improve the ability of an enterprise to combat and protect against ever-increasing cyberattacks and data breaches by uniquely combining immutable snapshots, logical air gapping, fenced/isolated networks, and virtually instantaneous data recovery into a single, high-performance platform.

The InfiniSafe ACP is the latest example of Infinidat’s broadening innovation. It was introduced alongside the launch of the InfiniBox G4 family of next-generation storage arrays for all-flash and hybrid configurations. The G4 series is a completely new storage array family built from the ground up that substantially extends Infinidat’s cyber storage resilience and delivers up to 2.5x improvement in performance. The InfiniBox G4 series introduces a new set of foundational elements, powered by InfuzeOS, which is Infinidat’s software defined storage operating system.

Webinar On Demand

To watch Infinidat’s end-user webinar about the new solutions − “The Future of Enterprise Storage, Cyber Security and Hybrid Multi-Cloud” – users can click here.

The post Infinidat Revolutionizes Enterprise Cyber Storage Protection to Reduce Ransomware and Malware Threat Windows appeared first on Cybersecurity Insiders.

Woven into the fabric of everyday life, the Internet of Things (IoT) is ever-expanding, from smart home devices to industrial sensors. But an ecosystem on the edge of innovation comes hand-in-hand with a growing attack surface, creating a permeable landscape vulnerable to threats like cross-site scripting (XSS) and data breaches. 

IoT devices are as diverse and ubiquitous as smart home appliances (think thermostats, lighting systems, and refrigerators), wearable health monitors, connected cars, smart meters, and industrial control systems. The most important takeaway is that there are billions of IoT devices globally, putting security concerns on an unprecedented scale. 

As if the breadth of the IoT environment wasn’t enough, IT professionals must stay on high alert for these ten common security threats. 

1. Limited Support and Updates

Software updates are few and far between once IoT devices are deployed, leaving exposure to vulnerabilities down to the manufacturer’s discretion. After the End-of-Life (EOL) hits, updates and patches come to an abrupt halt – but usage continues. 

2. Lack of Standardization

The IoT landscape includes a diverse array of devices produced by numerous manufacturers, each designed for different environments with a wide range of design standards, protocols, and security practices. The lack of standardization and uniform security measures means there is no one-size-fits-all approach to securing IoT devices, creating inconsistencies and exposing the attack surface. 

3. Data Privacy Concerns

The rapid development of IoT technology often outpaces the formulation of relevant privacy regulations like Europe’s GDPR and California’s CCPA. Service providers and manufacturers struggle to keep up, and the discovery and protection of sensitive data fall by the wayside. Worse, IoT devices collect a staggering volume of data, adding scalability concerns into the mix. 

4. Network Security Risks

Any compromise in an IoT device can pose a risk to the entire network, and the necessary security measures are much more complex than securing homogeneous environments. For example, cybercriminals use IoT devices as entry points to launch broader attacks, such as distributed denial-of-service (DDoS).

5. Supply Chain Vulnerabilities

The IoT supply chain is often opaque, and ensuring the security of components that may come from different sources is challenging. Just one insecure component can cripple the security of the entire device and make it difficult to guarantee the security of the final product. 

6. Legacy Integrations

In many cases, IoT devices are integrated into existing systems that may be running on older, legacy technology or rely on third-party components no longer supported or updated by their original creators. 

7. Physical Security Risks

Given that many IoT devices interact with the physical world (e.g., smart locks), a security breach could have direct physical consequences – unlocking doors or controlling industrial machinery. This unique problem raises the stakes significantly compared to traditional cyber threats, making the devices vulnerable to tampering, especially when they rely on sensors that can be manipulated or spoofed. 

8. Consumer Awareness and Education

A large number of IoT devices are intended for consumer use, but end-users need to be fully aware of the complexities of IoT devices and their security implications. Users may believe that products like smart thermostats are seemingly harmless and inherently secure. Where there’s often a lack of awareness or concern about security issues, users ignore issues like poor password hygiene and security settings.

9. nability to Prioritize Threats

The diverse nature and sheer volume of IoT devices add complexity to threat assessments, making IT professionals feel in limbo. As the threats keep coming, prioritizing and contextualizing threats to avoid vulnerability overload is the challenge. Thorough risk assessments and comprehensive monitoring tools make this process easier. 

10. Balancing Performance and Security 

Often, IoT devices are designed with limited processing power, memory, and battery life to keep costs and energy usage down. Implementing robust security measures may require additional computational resources, which can strain these limited resources, impacting the device’s performance and functionality. Hence, many IoT devices are designed with convenience and functionality in mind, leaving security as an afterthought. 

11. Zero-Day Vulnerabilities

As with any software, unknown flaws exist and can be exploited before patches are available – a prevalent issue considering the previously mentioned IoT patching and update issues. Zero-day vulnerabilities provide opportunities for rapid exploitation of devices, and the attack can quickly spread across a network. 

12. Insecure Communication Protocols

Without secure communication protocols, data sent from IoT devices can be altered or tampered with during transmission. IoT devices, especially everyday and household items, lack strong encryption, making communications easily readable by anyone who can access the data stream.

