All Archives - Page 64 of 79 - Cyber Secure Forum | Forum Events Ltd

All

Do you specialise in Authentication Systems? We want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – in August we’re focussing on Authentication Systems.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Authentication specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Lisa Carter on lisa.carter@mimrammedia.com.

Here are the areas we’ll be covering, month by month:

August – Authentication

September – Penetration Testing

October – Vulnerability Management

November – Employee Security Awareness

December – Malware

For information on any of the above topics, contact Lisa Carter on lisa.carter@mimrammedia.com.

UK government introduces ‘Minimum Cybersecurity Standard’

 960 640 Stuart O'Brien
By:
0
0

The UK government has outlined the minimum cybersecurity standards that it expects for its own day-to-day operations in a new document developed in collaboration with the National Cyber Security Centre.

Over time, the measures will be incremented to continually ‘raise the bar’, address new threats or classes of vulnerabilities and to incorporate the use of new Active Cyber Defence measures.

The new standard will be incorporated into the Government Functional Standard for Security, obliging government departments and suppliers to comply.

The Minimum Cybersecurity Standard was published last week – you can view/download it here.

The HMG Security Policy Framework (SPF) provides the mandatory protective security outcomes that all Departments are required to achieve. The document defines the minimum security measures that Departments shall implement with regards to protecting their information, technology and digital services to meet their SPF and National Cyber Security Strategy obligations.

The Standards comprise 10 sections, covering five categories: Identify, Protect, Detect, Respond and Recover, and also set expectations for governance, such as obliging government departments to create “clear lines of responsibility and accountability to named individuals for the security of sensitive information and key operational services”.

Other elements of the Standard include the requirement for departments to identify and catalogue sensitive information they hold, implement access controls, and also implement TLS encryption standards for email. In addition, departments will be required to have cyber-incident response plans, as well as cyber-attack detection measures.

Nine graduates pass through NCSC Cyber Accelerator

 150 150 Stuart O'Brien
By:
0
0

A group of tech start-ups have become the latest to graduate from a Government initiative to advance the next generation of cyber security systems.

The nine-month GCHQ Cyber Accelerator (now renamed the NCSC Cyber Accelerator), delivered in partnership with Wayra UK, part of Telefónica Open Future, saw nine companies develop cutting-edge products and services to help enhance the UK’s cyber defences.

Part of the UK Government’s £1.9bn National Cyber Security Strategy and the Cheltenham Innovation Centre, the Accelerator is a collaboration between the Department for Digital, Culture, Media and Sport (DCMS), GCHQ, National Cyber Security Centre (NCSC), and Wayra UK and aims to drive innovation in the cyber security sector.

Firms selected to take part in the second round had access to personnel and technical expertise at the NCSC and GCHQ, as well as the Telefónica global business network. They also received £25,000 in funding, high-quality mentoring and office space.

Innovations developed include a cloud service solution to connect Internet of Things devices with end-to-end authenticated, encrypted security and a service to solve the problem of age verification and parental consent for young adults and children in online transactions.

Companies who took part were Cybershield, Secure Code Warrior, RazorSecure, Elliptic, Intruder, Trust Elevate, Warden, Ioetec and ExactTrak.

NCSC, DCMS and Wayra UK will soon be calling for cyber start-ups to join the third round of the programme – now renamed to the NCSC Cyber Accelerator – to help address some of cyber space’s key challenges.

Innovative entrepreneurs and start-ups can now register interest in participating in the nine-month programme, which will include ten innovative, agile companies in 2018/19.

Secretary of State for Digital, Culture, Media and Sport, Matt Hancock, said: “With so much of our daily lives connected to the internet, it is vital the UK leads the way on cyber security to fulfil our ambition of making Britain the safest place to in the world to be online.

“The NCSC Cyber Accelerator programme is a great example of government, industry and tech start-ups coming together to benefit from the advice of world-class experts and tackle cyber crime.”

