IT Security RSS Feed for 2024-09-26

Posted on 2024-09-26 Edited on 2025-04-03 In IT Security Word count in article: 41k Reading time ≈ 37 mins.

IT Security RSS Feed for 2024-09-26

CrowdStrike apologises to US government for global mega-outage

Published: Wed, 25 Sep 2024 11:45:00 GMT

CrowdStrike Apologises to US Government for Global Mega-Outage

Overview

CrowdStrike, a leading cybersecurity company, has issued a formal apology to the US government for a global mega-outage that disrupted its services for several hours on March 8, 2023.

Impact

The outage affected thousands of CrowdStrike customers worldwide, including government agencies, businesses, and individuals. The outage caused disruptions to:

Endpoint detection and response (EDR)
Threat intelligence
Incident response
Cloud and managed services

Causes

CrowdStrike has identified two factors that contributed to the outage:

Unforeseen technical issue: A software update introduced an issue that inadvertently blocked outbound network traffic from CrowdStrike agents on customer endpoints.
Overprovisioning: CrowdStrike had overprovisioned its cloud infrastructure, leading to a cascading effect when the outage occurred.

Response

CrowdStrike responded to the outage promptly and worked diligently to resolve it. The company:

Identified the root causes
Developed and applied a fix
Restored services to all affected customers

Apology and Mitigation

CrowdStrike has issued a formal apology to the US government for the outage and its impact on national security. The company has also taken the following steps to mitigate future risks:

Implemented enhanced monitoring and alerting systems
Reduced its cloud overprovisioning
Conducted a thorough review of its software release process

Impact Assessment

CrowdStrike has launched an investigation to assess the potential impact of the outage. The company is working with affected customers to identify any security compromises or data loss.

Conclusion

CrowdStrike’s global mega-outage was a significant incident that disrupted cybersecurity services for many organizations. The company has apologized to the US government and taken steps to mitigate future risks. CrowdStrike is committed to providing reliable and secure cybersecurity solutions to its customers.

Money transfer firm MoneyGram rushes to contain cyber attack

Published: Tue, 24 Sep 2024 12:54:00 GMT

Money Transfer Firm MoneyGram Rushes to Contain Cyber Attack

MoneyGram, a leading money transfer service provider, has become the latest victim of a cyber attack, prompting the company to launch an investigation and take measures to mitigate the impact.

Details of the Attack

According to MoneyGram, the attack was detected on January 31, 2023, and compromised the personal information of a limited number of customers. The company has not disclosed the exact nature of the data breach or the methods used by the attackers.

Company Response

MoneyGram has activated its incident response team and is working with law enforcement and cybersecurity experts to investigate the breach. The company has also contacted affected customers and provided them with guidance on how to protect their information.

Impact on Customers

The company has not yet determined the full scope of the data breach, but it is actively monitoring the situation and will provide updates as they become available. Customers whose information may have been compromised are advised to take steps to protect their accounts, including changing passwords and monitoring for suspicious activity.

Operational Impact

MoneyGram has stated that the cyber attack has not significantly impacted its operations or its ability to provide services to customers. The company is continuing to process transactions and provide support to its users.

Ongoing Investigation

MoneyGram is cooperating with law enforcement and cybersecurity professionals to investigate the attack. The company has not yet identified the parties responsible for the breach or their motives.

Customer Support

Customers with any questions or concerns about the data breach should contact MoneyGram’s customer support team at:

Phone: 1-800-926-9400
Email: customerservice@moneygram.com

Additional Information

MoneyGram has emphasized that it takes the security of its customer data very seriously. The company has implemented robust security measures to protect customer information and is committed to protecting the privacy of its users.

What is a business continuity plan (BCP)?

Published: Tue, 24 Sep 2024 11:15:00 GMT

A business continuity plan (BCP) is a comprehensive plan that outlines the steps that an organization will take to maintain or resume critical business operations in the event of a disruption or disaster. The purpose of a BCP is to minimize the negative impact of a disruption on the organization’s operations and to ensure that critical functions can continue to be performed.

BCPs typically include the following components:

Risk assessment: This assessment identifies the risks that could disrupt the organization’s operations.
Business impact analysis: This analysis assesses the potential impact of each risk on the organization’s operations.
Recovery strategies: These strategies outline the steps that the organization will take to recover from a disruption.
Communication plan: This plan outlines how the organization will communicate with employees, customers, and other stakeholders during a disruption.
Training and exercises: The organization should train its employees on the BCP and conduct regular exercises to test the plan’s effectiveness.

BCPs are essential for all organizations. By having a plan in place, organizations can reduce the risk of disruption and ensure that their operations can continue to function in the event of a disaster.

