NAGRAVISION, Samsung, and DishTV India Revolutionize Subscriber Access to Satellite Content with TVKey Cloud
NAGRAVISION and Airties Partner to Enhance Consumer Cybersecurity for Homes and Small Businesses
France Télévisions Free-To-Air Replay Content Brings French Viewers the Summer of Sport, Secured by NAGRAVISION
NAGRA Streaming Security Solutions Chosen by FanCode to Tackle Sports Piracy and Enhance Experience of 160m+ Sports Fans
Cybalt Prevents Catastrophic Business Disruption for Major Enterprises Worldwide
Black Box Expands Platinum Level Zoom Certifications With the Addition of Zoom CX
Cobalt Iron Expands Access to Secure Automated Backup With Compass for IBM Power Virtual Server
Black Box Recognized as a 2023 Worldwide GSI AIDE Partner of the Year by Juniper Networks
Nuvoton Develops OpenTitan based Security Chip as Next Gen Security Solution for Chromebooks
Zoom bolsters security offering with the inclusion of post-quantum end-to-end encryption in Zoom Workplace
-
Cigent and Swissbit announce partnership to enhance endpoint data security
Cigent, a leading provider of endpoint data protection solutions, and Swissbit, a leading manufacturer of storage, security, and embedded IoT solutions, today announced a strategic partnership to offer a comprehensive portfolio of secure storage drives designed to safeguard endpoint data against a growing landscape of cyberthreats. This collaboration addresses the urgent market requirements for improved data security on endpoint devices, where a significant majority of sensitive data resides and is frequently targeted by cyberthreats. In today’s digital age, sensitive data continues to reside on endpoint devices, with a staggering 73 percent containing critical information. These devices remain vulnerable to both remote attacks and physical breaches, with a laptop stolen every 53 seconds on average. Traditional data protection methods are failing to keep pace as 70 percent of data loss incidents originate from compromised endpoints. The rise of AI-powered attacks further necessitates a paradigm shift beyond “detect and respond” strategies, demanding a focus on immutable data protection. Cigent and Swissbit: A powerful combination The new partnership brings together Cigent’s industry-leading endpoint data protection expertise with Swissbit’s proven track record as the leading European manufacturer of storage, security, and embedded IoT solutions for demanding applications. The result will be a portfolio of secure storage drives designed to deliver unparalleled data security that safeguards endpoint data from remote or physical threats even if a device has been compromises. According to Kai Imgenberg, Director Sales Embedded IoT Solutions Americas at Swissbit, “Swissbit and Cigent’s partnership uniquely combines Swissbit’s tamper-resistant hardware with Cigent’s best-in-class encryption software, offering an unmatched level of data security for end-to-end protection. Customers can benefit from a single, unified solution that simplifies secure data storage and access across their entire infrastructure.” Unparalleled protection with minimal disruption Cigent and Swissbit are currently developing secure storage drives that will provide a unique combination of robust protection and user-friendliness. These upcoming solutions are designed to ensure data security without compromising the user experience and will require minimal IT intervention thanks to their innovative “set and forget” capabilities. Key features and benefits include: Zero-trust data access: Enforces policy-driven multi-factor authentication (MFA) for verified, trust-based access control to ensure that files remain shielded from unauthorized access. Hidden drives: Data is rendered unreadable at the sector level until unlocked with MFA, even after a user logs on to the device. Pre-boot authentication (PBA) with Swissbit FIDO token iShield Key Pro: PBA significantly bolsters protection against physical attacks by requiring authentication through a secure Swissbit FIDO token. Verified data erasure: Guarantees that every data block is permanently erased, enabling safe device repurposing and recycling. Provides verifiable confirmation of emergency data deletion. Data erasure can be executed locally or via remote wipe functionality. Availability at RSA Conference 2024 Both Cigent and Swissbit will be showcasing their solutions at the upcoming RSA Conference 2024. Visit Cigent at booth #6279 and Swissbit at booth #5270 to learn more about this groundbreaking partnership and how it empowers organizations to achieve unshakable endpoint data security.
-
Digital identity protection: Swissbit introduces iShield Key Pro with USB-C interface
Swissbit is expanding its portfolio of hardware-based security keys with the new iShield Key Pro featuring a USB-C interface. Like its USB-A counterpart, the new model supports the FIDO2 standard as well as the PIV, HOTP and TOTP security protocols. The iShield Key Pro can also be used for physical access control applications, making it one of the most flexible security keys. In addition to the two Pro variants, Swissbit offers the iShield Key FIDO2, a model that is limited to FIDO2 functionality and therefore ideal for secure logins to websites and services. The iShield Key FIDO2 will also be available with a USB-S or USB-C interface. With the new iShield Key Pro, Swissbit is continuing to expand its authentication offerings. The new USB-C interface gives users even more options to protect their digital identities. The iShield Key Pro minimizes not only the risk of online threats such as phishing, social engineering or account hijacking. It is also suitable for implementing security guidelines such as NIS-2, which requires multifactor authentication (MFA) in connection with IT systems for access control. Functions, compatibility, and configuration The iShield Key Pro features more functions and protocols than a standard FIDO stick. They include PIV (Personal Identity Verification) for document signing and encryption. It is also compatible with older systems and security technologies, including HOTP (HMAC-based One-Time Password) for offline applications and TOTP (Time-based One-Time Password). The iShield Key Pro supports up to 42 TOTP slots. Temporary passwords for NFC-capable Android devices can be generated via an Android TOTP app. To configure TOTP, HOTP, and PIV functionalities, iShield Key Manager software is available free of charge for Windows, macOS, and Linux. Versatile application capabilities As an all-in-one security key, the iShield Key Pro supports USB as well as NFC connectivity, making it suitable for use with mobile phones. The contactless transfer of data also opens up many application capabilities in the access control field. To implement this functionality, Swissbit cooperates with selected technology partners and is available for project inquiries. The iShield Key family In addition to the iShield Key Pro, Swissbit also offers the iShield Key FIDO2. By being limited to the FIDO2/WebAuthn standards and their predecessor U2F, it provides a low-cost entry into the world of phishing-resistant authentication. The iShield Key FIDO2 will also be available in USB-A and USB-C versions. All sticks are manufactured in Swissbit's own semiconductor factory in Berlin and are designed for use in temperatures ranging from -25 °C to 70 °C (-13 °F to 158 °F).