Chris Ensor, NCSC Deputy Director for Cyber Skills and Growth, said: “On behalf of the NCSC, I would like to congratulate the second cohort on their completion of the Accelerator.

“It has been exciting to collaborate with such innovative start-ups, tackling such a broad range of problems.

“I’m really pleased that Wayra UK will continue to be our partner. I look forward to working with them and meeting more pioneering entrepreneurs as we launch the next cohort.”

Gary Stewart, Director of Wayra UK, said: “We are really pleased to be continuing our partnership with GCHQ. It’s one of our most strategic and successful partnerships.

Indeed, our first two cohorts have raised more than £20 million in funding, have created 19 British jobs and have won 15 trials and contracts worth over £3 million. And this has been just in the last 18 months.”

NHS inks three-year cybersecurity partnership with IBM

 960 640 Stuart O'Brien
By:
0
0

NHS Digital has entered into a three-year strategic partnership with IBM to provide a range of new and improved services to health and care organisations.

The additional services will expand NHS Digital’s existing Cyber Security Operations Centre (CSOC)3 and enhance NHS Digital’s current capability to monitor, detect and respond to a variety of security risks and threats across the NHS, and offer expert advice and guidance.

The CSOC expands on the existing cyber security services provided by NHS Digital and will include:

  • Enhanced services, such as vulnerability scanning and malware analysis, allowing NHS Digital to offer tailored and specialist advice to individual NHS organisations
  • Enhancement of NHS Digitals current monitoring capability enabling the analyses of data from multiple sources to detect threats across NHS Digital’s national systems and services
  • Access to IBM’s X-Force repository of threat intelligence to provide insight, guidance, and advice so health and care organisations can take appropriate action to prepare for, or mitigate against, identified risks and threats.
  • Security monitoring pilots across selected NHS organisations, to test a range of security technologies and identify appropriate solutions that could be rolled out across the NHS estate.
  • An innovation service which will allow NHS Digital to quickly access new tools technologies and expertise to address new threats as they emerge and to allow it to adapt services to meet the changing needs of the health and care sector.

Dan Taylor, Programme Director, Data Security Centre at NHS Digital, said: “This partnership will enhance our existing Cyber Security Operations Centre which is delivered from NHS Digital’s Data Security Centre. It will give us, during times of increased need, the ability to draw on a pool of dedicated professionals from IBM.

“It will build on our existing ability to proactively monitor for security threats, risks, and emerging vulnerabilities, while supporting the development of new services for the future and enabling us to better support the existing needs of local organisations. This will ensure that we can evolve our security capability in line with the evolving cyber threat landscape.

Rob Sedman, Director of Security, IBM UK and Ireland said: “IBM is excited to partner with NHS Digital and bring enhanced detection and incident response co-ordination capabilities to its Data Security Centre.”

Security IT Summit

EVENT REVIEW: Security IT Summit

 960 640 Stuart O'Brien
By:
0
0

The cybersecurity industry event of the year took place earlier this week, with Telefonica o2 and more sharing their expertise with delegates.

The event, which took place at the Hilton London Canary Wharf, brought cybersecurity professionals together for one-to-one business meetings, interactive seminars and valuable networking opportunities.

Over a full working day, delegates met with solution providers who were able to talk through projects, concerns and obstacles, offering the best advice as well cost saving products.

Attending solution providers included Accellion, Axonex, BlueFort Security, Bomgar, Caretower, Charterhouse, Darktrace, Dot Origin, ESET, EveryCloud, Gemserv, Lastpass, Layer 8, LogRhythm, OneLogin, Panda, PGI, S2S, Synack, SonicWall, Twist & Shout Media, Varonis, Quest and more.

The delegate roll call included representatives from Arcadia, British Red Cross, Barclays PLC, Cancer Research, Fenwick, Financial Ombudsman Services, GE Capital, John Lewis, London Stock Exchange Group, Marshall Motor Group plc, Moonpig, Nationwide, O2 Telefonica, Pret A Manager, Prudential, The Guardian, Vodafone, Yorkshire Housing and more.

