Monthly Archives: May 2017

  • 0

NetApp acquires two companies to boost cloud storage

Category : NetApp

NetApp has unveiled two acquisitions it expects to help grow its already-growing converged infrastructure and cloud storage business.

The first acquisition is Immersive Partner Solutions, a developer of software to validate multiple converged infrastructures through their lifecycles.

The second is PlexiStor, provider of software that turns off-the-shelf servers into high-performance converged infrastructure offerings with persistent memory technologies.

The acquisitions were unveiled by NetApp chief executive George Kurian during the company’s fiscal fourth quarter 2017 financial analyst call.

Kurian said his company’s all-flash FlexPod converged infrastructure sales in conjunction with partner Cisco, combined with the company’s channel momentum, helped to strengthen its No. 2 position in the converged infrastructure market with a 44 percent year-over-year growth of FlexPod revenue, as reported by IDC for the fourth calendar quarter.

“We also recently acquired Immersive Partner Solutions, a cloud-based converged infrastructure monitoring, and compliance company,” Kurian said.

“We will integrate this intellectual property into our FlexPod solutions to help customers further simplify and automate lifecycle management and enhance our leadership in the converged infrastructure market.”

NetApp is also leading the industry in the transition to flash with cloud-integrated solutions, Kurian said. The company’s fourth-quarter all-flash array business grew nearly 140 percent year-over-year to an annualized run rate of US$1.7 billion, he said.

“We have entered into an agreement to acquire PlexiStor, a company with technology and expertise in ultra-low latency persistent memory,” he said. “This differentiated intellectual property will help us further accelerate our leadership position and capture new application types and emerging workloads.”

No details were provided about the timing or the terms of either acquisition. Neither acquisition was announced before Kurian’s comments.


  • 0

Join HPE Security at the Gartner Security & Risk Management Summit

Category : HP Security

June is right around the corner, which means it is time for the Gartner Security & Risk Management Summit in National Harbor, MD.  This annual gathering of security and risk management leaders helps organizations prepare for and head off increasingly dangerous cyber threats. The Summit takes place from June 12-15 and this year’s theme is: Manage Risk. Build Trust. Embrace Change.

GartnerWho typically attends? Gartner reports that over 3,000 attendees such as CIOs, CISOs, security analysts and architects, and other related security professionals descend on DC for this annual event. The agenda addresses the latest threats, flexible new security architectures, data privacy, governance strategies and the role of the chief information security officer (CISO).

HPE Security at Gartner

HPE Security feels this show is so important to help educate security professionals that we are a premier sponsor, with a theme of “Fearlessly Innovate.” We are in a period of disruptive change, where success is achieved by innovating faster than the competition. Innovating means adopting technologies that increase productivity, lower costs and extend businesses into new markets. In this environment, organizations that rapidly design, deploy and adapt IT based on the needs of customers, partners and employees cannot be slowed down by security. However, not considering risk in an increasingly connected world jeopardizes innovation.

We feel that security must accelerate, not impede innovation.  We help you build security directly into your data and your apps. We provide the visibility, analytics and automation to rapidly detect, respond to, and remediate threats at scale.

There are many ways to interact with HPE Security and educate yourself in protecting your users, apps and data.

  • Stop by our booth
  • Set up 1:1 meetings with our Security Experts
  • Attend our Solution Provider Session
  • Visit our Learning Labs

Visit our Booth

Visit us at Booth #103 to see live demonstrations of our industry leading Data Security, ArcSight and Fortify product offerings. At the booth, you can set up your 1:1 meeting with our security experts.

Solution provider session:

Join the SIEM Revolution: Q&A Exploring Today’s Intelligent Security Operations 
Today’s Security Operations are facing new disruptors: the sheer scale and variety of data sources, persistent and adaptive threats, and shortage of cybersecurity experts. It requires a revolutionary transformation of SecOps. Join us for a provocative Q&A session with experts managing security operations for some of the world’s largest government and commercial organizations. Hear first-hand stories about how these pros are addressing the toughest security challenges and providing new levels of defense for their businesses.
Date: Monday, June 12
Time: 3:15pm – 4:00pm
Session ID: SPS14

Learning Labs:

New this year at the Gartner Security & Risk Management Summit are learning labs. HPE Security will host several learning labs to educate attendees on various topics including protecting against cyber threats, securing DevOps and data-centric protection for your most valuable data. See the detailed descriptions below and plan to attend the ones that are most relevant.