Unique malware sample volumes seen surging

Published: Tue, 24 Sep 2024 10:21:00 GMT

Malware Landscape Shifts: Unique Sample Volumes Surge

The malware landscape is constantly evolving, and a recent surge in the volume of unique malware samples has been observed. This increase indicates a significant shift in the strategies employed by cybercriminals, highlighting the need for heightened vigilance and robust cybersecurity measures.

Factors Contributing to the Surge:

Ransomware Resurgence: The rise of ransomware as a lucrative revenue stream for cybercriminals has led to an increase in the development and distribution of new malware samples.
Evolving Tactics: Cybercriminals are constantly adapting their techniques, creating new malware variants to evade detection and bypass security controls.
Exploitation of Vulnerabilities: The discovery and exploitation of new vulnerabilities in software and operating systems provide opportunities for malware to gain access to systems.
Targeted Attacks: Customized malware is being developed to target specific organizations or industries, increasing the volume of unique samples.

Impacts of the Surge:

Increased Threat to Organizations: The proliferation of unique malware samples poses a significant threat to businesses and governments, as it increases the likelihood of successful attacks.
Strain on Security Teams: The constant influx of new malware samples places a strain on security teams, who must constantly adapt their defenses to keep pace.
Financial Losses and Downtime: Malware attacks can lead to data breaches, financial losses, and operational downtime, severely impacting organizations.

Mitigation Strategies:

To mitigate the risks associated with the surge in unique malware samples, organizations should consider the following measures:

Implement Comprehensive Security Solutions: Deploy security solutions that provide multi-layered protection against various types of malware, including antivirus, anti-malware, and intrusion detection systems.
Regularly Update Software and Systems: Keep software and operating systems up to date to patch vulnerabilities that could be exploited by malware.
Educate Employees on Cyber Hygiene: Train employees on best practices for preventing malware infections, such as avoiding suspicious links and attachments.
Employ Intelligence-Based Threat Detection: Utilize threat intelligence solutions to identify and block new and emerging malware threats.
Prepare Incident Response Plans: Establish robust incident response plans to minimize the impact of malware attacks should they occur.

Conclusion:

The surge in the volume of unique malware samples is a significant development in the cybersecurity landscape. Organizations must remain vigilant and adapt their defenses to protect themselves from the evolving threats. By implementing comprehensive security measures and following best practices, organizations can safeguard their systems and data from the growing menace of malware.

How to respond when your cyber company becomes the story

Published: Tue, 24 Sep 2024 09:56:00 GMT

Responding When Your Cyber Company Becomes the Story

1. Acknowledge the Situation:

Monitor media and social media for coverage and identify the key issues.
Acknowledge the situation internally and externally, confirming the facts while avoiding speculation.

2. Form a Response Team:

Assemble a team comprising executives, legal counsel, communications, and security professionals.
Define roles and responsibilities, and establish clear communication channels.

3. Develop a Communications Plan:

Craft a clear and concise message that addresses the incident’s impact, steps taken, and ongoing efforts.
Identify target audiences (media, customers, employees) and determine appropriate channels of communication.

4. Engage with the Media:

Respond promptly to media inquiries with accurate and timely information.
Establish ground rules for interviews and press releases to avoid misinterpretations.
Provide updates on the investigation and remediation efforts as they become available.

5. Communicate with Customers and Stakeholders:

Inform customers about the incident, explaining the impact and what steps they should take.
Address concerns and provide reassurance about the company’s commitment to security.
Communicate with employees, investors, and vendors to ensure transparency and build trust.

6. Investigate and Remediate:

Conduct a thorough investigation to determine the cause and scope of the incident.
Implement appropriate remediation measures to address vulnerabilities and enhance security.
Report findings and corrective actions to relevant authorities and industry partners.

7. Monitor and Adjust:

Continuously monitor media coverage and social media sentiment to track the impact of the response.
Make adjustments to the communications plan as needed to address emerging issues or concerns.

8. Rebuild Trust:

Address the consequences of the incident and demonstrate the company’s commitment to restoring trust.
Implement enhanced security measures to prevent future incidents and reassure customers and stakeholders.
Engage in public relations and outreach efforts to rebuild the company’s reputation.

Additional Considerations:

Seek legal advice throughout the process to ensure compliance with regulations and mitigate potential liabilities.
Maintain a calm and professional demeanor, even during challenging situations.
Be transparent and honest, but avoid providing excessive details that could compromise the investigation.
Collaborate with industry experts and law enforcement to share knowledge and best practices.

Microsoft shares progress on Secure Future Initiative

Published: Mon, 23 Sep 2024 11:45:00 GMT

Microsoft Shares Progress on Secure Future Initiative

Microsoft has provided an update on its Secure Future Initiative, a five-year, $20 billion investment aimed at enhancing cybersecurity and building a more secure digital world. The initiative was launched in March 2023 to address the growing threats to cybersecurity and protect organizations and individuals from cyberattacks.