Delegates also learned about the latest cybersecurity trends in educational seminar sessions led by some of the industry’s leading lights, including a talk delivered by James Bore, IT Security Manager at o2 Telefonica, entitled entitled Thinking Inside The Box – Modelling Insider Threat.

To secure a complimentary delegate place for the next Security IT Summit, call Emily Gallagher on 01992 374085 or email e.gallagher@forumevents.co.uk.

To attend as a supplier, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

For more information, visit www.securityitsummit.co.uk.

Olympic Destroyer malware returns

 960 640 Stuart O'Brien
By:
0
0

Researchers at Kaspersky Lab have revealed that the malware that caused crippling sabotage on networks during their year’s Winter Games in Pyeongchang, South Korea, has returned.

Olympic Destroyer caused digital havoc during the games, and while the activity seen by Kaspersky has not yet turned destructive, early indicators suggest similar activity and point to the same group behind both attacks.

This time, however, the group look to be targeting financial organisations in Russia, and worryingly, biological and chemical threat prevention laborites throughout Europe and the Ukraine.

Tactics include spearphishing emails that present themselves as coming from a college or acquaintance with a decoy document attached. The emails target specific groups associated with an event, with every document opened triggering a malicious micro allowing multiple scripts that enable access to the target computer to run in the background.

Researchers at Kaspersky noted that lures suggest that they were “probably prepared with the help of a native [Russian] speaker and not automated translation software,” along with ties to the Ukraine, too.

That said, during the Winter Games Destroyer planted several false flags that were meant to confuse and misdirect attribution, making it very difficult to determine the group behind the latest attacks.

In a post from the website, Kaspersky concluded: “The best thing we can do as researchers is to keep tracking threats like this. We will keep monitoring Olympic Destroyer and report on new discovered activities of this group.”

MPs concerned over hacking threat to critical national infrastructure

 960 640 Stuart O'Brien
By:
0
0

Two thirds of MPs consider the compromise of critical national infrastructure to be the biggest cyber security threat facing the UK.

A year on from the cyber attack on parliamentary emails, a YouGov survey commissioned by NCC Group has gauged the opinions of MPs in the House of Commons with regards to their personal cyber security, the cyber risks associated with national security and societal wellbeing, and the consequences of a successful attack on parliament.

The results revealed that 62% of MPs across all regions, including 70% of Conservatives and 57% of Labour MPs, consider a compromise of critical national infrastructure to be the biggest risk.

Despite this common ground between MPs across parties on the threat to critical national infrastructure, the survey indicated divides with regards to the severity of other cyber threats. 42% of Conservatives said that they consider a compromise of nuclear capabilities to be one of the top two threats, compared to just 14% of Labour MPs, while 44% of Labour MPs considered democratic interference to be a significant threat, compared to 16% of Conservative MPs.

Alongside this, the survey highlighted that 75% of all MPs are concerned that a breach of their personal email could negatively affect the cyber security of the House of Commons, highlighting that most MPs understand the crucial role they personally play in enhancing the UK Parliament’s security posture.

It was also revealed that, in the event of a successful cyber attack, 73% of all MPs considered the breach of constituents’ privacy to be their biggest concern, alongside a leak of sensitive information relating to parliamentary business (46%).

These results have been released ahead of a meeting at the House of Commons, which addressed the cyber threats challenging the UK political landscape and outlined how MPs can best contribute towards tackling this growing threat.

Ollie Whitehouse, global chief technical officer at NCC Group: “It’s very positive to see that a majority of MPs are aware of the different threats we face and realise the gravitas of a successful attack, particularly with regards to our resilience as a nation.

“In recent years, the government has been proactive in implementing initiatives to strengthen the UK’s stance against evolving technical and geopolitical threats which attempt to compromise the integrity of our nations. MPs play a significant role in these initiatives, so it’s important to maintain continued education around modern threats and informed dialogue amongst all stakeholders. This will ensure that parliamentary staff at all levels understand the steps they need to take, in both their professional and personal lives, in order to address cyber risk head on.”