Data-Centric Protection for Your Most Valuable Data
Are you leaving your most important asset, your data, unattended? Discover how to neutralize breaches, comply with legislation and protect your most valuable data. Data-Centric security protects sensitive data at-rest, in-motion and in-use while powering Omni-Commerce, Cloud and Big Data. Join us to learn why AES FF1 is a strong, vetted, resilient NIST and FIPS validated mode of encryption that enables you to protect your most valuable data.

The new rules of engagement to protect against cyber threats
While organizations agree that protecting against cyber-threats is a top-priority, it is becoming increasingly difficult to pin point what EXACTLY needs to be done to achieve that. In this session, we will look at the three underlying disruptors that are responsible for today’s cyber-attacks and then dive deep into the strategies that intelligent SOCs are adopting to fight against it.

Advances in application security: harness the power of machine learning
As the software environment becomes more complicated, can your app sec program actually become more simplified? See how machine learning can streamline your app sec process by highlighting vulnerabilities that are most critical to your unique enterprise, allowing you to focus on issues of most risk to you. 

Practical advice for securing DevOps: how to code securely without slowing down developers
As enterprises move towards DevOps, deployment cycles get squeezed.  How do you balance speed with security?  The two do not have to be mutually exclusive. In this session, we will share best practices from customers of market leading HPE Security Fortify. See how the best app sec programs deliver more secure code, faster.

2017 Hot Topics at Gartner

Gartner also has many sessions filled with content for security professionals. Some of the hot topics this year include privacy and data security, enabling safer cloud computing, risks and opportunities of the Internet of Things, data security and risk governance, and mobile security for digital business. HPE Security can help you navigate and leverage these topics to make you and your business successful.

Haven’t registered yet? Our customers and prospects can register here with promo code SECSP60 for a discounted full conference pass, courtesy of HPE Security! Looking forward to seeing you at the show.


  • 1

Expanding Automated Threat Hunting and Response with Open DXL

Category : McAfee

Today everyone is talking about security automation. However, what are the right processes and actions to automate safely? What are the right processes and actions to automate that will actually achieve some security outcome, such as improving sec ops efficiency or reducing attacker dwell time? Just look in the latest industry report and you will find a statistic about how long attackers linger in a network without detection. It’s getting better, but the average is still heavily in favor of the attacker.

One of the reasons why attackers are so successful at maintaining persistence is that most organizations struggle to make effective use of threat intelligence. Making effective use means taking the volumes of threat intelligence data, primarily technical Indicators of Compromise (IOCs), hunting for affected systems with those IOCs, and then adapting countermeasures to contain the incident or just update protection. These critical tasks, collecting and validating intelligence, performing triage, and adapting cyber defenses to contain incident must be automated if we ever want to get ahead of the attackers.

McAfee’s Intelligent Security Operations solution automates many key threat hunting tasks. In this solution, McAfee Advanced Threat Defense (ATD), a malware analytic system, produces the local IOCs based on malware submissions from the endpoint and network sensors. It automatically shares the new intelligence with McAfee Enterprise Security Manager (ESM) for automated historical analysis, with the McAfee Active Response component of McAfee Endpoint Threat Defense and Response (ETDR) for real time endpoint analysis, and with McAfee Threat Intelligence Exchange (TIE) for automated containment at the endpoint or network.

However, wouldn’t it be great if we could automate hunting and incident containment for all threat intelligence, not just file hashes? We can expand the capability of the Intelligent Security Operations solution to handle more intelligence and automate more incident response tasks using the power of OpenDXL.

Consolidate Threat Intelligence Collection with OpenDXL and MISP

Organizations need threat intelligence from three different sources:

  • Global intelligence from vendors or large providers
  • Community Intelligence from closed sources, and
  • Enterprise, or Local-Produced

Local threat intelligence, typically produced by malware sandboxes, such as McAfee Advanced Threat Defense (ATD), or learned from previous incident investigations, usually relates to attacks targeted at the enterprise and would not be visible through other external intelligence feeds. Large organizations typically consolidate these feeds inside a threat intelligence platform to simplify the management, sharing and processing of the data.

