now browsing by tag
Source: National Cyber Security – Produced By Gregory Evans by Dan Kobialka • Jan 14, 2020 WatchGuard Technologies, a network security hardware and services provider, now offers automated monthly billing for its WatchGuardONE FlexPay program, according to a prepared statement. That way, WatchGuardONE partners can purchase WatchGuard Subscriptions from participating distributors without upfront costs or […] View full post on AmIHackerProof.com
(Eds: Disclaimer: The following press release comes to you under an arrangement with PR Newswire. PTI takes no editorial responsibility for the same.)
As a partner of AWS, Fractal is co-presenting with Office Depot at NRF 2020 Vision
MUMBAI, Jan. 13, 2020 /PRNewswire/ — Fractal (https://fractal.ai), a global leader in artificial intelligence and analytics, powering decision-making in Fortune 100 companies, announced today that they are a Certified Retail Competency Partner of Amazon Web Services (AWS). As an AWS Certified Retail Competency Partner, Fractal will co-present with Office Depot at the National Retail Federation’s (NRF) 2020 vision event, taking place at the Javits Center in New York City, January 11-14.
Fractal and Office Depot will jointly present on retail technologies enabling customer centricity and growth, using AI and Machine Learning solutions to help retailers make decisions around customer segmentation, next best action, customer churn and more, giving attendees a closer look at the company’s latest innovations.
The AWS Retail Competency status differentiates Fractal as an AWS Partner Network (APN) member that delivers highly specialized technical proficiency with deep AWS expertise, and delivers solutions seamlessly on AWS. AWS Retail Competency Partners undergo rigorous validation by AWS to ensure alignment to AWS’ best practices for building the most secure, resilient and highest-performing cloud infrastructure for industry applications, giving customers increased confidence when making decisions.
“Fractal has been focused on transforming the retail business for some time now. We are thrilled to be recognized as a Retail Competency Partner by Amazon Web Services,” said Amitabh Bose, Chief Practice Officer at Fractal. “AWS is the market leader in cloud computing platforms and well penetrated in the retail sector. This acknowledgment and our strategic partnership with AWS will help us drive significant value for our retail clients by solving their business problems at scale.”
Fractal offers a wide range of retail-focused solutions in areas including personalization, marketing effectiveness, supply chain, promotions optimization, shrink management, and more, which can be deployed either on-premise or through deployed cloud systems. With these solutions, Fractal has helped deliver successful top-line and bottom-line impact for various Fortune-100 retailers.
Fractal is one of the most prominent players in the Artificial Intelligence space. Fractal’s mission is to power every human decision in the enterprise and uses the power of AI to help the world’s most admired Fortune 100 companies.
Fractal’s products include Qure.ai to assist radiologists in making better diagnostic decisions, Cuddle.ai to assists CEOs, and senior executives make better tactical and strategic decisions, Theremin.ai to improve investment decisions and Eugenie.ai to find anomalies in high-velocity data.
Fractal has consistently been rated as India’s best companies to work for by The Great Place to Work® Institute. Fractal has been featured as a leader in the Customer Analytics Service Providers Wave 2019 by Forrester Research and recognized as an “Honorable Vendor” in 2019 magic quadrant for data & analytics by Gartner.
For more information: www.fractal.ai
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans For years we’ve been talking about the skills shortage that plagues the cybersecurity industry and which some reports now peg at three million and growing. Organizations lack trained, experienced resources in many areas including expertise in management and monitoring of the infrastructure protecting an environment, incident […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans by Joe Panettieri • Dec 20, 2019 Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem. The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security […] View full post on AmIHackerProof.com
#deepweb | Webscale Achieves Advanced Consulting Partner Status in the Amazon Web Services Partner Network
SUNNYVALE, Calif., Nov. 20, 2019 (GLOBE NEWSWIRE) — Webscale, the Digital Cloud Company, announced today that it is now an Advanced Consulting Partner in the Amazon Web Services (AWS) Partner Network (APN). The new designation underscores the company’s ability to rapidly migrate digital applications from static hosting environments to a fully managed cloud infrastructure in AWS. It also recognizes Webscale’s expertise in DevSecOps automation, and the company’s focus on providing availability, scalability, performance, and security in a simple-to-consume SaaS-based platform.