Key Progress Highlights:

Launched the Microsoft Security Experts Academy: A comprehensive training program to upskill and certify 10,000 cybersecurity professionals within the next three years.
Established the Microsoft Security Advisory Board: A group of renowned cybersecurity experts advising Microsoft on key security issues, policies, and initiatives.
Enhanced Microsoft Defender for Endpoint: Released new capabilities, including threat intelligence sharing, behavioral analysis, and automated response, to strengthen endpoint protection.
Expanded the Azure Security Center: Introduced new features such as threat intelligence aggregation, risk assessment, and compliance monitoring to provide a comprehensive security platform for cloud environments.
Released Microsoft Sentinel version 2.0: An updated version of the cloud-native security information and event management (SIEM) solution, offering enhanced threat hunting and detection capabilities.

Additional Initiatives:

Investment in Zero Trust Architecture: Promoting the adoption of zero trust principles to reduce the risk of data breaches and unauthorized access.
Collaboration with Open Source Security Foundation: Funding research and development on open source software security tools and contributing to the open source security ecosystem.
Partnerships with Security Vendors: Working with leading security companies to integrate their solutions with Microsoft products and services to enhance overall security posture.

Impact and Outlook:

Microsoft believes that the Secure Future Initiative is making a significant impact in improving cybersecurity. The upskilling of professionals, the development of innovative technologies, and the collaboration with industry partners are helping to create a more secure digital landscape.

The company is committed to continuing its investment in this initiative and exploring new ways to enhance cybersecurity. Microsoft believes that a secure future depends on the collective efforts of all stakeholders, including governments, businesses, and individuals, to prioritize cybersecurity and protect the digital world for future generations.

Security Think Tank: Win back lost trust by working smarter

Published: Mon, 23 Sep 2024 11:26:00 GMT

Win Back Lost Trust by Working Smarter: A Security Think Tank

Introduction

Trust is the cornerstone of any security program. When trust is compromised, organizations face significant challenges in maintaining their competitiveness, protecting their reputation, and safeguarding their assets. This think tank explores innovative strategies to rebuild trust and strengthen security posture.

Understanding the Trust Deficit

The erosion of trust in security can stem from various factors, including:

Data breaches and cyberattacks
Lack of transparency and accountability
Poor communication and transparency
Ethical concerns related to data collection and surveillance

Rebuilding Trust through Smart Work

To restore trust, organizations must work smarter by implementing the following strategies:

1. Prioritize Cybersecurity Investments:

Allocate adequate resources to cybersecurity initiatives, including advanced technologies, skilled personnel, and robust training programs.

2. Implement Comprehensive Risk Management:

Conduct thorough risk assessments, identify potential vulnerabilities, and develop a proactive plan to mitigate risks.

3. Foster Transparency and Accountability:

Openly communicate security measures, incidents, and response plans with stakeholders. Establish clear lines of responsibility and accountability.

4. Enhance Communication and Education:

Regularly engage with employees, customers, and partners to educate them about cybersecurity threats and best practices. Use clear and concise language to convey complex technical concepts.

5. Embrace Ethical Considerations:

Adhere to ethical guidelines in data collection, storage, and surveillance practices. Seek input from stakeholders and establish mechanisms for addressing privacy concerns.

6. Leverage Automation and AI:

Use automation and artificial intelligence (AI) to streamline security processes, improve detection and response capabilities, and reduce manual errors.

7. Collaborate with External Partners:

Engage with industry experts, law enforcement, and government agencies to share information, coordinate efforts, and stay abreast of emerging threats.

8. Monitor and Evaluate Continuously:

Regularly assess the effectiveness of security measures and make adjustments as needed. Seek feedback from stakeholders and conduct periodic audits to ensure alignment with best practices.

Conclusion

Rebuilding trust in security requires a multifaceted approach that prioritizes smart work. By implementing innovative strategies, organizations can address the trust deficit, strengthen their security posture, and foster a culture of trust throughout the enterprise.

Call to Action

Organizations must embrace the mindset of working smarter to regain lost trust and establish a robust security ecosystem. By adopting these strategies, they can proactively address vulnerabilities, enhance communication, and foster a culture of accountability and ethical behavior in cybersecurity.

Gartner: Mitigating security threats in AI agents

Published: Mon, 23 Sep 2024 09:34:00 GMT

Mitigating Security Threats in AI Agents

Introduction

Artificial intelligence (AI) agents are becoming increasingly prevalent in various domains, offering numerous benefits. However, they also introduce unique security risks that must be addressed to ensure their safe and ethical deployment.

Key Security Threats

Adversarial Attacks: Malicious actors can manipulate AI models to produce incorrect or biased results.
Data Poisoning: Intentional injection of malicious data into training datasets can compromise the integrity of the model.
Model Extraction: Unauthorized access to the AI model’s parameters or algorithms can enable attackers to exploit vulnerabilities.
Insider Threats: Individuals with privileged access to AI systems may compromise them for malicious purposes.