Using OpenDXL, we can more simply push locally-produced intelligence from ATD into threat intelligence platforms, such as Malware Information Sharing Platform (MISP), an open source intelligence sharing platform. Inside MISP, ATD data can be labeled and combined with other sources providing a central repository to operationalize threat intelligence. Using OpenDXL, MISP can then push all threat intelligence-based IOCs to ESM and Active Response for further triage and out to firewalls, proxies, endpoints and other cyber defense tools for automated containment.

Full IOC Hunting with ESM, Active Response and OpenDXL

One of the best ways to reduce attacker dwell time is to use threat intelligence to hunt for compromised systems in the enterprise with ESM and Active Response. With threat intelligence centrally collected in MISP, we can automate historical analysis using the existing back trace feature in ESM. Using OpenDXL integration with MISP, we can also hunt on all the IOCs and send the results back to ESM or Kibana. This expands the capability of the original solution fully automating the hunting process with both historical and real time searches for all IOCs, not just local intelligence.

Automated Incident Containment with OpenDXL

If a system is found to be comprised, the next task is to contain and update defenses as fast as possible. When it comes to updating cyber defense countermeasures, such as firewalls or web proxy, internal procedures or business silos can slow response. For example, sending a ticket to the firewall team or service provider to block a command-and-control IP address or domain could take hours even in mature organizations. These silos slow down incident response and increase attackers’ dwell time.

With OpenDXL integration with MISP, we can reduce dwell time by pushing all indicators, not just file hashes, out to network and endpoint countermeasures. With OpenDXL integration with MISP, indicators such as command-and-control IP addresses, malicious URLs or domains, and file hashes can be automatically shared with the McAfee Dynamic Endpoint, Network Firewalls such as Force Point or Checkpoint, or Web Proxies such as McAfee Web Gateway. With OpenDXL integration with MISP, we can automate indicator-sharing with any countermeasures on the network or endpoint, to reduce dwell time and better protect your business.

For more information on automated threat hunting with OpenDXL and to get connected with the community of OpenDXL users, I’d encourage you to check out the McAfee DXL architecture guide and the data sheet.


  • 0

Introducing MobileIron Bridge, Harnessing the Power of EMM to Secure and Manage PCs and Cut PC TCO by Up to 80%

Category : Mobile Iron

Presenter:
Abby Guha, Director of Product Marketing | Mark Cavins, Senior Product Manager

Session Date/Time:
Wednesday, November 2 at 10am PDT/6pm BST

Mobile and PC security are converging. PC management has evolved significantly over the years in an effort to support rapidly changing enterprise needs and evolving security models. In the modern enterprise, with a broad variety of devices being utilized by users on-the-go, IT needs a consistent platform to manage devices that are intermittently connected to the corporate network, across both PCs and mobile. Windows 10 addresses modern requirements by shifting device management from domain-joining to establishing Enterprise Mobility Management (EMM) as a single point of trust in the enterprise.

While EMM already solves for many of the most common use cases for PC management, until now there were a few gaps that prevented IT from moving away from old school PC management tools. MobileIron Bridge now closes the GPO gap and frees IT up to harness the power of a modern EMM approach to secure and manage PCs. And with a modern, more efficient approach, organizations can expect to cut up to 60% in PC TCO across a variety of areas. Attend this session to learn more and see how you can build stronger relationships with your customers in the new Windows 10 world.

Register


  • 2

Forget uptime. A low MTTR is the new ‘5 9s’ for IT

Category : F5

Outages are expensive. Whether they’re ultimately the result of an attack or a failure in software or hardware isn’t that relevant. The costs per minute of downtime are increasing, thanks to the growing reliance on APIs and web apps of the modern, digital economy.

For some, those costs are staggering. It’s estimated that Amazon’s 40 minutes of downtime back in 2013 cost them $2.64M. That’s $1100 per second for those disinclined to do the math. If you think that’s horrifying, consider Google, whose 5-minute downtime in the same year cost them $109K per minute (or $1816.67 per second) for a whopping total of $545K. For 5 minutes. Technically, if that was all they suffered, that’s the vaunted “5 9s” IT is tasked with achieving.