APN Consulting Partners help customers of all sizes design, architect, build, migrate, and manage their workloads and applications on AWS. To qualify for the APN Advanced Consulting Partner tier, partners must meet thorough requirements that demonstrate the scale of their AWS expertise, capabilities, and engagement in the AWS ecosystem, and showcase they have built strong AWS-based businesses.
“Achieving APN Advanced Consulting Partner status speaks volumes about the level of commitment and expertise that the Webscale team brings to every customer engagement,” said Sonal Puri, CEO at Webscale. “With our focus on the cloud for digital commerce – B2C, B2B, B2E – and our deep understanding of the needs of this segment as it relates to website infrastructure, our customers, both present and future, can enjoy peace of mind in knowing that they are selecting a proven team to help them leverage the cloud effectively and affordably.”
For more information on Webscale’s award-winning Digital Cloud platform, visit www.webscale.com.
Webscale, the Digital Cloud Company, is the leader in converged software for hyperscale cloud automation. Delivered as-a-Service, the Webscale platform allows businesses of all sizes to benefit from infinite scalability, load balancing, high performance, outage prevention, improved security, and simple management in multi-cloud environments, including Amazon Web Services (Advanced Consulting Partner in the AWS Partner Network), Google Cloud Platform (Google Cloud Platform Partner), and Microsoft Azure (Microsoft Partner Network). Webscale enables digital transformation for B2C, B2B, and B2E e-commerce and enterprise customers in seven countries and for seven of the Fortune 1000 businesses and seven of the Internet Retailer Top 500. The company is headquartered in Sunnyvale, CA, with offices in Boulder, CO, and Bangalore, India.
For more information, visit www.webscale.com. Follow us on LinkedIn, Twitter, and Facebook.
+1 (408) 416 7943
View full post on National Cyber Security
#cybersecurity | #hacking | Google Online Security Blog: How Google adopted BeyondCorp: Part 4 (services)
This is the final post in a series of four, in which we set out to revisit various BeyondCorp topics and share lessons that were learnt along the internal implementation path at Google.
The first post in this series focused on providing necessary context for how Google adopted BeyondCorp, Google’s implementation of the zero trust security model. The second post focused on managing devices – how we decide whether or not a device should be trusted and why that distinction is necessary. The third post focused on tiered access – how to define access tiers and rules and how to simplify troubleshooting when things go wrong.
This post introduces the concept of gated services, how to identify and, subsequently, migrate them and the associated lessons we learned along the way.
High level architecture for BeyondCorp
Identifying and gating services
How do you identify and categorize all the services that should be gated?
Google began as a web-based company, and as it matured in the modern era, most internal business applications were developed with a web-first approach. These applications were hosted on similar internal architecture as our external services, with the exception that they could only be accessed on corporate office networks. Thus, identifying services to be gated by BeyondCorp was made easier for us due to the fact that most internal services were already properly inventoried and hosted via standard, central solutions. Migration, in many cases, was as simple as a DNS change. Solid IT asset inventory systems and maintenance are critical to migrating to a zero trust security model.
Enforcement of zero trust access policies began with services which we determined would not be meaningfully impacted by the change in access requirements. For most services, requirements could be gathered via typical access log analysis or consulting with service owners. Services which could not be readily gated by default ACL requirements required service owners to develop strict access groups and/or eliminate risky workflows before they could be migrated.
How do you know which trust tier is needed for every service?
As discussed in our previous blog post, Google makes internal services available based on device trust tiers. Today, those services are accessible by the highest trust tier by default.
When the intent of the change is to restrict access to a service to a specific group or team, service owners are free to propose access changes to add or remove restrictions to their service. Access changes which are deemed to be sufficiently low risk can be automatically approved. In all other cases, such as where the owning team wants to expose a service to a risky device tier, they must work with security engineers to follow the principle of least privilege and devise solutions.
What do you do with services that are incompatible with BeyondCorp ideals?