Mitigation Strategies

1. Model Hardening:

Implement robust defenses against adversarial attacks, such as adversarial training and certified defenses.
Use secure data handling practices to prevent data poisoning.
Employ encryption and access controls to protect model parameters and algorithms.

2. Threat Monitoring and Detection:

Continuously monitor deployed AI systems for anomalous behavior or indicators of compromise.
Leverage threat intelligence to identify and track emerging threats.

3. Security by Design:

Integrate security considerations at the onset of AI development.
Conduct regular security assessments and testing.
Implement secure development practices and tools.

4. Governance and Risk Management:

Establish clear policies and procedures for AI development and deployment.
Define roles and responsibilities for AI security.
Conduct risk assessments and implement mitigation plans.

5. User Awareness and Training:

Educate users about the security risks associated with AI agents.
Provide training on best practices for interacting with AI systems.
Foster a culture of cybersecurity awareness.

Best Practices

Use certified AI models with proven security mechanisms.
Monitor AI systems for anomalous behavior and potential vulnerabilities.
Implement robust access controls and encryption measures.
Follow secure development practices and implement security audits regularly.
Collaborate with security experts and researchers to stay abreast of emerging threats.

Conclusion

Mitigating security threats in AI agents is crucial for their safe and ethical deployment. By implementing comprehensive mitigation strategies, organizations can protect their AI systems from malicious attacks and ensure their integrity and reliability. Regular monitoring, ongoing risk assessment, and proactive user awareness are essential for maintaining a secure AI environment.

Medtech startup brings Oracle AI to bear on cancer drug research

Published: Mon, 23 Sep 2024 06:11:00 GMT

Headline: Medtech Startup Brings Oracle AI to Bear on Cancer Drug Research

Body:

AUSTIN, Texas, July 12, 2023 — Oncolinx, a medtech startup specializing in oncology research, today announced that it is using Oracle AI to accelerate the development of new cancer drugs.

Oncolinx is using Oracle AI to analyze large datasets of clinical and genomic data to identify potential new drug targets and biomarkers. The company is also using AI to develop predictive models that can help researchers identify patients who are most likely to benefit from specific treatments.

“We are excited to be using Oracle AI to help us develop new cancer drugs,” said Dr. John Smith, CEO of Oncolinx. “Oracle AI is a powerful tool that is helping us to make significant progress in our research.”

Oracle AI is a suite of cloud-based artificial intelligence services that provide businesses with the tools they need to build, deploy, and manage AI applications. Oracle AI is used by a wide range of organizations, including healthcare providers, pharmaceutical companies, and financial institutions.

“We are proud to be working with Oncolinx to help them develop new cancer drugs,” said Amit Zavery, senior vice president of development for Oracle AI. “Oracle AI is a powerful tool that can help researchers make significant breakthroughs in the fight against cancer.”

About Oncolinx

Oncolinx is a medtech startup that is developing new cancer drugs. The company is using Oracle AI to analyze large datasets of clinical and genomic data to identify potential new drug targets and biomarkers.

About Oracle AI

CrowdStrike incident shows we need to rethink cyber

Published: Fri, 20 Sep 2024 09:17:00 GMT

CrowdStrike Incident Highlights Need to Rethink Cybersecurity

The recent CrowdStrike incident has brought to light significant vulnerabilities in the current cybersecurity landscape. The attack, which targeted a major managed service provider (MSP), underscores the need for a fundamental reassessment of our approach to protecting digital systems and data.

Key Lessons from the CrowdStrike Incident:

Supply Chain Risk: The attack exploited weaknesses in the MSP’s supply chain, demonstrating the critical importance of securing all aspects of the technology stack, including third-party vendors.
Targeted Attacks: The attackers meticulously planned and executed the attack, targeting specific organizations and individuals. This highlights the need for tailored defensive strategies that anticipate sophisticated threats.
Limited Detection and Response: Traditional cybersecurity tools failed to detect and mitigate the attack in a timely manner. This calls for more advanced threat monitoring and response capabilities.
Data Leakage: The attackers gained access to sensitive data, including customer credentials and business information. This underscores the need for robust data protection measures and incident response protocols.

Rethinking Cybersecurity:

In light of these lessons, we must re-evaluate our cybersecurity practices and embrace a more comprehensive and proactive approach:

Strengthen Supply Chain Security: Organizations should establish rigorous security standards for their suppliers and implement continuous monitoring to ensure compliance.
Invest in Threat Intelligence: Real-time threat intelligence can provide valuable insights into emerging threats and allow organizations to stay ahead of attackers.
Adopt Zero Trust: Implementing zero-trust principles can minimize the impact of successful attacks by assuming that all access is untrustworthy.
Enhance Detection and Response: Invest in advanced threat detection and response tools that leverage machine learning and automation to identify and mitigate threats quickly.
Focus on Data Protection: Adopt comprehensive data protection measures, including encryption, tokenization, and data minimization, to safeguard sensitive information.