Moving Forward with a DevSecOps Approach

A DevSecOps approach can transform security into a foundational aspect of the development process rather than a simple afterthought. You can embed security into every stage of the development and operational lifecycle, including the design and planning phases, by automating processes like security testing, continuous monitoring, patch management, and more. Automated tools are the future of IoT security as its adoption grows at staggering rates, ensuring that security considerations are continuous and that vulnerabilities never slip through the cracks. 

Dotan Nahum is the Head of Developer-First Security at Check Point Software Technologies. Dotan was the co-founder and CEO at Spectralops, which was acquired by Check Point Software, and now is the Head of Developer-First Security. Dotan is an experienced hands-on technological guru & code ninja. Major open-source contributor. High expertise with React, Node.js, Go, React Native, distributed systems and infrastructure (Hadoop, Spark, Docker, AWS, etc.)

The post 12 Common Concerns of the Permeable IoT Attack Surface appeared first on Cybersecurity Insiders.

Addressing the Current Cybersecurity Climate and Disaster Recovery Shortfalls

In the current digital era, characterized by increasingly complex and sophisticated cyber threats, the role of IT security leaders in safeguarding organizational assets has never been more challenging. The inadequacy of traditional disaster recovery platforms and plans is starkly evident; these lag in addressing the speed and complexity of modern cyberattacks. This gap underscores the urgent need for innovative recovery strategies, such as AI-driven dynamic computer imaging, which represents a significant advancement in digital resilience, much like the leap from analog to digital in other technology sectors.

Redefining Cybersecurity Recovery with Dynamic Computer Imaging

Traditional computer imaging, with its reliance on static templates and manual intervention, is now insufficient against the backdrop of fast-evolving cyber threats. This method’s lack of responsiveness fails to meet the demands of the current cybersecurity landscape. In contrast, dynamic computer imaging, empowered with AI and automation, offers a solution that is both adaptive and robust, ensuring more efficient and secure system recovery.

The Inefficiencies of Conventional Disaster Recovery Approaches

  • Protracted Response Times: Existing disaster recovery methods, heavily reliant on manual processes, are inadequately slow, impeding swift recovery after cyber incidents.
  • Elevated Security Risks: Traditional methods are less equipped to adapt to new and emerging cyber threats, increasing the vulnerability of systems.
  • Excessive Resource Consumption: Manual monitoring and updates place an undue strain on IT resources, detracting from strategic cybersecurity initiatives and innovation.

Implementing AI and Automation in Disaster Recovery

The use of AI-driven dynamic computer imaging is having a transformative impact on recovery after a cyber incident. This technology automates the deployment of system configurations and updates, enabling a rapid and effective response to cyber threats. It ensures timely restoration of systems to a secure state, significantly cutting down recovery time, and enhancing overall cybersecurity resilience.

Key Advantages of AI-Enhanced Dynamic Computer Imaging in Disaster Recovery

  • Accelerated Recovery and Deployment: AI and automation expedite the recovery process, ensuring minimal downtime following cyber-attacks.
  • Consistent Security and Compliance: Automated imaging systems maintain up-to-date security across all systems, aligning with the latest compliance standards.
  • Efficient Resource Management: Automation allows IT teams to allocate their skills toward strategic security planning and innovative solutions.

Integrating AI-Driven Dynamic Imaging into Disaster Recovery Plans

As part of a comprehensive cybersecurity strategy, integrating AI-enhanced dynamic computer imaging involves:

  • Ongoing Updates and Adaptability: Continuously refine imaging protocols to keep pace with evolving security patches and regulatory requirements.
  • Harmonization with Security Infrastructure: Ensure that dynamic imaging is seamlessly integrated with other cybersecurity mechanisms for a well-rounded defense.
  • Promotion of Security Consciousness: Encourage a culture that understands and values the role of AI-driven imaging in maintaining a secure IT environment.

Conclusion: A Strategic Shift Towards AI-Driven Dynamic Imaging in Disaster Recovery

The adoption of AI-enhanced dynamic computer imaging is a strategic imperative for today’s CTOs and CIOs. This approach represents a more agile, efficient, and secure method of managing IT infrastructures, essential for rapid recovery from cyberattacks. In the face of a paradigm shift in IT security towards more proactive and intelligent solutions, AI-driven dynamic imaging stands as a crucial element in reinforcing digital defenses and ensuring continuous operational functionality amidst the growing complexity of cyber threats.

The post Elevating Disaster Recovery in Cybersecurity With AI-Driven Hyperautomation appeared first on Cybersecurity Insiders.

Partnership with BCR Cyber Will Provide Jobs and Access to Advanced Experiential Training at Maryland Community Colleges

Baltimore, MD (6/25/24) – The Maryland Association of Community Colleges (MACC), in partnership with Baltimore Cyber Range dba BCR Cyber, has been awarded $935,680 through the Maryland Department of Commerce’s “Build Our Future Grant Pilot Program” to fund the Cybersecurity Workforce Accelerator.  This award leverages the $2 million of Congressionally Directed Spending obtained by U.S. Senators Ben Cardin and Chris van Hollen that was allocated for the Accelerator earlier this year in the Federal FY25 Budget as matching funds, bringing the total amount awarded year to date for the Cyber Workforce Accelerator to $2.9 million.