It may not always be possible to gate an application by the preferred zero trust solution. Services that cannot be easily gated typically fall into these categories:
- Type 1: “Non-proxyable protocols”, e.g. non-HTTP/HTTPS traffic.
- Type 2: Low latency requirements or localized high throughput traffic.
- Type 3: Administrative and emergency access networks.
The typical first step in finding a solution for these cases is finding a way to remove the need for that service altogether. In many cases, this was made possible by deprecating or replacing systems which could not be made compatible with the BeyondCorp implementation.
When that was not an option, we found that no single solution would work for all critical requirements:
- Solutions for the “Type 1” traffic have generally involved maintaining a specialized client tunneling which strongly enforces authentication and authorization decisions on the client and the server end of the connection. This is usually client/server type traffic which is similar to HTTP traffic in that connectivity is typically multi-point to point.
- Solutions to the “Type 2” problems generally rely on moving BeyondCorp-compatible compute resources locally or developing a solution tightly integrated with network access equipment to selectively forward “local” traffic without permanently opening network holes.
- As for “Type 3,” it would be ideal to completely eliminate all privileged internal networks. However, the reality is that some privileged networking will likely always be required to maintain the network itself and also to provide emergency access during outages.
It should be noted that server-to-server traffic in secure production data center environments does not necessarily rely on BeyondCorp, although many systems are integrated regardless, due to the Service-Oriented Design benefits that BeyondCorp inherently provides.
How do you prioritize gating?
Prioritization starts by identifying all the services that are currently accessible via internal IP-access alone and migrating the most critical services to BeyondCorp, while working to slowly ratchet down permissions via exception management processes. Criticality of the service may also depend on the number and type of users, sensitivity of data handled, security and privacy risks enabled by the service.
Most services required integration testing with the BeyondCorp proxy. Service teams were encouraged to stand up “test” services which were used to test functionality behind the BeyondCorp proxy. Most services that performed their own access control enforcement were reconfigured to instead rely on BeyondCorp for all user/group authentication and authorization. Service teams have been encouraged to develop their own “fine-grained” discretionary access controls in the services by leveraging session data provided by the BeyondCorp proxy.
Allow coarse gating and exceptions
Inventory: It’s easy to overlook the importance of keeping a good inventory of services, devices, owners and security exceptions. The journey to a BeyondCorp world should start by solving organizational challenges when managing and maintaining data quality in inventory systems. In short, knowing how a service works, who should access it, and what makes that acceptable are the central tenets of managing BeyondCorp. Fine-grained access control is severely complicated when this insight is missing.
Legacy protocols: Most large enterprises will inevitably need to support workflows and protocols which cannot be migrated to a BeyondCorp world (in any reasonable amount of time). Exception management and service inventory become crucial at this stage while stakeholders develop solutions.
The BeyondCorp initiative would not be sustainable at Google’s scale without the involvement of various Site Reliability Engineering (SRE) teams across the inventory systems, BeyondCorp infrastructure and client side solutions. The ability to successfully achieve wide-spread adoption of changes this large can be hampered by perceived (or in some cases, actual) reliability issues. Understanding the user workflows that might be impacted, working with key stakeholders and ensuring the transition is smooth and trouble-free for all users helps protect against backlash and avoids users finding undesirable workarounds. By applying our reliability engineering practices, those teams helped to ensure that the components of our implementation all have availability and latency targets, operational robustness, etc. These are compatible with our business needs and intended user experiences.
Put employees in control as much as possible
Employees cover a broad range of job functions with varying requirements of technology and tools. In addition to communicating changes to our employees early, we provide them with self-service solutions for handling exceptions or addressing issues affecting their devices. By putting our employees in control, we help to ensure that security mechanisms do not get in their way, helping with the acceptance and scaling processes.
Throughout this series of blog posts, we set out to revisit and demystify BeyondCorp, Google’s internal implementation of a zero trust security model. The four posts had different focus areas – setting context, devices, tiered access and, finally, services (this post).