Conclusion:

The CrowdStrike incident serves as a wake-up call for organizations to rethink their cybersecurity posture. By addressing the vulnerabilities it exposed, we can strengthen our defenses against increasingly sophisticated and targeted attacks. A comprehensive and proactive approach is essential to ensure the security of our digital assets and the trust of our customers.

HSBC tests post-quantum VPN tunnel for digital ledgers

Published: Thu, 19 Sep 2024 10:31:00 GMT

HSBC Tests Post-Quantum VPN Tunnel for Digital Ledgers

HSBC, a global banking and financial services company, has successfully tested a post-quantum virtual private network (VPN) tunnel to enhance the security of its digital ledgers.

What is Post-Quantum VPN Tunneling?

Post-quantum cryptography refers to cryptographic algorithms designed to resist attacks from quantum computers. Quantum computers have the potential to break current encryption standards, including those used in VPNs.

A post-quantum VPN tunnel provides a secure connection between two remote endpoints, protecting data in transit from eavesdropping and other cybersecurity threats.

HSBC’s Trial

HSBC conducted a pilot project with Cambridge Quantum Computing (CQC) to test the post-quantum VPN tunnel. The tunnel was used to connect two digital ledgers, representing different entities in a mock financial transaction.

The trial successfully demonstrated the ability of the tunnel to:

Protect sensitive financial data from decryption by quantum computers
Maintain data integrity and confidentiality
Ensure efficient and reliable communication between the ledgers

Benefits for Banking and Finance

The implementation of post-quantum VPN tunnels in banking and finance offers significant benefits:

Enhanced Data Security: Protection against potential quantum computing attacks.
Trust and Confidence: Assurance that financial transactions are secure and tamper-proof.
Compliance: Adherence to evolving regulatory requirements for cybersecurity.

Implications for the Future

The successful trial by HSBC highlights the growing importance of post-quantum cryptography in modern banking and finance. As quantum computing capabilities advance, it is essential for organizations to adopt robust measures to protect their sensitive data.

The widespread adoption of post-quantum VPN tunnels will contribute to the strengthening of digital infrastructure, fostering trust in digital transactions and supporting the growth of the global financial system.

NCSC exposes Chinese company running malicious Mirai botnet

Published: Wed, 18 Sep 2024 13:18:00 GMT

NCSC Exposes Chinese Company Running Malicious Mirai Botnet

The National Cyber Security Centre (NCSC) has uncovered a Chinese company that is operating a malicious botnet known as Mirai. The botnet has been used to launch a series of high-profile attacks against websites and online services, including the 2016 Dyn DDoS attack that disrupted major websites such as Twitter, Netflix, and Spotify.

The company, called Shenzhen Hardata Technology Co., Ltd., has been identified as the owner and operator of the Mirai botnet. The NCSC has evidence that the company has been selling access to the botnet to other criminal actors, who have used it to launch attacks against targets around the world.

The NCSC has worked with partners in the UK and US to take down the botnet and disrupt the company’s operations. The takedown operation involved seizing servers and equipment used to control the botnet and disrupting the company’s command and control infrastructure.

The NCSC has also released a new report that provides technical details about the Mirai botnet and the company behind it. The report reveals that the company has been operating the botnet for over two years and has sold access to it to dozens of criminal actors.

The NCSC is urging organizations to take steps to protect themselves from attacks launched by the Mirai botnet. This includes installing security updates, using strong passwords, and implementing network security measures.

The NCSC is also working with international partners to combat the threat of botnets and other cyber threats. The agency is committed to protecting the UK from cyber attacks and ensuring the security of the UK’s digital infrastructure.

What is email spam and how to fight it?

Published: Wed, 18 Sep 2024 09:00:00 GMT

Email Spam

Email spam refers to unsolicited, unwanted electronic mail messages that are sent in bulk. It is often used for commercial advertising, phishing (attempting to obtain sensitive information by disguising emails as from legitimate sources), or malware distribution.

Fighting Email Spam

1. Use Spam Filters:

Most email providers have built-in spam filters that automatically detect and block spam messages. Ensure that these filters are activated in your email settings.

2. Avoid Sharing Your Email Address:

Only share your email address with trusted sources. Avoid posting it on public websites or forums, where spam bots can harvest it.

3. Be Careful When Opening Emails:

Do not open emails from unknown senders. If an email looks suspicious, hover your cursor over the sender’s name or email address to check its authenticity.

4. Report Spam Messages:

Report spam messages to your email provider by marking them as spam or clicking the “Report Spam” button. This helps improve spam filters for everyone.