Together, MACC and BCR Cyber developed the Cyber Workforce Accelerator to dramatically expand Maryland workforce development efforts and provide the state’s community colleges with BCR Cyber Series 3000 Cyber Ranges, giving access to advanced experiential training and education technology to train and certify thousands of entry level IT and cyber practitioners. The Cyber Workforce Accelerator will be available to both credit and non-credit students enrolled at Maryland community colleges.

The grant award facilitates the procurement, configuration, and deployment of the cyber ranges, as well as required community college and server facility infrastructure upgrades, enhancements, and staff training. Delivery of the cyber ranges and training commencement is expected by April 1, 2025.

As a function of this effort, a public-private consortium of 35+ cybersecurity companies and government agencies will steer course content development and recruit entry-level employees trained at the community college cyber ranges. Each of these entities have pledged significant leveraged resources to this project.

According to Dr. Brad Phillips, Executive Director of MACC, “The goal is to place cyber ranges in community colleges across the State to be used for workforce development in cybersecurity.  This will place Maryland as the first state in the nation to use range technology for workforce development, which will diversify the workforce and accelerate closing the workforce skills gap. I strongly believe what we are doing should become a model for the nation.”

This initiative builds on the federally funded “Cyber Pathways Across Maryland” (CPAM) program infrastructure and BCR Cyber via Maryland Department of Labor Employment Advancement Right Now (EARN) programs. For more than five years, BCR Cyber has worked with the EARN program and Maryland community colleges to establish an IT and cybersecurity workforce development pipeline. More than 1,000 Maryland residents have been trained, certified, and placed through the pipeline.

“Our work with MACC to deploy these additional cyber ranges not only helps meet the critical need to fill more than 30,000 cybersecurity job openings in Maryland, but also creates thousands of potentially life-changing career opportunities for Marylanders.  We are extremely grateful to the Moore-Miller Administration and the Department of Commerce for recognizing the need to dramatically expand Maryland’s cybersecurity workforce with this innovative public-private partnership,” says BCR Cyber President Michael Spector. 

BCR Cyber has established a wide range of strategic relationships with state and federal IT departments, allowing them to deliver cutting-edge cybersecurity training to their employees. Collaborating closely with these government entities, BCR Cyber is enabling them to strengthen their cybersecurity posture while fostering a culture of continuous learning and improvement.

Additionally, BCR Cyber holds exclusive responsibility for conducting technical proficiency testing for third-party assessment organizations (3PAOs), as required by the Federal Risk and Authorization Management Program (FedRAMP). BCR Cyber testing ensures these organizations meet the standards necessary to assess and authorize cloud service providers for federal agencies.

The Build Our Future Grant Pilot Program was established through The Innovation Economy Infrastructure Act of 2023 as a key piece of Maryland Governor Moore’s plan to bridge the gap between vision and success in the state. Grants are awarded to private companies, nonprofit entities, local governments, or colleges and universities in Maryland. Eligible projects include cyber ranges, prototype manufacturing centers, research spaces, sensitive compartmented information facilities, and wet laboratories, among others.

About Maryland Association of Community Colleges

Maryland Association of Community Colleges (MACC) is an advocate for Maryland’s 16 community colleges and the needs of the students they serve. State-of-the-art facilities, flexible curricula, and award-winning teaching staff serve full- and part-time students pursuing academic degrees, career certifications, and enrichment courses at 22 campuses and 1000+ learning sites statewide. See more at mdacc.org.

About BCR Cyber

Established in 2017, BCR Cyber (formerly Baltimore Cyber Range) is dedicated to delivering exceptional training solutions to both government and commercial clients. BCR Cyber has trained thousands of individuals and successfully placed over 83 percent into employment. The BCR Cyber Range is the first such facility in the world specifically dedicated to workforce development in the cybersecurity sector. BCR Cyber provides trainees with the most advanced cybersecurity strategies and techniques in an environment that simulates real threats in real-time. The range’s hands-on training encompasses cyber threat detection, compromise mitigation, and system remediation, and is complemented by placement services. For more information, visit www.bcrcyber.com.

 

 

The post Maryland Association of Community Colleges Receives Funding for the Cyber Workforce Accelerator appeared first on Cybersecurity Insiders.

It’s no secret that the Olympics is one of the most highly attended events in the world. This year, it is expected that the Olympics will bring over 15 million visitors to Paris. With such a heavy influx of people, protecting the event from both physical and cyber-attacks is a massive but vital undertaking. This year, it’s safe to say that the spotlight will be on mobile devices as they are our first choice for how we communicate, work, bank, take photos, navigate, shop and stay informed. This year, it is important to be aware of the risks associated with mobile devices as bad actors will have them high on their hit list. In fact, according to Zimperium’s Global Mobile Threat Report 2023 , 43% of all compromised devices were fully exploited (not jailbroken or rooted), an increase of 187% year-over-year. What’s more, the CISO for the Paris Olympics 2024 has announced that the number of attacks is expected to be eight to ten times higher than it was for the Tokyo Olympics. This piece will explore those risks and give insights on how to prepare for them. 