If you want to learn more, you can check out the BeyondCorp research papers. In addition, getting started with BeyondCorp is now easier using zero trust solutions from Google Cloud (context-aware access) and other enterprise providers. Lastly, stay tuned for an upcoming BeyondCorp webinar on Cloud OnAir in a few months where you will be able to learn more and ask us questions. We hope that these blog posts, research papers, and webinars will help you on your journey to enable zero trust access.
Thank you to the editors of the BeyondCorp blog post series, Puneet Goel (Product Manager), Lior Tishbi (Program Manager), and Justin McWilliams (Engineering Manager).
View full post on National Cyber Security
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe@AfterNines.com.
A. Today’s MSSP Alerts
1. ConnectWise Automate Ransomware Attacks: Malicious actors are targeting ConnectWise Automate, an RMM (remote monitoring and management) software platform that’s popular with MSPs (managed IT services providers) and technology solutions providers (TSPs), the company warned on Thursday.
2. Small Business Cybersecurity Guide: The Cybersecurity and Infrastructure Security Agency (CISA), part of the U.S. Department of Homeland Security (DHS), has launched Cyber Essentials, an effort to assist small organizations in understanding and addressing cybersecurity risks.
3. Accenture Cyberattack Simulations: Accenture, a Top 200 MSSP for 2019, has expanded its cybersecurity capabilities with the opening of three “cyber ranges” to help industrial companies — including those in the oil and gas, chemicals, utilities and manufacturing industries — practice their response to cyberattacks across their most critical assets, the company says.
4. U.S. Power Grid Security: Fortress Information Security has launched the Asset to Vendor Network for Power Utilities (A2V), a joint venture with American Electric Power. A2V is designed to address concerns about protecting the U.S. power grid from cyber threats, the company says.
5. Talent – Sophos CFO Resigns: Sophos CFO Nick Bray is stepping down from the cybersecurity company as it prepares to shift from public markets to private equity ownership. Thoma Bravo is acquiring Sophos, according to an October deal announcement.
B. MSSP Partner Programs and Strategic Alliances
1. Talent – Channel Chief: Plixer, which focuses on solving security and network operations challenges, has hired Arbor Networks and Forcepoint veteran Chris Moulas as VP of global sales.
2. Autonomous Security Robots: Kenton Brothers Systems for Security Inc. will bring physical security robots from Cobalt Robotics to Kansas and Missouri businesses. The two companies inked a one-year exclusive deal to address that specific geography.
3. Partnership – Risk Mitigation: CynergisTek and LogicGate are partnering to make it easier for clientele to identify and remediate third-party risks.
4. All Partner Programs: Search the comprehensive ChannelE2E Partner Program Database here. Also, submit your company information here and your partner program can be listed in the database.
C. Next Five Cybersecurity Conferences
- Qualys Security Conference (November 18-21, Las Vegas)
- Infosecurity and ISACA North America Expo and Conference (November 20-21, New York)
- PercyhCon 2020 MSP Security Conference (January 29-31, Tampa, Florida)
- RSA Conference 2020 (February 24-28, San Francisco)
- Women in CyberSecurity (WiCys) Conference 2020 (March 12-14, Aurora, Colorado)
- Bonus: The complete MSSP Alert calendar
Email me your news, rumors and tips for potential coverage here on MSSP Alert.
The post Managed Security Services Provider (MSSP) News: 08 November 2019 appeared first on National Cyber Security.
View full post on National Cyber Security
A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files.
The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be unaffected is the Qulliq Energy Corporation, Nunavut’s only power utility.
With an estimated population that’s approaching 40,000, Nunavut is Canada’s northernmost territory, which split off from the Northwest Territories in 1999. Many of its inhabitants are Inuit.
“I want to assure Nunavummiut that we are working non-stop to resolve this issue,” said Nunavut Premier Joe Savikataaq in a government press release. “Essential services will not be impacted and the GN will continue to operate while we work through this issue. There will likely be some delays as we get back online, and I thank everyone for their patience and understanding.”
In an attempt to mitigate the incident, the territory is prioritizing the restoration of data to key services related to health, family services, education, justice and finance, the press release continues. Government officials expect that most files will ultimately be restored, thanks to their use of back-up files. While services continue to operate, some are running contingency procedures and conducting business manually, resulting in significant delays.