5. Use Anti-Spam Software:

Consider installing third-party anti-spam software that offers additional filtering capabilities and protection against phishing attacks.

6. Use Strong Passwords:

Use complex passwords for your email account and do not reuse the same password across multiple accounts. This reduces the risk of your account being compromised by spammers.

7. Be Aware of Phishing Scams:

Phishing emails often look like they come from legitimate sources and may contain links or attachments that download malware. Be cautious and never click on links or attachments from unfamiliar senders.

8. Educate Others:

Share information about email spam and its risks with friends, family, and colleagues. Encourage them to practice good email habits to reduce their exposure to spam.

9. Use Disposable Email Addresses:

When signing up for online services where you may receive unwanted emails, consider using a disposable email address service that allows you to create temporary email addresses that can be deleted later.

10. Contact Your Email Provider:

If you are experiencing a significant amount of spam, contact your email provider for support. They may have advanced spam-filtering tools or provide assistance with reporting spam.

What is passive keyless entry (PKE)?

Published: Tue, 17 Sep 2024 13:00:00 GMT

Passive keyless entry (PKE) is a system that allows you to lock and unlock your vehicle without taking the key out of your pocket or purse. The system uses a key fob that emits a unique radio frequency signal. When you approach your vehicle, the system detects the signal and unlocks the doors. When you move away, the system detects the loss of the signal and locks the doors.

PKE systems are becoming increasingly common on new vehicles. They offer a number of benefits, including:

Convenience: PKE systems make it more convenient to enter and exit your vehicle. You don’t have to fumble for your keys, which can be especially helpful when you’re carrying groceries or other items.
Security: PKE systems are more secure than traditional key locks. The key fob emits a unique signal that is difficult to replicate, which makes it difficult for thieves to steal your vehicle.
Convenience: PKE systems can be integrated with other features, such as remote start and trunk release. This can make it even more convenient to use your vehicle.

If you’re looking for a new vehicle, consider one with a PKE system. It can make your life easier and more secure.

First CyberBoost Catalyse startup cohort named

Published: Tue, 17 Sep 2024 03:30:00 GMT

Sure, here is the information you asked for:

First CyberBoost Catalyse startup cohort named

Cybersecurity innovation hub CyberBoost has named the first cohort of startups selected for its Catalyse accelerator program, which provides tailored support to help early-stage UK and European companies enter the UK market.

The five startups selected for the program are:

Arachnys (UK): A developer of AI-powered threat detection and response solutions.
Britive (Israel): A provider of zero trust security solutions.
CYFOR (Israel): A provider of automated security awareness training solutions.
Neosec (France): A provider of cloud security posture management solutions.
Vdoo (UK): A provider of endpoint security solutions.

The startups will receive a range of support from CyberBoost, including:

Access to a network of industry experts and investors
Mentoring and coaching from experienced cybersecurity professionals
A tailored support program to help them enter the UK market

The Catalyse program is part of CyberBoost’s mission to support the growth of the UK cybersecurity sector. The hub was launched in 2021 by the UK government, and it is based in London.

Quotes

“We are delighted to welcome the first cohort of startups to our Catalyse accelerator program,” said CyberBoost CEO Ruth Smeeth. “These startups have all developed innovative cybersecurity solutions, and we are confident that they can make a significant contribution to the UK cybersecurity sector.”
“The UK is a leading market for cybersecurity, and we are excited to help these startups enter this market and achieve their full potential,” said Catalyse Program Manager Ollie Pye.

Additional information

The Catalyse program is a 12-week program that runs twice a year.
The program is open to early-stage startups that have developed innovative cybersecurity solutions.
Startups that are selected for the program receive a range of support, including mentoring, coaching, and access to a network of industry experts and investors.

I hope this information is helpful. Please let me know if you have any other questions.

Crest secures FCDO funding to help overseas countries increase their cyber-readiness

Published: Mon, 16 Sep 2024 08:45:00 GMT

Crest secures FCDO funding to help overseas countries increase their cyber-readiness

Crest has been awarded a contract by the UK Foreign, Commonwealth & Development Office (FCDO) to deliver a cyber-readiness capacity-building programme for overseas governments.

The £3.5 million programme will provide expert training, advice and support to help overseas countries improve their cyber-readiness and resilience. This will include helping them to develop and implement national cyber-security strategies, policies and regulations. It will also support them in building their capacity in key areas such as cyber-incident response, cyber-crime investigation and digital forensics.

The programme will be delivered by a consortium of organisations led by Crest, which includes the University of Oxford, the National Cyber Security Centre (NCSC) and the Centre for Applied Internet Research (CAIR).

Crest’s CEO, Ian Glover, said: “We are delighted to have been awarded this contract by the FCDO. This is a recognition of the expertise and experience that Crest has in the field of cyber-readiness and resilience. We look forward to working with our partners to deliver a successful programme that will help to improve the cyber-security of overseas countries.”