-
Integrated solution provides ultra-low latency, tamper-proof, and just-in-time distribution of live video
In advance of the 2024 NAB Show, NAGRA, a Kudelski Group (SIX:KUD.S) company and the world's leading independent provider of content protection and media and entertainment solutions, and Content Fabric pioneer, Eluvio, today announced the commercial launch of the industry’s first integration of NAGRA NexGuard forensic watermarking for secure, just-in-time, ultra-low latency live streaming via decentralized networking using the Eluvio Content Fabric. The new capability was designed specifically to support broadcasters and producers of live sports and premium live events to deliver ultra high-quality and low-cost live streaming while enforcing viewing rights. The solution enables end-to-end protection against piracy and allows for detecting and stopping piracy per-session at source. Today’s announcement is an extension of the innovative work the two companies jointly unveiled last year for premium on-demand video. With it, Eluvio has now integrated NAGRA NexGuard Streaming for live video, full-length premium video, and short-form clips. The Eluvio Content Fabric is an open and decentralized, streaming, content distribution, and storage network built for the third generation Internet. The Fabric delivers live streams with deterministic end-to-end latencies under three seconds globally to standard streaming clients (DASH/HLS over HTTP) and provides a complete full-featured media stack to publish, store and deliver premium live streaming, PVOD, and FAST Channel streaming at scale, including personalization, access control, content protection and proof of engagement. Companies, artists and brands whose premium content distribution initiatives have been powered by Eluvio include: Amazon Studios/MGM Studios, Dolly Parton, FOX, Microsoft, Paramount Home Entertainment, SONY Pictures, Telstra Broadcast Services, Warner Bros. Home Entertainment, WWE, and others. NAGRA NexGuard Streaming watermarking is applied in the Eluvio Content Fabric as part of an end-to-end trustless content security model and exploits the Fabric’s native, hyper efficient and low latency global streaming pipeline. “This new forensic watermarking capability for live streams completes the Content Fabric’s trustless, verifiable, and tamper-proof content security capabilities that prove, protect, and secure live video from its source to global viewers with ease,” said Michelle Munson, co-founder and CEO of Eluvio. “The Content Fabric protocol ensures live video assets are encrypted with the latest ‘trustless’ cryptography, backed by in-protocol blockchain contracts, and managed by on-chain policy to enforce playout authorization at the source. We’re excited to have brought forensic watermarking to our just-in-time, ultra-low latency live video streaming with NAGRA. The solution is per-session, end-to-end, and scalable.” “The growth of OTT delivery of live sports is creating new piracy threats that require greater security,” said Ken Gerstein, VP Sales, NAGRA Anti-Piracy & NexGuard. “We’re proud to continue our innovative work with Eluvio which allows for the seamless integration of our forensic watermarking solution with the Eluvio Content Fabric to ensure that action can be taken against piracy. Eluvio and NAGRA are committed to minimizing, tracing and stopping content leaks at their source for premium VOD content and now, live sports and premium live events.” Eluvio and NAGRA at NAB 2024 At NAB 2024, Eluvio will host meetings in the Las Vegas Convention Center, West Hall Level 2 meeting room W237. Eluvio’s co-founders will demonstrate the latest Content Fabric release and applications on Sunday, April 14 and Monday, April 15 from 1:00 p.m. - 2:00 p.m. in W237 and will host various tech talks and events throughout NAB, with full details and registration information available at https://live.eluv.io/community. On Saturday, April 13, Eluvio President and co-founder, Serban Simu, will speak at the CDSA Content Protection Summit in LVCC West Hall 108/109. On Sunday, April 14, from 8:00-9:30 a.m., Ms. Munson will speak on the IABM Industry Breakfast Briefing Panel in Ballrooms D&E of the Westgate Hotel. From 11:30 a.m. - 12:00 p.m. on Sunday, Ms. Munson will speak at the Main Stage Theater in the Capitalize Zone of the West Hall on “Content Fabric - Your Next Generation Distribution for Premium Live Streaming, PVOD, FAST Channels, and Video Archive Monetization at Scale.” On Monday, April 15 at 12:15-12:45 p.m. in West Hall #W3943, Ms. Munson will speak on the panel: “Leveraging the Power of Generative AI to Deliver Personalized Content at Scale.” On Tuesday, April 16 from 12:00-1:00 p.m., she will speak at the Women Connect Leadership Summit luncheon executive panel produced by GALSNGEAR and Sports Video Group on “The Future of Story: Tech Trends & Audience Engagement” at NAB West Hall, W208-209. NAGRA NexGuard Forensic Watermarking is a key solution of the NAGRA Active Streaming Protection toolset, designed to deliver the ultimate in streaming security and guard against the threat of service and content piracy.