Don’t fall prey to risky QR codes

Mobile devices are a main avenue in which today’s cybercriminals are launching highly evasive attacks. In the last few years, QR codes have risen in popularity because of their ease and swift ability to share information by simply scanning a mobile phone’s camera. They will undoubtedly have a heavy presence at this year’s Paris Olympic Games (i.e. scanning codes via your personal TV, downloading Olympic related apps) and it is important to know that a QR code is just like a URL but worse, as you can’t see the real URL you really visiting prior to scanning it. So it’s really important to ensure you know where the QR code is actually taking you.

Make sure you don’t fall victim to malware by clicking on QR codes with malicious links that require you to download an application. Download the application from a trusted app store instead of following an opaque link to download an app from a third-party app store or an unknown source. We expect to see many fake apps centered around the Olympics. In fact, more than 200 fraudulent sites selling tickets for sporting events have already been detected by French police in recent months, and the French government has announced that it has fallen victim to cyberattacks of “unprecedented intensity.” 

Malicious Data Collection

With millions of people traveling to Paris this summer for the Olympic games, bad actors are preparing themselves to attack on all fronts, one of which is through guest Wi-Fi networks that can easily be corrupted i.e. public networks at the games, local coffee shops, airports etc. To all individuals who think logging into public Wi-Fi networks is safe, you better think twice. Bad actors can easily create open Wi-Fi hotspots disguised as legitimate and free networks, which, if connected to, compromise devices and install dangerous malware. To make matters worse, bad actors can also use these tactics to launch Man-in-the-Middle (MITM) attacks, where attackers interrupt an existing conversation or data transfer to steal account details, credit card numbers and login credentials. Once an unsuspecting user connects to the free, malicious Wi-Fi hotspot that the attacker created, the bad actor has full visibility into the exchange. The last thing anyone wants to have to spend time on while trying to enjoy the games is having to spend precious time on the phone with banks and credit card companies notifying them of nefarious activity.  If you must use a public Wi-Fi network, consider using a VPN for an added layer of protection and be sure you’re transacting with SSL/TLS protected web sites.

The CISO for the Paris Olympics 2024 has announced that the number of attacks is expected to be eight to ten times higher than what we saw occur at the 2020 Tokyo Olympics. With an event of this magnitude, the French authorities are working around the clock to prepare for possible cyberattacks and nefarious activity. The Comité d’organisation Paris24 (Organising Committee for Paris24 is taking great precaution to ensure the games go as smoothly as possible. France will not be exempt from attempts to destabilize the country through computer / mobile device sabotage. According to the French Cybersecurity Agency (ANSSI), attackers may be encouraged to penetrate and maintain a position on critical networks amidst ongoing international tensions and turmoil. This is a prevalent reason why ANSSI is calling on organizations to be better equipped and follow cyber protection recommendations such as creating a strong security strategy tailored to this event, developing detection capabilities, implementing an information system backup strategy, and drawing up recovery plans.

The biggest takeaway here is that in a mobile-powered world, a mobile-first security strategy is vital. Mobile devices and apps are an integral part of some of the largest events and organizations in the world. It is essential to establish advanced, adaptive protections that safeguard against unsafe devices, unsafe networks, phishing, and malware attacks that can destabilize networks and put millions of users at risk. Establishing these protections must become the new norm for business leaders.

Bio:

Krishna Vishnubhotla is a seasoned professional in the SaaS industry, specializing in catalyzing startup growth through adept product and marketing strategies. With a keen focus on mobile application security products, he has a proven track record in defining and executing product visions that drive significant revenue growth. In addition to managing a global customer success portfolio, he established high-value strategic partnerships. His leadership skills extend to spearheading revenue generation efforts, serving a diverse clientele across multiple industries.

The post Top Tips to Keep Data Safe During the 2024 Paris Olympics appeared first on Cybersecurity Insiders.

The 2024 Paris Olympics is set to begin on July 26, global adversaries are paying close attention and such a high-profile event serves as an opportunity for bad actors to cash in on vulnerable organizations and users with poor cyber hygiene. It is crucial to take a proactive approach when dealing with cyber initiatives. 

No one tool can stop it all. It is essential to collaborate with many organizations and security agencies to help identify potential security threats early. Robust cybersecurity measures should be implemented to safeguard critical infrastructure and data. This includes monitoring for anomalies, securing service accounts, ensuring cyber hygiene practices are followed, and many more. Not to forget, comprehensive risk assessment and scenario planning are essential components of cyber readiness. Anticipating various adversarial tactics, enables proactive measures to mitigate organizational vulnerabilities. 

Ultimately, a cohesive strategy that combines proactive intelligence efforts, robust cybersecurity measures, diplomatic collaboration, and community engagement will fortify resilience against potential adversaries seeking to exploit global events like the 2024 Paris Olympics.

For more insights, security leaders share their thoughts below on their advice for organizations ahead of the Paris Olympics: 

Tim Eades, co-founder & CEO, Anetac

“Whether it is the 2024 Paris Olympics, or another “lightning rod” global event, there will be an endless amount of service accounts created through new employee logins, tickets, payment information, etc, that will be seen as a target for bad actors. If they can access an employee login, they have limitless potential to access other chains in the organization. 

If we can’t identify what these service accounts have access to in the broader chain of operations, it could be detrimental to security efforts.”