An FAQ page published on Nunavut’s official government website offered updates on the statuses of its departments.
For instance, Department of Health workers are currently relying on a paper-based system, while the territory’s MediTech health care software system remains inoperational. Health care facilities continue to operate, and patients scheduled for visits can keep their appointments, though they are asked to bring their health care cards and medications. Telehealth services, however are down and must be rescheduled.
Additionally, the Finance Department may be delayed in sending government employees and vendors their scheduled paychecks. Medical or duty travel payments and reimbursements are also impacted. Distribution of driver’s licenses and ID cards — a responsibility of the Department of Economic Development and Transportation (EDT) — is also impacted.
Networked phone services in the capital of Iqaluit are functional, but using direct dial only.
“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorithm,” the states the ransom note, which was obtained by the Canadian Broadcasting Corporation (CBC). The note instructs the victim to install the Tor browser and visit a link to a payment site. The attackers warn that the link expires in 21 days, at which point the decryption key will be deleted.
Brett Callow, company spokesperson at cybersecurity company Emsisoft, told SC Media in emailed comments that the ransomware note matches that of a ransomware called DoppelPaymer, which is often distributed via the Dridex banking trojan. Victims are often infected with Dridex when they open a phishing email attachment, he added.
In the Nov. 4 press release, Nunavut officials said they responded to the attack by “isolating the network, notifying cybersecurity experts and working with our internet software providers.”
“It is difficult to estimate recovery timelines at this early stage,” the release continues.
“Ransomware attacks can have a much larger impact than temporarily denying access to systems in exchange for payment. The demanded ransom amounts often pale in comparison to the collateral damage and downtime costs they cause,” said Justin Des Lauriers, technical project manager at Exabeam, in emailed comments. His colleague, Barry Shteiman, VP of research and innovation, added that “for cybersecurity teams to detect ransomware early enough in the ransomware lifecycle to stop it, they need to understand the business models used by ransomware network operators, the kill chain of a ransomware attack and how to detect and disrupt ransomware in corporate environments. Armed with this information, analysts should be able to react faster in the event their organization is hit with a ransomware infection.”
The post #cybersecurity | hacker | Ransomware attack delays government services in Nunavut, Canada appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security News
General Cybersecurity Conference
April 23 – 24, 2018 | Windsor, United Kingdom
Cybersecurity Conference Description
The Financial Services Information Security Network returns again in 2018 on the 16th & 17th April at the prestigious Beaumont Estate, Windsor Berkshire Hotel, Windsor UK. With over 120 CISOs & Heads of Information Security & Risk from across the financial services industry, the Financial Services Information Security Network is the must attend event for the most senior security leaders within financial services to network, share insights and find solutions over the two days.
View full post on National Cyber Security Ventures
Source: National Cyber Security News
New solutions span Cisco AMP for Endpoints, Cisco Umbrella and Meraki Systems Manager
Cisco has unveiled three new cloud-based endpoint solutions designed to improve protection levels of businesses across Australia and New Zealand, delivered through managed security service providers (MSSP).
Under the banner of Cisco AMP for Endpoints, Cisco Umbrella and Meraki Systems Manager, the offerings aim to target advanced malware and threats in organisations outsourcing security expertise.
From a channel perspective, the tech giant said the triple cloud play offers MSSPs “comprehensive security, visibility, and control” of customer endpoints without added hardware or complexity.
“At a time when customers are moving to the cloud and struggling with requirements to improve operational efficiency, we’re partnering with MSSPs to ensure they can deliver comprehensive solutions with security, visibility and endpoint control,” Cisco senior vice president of security, Gee Rittenhouse, said.
“Through flexible licensing models and an expanding portfolio, we address customer needs and the needs of our MSSPs to differentiate and grow their businesses.”
According to Rittenhouse, security departments acknowledged that endpoints are being targeted more frequently, but lack the internal expertise, tools and budget to address such challenges.
“Organisations of all sizes are choosing to augment their in-house IT security with managed security services,” Rittenhouse added.
View full post on National Cyber Security Ventures