-
European Patent Office Grants Cobalt Iron a Patent on Its Cyber Event Responsiveness
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has received a European patent on its technology for cyber event responsiveness, officially known as dynamic IT infrastructure optimization responsive to cyber threats. Patent No. 3683705, granted by the European Patent Office on Jan. 17, describes techniques that will improve monitoring, detection, impact analysis, and automated reconfiguration of IT infrastructure and operations when cyber threats arise. These functions, which will be available in the Cobalt Iron Compass® enterprise SaaS backup platform, will provide insights for businesses at the most critical and stressful times — when under attack — and will perform automated remediation procedures to reduce exposure and damage. Cyber-criminal activities continue to increase in number and grow in sophistication. These activities commonly exploit IT infrastructures, most of which are vulnerable because they are statically configured, run outdated software, and are completely unresponsive when conditions change and threats occur. Outsmarting the criminals requires continual improvement in monitoring, detecting, and analyzing cyber threats and automatically remediating the infrastructure to counteract them. Companies need more dynamic means of reconfiguring IT infrastructure in response to external conditions and events, including cyber attacks, so they can arm themselves against cyber threats. Cobalt Iron's newly patented techniques introduce unique cyber threat analytics and automated optimizations that will kick in in response to cyber events. When the techniques are fully implemented into Compass, Compass will be able to: Determine the interdependencies between various hardware devices of the environment and directories, files, databases, and data. Continually monitor metrics, events, and conditions for indications of a cyber attack in the network. Analyze metrics, events, conditions, and configurations to identify hardware devices and data that may be impacted by or vulnerable to a cyber attack. Automatically create an audit report of impacted hardware devices and data. Automatically initiate remediation operations for impacted or vulnerable devices and data. Remediation operations may include things such as: Restricting access to impacted or vulnerable devices and data. Initiating data replication of a previous clean backup version of the data to an off-site location. Initiating recovery and validation of affected data to a safe storage location. As an example, the disclosed techniques will monitor metrics, events, and conditions in the environment. Upon indications of a cyber attack, Compass could perform impact analysis to identify hardware devices and data impacted by the attack, and then it could take remediation actions, such as restricting access to the identified devices and data to limit further damage. "Detecting cyber attacks, determining the scope of impact, and taking proper remediation actions are all critical aspects of a cyber security game plan. This patent introduces cyber event analytics that provide insights into an attack. It also introduces automated remediation operations to limit the impact of an attack and further secure data," said James Kost, senior systems engineer at Cobalt Iron. "Cobalt Iron is focused on protecting and securing business data, so we continue to innovate in the areas of ransomware analytics and automated IT infrastructure optimizations."
-
Swissbit makes its debut at the RSA Conference 2024 showcasing leading-edge FIDO2 solutions
Swissbit, a leading manufacturer of storage, security, and embedded IoT solutions, is thrilled to announce its first participation in the prestigious RSA Conference taking place from May 6 to May 9, 2024, at the Moscone Center in San Francisco. This marks a significant milestone for Swissbit as it introduces its cutting-edge iShield Key product series to the RSA community, emphasizing the importance of robust hardware authentication in today’s digital age. Swissbit’s showcase will be centered around the iShield Key Pro, a cornerstone of the iShield Key series, which was designed to fortify online accounts with unparalleled hardware authentication capabilities. The iShield Key Pro distinguishes itself as more than just another FIDO security stick by supporting a wide array of security standards, including FIDO2, HOTP, TOTP, and PIV. Its unique capability to double as a physical access control tool sets it apart in the market, especially with the impending adoption of FIPS 140-3 standards, ensuring the highest level of cryptographic security. New iShield Key Pro with USB-C Interface In concert with the RSA Conference, Swissbit is excited to unveil the latest addition to its hardware token portfolio: the new iShield Key Pro with a USB-C interface. It maintains the versatility and robust security features of its predecessors while offering the modern convenience of USB-C connectivity. The iShield Key FIDO2, another variant in the lineup, is limited to the FIDO2/WebAuthn and U2F predecessor standard, making it a cost-efficient entry into the world of secure logins to websites and services. The iShield Key FIDO2 will also be available with USB-C and USB-A interfaces in the future. According to Kai Imgenberg, Director Sales, Embedded IoT Solutions Americas at Swissbit, “Swissbit is at the forefront of a digital transformation where securing digital identities and transactions has never been more critical. Our presence at the RSA Conference signifies Swissbit’s commitment to FIDO2-based authentication solutions in North America. By empowering our customers to seamlessly implement zero-trust security principles and phishing-resistant MFA, we are not just participating in the industry’s evolution – we are leading it. We are confident that this event will be a catalyst for Swissbit in setting new benchmarks and delivering pioneering solutions to our customers. Swissbit will lead the Fido market by being the first to introduce FIPS 140-3 and as well as the only FIDO2 security dongle for logical and physical access control to the market.” Leading the charge in FIDO2 authentication for North America Swissbit’s vision to become the premier provider of FIDO2 solutions in North America is well in line with the growing demand for secure, flexible authentication methods that can keep pace with rapid advancements in technology and cyber threats. By introducing innovative products like the iShield Key Pro, Swissbit is set to make significant strides in enabling businesses to adopt stronger, phishing-resistant authentication mechanisms, thereby enhancing the overall security posture of organizations across the continent. Swissbit invites attendees of the RSA Conference to visit Booth 5270 to explore the future of hardware authentication and discuss how Swissbit can support the implementation of robust security frameworks within their operations.
-
Swissbit at GPEC 2024: Secure data retention for police agencies and government authorities
For the first time, storage and security specialist Swissbit will be represented at the General Police Equipment Exhibition & Conference (GPEC) to be held from May 6 to 8, 2024 in Leipzig, Germany. GPEC is the largest closed-to-the-public special event for police and other security agencies in Europe. Swissbit will present its innovative iShield Archive solution in Hall 2 at Booth J41. The microSD card was developed especially for the secure retention of video and image recordings, making it ideal for use by police agencies, government authorities, and other organizations where the confidentiality of sensitive data and privacy protection as per GDPR have top priority. Several state police agencies in Germany are already using iShield Archive cards in drones. The secure storage of evidence plays a central role in police operations. With iShield Archive, police agencies can ensure that video and image recordings of crime scenes, deployments or observations remain confidential and safe from unauthorized access at all times. The microSD card encrypts all data on the hardware side with the proven AES 256-bit standard for the highest level of security. Since it is compatible with all popular camera types, it can be easily integrated into existing systems. With iShield Archive, authorities can add another layer of security to drones, body cams and numerous other types of cameras. Plug-and-play for easy operation Setting up iShield Archive is easy. With the free iShield Archive Tool (iAT), administrators can configure the security settings and assign user PINs. Once set up, the iShield Archive card records the data on its hardware reliably and encrypted with AES 256-bit. Access protection via user PIN and WORM mode After the camera has been turned off or the microSD card removed from it, the data recorded on iShield Archive is no longer visible. It can be read, downloaded or deleted only with the iAT software and the correct user PIN. Optionally, the data can also be protected from deletion with an admin PIN, which is why the iShield Archive can also be used in environments with role-based access controls. In the so-called WORM (write once, read many) mode, regular users have only read access via their user PIN and are therefore unable to change or delete data. This method is particularly suitable for storing evidence or other sensitive data that must be archived in a manner that is legally secure and cannot be altered. Field-tested: Agencies rely on iShield Archive The increasing importance of data security and privacy in police work is also reflected in the acceptance of iShield Archive. Several German state police agencies are already using the microSD card to protect sensitive data in their drones.