Cylance raises $120m to expand AI cybersecurity platform

 960 640 Stuart O'Brien
By:
0
0

US-based Cylance has closed a $120 million funding round led by funds managed by Blackstone Tactical Opportunities and other investors.

The company says the financing will enable it to continue a global expansion and extend its portfolio cybersecurity solutions.

Cylance offers a machine learning-powered predictive endpoint security solution that protects users from unknown cyberattacks, in particular from threats which may not exist for years to come. The company says that since its inception its approach has prevented attacks on average 25 months before the attack was launched and first discovered.

The new funding will bolster the company’s sales, marketing and development efforts to expand its global footprint across Europe, the Middle East, and Asia Pacific, and extend its product offerings.

“Cylance has proven that artificial intelligence can defend against cybersecurity problems that were previously thought impossible to prevent,” said Cylance CEO, Stuart McClure. “With the most advanced application of AI in endpoint security, Cylance products continuously learn and improve over time, enabling customers to achieve a state of ‘Perpetual Prevention’ and creating a simple silence on the endpoint.”

“Blackstone was an early believer in Cylance’s approach of applying AI to prevent one of the most difficult issues businesses face today – cyberattacks that disrupt operations and damage reputations,” said Viral Patel, Senior Managing Director in Blackstone’s Tactical Opportunities group.

“This has been a unique opportunity to participate in funding a company helping to turn the tide against a very serious threat to organizations worldwide,” added Dave Johnson, a Senior Advisor to Blackstone.

“With annual revenues over $130 million for fiscal year 2018, over 90% year-over-year growth, and more than 4,000 customers, including over 20% of the Fortune 500, we have demonstrated market success, scale and traction,” said Brian Robins, Chief Financial Officer at Cylance. “We are honored to have Blackstone Tactical Opportunities expand its commitment to Cylance by leading this round of financing. The investment supports our growth strategy and will enable us to continue on the path to becoming cash flow positive.”

Security IT Summit

There’s still time to register for the Security IT Summit

 960 640 Stuart O'Brien
By:
0
0

The Security IT Summit takes place in London next month – there’s still time to secure your place at this summer’s essential cyber security industry event.

It takes place on July 3rd 2018 at the Hilton London Canary Wharf – and, as one of just 60 VIP guests, you can attend the Security IT Summit for FREE.

REGISTER FOR YOUR FREE PLACE HERE

Your VIP place includes access to educational and inspiring seminar sessions, hosted by industry thought leaders.

In his session Thinking Inside The Box – Modelling Insider Threat, O2 Telefonica’s IT Security Manager James Bore will look at building a simple model for insider threat, covering:

• An overview of threat modeling
• Why is the insider threat different?
• Categorizing insider threat vectors
• Destruction/Deletion
• Disclosure
• Tampering/Modification
• Malice or negligence

Security IT Summit delegates will also gather for an opening keynote address from LogRhythm and a session entitled Measuring The Effectiveness of Information Security, delivered by Phil Cracknell, CISO at Homeserve.

To register your FREE place, click here.

For more information about attending as a delegate, contact Emily Gallagher at e.gallagher@forumevents.co.uk, or call 01992 374085.

Alternatively, to find out how to attend as a solution provider, contact Chris Cannon at c.cannon@forumevents.co.uk, or call 01992 374096.

Do you specialise in Browser/Web Security? We want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – in July we’re focussing on Browser/Web Security solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re a Browser/Web Security specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Lisa Carter on lisa.carter@mimrammedia.com.

Here are the areas we’ll be covering, month by month:

July – Browser/Web Security

August – Authentication

September – Penetration Testing

October – Vulnerability Management

November – Employee Security Awareness

December – Malware

For information on any of the above topics, contact Lisa Carter on lisa.carter@mimrammedia.com.