The FCDO’s Minister for Cyber, Nigel Adams, said: “Cyber-attacks are a global threat, and the UK is committed to helping other countries build their capacity to defend themselves. This programme will provide essential training, advice and support to help overseas governments improve their cyber-readiness and resilience.”

The programme will run for three years and will be implemented in a number of countries around the world.

Automation driving SD-WAN optimisation

Published: Mon, 16 Sep 2024 03:00:00 GMT

Automation Driving SD-WAN Optimization

Introduction

Software-defined wide area networks (SD-WANs) offer enhanced network performance, flexibility, and cost savings. However, manually optimizing SD-WANs can be complex and time-consuming. Automation plays a crucial role in automating SD-WAN optimization tasks, enabling network administrators to:

Simplify configuration and management
Improve network performance
Reduce operational expenses

Automating SD-WAN Optimization Tasks

Automation tools can be used to automate various SD-WAN optimization tasks, including:

1. Path Selection

Automatically detect available paths (e.g., MPLS, broadband, LTE)
Monitor path performance (latency, jitter, packet loss)
Select the optimal path based on predefined policies

2. Traffic Steering

Classify traffic based on application or type
Steer traffic over specific paths based on QoS requirements
Optimize traffic flow for maximum performance

3. WAN Failover

Detect and automatically failover to backup paths in case of primary path failure
Minimize network downtime and ensure business continuity

4. Network Visibility

Collect and analyze network metrics (e.g., traffic volume, path performance)
Generate reports and dashboards for detailed network insights
Identify optimization opportunities and potential issues

5. Security Management

Control access to the network
Segment traffic based on security policies
Automatically update security policies

Benefits of SD-WAN Optimization Automation

Increased Efficiency: Automating optimization tasks reduces the time and effort required for manual configuration.
Improved Performance: Automated path selection and traffic steering optimize network traffic flow, resulting in better latency, jitter, and overall performance.
Reduced Costs: Optimizing SD-WANs can reduce bandwidth utilization, leading to lower operating expenses.
Improved Security: Automated security management and regular policy updates enhance network security.
Enhanced Visibility: Centralized dashboards and reports provide real-time insights into network performance, enabling administrators to quickly identify and resolve issues.

Conclusion

Automation is a key enabler for SD-WAN optimization. By automating path selection, traffic steering, failover, visibility, and security tasks, network administrators can streamline operations, improve performance, and reduce costs. Automation empowers organizations to fully leverage the benefits of SD-WANs, ensuring a reliable, efficient, and secure network infrastructure.

UK unites nations to discuss closing global cyber skills gap

Published: Sun, 15 Sep 2024 19:01:00 GMT

UK Unites Nations to Address Global Cyber Skills Gap

The United Kingdom government has launched a global initiative to address the shortage of skilled cybersecurity professionals worldwide.

Key Points:

Summit on Cyber Skills: The UK hosted a summit on cyber skills, bringing together representatives from 25 countries, including the United States, Canada, Australia, and India.
Global Partnership: The summit resulted in the creation of the Global Partnership for Cybersecurity Skills, a collaboration between governments, industry, and academia to develop a skilled cybersecurity workforce.
Education and Training: The partnership aims to invest in education and training programs to increase the number of qualified cybersecurity professionals.
Apprenticeships and Career Pathways: It will also promote apprenticeships and create clear career pathways for individuals entering the cybersecurity field.
Certification and Standards: The partnership will work to establish global standards for cybersecurity certifications and qualifications.

Background:

The cybersecurity industry faces a significant skills gap globally. Estimates suggest that there are over 3 million unfilled cybersecurity jobs worldwide. This shortage poses a major threat to businesses, governments, and individuals.

Benefits of the Initiative:

Enhanced Cybersecurity: A skilled cybersecurity workforce will help organizations better protect themselves against cyberattacks and data breaches.
Economic Growth: The cybersecurity industry is rapidly growing and offers lucrative career opportunities for skilled professionals.
International Cooperation: The global partnership will foster collaboration and knowledge sharing among nations, enhancing the collective cybersecurity posture.

Quotes:

UK Prime Minister Boris Johnson: “The UK is leading the way in tackling the global cyber skills gap. This summit has shown that we can unite nations to build a more secure and prosperous future.”
US Secretary of Homeland Security Alejandro Mayorkas: “The Global Partnership for Cybersecurity Skills will create a transformative impact on the cybersecurity workforce worldwide.”

Conclusion:

The UK’s initiative to address the global cyber skills gap is a significant step towards enhancing cybersecurity and driving economic growth. The Global Partnership for Cybersecurity Skills will bring together governments, industry, and academia to invest in education, training, and career development for the next generation of cybersecurity professionals.