How often do outages happen? Too often, apparently. If you’ve never seen this one, take a gander at pingdom’s live outage map. It’s built from data culled from its over 700,000 global users. This morbidly fascinating map displays outages occurring in the past hour across the globe. The bright flashes depicting outages are a nice touch; really drives home the splash they make with users.

Which is to say an unwanted one.

The digital economy exacerbates this problem. Earlier this year an S3 outage at Amazon knocked out a whole spate of customers’ apps and web sites. But lest you pin this problem on public cloud providers, a quick dive into the site builtwith.com will quickly erase that belief. The percentages of sites taking advantage of CDNs and APIs is perhaps alarmingly high if you consider the dependency that incurs on someone else’s uptime. It’s hard to find a site that doesn’t rely on at least one external API or service, which increases the possibility of downtime because if that external service is down, so are you.

Basically, IT settled on “5 9s” because it is impossible to achieve 100% availability. The key today, when per second costs are skyrocketing thanks to the shift of the economy into the digital realm, is to minimize downtime. In other words, setting goals that require a low mean-time to resolution (MTTR), is just as critical – maybe more – than trying to eliminate downtime.

One of the key measures of “high performing organizations” in Puppet Labs’ 2016 State of DevOps Report is MTTR, defined as the time it takes to restore service when a service incident occurs (e.g. unplanned outage or service impairment). The highest performing organizations (based on the report’s assessment) take less than one hour while medium and low performing organizations take “less than one day”. “In other words” the report notes, “high performers had 24 times faster MTTR than low performers.”

You’ll note the question wasn’t “if” there is a service incident. It was “when” there is a service incident. The assumption is that an incident will occur, and thus the key is to minimize the time to resolution. A 2016 survey by IHS reported that “on average, survey respondents experience 5 downtime events per month, and 27 hours of downtime per month” cost the average mid-sized organization $1 and their larger counterparts up to $60M.

If we assume Murphy’s Law still presides over Moore and Conway, the answer is to try to minimize MTTR in order to reduce the time (and costs) associated with inevitable downtime.

That means visibility is critical, which means monitoring. Lots and lots of monitoring. But not just the website, or the web app, or the API – we need to monitor the full stack. From the network to the app services to the application itself. That’s something not everyone does, and when they do, they appear to do it inconsistently.

atlassian-incident-response

Consider the 2017 xMatters|Atlassian DevOps Maturity survey in which 50% of respondents declared they “wait for operations to declare a major incident” before responding. A frightening 1/3 of companies “learn about service interruptions from their customers.”

In a digital economy, every second matters. Not just because it costs money but because it negatively impacts future revenues, as well. Decreasing brand value and trust with customers results in fewer purchases, users, and eventually stagnating growth. That’s not a direction organizations’ should going.

Monitoring is the first step to detecting issues that cause outages. But monitoring alone doesn’t help MTTR. Communication does. Alerting the relevant stakeholders as soon as possible and arming them with the information they need to troubleshoot the issue will assist in a faster time to resolution. That means sharing – one of the four key pillars of DevOps – is key to improving MTTR. Even if you aren’t embracing other aspects of DevOps at a corporate level yet, sharing is one you should consider elevating to a top level initiative. Whether it’s through ChatOps or e-mail, a mobile app or a dynamically updated wiki page, it’s imperative that the information gleaned through monitoring be shared widely across the organization.

A hiccup in a switch or server may seem innocuous, but left alone it might wind up knocking out half the services a critical app depends on. In the 2017 State of the Network study conducting by Viavi, 65% of network and systems administrators cite “determining whether problem is caused by network, system, or apps” as their number one challenge when troubleshooting application issues. Greater visibility and full-stack monitoring is one way to address this challenge, by ensuring that those responsible for finding the root cause have at hand as much information about the status and health of all components in the data path as possible.

Visibility is key to the future of IT. Without it, we can’t achieve the level of automation necessary to redress outages before they occur. Without visibility we can’t reduce MTTR in a meaningful way. Without it, we really can’t keep the business growing at a sustainable rate.

Visibility, like security, should be a first class citizen in the strategy stack driving IT forward. Because outages happen, and it is visibility that enables organizations to recover quickly and efficiently, with as little damage to their brand and bottom line as possible.

Authors:  Lori MacVittie si F5 Networks.