Roy Akerman, CEO & co-founder, Rezonate

“We need to face the facts. User identities are the keys to the castle and should be protected as such. According to the 2024 Verizon Data Breach Report, 68% of breaches happen due to human error and 1/3 of breaches happen due to misconfigurations and other issues. Ahead of the 2024 Paris Olympics, it’s crucial to allocate resources to security solutions that establish a baseline for user behavior within an organization’s network. 

This approach allows security teams to swiftly detect and address anomalies, and respond to potential threats before they escalate into full blown breaches. In today’s landscape, the question is not whether you’ll face a breach, but when. That’s why prioritizing investment in modern security solutions and fostering a security-conscious culture across your entire organization is paramount, rather than confining it solely to the security team.”

The post Adversaries Seek to Take Advantage of Global Events – How To Prepare for the 2024 Paris Olympics appeared first on Cybersecurity Insiders.

The task of managing and interpreting vast amounts of data is akin to finding a needle in a haystack. Cyber threats are growing in complexity and frequency, demanding sophisticated solutions that not only detect but also prevent malicious activities effectively.

Cybereason’s MalOp (Malicious Operations) is designed to tackle this challenge head-on, transforming chaos into order by providing comprehensive, real-time insights into security threats.

Chaos in cybersecurity

Cybersecurity teams are often overwhelmed by the sheer volume of alerts and data they must sift through daily. Traditional security systems generate numerous alerts, many of which are false positives, leading to alert fatigue and missed genuine threats. This chaotic environment hampers the efficiency of security operations centres (SOCs) and increases the risk of breaches.

Cybereason’s MalOp is a game-changer in this chaotic environment. It consolidates alerts and presents them as a single, coherent storyline, allowing security teams to understand and respond to threats more effectively. Here’s how Cybereason MalOp creates order from chaos:

1.  Consolidation of Alerts

Instead of presenting isolated alerts, MalOp correlates various signals from endpoints, networks, and users to form a comprehensive picture of an attack. This approach reduces noise and highlights the real threats that need attention.

2. High-Fidelity Detections

MalOp employs advanced analytics and machine learning to provide high-fidelity detections. This means fewer false positives and more accurate identification of threats. The system can discern between benign anomalies and actual malicious activities, ensuring that security teams focus on genuine threats.

3. Automation and Guided Remediation

Cybereason MalOp integrates automation to handle repetitive tasks and provide guided remediation steps. This reduces the workload on security teams and ensures swift, effective responses to threats. Automated remediation can neutralise threats instantly, while guided steps assist analysts in more complex scenarios.

Key capabilities of Cybereason MalOp

1. Comprehensive Visibility

Cybereason MalOp provides visibility into the entire attack lifecycle, from root cause to every affected endpoint and user. This holistic view enables security teams to understand the full scope of an attack and take informed action.

2. Rapid Investigation and Response

The platform significantly reduces the time required for threat investigation and response. According to the Forrester Total Economic Impact (TEI) report, Cybereason reduces investigation periods by as much as 93%. This speed is crucial in minimising the damage caused by cyberattacks.

3. Leveraging All Event Data

Unlike other solutions that limit data collection, Cybereason collects and analyses 100% of event data in real-time. This comprehensive data collection ensures that no critical information is missed, enhancing the accuracy and reliability of threat detection.

 4. Scalability

Cybereason boasts an impressive analyst-to-endpoint ratio of 1:200,000, thanks to its advanced automation and machine learning capabilities. This scalability ensures that even large organisations can manage their cybersecurity effectively with limited human resources.

The edge against evolving threats

Traditional antivirus solutions are no longer sufficient, Cybereason moves beyond legacy AV limitations with a multi-layered prevention approach, including intelligence-based, behavioural, deception, NGAV (Next-Generation Antivirus), and machine learning attack prevention.

1. Multi-Layered Prevention

Cybereason’s multi-layered prevention strategy ensures comprehensive protection against various types of threats. By combining different methods, the platform can detect and prevent known, unknown, and emerging threats effectively.

2. Behavioural and Deception Techniques

The platform employs behavioural analysis to identify anomalies indicative of malicious activities. Deception techniques, such as honeypots and decoys, lure attackers into revealing their methods, allowing Cybereason to preemptively counteract threats.

Real-time reporting and actionable intelligence

Cybereason MalOp provides real-time reporting and actionable intelligence, enabling security teams to act swiftly. The platform’s Nocturnus team, comprising world-class threat intelligence analysts, continuously monitors and analyses emerging threats, ensuring that the latest intelligence is always at hand.

1. AI-Powered Insights

Cybereason utilises multiple layers of machine learning to uncover sophisticated threats, including zero-day malware and ransomware. These AI-powered insights make sense of complex data relationships, surfacing the most critical threats for immediate action.

2.Global Threat Intelligence

The Nocturnus team leverages global threat intelligence to stay ahead of cybercriminals. By understanding and disrupting malicious operations worldwide, Cybereason ensures its users are protected against the latest threats.

Tailored solutions for different enterprises

Cybereason offers tailored solutions to meet the unique needs of various enterprises, from small to medium businesses to large corporations. Each solution is designed to provide the critical tools necessary for robust cybersecurity.

1.Small to Medium Enterprises

For smaller enterprises, Cybereason offers a prevention-focused protection plan that includes threat intelligence, NGAV, anti-ransomware, and endpoint controls. These tools provide a solid foundation for protecting against common cyber threats.