-
WiTTRA Secures ISO 27001 Certification: A Milestone Achievement in Information Security
WiTTRA, a leading innovator in the Internet of Things (IoT) solutions, proudly announces its achievement of the ISO 27001 certification, underscoring its commitment to the highest standards of information security. This prestigious certification is a testament to WiTTRA's dedication to safeguarding its digital and physical information assets, further solidifying its position as a trusted partner in the IoT industry. ISO 27001 is an internationally recognized standard that outlines the requirements for an information security management system (ISMS). It is designed to help organizations manage the security of assets such as financial information, intellectual property, employee details, and information entrusted to them by third parties. By achieving ISO 27001 certification, WiTTRA has demonstrated its ability to identify risks to information security and implement comprehensive and effective controls to mitigate these risks. "The ISO 27001 certification is not just a badge of honour; it's a fundamental part of our commitment to our clients and partners. It assures them that we prioritize the security of their information with the utmost seriousness," said Håkan Dackefjord, CEO of WiTTRA. "In today's digital age, where data breaches are increasingly common, this certification is critical to building and maintaining trust." WiTTRA's journey to ISO 27001 certification involved a rigorous evaluation process, including a comprehensive review of its information security management practices, policies, and procedures. This achievement highlights WiTTRA's proactive approach to information security, continuous improvement, and dedication to protecting client data against emerging threats. Clients and partners of WiTTRA can now enjoy even greater confidence in the security measures protecting their information. The ISO 27001 certification reinforces WiTTRA's reputation as a leader in the IoT sector, committed to excellence and innovation in information security. For more information about WiTTRA please visit: www.wittra.io
-
Cobalt Iron Announces New Cloud Backup-as-a-Service Offering for IBM Power Virtual Server
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced the availability of Secure Automated Backup™ with Compass®, a new cloud backup-as-a-service offering powered by the Cobalt Iron Compass SaaS platform. Developed with IBM, the solution serves enterprises that are running on, or moving to, an IBM Power Virtual Server. The offering backs up AIX and Linux operating systems and databases, greatly accelerating the protection of IBM Power systems, applications, and data, and reduces the risk of data loss and exposure. Available today, IBM customers can order the service through the IBM Cloud Catalog. "IBM Power Virtual Server clients have voiced a significant need for automated, secure, and easy to use business continuity solutions. Secure Automated Backup with Compass meets this demand by supporting our clients' cloud expansion journey, providing nearly effortless backup solutions for their DB2, Oracle, and SAP workloads running on AIX and Linux operating systems," said Ming Christensen, director of product management (Power and SAP) at IBM. Many IBM Power customers are migrating their on-premises applications to IBM Power Virtual Server to facilitate their operations and they need a simple and robust backup service as part of this migration. To that end, Cobalt Iron partnered with IBM to bring enterprise-class data protection and automation for IBM Power Virtual Server workloads. With Secure Automated Backup with Compass, IBM Power Virtual Server customers can now protect a variety of platforms, applications, and data classes, including but not limited to DB2, Oracle, and SAP HANA. Additionally, customers can easily protect their on-premises Power and other workloads with the same Compass cloud solution and get a consolidated, enterprisewide view of data protection and recovery operations. Secure Automated Backup with Compass is now available in the IBM Cloud Catalog, giving IBM Power Virtual Server customers a simple, secure, and automated backup and restore experience that turns on within minutes of ordering the service. Prior to this offering, customers had to manually select, install, configure, optimize, manage, monitor, maintain, and secure all components of a backup infrastructure in order to protect their workloads in Power Virtual Server. With this proven offering, all of these operational tasks and complexities are automated, allowing customers to protect their data quickly and securely. "Cobalt Iron has extended its deep integration and partnership with IBM with this new Compass offering in the IBM Cloud Catalog," said Andy Hurt, CMO of Cobalt Iron. "This solution combines powerful protection of business-critical Power Virtual Server applications with the simplicity expected of a cloud service — a level of simplicity and security customers do not experience from any other backup solution."