  • 0

Watch FireEye Endpoint Security Detect and Prevent a WannaCry Attack

Category : FireEye

Since May 12, 2017, a highly prolific WannaCry ransomware campaign has been observed impacting organizations globally. WannaCry (aka WCry or WanaCryptor) malware is self-propagating (worm-like) ransomware that spreads through internal networks and over the public internet by exploiting a vulnerability in Microsoft Server Message Block (SMB) protocol. The malware appends encrypted data files with the .WCRY extension, drops and executes a decryptor tool, and demands $300 or $600 USD (via Bitcoin) to decrypt the data.

The following video demonstrates how FireEye Endpoint Security (HX) detects and prevents the WannaCry ransomware threat.

This demonstration first shows how HX Exploit Guard (ExG) can detect and prevent threats. It then goes into the details of how it detected and prevented a WannaCry ransomware attack, and walks the viewer through the exact process that it took and how ExG is able to deal with threats in real-time. The demo exposes how ransomware works, and how the overall design of ExG and HX can effectively deal with these and other types of threats.


  • 0

Safely Embracing the Cloud – Forcepoint CASB Overview

Category : Forcepoint

In order to understand your organization’s risks and protect your users, your security teams need visibility into how users interact with data in the Cloud.

The ability to monitor and control how your users engage with sanctioned cloud applications is key. Learn about Forcepoint CASB (Cloud Access Security Broker) while we review your options for safely embracing cloud apps.

Register

 

 


  • 0

Who Owns Cybersecurity Risk Management?

Category : Gigamon

In light of the countless cyber incidents reported daily—including the high-profile Yahoo database breaches that impacted hundreds of millions of customers—the question of risk responsibility is more front and center than ever before. To date, there’s remained a troubling tendency to view cybersecurity as fundamentally different and separate from other organizational risks. Or, it’s simply viewed as an “IT problem” best left handled by those with the requisite experience and operational subject matter expertise.

 And there’s the rub. Just because something is complex and highly technical doesn’t absolve senior leadership of their responsibility for it. That includes Yahoo’s CEO Marissa Mayer as well as, say, hospital board members and executives who have long been responsible for protecting their organizations from complicated and complex risks associated with quality, patient safety, and evolving medical innovations.

Cybersecurity can no longer be ignored or treated separately by senior leadership. Because if it is, who then owns cybersecurity risk management?  

The Role and Responsibility of the Board

Many boards delegate cybersecurity governance and oversight to an audit or risk committee. Others approach it as a separate strategic priority or within an existing enterprise strategic risk management governance structure. Some don’t address it at all.

The size, industry, and business complexity of an organization often dictates the approach. For example, the board of a bank would likely take a different approach to cybersecurity governance than, perhaps, a mining company with extensive IP-enabled machinery and control systems.   

Regardless of the approach, just as boards are ultimately responsible and legally accountable for overseeing an organization’s financial health, systems and controls, so, too, are they responsible for providing strategic risk management direction to senior leadership as well as oversight of systems, policies, processes and controls in regards to cybersecurity.

While board members may not actually need to be able to write firewall rules, they certainly need to attain and maintain an acceptable level of “cybersecurity literacy.” And they need to ensure the fulfillment of their governance, oversight and fiduciary responsibilities by making cybersecurity a strategic priority and holding management accountable for managing and reporting results.

The National Association of Corporate Directors has nicely distilled these responsibilities down to five principles:

PRINCIPLE 1: Directors need to understand and approach cybersecurity as an enterprise-wide risk management issue, not just an IT issue.

PRINCIPLE 2: Directors should understand the legal implications of cyber risks as they relate to their company’s specific circumstances. 

PRINCIPLE 3: Boards should have adequate access to cybersecurity expertise, and discussions about cyber-risk management should be given regular and adequate time on the board meeting agenda.

PRINCIPLE 4: Directors should set the expectation that management will establish an enterprise-wide, cyber-risk management framework with adequate staffing and budget.

PRINCIPLE 5: Board discussion of cyber risk management should include identification of which risks to avoid, accept, mitigate, or transfer through insurance, as well as specific plans associated with each approach.

More complete details on these principles are available in the NACD Director’s Handbook on Cyber-Risk Oversight.

The Role and Responsibility of the CEO 

While the board is responsible for providing strategic direction and oversight, the CEO is ultimately accountable to the board for the operational management of cybersecurity risk and the implementation of policies, procedures and controls to ensure these objectives are being met. This responsibility includes reporting to the board in a timely, transparent and detailed manner.