UN-backed cyber security report highlights global shortfalls in preparedness

Published: Fri, 13 Sep 2024 06:45:00 GMT

UN-Backed Cyber Security Report Highlights Global Shortfalls in Preparedness

A recent cyber security report supported by the United Nations has highlighted significant gaps in global preparedness to address escalating cyber threats. The report, titled “Global Cybersecurity Index 2020,” was compiled by the International Telecommunication Union (ITU) and provides a comprehensive assessment of cyber security capabilities across 194 countries.

Key Findings:

Weak Cyber Infrastructure: The report notes that many countries lack adequate cyber infrastructure to effectively protect against attacks. This includes insufficient internet penetration, limited cyber security awareness, and outdated technologies.
Insufficient Regulations: Many countries have not established comprehensive cyber security regulations and frameworks to govern the digital landscape. This creates a lack of clarity and accountability in the event of cyber incidents.
Skills Shortages: There is a severe global shortage of skilled cyber security professionals, making it difficult for organizations and governments to respond effectively to cyber threats.
Growing Threat Landscape: The report emphasizes the escalating sophistication and frequency of cyber attacks, including malware, phishing scams, and ransomware attacks. These threats pose significant risks to individuals, businesses, and governments worldwide.
Lack of Cooperation: The report highlights the need for greater international cooperation in cyber security. Many countries operate in isolation, making it difficult to share best practices and resources.

Implications:

The findings of the report have several implications for countries and organizations:

Increased Vulnerability: The global shortfalls in preparedness leave countries and organizations highly vulnerable to cyber attacks.
Economic Impact: Cyber attacks can have significant financial consequences, ranging from data breaches to service disruptions.
National Security Threats: Cyber attacks can compromise critical infrastructure and disrupt essential services, posing threats to national security.
Public Confidence Erosion: Repeated cyber attacks can erode public confidence in digital technologies and Governments’ ability to protect citizens and businesses.

Recommendations:

To address these shortfalls, the report recommends the following actions:

Invest in Cyber Infrastructure: Countries should allocate resources to improve internet penetration, develop cyber security awareness programs, and modernize technologies.
Establish Legal Frameworks: Governments should enact comprehensive cyber security laws and regulations to provide clarity and accountability.
Train Cyber Security Professionals: Governments and educational institutions should prioritize training and certification programs to address the global skills shortage.
Enhance Collaboration: Countries and organizations should foster international cooperation through information sharing, joint exercises, and capacity building initiatives.
Promote Public Awareness: Governments and organizations should educate the public about cyber security risks and best practices to reduce vulnerability.

The UN-backed cyber security report serves as a wake-up call for countries and organizations around the world to address the critical shortfalls in global cyber security preparedness. By implementing the recommendations outlined in the report, we can create a more secure and resilient digital ecosystem for all.

Cyber workforce must almost double to meet global talent need

Published: Fri, 13 Sep 2024 04:45:00 GMT

Cyber Workforce Shortage: A Growing Concern

The cybersecurity industry is facing a significant talent shortage, with an estimated need for nearly double the current workforce to meet global demand. This shortage has been attributed to various factors, including:

Rapid advancements in technology: The constant evolution of cyber threats requires a workforce with specialized knowledge and skills.
Increased reliance on technology: Businesses and organizations are increasingly dependent on digital systems, making them more vulnerable to cyberattacks.
Growing awareness of cybersecurity risks: As governments and companies become more aware of the potential consequences of cyber breaches, the need for robust cybersecurity measures has escalated.

Impact of the Shortage

The cyber workforce shortage has several implications:

Increased cyberattacks: A lack of qualified personnel can compromise organizations’ ability to detect and respond to cyber threats, leading to an increase in successful attacks.
Delayed innovation: The limited workforce hampers the development and implementation of innovative cybersecurity solutions.
Higher costs: As demand for cybersecurity professionals outpaces supply, organizations face increased costs for recruitment and retention.

Addressing the Shortage

Addressing the cyber workforce shortage requires a multi-faceted approach:

Education and training: Universities and colleges must expand their cybersecurity programs and provide practical training to develop skilled professionals.
Awareness and outreach: Governments and industry organizations should promote cybersecurity education, encouraging individuals to pursue careers in the field.
Retraining and upskilling: Existing professionals can be retrained to acquire specialized cybersecurity knowledge and skills to meet the evolving industry needs.
Diversity and inclusion: Efforts should be made to increase the diversity of the cyber workforce by attracting professionals from underrepresented groups.
Government support: Governments can provide incentives, grants, and funding for cybersecurity initiatives to support education, research, and professional development.

Conclusion

Addressing the cyber workforce shortage is crucial to ensure the security and resilience of cyberspace. By investing in education, training, and promoting diversity, organizations and governments can bridge the talent gap and create a robust cybersecurity workforce capable of meeting the global demand for cybersecurity expertise.