-
NIST CSF 2.0 Governance: SeeMetrics Launches Cybersecurity Governance Boards
SeeMetrics, the pioneering Cybersecurity Performance Management (CPM) platform reshaping how security leaders measure, track, and improve security performance, launches its latest development: Governance Boards. This product feature launch comes in anticipation of the NIST CSF 2.0 framework expansion, which introduces the new Govern function. The new NIST Govern function is aimed at monitoring organizations’ cybersecurity risk management strategy, expectations, and policy. The six categories listed under Govern correlate with SeeMetrics’ approach to Cybersecurity Performance Management (CPM), focused on granting a panoramic oversight to the CISO and CISO’s team. With these boards, which are out-of-the-box (OOTB) collections of ready-to-use metrics, security leaders will manage their policies, processes, and KPIs driven by organizational context and a clear connection between risk and business strategy. The Governance Boards will initially be comprised of three boards needed in order to govern effectively, with each board providing a different point of view on policies: (1) CISO Lay of the Land Board – The primary purpose of this board is to provide security decision-makers with a rapid and intuitive understanding of overall system performance, enabling informed and timely responses to safeguard the organization. It’s a dashboard that shows CISOs the current state of security operations at a glance, backed by a comprehensive analysis of the entire operations. It collects the relevant data and metrics from different boards representing various security programs, offering a visual representation of what really matters. Serving as a snapshot of the organization’s security landscape for the CISO to look at every morning, this board offers a high-level view, tracking and analyzing trends against key performance indicators (KPIs). (2) CISO Policy Enforcement Board – A centralized dashboard designed to oversee and enforce a cohesive set of policies that are currently most important for the CISO to track on a daily basis. This board is an assembly of key metrics from various security domains such as security awareness and endpoint protection. The CISO Policy Enforcement Board plays a crucial role in ensuring that organizational policies are consistently applied, helping to mitigate risks and enhance security posture across the entire enterprise. Coupled with SeeMetrics’ customizations capabilities, each CISO can easily adapt the board on an ongoing basis as their priorities change. (3) NIST Functions Dedicated Board – This board corresponds with all of the NIST functions, providing a systematic approach to cybersecurity management. The board serves as an organized platform where relevant information, processes, and metrics are categorized based on the corresponding NIST function. Each board is designed to streamline and guide activities related to that specific function. The NIST Functions Dedicated Board facilitates a comprehensive and structured implementation of cybersecurity measures. By breaking down the NIST functions into a dedicated board, organizations can effectively govern, as NIST CSF 2.0 suggests. "Introducing the Governance Boards underscores our strong commitment to proactive and strategic cybersecurity governance,” says Shirley Salzman, CEO and Co-Founder of SeeMetrics. “By building these dedicated boards we are providing CISOs with a new kind of automated oversight that previously took too much time and resources to achieve. We are taking on the work of identifying what needs to be measured and the long, tedious process behind it. By automating it we are freeing up the CISO’s time and resources while also giving them a new layer of knowledge.”
-
New Patented Traffic-Shaping Technology From Cobalt Iron Dynamically Adjusts Network Throughput Based on Events
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has received another new patent, this time on its technology for operational and event-driven network traffic shaping. U.S. Patent 11882094, issued on Jan. 23, describes new capabilities that will be available in Cobalt Iron Compass®, an enterprise SaaS backup platform. The techniques, as disclosed in this patent, use analytics and user-defined policies to automatically optimize network throughput levels to reduce security risks and improve data operations under various, changing conditions. Conditions in today's technology and data environments sometimes change rapidly. These changes can affect the amount of IT resources, such as network bandwidth capacity, that are needed for various operations. However, amidst these changes, IT infrastructure and operations remain relatively static, leading to unoptimized resources and security vulnerabilities. One particular area of static infrastructure is networking. Information networks are typically preallocated resources that don't get adjusted or optimized in response to dynamic conditions in the environment, such as cyber attacks, changing business or operation priorities, or environmental events. These and other conditions could all necessitate network throughput levels that are different from the norm. When it comes to being able to make these dynamic network throughput changes, the industry is lacking. Backup administrators, network administrators, chief information security officers, and other IT professionals need more advanced means of monitoring and dynamically adjusting networks. This patent discloses techniques that, when fully implemented, will make it possible for Compass to dynamically adjust, or shape, network throughput levels for data protection operations based on a range of conditions. Because of the techniques disclosed in this patent, Compass will: Monitor for a plurality of conditions and events that could affect a computer network, including: Cyber attack events Business priority of data being transferred Locality of data Security alert conditions Type of data operation being performed Operational status Weather, power, fire, or environmental events Failing applications, devices, or operations Business events Increase, decrease, or turn off network throughput levels for backup, restore, archive, replication, or other data protection operations responsive to changes in conditions or events. Temporarily adjust network throughput level settings for predetermined time periods. Determine these dynamic adjustments based on a special network traffic shaping policy. Numerous scenarios illustrate the benefits: A cyber attack could trigger an increased level of network throughput capacity from backup repositories to facilitate massive restore operations. That same attack might also warrant decreased throughput of inbound network traffic to company networks to reduce vulnerability. Compass could optimize backup operations by increasing network bandwidth during daily backup windows and automatically decreasing it when a backup operation completes. When severe weather is pending, Compass could activate increased network throughput levels to accommodate the need for special backups. Compass could adjust network throughput levels based on business priority of data being transferred, type of data operation being performed, and other operation-specific characteristics, resulting in more efficient operations. This patent also discloses network traffic-adjusting policies that make it possible for Compass to automatically modify network throughput levels differently over time and for various conditions. As a result, businesses will be able to optimize their enterprise-wide network traffic consistently by policy rather than by manually reconfiguring individual network devices. "Modern data centers are very dynamic environments with looming cyber threats, changing business priorities, critical operations, and complex infrastructure. Information technologies such as networks need to be more responsive to cyber threats as well as changing business conditions," said Rob Marett, chief technology officer at Cobalt Iron. "Cobalt Iron is striving to improve analytics-based optimizations of IT infrastructure. This patent discloses techniques to dynamically shape network throughput levels in response to various security and business conditions. This optimizes operational efficiencies while reducing the risk of security threats."