2. Large Enterprises

Large enterprises benefit from more advanced capabilities, including EDR (Endpoint Detection and Response), MDR (Managed Detection and Response), incident response, and threat hunting. These features ensure comprehensive protection and rapid response to sophisticated attacks.

3. Ultimate Protection

For organisations seeking the highest level of security, Cybereason offers a comprehensive attack protection plan backed by a $1 million breach protection warranty. This plan includes all features, ensuring that enterprises are fully equipped to handle any cyber threat.

Cybereason MalOp is not just a tool; it is a paradigm shift in cybersecurity, turning chaos into order and enabling security teams to protect their organisations effectively. For more information about Cybereason MalOp and how it can benefit your organisation, visit the Cybereason website.

The post Create order from chaos appeared first on Cybersecurity Insiders.

Highly Successful Technology Executive to Drive Growth in the Cybersecurity and IT Services Sectors 

Cyber A.I. Group, Inc., an early stage cybersecurity, A.I. and IT services company, announced today the engagement of Walter L. Hughes as Chief Executive Officer. The announcement was made by A.J. Cervantes, Jr., Executive Chairman of Cyber A.I. Group and Chairman of Trilogy Capital Group, LLC, Cyber A.I.’s founding shareholder. 

Walter Hughes has had an expansive 15+ year executive career across eight distinct industries, including transformative roles at Meta and Elevance Health (formerly Anthem), with impactful contributions to innovative startups and government sectors. Mr. Hughes’ deep experience spans nearly two decades in pioneering technology enterprises with a specific emphasis on the intricacies and applications of Artificial Intelligence.

“Walter’s career has been a testament to the art of driving business transformation,” noted Mr. Cervantes. “Rooted in a solid foundation in finance and technology, his expertise has evolved, embracing and mastering the intricate processes of fostering business success. This mastery is underpinned by a profound application of Six Sigma methodologies and strategic venture capital endeavors, positioning him as a pioneering force.”

Mr. Hughes stated, “I’m absolutely thrilled to be joining CyberAI Group as CEO. With its cutting edge approach and incredible potential, it’s a chance to leverage everything I’ve learned across multiple technology-driven industries and put it to work generating transformative change. Building on CyberAI’s strong foundation and seasoned management team, I’m excited to be a force at the forefront of this burgeoning business, shaping the future of this dynamic company.” 

“The cybersecurity and IT services industries are highly fragmented and lend themselves to a proactive consolidation strategy,” continued Mr. Hughes. “We believe a large pool of prospective acquisitions exists offering substantial opportunity for an emerging growth private company on a path to public ownership. The cybersecurity market alone has witnessed remarkable growth and reached a value of $202 billion in 2022. We are confident that an IT/cybersecurity services company with advanced A.I. capabilities can provide clients with numerous proactive and customized cybersecurity services to optimize technology security and improve business operations and performance.” 

“The IT services industry has grown into one of the fastest growing sectors in the United States and around the world, with forecasts of continued double-digit growth over the next decade,” noted Mr. Cervantes. “This is compounded by the massive proliferation of highly publicized data breaches and ransomware attacks that are further propelling demand for cybersecurity expertise. Cyber A.I. Group is leveraging this skyrocketing demand, combined with a core focus on fundamentals, by pursuing a “Buy-and-Build” strategy of acquiring a broad spectrum of IT services companies and positioning them to address the fast-growing needs for the cybersecurity and A.I. markets.”

Artificial intelligence, under development and building momentum for decades, is emerging as one of the most potentially powerful and disruptive forces in the Information Age. Recent moves have seen remarkable advances, such as the launches of OpenAI‘s ChatGPT A.I. chatbot and Google‘s Bard A.I. chatbot. This rapid proliferation of A.I. is introducing not just new capabilities, however, but also new dangers and security concerns. To capitalize on these opportunities and challenges, Cyber A.I. intends to integrate A.I. services in all aspects of its business as it expands. 

Reg 506(c) Offering 

The Company is conducting a private placement offering (the “Offering”) pursuant to Regulation 506(c) as promulgated by the Securities and Exchange Commission. The terms of the Offering are up to Two Million Dollars ($2,000,000) of seventeen and one half percent (17.5%) Promissory Notes with Equity Consideration in the form of Founders’ Stock (each a “Note,” and collectively the “Notes”). The minimum investment amount is $50,000. The Company reserves the right to accept lesser amounts in its sole discretion. The term sheet for the Offering can be found here:

cyberaigroup.io/investors/17-5-promissory-note-with-founder-shares/

About Trilogy Capital Group 

Trilogy Capital Group, LLC is a Delaware limited liability company and private equity firm based in Miami, Florida. Trilogy Capital Group and its predecessor company, Trilogy Capital Partners, Inc., are a financial services group which has been engaged in Private Equity, Venture Capital, Merchant Banking and Financial Advisory since 2002. For additional information, please visit: trilogy-capital.com. 