Often, the CEO will defer to the chief information officer (CIO) or, if the organization is larger and more complex, possibly the chief information security officer (CISO) to present quarterly or annually to the board. These presentations can sometimes take the form of assurances that “everything is being done” and may also include metrics and key performance indicators as data points for review.

Where this approach falls short of proper governance is in the case where there was an inability to meet key performance indicators or an actual breach occurred. The CEO cannot shift responsibility onto the shoulders of the CIO or CISO and lay blame with the IT department. This would be the equivalent of the CEO differing to the CFO to present a dismal financial report to the board and blaming the accounting department for a drastic decline revenue.

The inability of a CISO to meet key performance indicators might be due to insufficient budget priority given to cybersecurity in general or, alternatively, a drastic decline in revenue might have resulted from loss in consumer confidence due to a security or privacy breach.  Today, there is no way to separate cybersecurity from all other strategic objectives and operations of any organization, regardless of its complexity.

Moreover, each business unit or department must also embrace cybersecurity as a business imperative and priority. The extent to which they do so will be a direct reflection of the level of strategic priority given to it by both the board and CEO.

Along with setting the proper “tone from the top,” the CEO must provide direction and resolve conflicts related to conflicting departmental priorities. For example, marketing and sales may want to ensure that a product is easy to use and insist on removing friction to user adoption such as second-factor authentication or other security enhancements demanded by product engineering that may impede a potential consumer from choosing and purchasing the product or service. 

Balancing the need to drive adoption and, consequently, revenue versus the need to protect both customers and the organization and therefore the brand is not a decision that can be made by front line management. Nor should they shoulder the responsibility.

Ultimately, there is no escaping the reality that the board is responsible for oversight and strategic direction of cybersecurity while the CEO owns operational management responsibility. However, these responsibilities need to be aligned and integrated into all other strategic and operational business decisions.

Accordingly, the IT department or the CISO are responsible for the day-to-day activities required to implement, manage and report on cybersecurity risk and should report to a member of the senior leadership team or the CEO directly who can oversee the enterprise’s cybersecurity program decision-making, and to whom the board can look as accountable for cybersecurity.

So Who Owns Management of Cybersecurity Risk?

The question is best answered in terms of who owns financial risk within the organization? Or who owns patient safety risk? Or who owns risk associated with shareholder value? Each organization may take a different approach to answering these questions, but elevating cybersecurity risk to the strategic level of these other risk categories, recognizing that it also intersects significantly with all of these other risk categories and dealing with it as a strategic priority at all levels of the organization is no longer optional. 

– See more at: https://www.gigamon.com/blog/2017/05/26/owns-cybersecurity-risk-management/#sthash.qZxbAtpD.dpuf


  • 0

Securing the Connected Car Steps Up a Gear

Category : Check Point

Here in my car, I feel safest of all …” That line from Gary Numan’s hit single, ‘Cars’ sums up the way many of us feel when we’re driving: safe and protected in the privacy of our vehicles. But cars are increasingly connected to the outside world. Features that were once only available on premium luxury brands are now available across manufacturers’ model ranges, in basic city cars. These features include Bluetooth connectivity for pairing mobile phones, GPS navigation, 4G wifi hotspots, collision avoidance systems, remote diagnostics and more. In fact, with these capabilities, cars are rapidly becoming data networks on wheels.

The production of new cars equipped with data connectivity, either through a built-in communications module or by a tether to a mobile device, was forecast by Gartner to reach 12.4 million during 2016, increasing to 61 million in 2020 – representing nearly 70% of all cars shipped globally. This external connectivity is also mirrored in cars’ control systems, with even basic vehicles now using multiple electronic control units containing millions of lines of code, controlling all aspects of the car from engine management, to the brakes, steering and entertainment systems. But as development of the electronically controlled, connected car, sped up, security was left behind.