-
SeeMetrics Launches Cybersecurity Governance Boards
SeeMetrics, the pioneering Cybersecurity Performance Management (CPM) platform reshaping how security leaders measure, track, and improve security performance, launches its latest development: Governance Boards. This product feature launch comes in anticipation of the NIST CSF 2.0 framework expansion, which introduces the new Govern function. The new NIST Govern function is aimed at monitoring organizations’ cybersecurity risk management strategy, expectations, and policy. The six categories listed under Govern correlate with SeeMetrics’ approach to Cybersecurity Performance Management (CPM), focused on granting a panoramic oversight to the CISO and CISO’s team. With these boards, which are out-of-the-box (OOTB) collections of ready-to-use metrics, security leaders will manage their policies, processes, and KPIs driven by organizational context and a clear connection between risk and business strategy. The Governance Boards will initially be comprised of three boards needed in order to govern effectively, with each board providing a different point of view on policies: CISO Lay of the Land Board – The primary purpose of this board is to provide security decision-makers with a rapid and intuitive understanding of overall system performance, enabling informed and timely responses to safeguard the organization. It’s a dashboard that shows CISOs the current state of security operations at a glance, backed by a comprehensive analysis of the entire operations. It collects the relevant data and metrics from different boards representing various security programs, offering a visual representation of what really matters. Serving as a snapshot of the organization’s security landscape for the CISO to look at every morning, this board offers a high-level view, tracking and analyzing trends against key performance indicators (KPIs). CISO Policy Enforcement Board – A centralized dashboard designed to oversee and enforce a cohesive set of policies that are currently most important for the CISO to track on a daily basis. This board is an assembly of key metrics from various security domains such as security awareness and endpoint protection. The CISO Policy Enforcement Board plays a crucial role in ensuring that organizational policies are consistently applied, helping to mitigate risks and enhance security posture across the entire enterprise. Coupled with SeeMetrics’ customizations capabilities, each CISO can easily adapt the board on an ongoing basis as their priorities change. NIST Functions Dedicated Board – This board corresponds with all of the NIST functions, providing a systematic approach to cybersecurity management. The board serves as an organized platform where relevant information, processes, and metrics are categorized based on the corresponding NIST function. Each board is designed to streamline and guide activities related to that specific function. The NIST Functions Dedicated Board facilitates a comprehensive and structured implementation of cybersecurity measures. By breaking down the NIST functions into a dedicated board, organizations can effectively govern, as NIST CSF 2.0 suggests. "Introducing the Governance Boards underscores our strong commitment to proactive and strategic cybersecurity governance,” says Shirley Salzman, CEO and Co-Founder of SeeMetrics. “By building these dedicated boards we are providing CISOs with a new kind of automated oversight that previously took too much time and resources to achieve. We are taking on the work of identifying what needs to be measured and the long, tedious process behind it. By automating it we are freeing up the CISO’s time and resources while also giving them a new layer of knowledge.”
-
Black Box to Showcase Cutting-Edge Connectivity Solutions at BICSI Winter Conference & Exhibition, Jan. 28-Feb. 1
Black Box®, a renowned innovator in delivering communication and technology solutions, will showcase seamless connectivity solutions in Booth 920 at the BICSI Winter Conference & Exhibition, Jan. 28-Feb. 1, at the Rosen Shingle Creek Hotel in Orlando, Florida. The company will spotlight its comprehensive solution offering including wireless technology, Wi-Fi, private 5G/LTE, DAS, AV and intelligent building systems. The BICSI conference will focus on forward-thinking, solution-generating, progressive information and communications technology (ICT) topics. On the second day of the event, David Richards, a longtime BICSI Certified Trainer and Master Instructor who serves as quality and training manager for global solutions integration at Black Box, will be inducted as BICSI President. Richards oversees BICSI and Black Box training and development (T&D) programs in a state-of-the-art Black Box Authorized Training Facility in the Phoenix metro area. "I'm honored and excited to be serving the ICT industry as the next BICSI President," said Richards. "With my experience, I look forward to helping my team advance, mentor and train ICT professionals." Matt Barnes, director of quality for the global deployment services at Black Box, will be a speaker for the "What's New, What's It Do?" session later that evening. "The BICSI Winter Conference & Exhibition draws experts from across the ICT industry to share knowledge, exchange ideas and showcase the latest technologies and solutions," said Barnes, who has a wealth of industry experience including field ICT work. "We look forward to highlighting the robust portfolio of connectivity solutions and services offered by Black Box, as well as the world-class quality program we've implemented to ensure consistent delivery of great results for our customers." Conference attendees who stop by the Black Box Booth 920 can speak with experts about how to plan, select and implement connectivity solutions that best support and enhance their business. They can also register to win a YETI cooler. More information is available here. https://www.blackbox.com/campaigns/bicsi-winter-conference-exhibition
-
Black Box at ISE 2024: Industry-Leading KVM-Over-IP Solutions for Control Room Connectivity and Collaboration
At ISE 2024 on Booth 5E330, Black Box® will feature IP-based KVM and video wall solutions that enhance control room workflows and empower operators by enabling incomparable system connectivity, exceptionally intuitive user experiences and fluid team collaboration. Black Box will demonstrate how the company's award-winning Emerald® KVM-over-IP solutions ensure flexible, scalable and secure workflows with industry-leading low-IP-bandwidth usage. The Black Box booth at ISE 2024 will showcase the KVM-over-IP-based Emerald® Ecosystem, which provides infinitely scalable universal access to physical computers, cloud appliances, virtual machines, and H.264/265 video streams. The company will unveil Emerald®AV WALL, a new addition to the Emerald Ecosystem that unites KVM and AV video wall processing under a single management system, along with Emerald® DESKVUE, an award-winning solution for creating individually tailored workspaces. The company will also feature its AlertWerks AW3000 wireless IoT Gateway integrated within the Emerald Ecosystem and demonstrate how it allows operators to link to physical sensors, configure virtual sensors, watch values on browser-based dashboards, set notifications and alarms and configure automatic actions. Product managers and global solution experts will be available on the booth to answer questions about how these Black Box solutions address a wide variety of control room challenges. Emerald® Ecosystem The Black Box Emerald® Ecosystem stands for advanced security features, user comfort, and custom-designed redundancy to ensure resilient 24/7 operation. Its exceptionally low bandwidth usage makes it easy to incorporate remote and hybrid users and administrators working from any location, enabling them to access, monitor and control systems over a LAN, WAN, or the internet, including dark fiber connections. The programmable ControlBridge® touch panel from Black Box allows even complex control room configurations to be executed instantly with a single touch. The Emerald Ecosystem unifies KVM-over-IP with AV video wall processing and IoT predictive maintenance under a single management system, Boxilla® Manager, to reduce system complexity and total cost of ownership. ISE 