About Cyber A.I. Group 

Cyber A.I. Group, Inc. is a newly formed Florida corporation that will engage in the acquisition and management of domestic and international cybersecurity and IT services firms. The founders and management of Cyber A.I. are pursuing a “Buy-and-Build” strategy to rapidly expand operations by acquiring a broad spectrum of IT services companies and repositioning them to address fast-growing market needs for cybersecurity and artificial intelligence (A.I.) markets. The Company’s initial target is to acquire multiple companies representing aggregate revenues approaching $100 million. The Company is focusing its acquisition targets as those with the most favorable terms and lend themselves to certain benefits through integration including horizontal and vertical marketing and economies of scale. Cyber A.I.’s business model is focused on the acquisition and consolidation of IT services companies with proven ability in broad conventional technology services. This emphasis on conventional companies with strong revenues and cash flow distinguishes Cyber A.I. from the explosion of A.I. startups that may be pinning their future on a single technological breakthrough which may never materialize. This “Buy-and-Build” strategy provides Cyber A.I. with the maximum flexibility for diversification and risk management for moving into new fields and addressing fast moving market opportunities. For additional information, please visit: cyberaigroup.io.

Contact 

Cyber A.I. Group, Inc. 

990 Biscayne Blvd., Suite 503 

Miami, FL 33132 

info@cyberaigroup.io 

The post Cyber A.I. Group Announces the Engagement of Walter L. Hughes as Chief Executive Officer appeared first on Cybersecurity Insiders.

1inch, a leading DeFi aggregator that provides advanced security solutions to users across the entire space, has announced today the launch of the 1inch Shield. 

This solution, that is offering enhanced protection against a wide range of potential threats, was completed in partnership with Blockaid, a major provider of Web3 security tools.

Scam tokens masquerading as legitimate assets have long been creating problems for Web3 users. Now, due to collaboration with Blockaid, all tokens of this kind will be instantly detected and marked, so that users can avoid transacting with these tokens.

Speaking about the partnership, Sergej Kunz, co-founder of 1inch, said, “The collaboration between Blockaid and 1inch is anticipated to set a new standard for security in the cryptocurrency landscape. By combining Blockaid’s innovative security solutions with the 1inch’s advanced features, this partnership aims to enhance user safety and asset protection, contributing to the growth and mainstream adoption of DeFi.”

“The collaboration with 1inch represents a pivotal step forward in our mission to secure the Web3 ecosystem. By integrating our robust security solutions with the 1inch, we are enhancing the safety of digital assets while fostering trust and confidence among users in the DeFi space. Our joint efforts will pave the way for a more secure and accessible DeFi environment for everyone”, said Ido Ben-Natan, co-founder and CEO of Blockaid. 

Blockaid acts like an anti-virus for Web3, leveraging superior data and machine learning to identify and protect against malicious attackers. The provider with a better data can produce a better product, allowing multiple layers of security for users. Whenever a user connects their wallet to sign a transaction, Blockaid provides clear information about what will actually happen when the transaction is executed.

Blockaid can also simulate any transaction involving a wallet, dApp, or smart contract across multiple blockchains. What transforms simulation into security is validation. In simple terms, validation involves determining whether a given transaction is malicious or benign, allowing users to transact with confidence. Now, this transaction simulation capacity is used to protect 1inch users.

Meanwhile, blockchain users also encounter AML compliance risks. The 1inch Shield mitigates these risks by running 24/7 screening of blockchain addresses for ties to sanctions, terrorist financing, hacked or stolen funds, ransomware, human trafficking and more. Based on the outcome of screening, suspicious addresses are immediately blocked.

The screening component is powered by TRM Labs, which uses on-chain and off-chain data to detect possible security risks.

Finally, a blocklisting functionality provided by Etherscan Pro is also included in the 1inch Shield to immediately blocklist suspicious blockchain addresses.

The Shield API will be gradually integrated into 1inch products. This API is available on the 1inch Developer Portal alongside a suite of other cutting-edge tools intended for Web3 developers.

The post 1inch partners with Blockaid to enhance Web3 security through the 1inch Shield appeared first on Cybersecurity Insiders.

2024 is rapidly shaping up to be a defining year in generative AI. While 2023 saw its emergence as a potent new technology, business leaders are now grappling with how to best leverage its transformative power to grow efficiency, security, and revenue. With the near-universal integration of AI into global technology, the need for AI-ready cybersecurity teams is more critical than ever. INE Security, a leading global cybersecurity training and cybersecurity certification provider, predicts large language model (LLM) applications like chatbots and AI-drive virtual assistants will be at particular risk. 

“AI systems are invaluable, enabling us to process vast amounts of data with unmatched speed and accuracy, detect anomalies, predict threats, and respond to incidents in real-time. But these revolutionary technologies are also empowering attackers, leveling the playing field in unprecedented ways,” said Lindsey Rinehard, COO and Head of AI Integration at INE Security. “As automated attacks increase, our defense strategies must also be automated and intelligent. The accelerating arms race between cyber attackers and defenders underscores the vital need for ongoing training and development for cybersecurity teams.” 

According to the IBM X-Force Threat Intelligence Index 2024, cybercriminals mentioned AI and GPT in over 800,000 posts in illicit markets and dark web forums last year. Training and preparation for AI in infosec are no longer optional: organizations must deploy employee training for AI and cybersecurity to maintain effectiveness and stay ahead of attackers. 