Over the past couple of years, researchers have repeatedly demonstrated how connected cars can be hacked and controlled from afar – in particular in 2015 when two white-hat hackers remotely took control of a Jeep Cherokee. This incident prompted Chrysler to recall 1.4 million vehicles. While a malicious cyberattack on a vehicle has yet to take place, the potential danger is real – so much so that the FBI, Department of Transportation, and National Highway Traffic Safety Administration issued a memo warning of the dangers to connected vehicles – including hackers disabling a vehicle’s brakes or steering, shutting the engine down, or manipulating other on-board systems. The report states, “These cars have become moving endpoints which continue to stay defenseless. Their mobility and distinct entry points pose significant difficulties to protect them. Just imagine trying to guard a moving castle which has to allow visitors in from several different avenues.”

To address this increasingly complex challenge, Check Point, HDBaseT Alliance and Valens are revving up their engines and joining forces to develop the best solution for protecting connected cars. Today, we announced that we are joining HDBaseT Alliance’s Automotive Working Group to define new cyber-security industry standards and co-develop solutions for the next generation of connected automobiles.

Check Point will lead the Cyber Security Working Group, and Valens, inventor of HDBaseT and HDBaseT Alliance founder, will play a central role in the collaboration to accelerate design and development of these requirements. Argus Cyber Security, the world’s largest independent automotive cyber security company, is also joining the Alliance, and will be the first company to join the Cyber Security Working Group.

Issues that the working group will address include: how to guarantee the connected car’s robust network configuration and segregation, firewalling, security level ranking, and securing external communications and 3rd Party solutions.

While in-vehicle connectivity continues to advance, and new technologies become available, we must address the advanced cybersecurity risks they pose. Security for the connected car is no longer optional, it’s a lifesaver – for drivers, other road users and pedestrians too. By joining the HDBaseT Alliance, we intended to steer the design of the best security solutions for today and tomorrow’s car industry, to be one step ahead of automotive threats – delivering security that moves even faster than hackers can.


  • 0

Cybersecurity Threat Landscape Has Grown Exponentially

Category : Cisco

Cyber crooks are now casting a wider net, attacking not just PCs and mobile phones but also Internet-connected devices like security cameras or routers, which has “exponentially” increased the risk landscape, Cisco CEO Chuck Robbins said today.

The $49 billion firm has a $2 billion security business and is helping customers across the globe devise their security strategy both proactively and reactively.

“The threat landscape is getting so much bigger. The distributed denial-of-service (DDoS) attacks where 50,000-100,000 IoT devices were enslaved in a botnet (Mirai attack), Wannacry. The risk is going to increase exponentially and we have to have a robust end-to-end architecture to actually solve this,” Robbins said at the Internet of Things (IoT) World Forum here.

He added that 71 per cent of executives around the world say cyber security concerns are slowing down their digital progress.

“We block 20 billion threats per day. We have a team of 250 threat researchers… Security is fundamental… You have to acknowledge that threats will get in, and you will have to build a similar strategy to make sure that you can identify, remediate and defending (against) them proactively,” Robbins said.

The US-based tech firm Cisco will launch its ‘IoT Threat Defense’ solution with features like network behaviour analytics and malware protection to provide visibility and analysis of traffic to and from IoT devices and detect anomalies, block threats, identify compromised hosts, and help mitigate user error.

Earlier this month, ‘Wannacry’ ransomware took on the world by storm, infecting thousands of computers globally, including in India. The malware locked computers and the cybercriminals demanded $300 in cryptocurrencies to unlock the devices.

While the government maintains that there were few stray incidents in India, various reports by security solutions companies said the Asian country was amongst the worst hit nations by Wannacry.

According to Cisco’S 2017 Annual Cybersecurity Report, such cyber attacks can impact operations, reputation, and revenue of organisations. Also at stake is unauthorised access to the enterprise’s networks, data and IP loss, and even business shutdown, the report notes.

With industries like manufacturing, healthcare and utilities like power companies introducing more Internet-connected (IoT) devices, it becomes pertinent that they have robust security systems in place.

Over the last few months, Cisco has ramped up its security operations in India to cash in on the burgeoning opportunity. Last month, it set up its fifth global cyber range lab in Gurugram to train Indian firms and government agencies on real-world cyber attacks.

The company has also set up a Security Operations Centre (SOC) in Pune — its fourth after the US, Poland and Japan — to provide a broad range of services, including monitoring of threats and its end-to-end management for enterprise needs. It will be linked to other Cisco SOCs across the world.

These centres are part of Cisco’s $100 million investment commitment to India.


Support