2024 DEBUT PREVIEW: EmeraldAV WALL In the new Black Box Emerald®AV WALL, making its official debut at ISE 2024, KVM unites with AV. Designed to meet user requirements for more effective collaboration, this solution enables seamless interoperability with Emerald KVM-over-IP systems while also supporting non-KVM environments. EmeraldAV WALL complements Emerald® DESKVUE, making it easy to display a single source from an Emerald system on a video wall for viewing by a larger group. The solution directly supports a 2x2 video wall while allowing for the expansion in the number of supported monitors through additional units. AWARD WINNER: Emerald DESKVUE At ISE 2024, Black Box will demonstrate the award-winning Emerald® DESKVUE KVM-over-IP receiver, a small-form-factor device that offers a completely new concept in creating individually tailored workspaces. Emerald DESKVUE allows a user to access up to 16 selected sources simultaneously, replacing multiple receivers and thus reducing system complexity and costs. Operators can implement a setup with up to four 4K monitors, but the preferred option is a large ultra-wide curved 5K monitor in the center with two smaller 4K monitors to the right and the left. Adding Emerald®AV WALL licenses on the Emerald DESKVUE receiver expands the capabilities for visualization with a 2x2 video wall. Users can arrange windows on the displays in any size and arrangement. Switching between systems happens automatically in the background as users perform their tasks, removing any need for manual switching commands, or even awareness of system changes. ControlBridge® Multisystem One Touch Control Increase operator comfort and reduce human errors. The programmable ControlBridge® touch panel allows users to change workflows with complex setups with one click. It connects and combines AV-, KVM-, room automation-, external control- and IoT-systems into one easy-to-use control panel. Numerous scenarios like day or night shifts, crisis recovery plans, backup types, and many more can be preconfigured and indicated on the touch panel with clear names. Users can focus easier on their tasks and act faster and error-free thanks to tested presets.
-
CIOReview Adds Cobalt Iron to Its List of Top 10 Most Promising Data Security Solution Providers 2023
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that for the third year in a row, it has been named one of CIOReview's Top 10 Most Promising Data Security Solution Providers. This distinction is thanks to the Cobalt Iron Compass® enterprise SaaS backup platform, which delivers intelligent data backup at massive scale while making the backup infrastructure impervious to cyber attacks. Compass' unique Zero Access® architecture replaces common enterprise access points with a robust, automated security infrastructure. Unlike zero trust, which aims to prevent unauthorized access, Zero Access eliminates common logins and access points to the backup environment, including to the operating system, backup server software, backup storage repository, and ancillary tools and databases. In doing so, Compass effectively blocks out potential threats. Compass Zero Access is a key part of Cobalt Iron's multidimensional approach to data protection and security. In addition, Compass employs advanced, multilayer encryption; vigilant monitoring and cyber event detection; robust security protocols; and security analytics to secure copies of company data. The Compass Cyber Shield® security features built into Compass help keep data under the enterprise's control to minimize risk from potential audit requirements, compliance, and governance violations. Cyber Shield accounts for most governmental data security mandates around the world, such as the European Union's General Data Protection Regulation (GDPR) and longtime data privacy measures such as HIPAA, SOX, and ISO 27001. All management is handled by policy and channeled through the Compass Commander™ user interface. This approach eliminates nearly all cybersecurity vulnerabilities in the backup estate. Backup containment and isolation by design renders backup data inert and secures it against unauthorized access or exfiltration during its life cycle. A simple-to-deploy and easy-to-manage solution, Compass supports many different cloud providers — including Alibaba, Amazon, Azure, Google, and IBM Cloud — for many different cloud use cases and scales to petabytes of data in data centers or across thousands of remote locations. "It's an honor to be recognized by CIOReview for the work we've done with Compass," said Richard Spurlock, Cobalt Iron CEO and founder. "Our customers appreciate the ultrasecure, enterprise-grade data protection that provides a formidable guardian against cyber threats."
-
Trend Micro Achieves AWS Built-In Competency to Simplify and Accelerate Cloud Success
Trend Micro Incorporated (TYO: 4704; TSE: 4704) a global cybersecurity leader, a global cybersecurity leader, today announced it has achieved the Amazon Web Services (AWS) Built-in Competency in the Security and Cloud Operations category. This designation recognizes Trend as an AWS Partner that provides customers with an AWS built-in co-build solution that is designed to automatically install, configure, and integrate with key foundational AWS services using a well-architected modular code repository (MCR) in an automated deployment package validated by AWS experts, increasing the customer's time to value. To find out more about AWS built-in solutions, please visit: http://trendmicro.com/aws Achieving the AWS Built-in Competency differentiates Trend as an AWS Partner Network (APN) member that built their software solution to include foundational AWS services to help customers achieve their business goals for scale, simplicity, and operational cost control in cloud. By streamlining the integration process with foundational AWS services like Amazon GuardDuty, AWS CloudTrail, AWS Security Hub, and AWS Organizations, customers can decrease risk, reduce operational overhead, and provide consistent observability in cloud environments. Mike Milner, VP of cloud technology for Trend Micro: "We love creating with AWS and the key to this launch was not figuring out what was possible, but rather uncovering what the world needs most to protect digital assets and mitigate the advanced risks we see today. Cloud development is not only more accessible now but far more can be done with less expertise—which is invaluable to all. Innovations are only as powerful as they are secure, which is the role Trend Micro fills in all AWS competencies." AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless integration and deployment of these solutions, the AWS Competency Program helps customers identify AWS Partners with deep industry experience and expertise. Specifically, Trend/AWS feature integration allows for: Accelerated response against vulnerability exploits via automated intrusion detection system and intrusion prevention policy (IDS/IPS) rules for workloads running on AWS Enhanced customer risk insight to accelerate SecOps, by leveraging the power of the Trend Vision One™ platform. Receive alerts on any AWS CloudTrail events that trigger a detection model in the Workbench app in Trend Vision One Full visibility into and protection of workloads across multiple AWS accounts, to enhance threat protection. Trend Micro™ Workload Security agents are seamlessly deployed every time a new instance is created on AWS accounts, via AWS Systems Manager (Distributor) A centralized location for aggregating, organizing prioritizing and automating remediation of security alerts. Trend Micro™ Container Security sends security findings from runtime protection for Amazon Elastic Kubernetes Service (Amazon EKS)/Kubernetes clusters direct to the AWS Security Hub, for a comprehensive view of security posture across AWS accounts Accelerated compliance via automatically secured cloud workloads "We looked at the options out there, and Trend Micro was the only one who could provide an entire suite in a virtual package" said chief technology officer of Sandstone Technology "Their cybersecurity platform is a single dashboard solution that offers protection for our cloud database and delivers compliance reports at any time and during the 30-day reporting cycle. That made them the easy decision."