Strategies to Optimize Teams for AI and Cybersecurity

1. Incorporate Structured Team Training Programs

The first step in building an AI-ready cybersecurity team is to implement structured training programs that focus on both foundational cybersecurity principles and advanced AI applications. These programs should offer certifications and courses from recognized institutions and industry leaders to ensure they meet high standards. For example, courses offered by INE Security provide comprehensive training that covers both traditional cybersecurity skills and newer AI-based tools. The ideal training program will include:

  • Skills Gap Analysis: Conduct an analysis to identify where the team’s capabilities may be an area of improvement, particularly concerning AI integration.
  • Tailored Curriculum Development: A training curriculum that addresses identified cybersecurity skills gaps, incorporating both core cybersecurity principles and advanced AI applications.
  • Blended Learning Approach: A mix of online courses, hands-on labs, and real-world scenario simulations to accommodate different learning styles and enhance practical application skills.

2. Promote a Culture of Learning

Building a culture that encourages ongoing learning and curiosity is equally important. Google, for instance, fosters a learning culture where employees are encouraged to spend 20% of their time on learning new skills or on side projects, many of which involve AI and cybersecurity innovations. This not only keeps their skills fresh but also helps in retaining talent and fostering a proactive approach to security challenges.

To effectively implement a culture of learning that supports the development of AI-ready cybersecurity teams, organizations can adopt several strategies:

  • Provide Access to Resources: Offer subscriptions to leading industry publications, access to specialized online courses, and entry to relevant conferences and seminars that focus on AI and cybersecurity.
  • Reward Continuous Learning: Establish a rewards system that recognizes and incentivizes team members who actively engage in learning new skills or who earn new certifications, particularly those that integrate AI technologies with cybersecurity practices.
  • Create Innovation Labs: Set up dedicated spaces or times when employees can experiment with new technologies or develop new solutions independently of their regular tasks. This can help stimulate creative thinking and practical application of learned skills.

3. Leverage Simulation-Based Learning

Simulation-based learning tools like cyber ranges provide hands-on experience in dealing with real-world cybersecurity scenarios and help users learn how to use AI. Cyber ranges provide a simulated environment where professionals can safely engage with and respond to real-world cyber threats using AI tools, without the risk of impacting actual operations (this hands-on lab from INE Security is a great example). This practical exposure is crucial for understanding how AI can be integrated into cybersecurity practices to detect, analyze, and mitigate threats. By training in a cyber range, team members can develop and refine their skills in a controlled yet realistic setting, which improves their ability to effectively utilize AI in live environments. The hands-on experience also helps in bridging the gap between theoretical knowledge and practical application, enhancing the team’s overall readiness and responsiveness to emerging cyber threats.

To effectively leverage cyber ranges for building an AI-ready cybersecurity team, consider implementing the following strategies:

  • Regular Tabletop Exercise: Incorporate regular sessions within the cyber range into the team’s training schedule. This ensures consistent practice and skill refinement in handling AI-driven security scenarios.
  • Scenario Variety: Develop a variety of threat scenarios that reflect the latest AI-driven attack techniques and the most common threats specific to the organization’s industry. This variety helps prepare the team for a wide range of potential real-world situations.
  • Cross-Functional Exercises: Include team members from various functional areas in cyber range sessions to foster a comprehensive understanding of how AI impacts different aspects of cybersecurity across the organization.
  • Post-Exercise Reviews: Conduct debriefing sessions after each cyber range exercise to discuss what was learned and how it can be applied. This reinforces the lessons and integrates them into everyday practices.

4. Encouraging Participation in Hackathons and Competitions

Participation in hackathons and cybersecurity competitions can also play a crucial role in continuous learning. These events challenge participants to solve complex problems with innovative solutions, often under time constraints. They are excellent for learning new skills, testing existing ones, and keeping up with the latest cybersecurity and AI technologies.

To effectively implement a strategy that encourages participation in hackathons and competitions, organizations can adopt the following approaches:

  • Promote Awareness: Regularly inform team members about upcoming hackathons and competitions through internal newsletters, meetings, or dedicated communication channels. Highlight the benefits of participation, such as skill enhancement and potential recognition.
  • Incentivize Participation: Offer incentives such as bonuses, extra vacation days, or public recognition within the organization for those who participate and especially for those who perform well in these events.
  • Post-Event Learning Sessions: After each event, hold a session where participants can share their experiences, learnings, and new techniques discovered during the competition. This helps disseminate new knowledge across the entire team, enriching the organization’s skill base.

Conclusion

The integration of AI into cybersecurity is not just an enhancement of existing frameworks; it is a fundamental shift that requires a new kind of expertise. Continuous learning is critical for cybersecurity professionals to remain effective in their roles as defenders of digital assets. By embracing a culture of ongoing education and utilizing advanced training tools and techniques, cybersecurity teams can develop the resilience and adaptability needed to stay one step ahead of attackers in this fast-paced digital world.

As the landscape of cyber threats continues to evolve, so too must the capabilities of those tasked with protecting against them. An investment in continuous learning is an investment in the future security of our digital lives.

To learn more about INE Security’s cybersecurity training and certifications, click here

The post INE Security: Optimizing Teams for AI and Cybersecurity appeared first on Cybersecurity Insiders.