-
Trend Micro First to Integrate Cloud Risk Management and XDR Across Customers’ Entire Attack Surface
Global cloud security leader Trend Micro Incorporated (TYO: 4704; TSE: 4704) has announced the addition of cloud risk management to its flagship cybersecurity platform. The new service drives business value by enabling organizations to consolidate their cybersecurity efforts and achieve a complete view of cloud security risks across hybrid IT environments. This release introduces advanced features including: Agentless and cloud-native vulnerability scanning Cloud security posture management (CSPM) Cloud infrastructure entitlement management (CIEM) Comprehensive risk visibility across hybrid clouds Container security risk visibility for clusters and images "Our offering is fully available, including in the AWS Marketplace, and noted as the first platform to natively connect customer threat surfaces, drive cyber risk reduction, fortify security posture, optimize compliance processes, and minimize cost and complexity," said Kevin Simzer, COO at Trend. "Our customers have the most accurate roadmap to optimize their resources allocation to best fortify their defenses." A resilient security posture calls for an understanding of risk across the system and applications that comprise their attack surface—yet only 9% of businesses actively monitor for this. The corporate attack surface has significantly expanded as a byproduct of organizations investing in digital transformation and cloud migration initiatives. As a result, businesses and governments have adopted siloed security technologies across on-premises and multi-cloud environments, which could include AWS, Azure, GCP, Kubernetes and other cloud service providers. Trend identifies unknown risks through the expansion of external attack surface management (EASM) to identify an organization's public assets across cloud providers, resulting in improved cloud security and governance. Trend Vision One™ now delivers this functionality via a unified approach to risk management, threat detection and incident response—drawing on data from diverse sources, including cloud metadata, containers, workloads, endpoints, identities, networks, and emails. This includes capabilities to manage cloud asset inventory and cloud security posture, prioritize risk, scan for threats and vulnerabilities and assess risk profiles and attack paths. These enhancements extend the platform beyond cloud native application protection platform (CNAPP) components, aiding organizations in consolidating their cybersecurity efforts and achieving a holistic view of their cloud security risks. Specifically, Trend Vision One™ – Attack Surface Risk Management (ASRM) offers: Attack surface discovery: enhances business security by actively mapping the cloud attack surface in real-time, providing a comprehensive inventory of internal and external cloud assets to safeguard against potential threats. Risk assessment and prioritization: continuously evaluates assets to prioritize and execute remediation actions, proactively reducing risks and preventing security breaches. This includes prioritizing vulnerabilities in running containers and bolstering organizations' resilience. Attack path analysis: assesses risk profiles and uncovers potential attack paths to guide the implementation of compensating controls, fortifying organizations' resilience against cyber threats. Risk measurement and reporting: reveals overall security performance to inform investment decisions, effectively communicate the state of cyber risk to the C-suite and provide a clear understanding of the security posture and its impact on business performance. Compliance optimization: streamlines compliance processes by identifying and addressing violations and misconfigurations, aligning security operations with industry standards and frameworks to maintain trust and regulatory adherence. To find out more about Trend Vision One – Attack Surface Risk Management (ASRM), please visit: https://www.trendmicro.com/en_hk/business/products/one-platform.html
-
Cobalt Iron Secures Patent on Applying Machine Learning to Cyber Inspection
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has received another new patent, this time for machine learning-driven cyber inspection. Issued on Sept. 19, U.S. Patent 11765187 introduces new capabilities for Cobalt Iron Compass®, an enterprise SaaS backup platform. When fully implemented, the new techniques will apply machine learning analysis to determine which cyber inspection tools are most appropriate and effective for given data or cyber threats. They will also allow businesses to adjust proactively and automatically to which, how, and when cyber inspection tools are used to validate corporate data. This optimizes cyber inspection operations, thus improving cyber event detection and data validation processes. Cyber attacks are increasing in frequency and sophistication. While businesses continue to harden various resources and parts of the IT environment, nefarious characters continue to change their attack approaches and targets. Cyber protections that worked yesterday or are working today may be insufficient in the near future. Companies also need more insights into how well their cyber resiliency schemes are working. In particular, analytics around cyber protection, detection, and inspection operations are woefully lacking in the industry. This invention addresses those concerns. It qualified for a patent because of several unique characteristics: Historical analysis of the usage of multiple cyber inspection tools and their effectiveness in detecting different types of cyber events in particular types of data. The application of machine learning techniques to cyber inspection operations. Automatic adjustment of a time range to perform cyber inspection operations based on cyber attack indications. Automatic adjustment of policy-driven cyber inspection using multiple cyber inspection tools and multiple cyber inspection levels: at different times or events in the life cycle of a data object. or for different types of cyber events. This patient introduces machine learning technology advancements that will refine and optimize how Compass applies multiple cyber inspection tools depending on the conditions. Specifically, the techniques disclosed in this patent: Store and analyze machine learning training data associated with a plurality of cyber attacks (including ransomware attacks), inspection class policies, data protection operations, cyber inspection operations, and operational forensics data. Establish inspection-class policies to specify, for each plurality of security conditions or events, a class of inspection tools and a specific level of inspection to perform within a defined security zone. A specific type of data to be inspected. A certain point in a data life cycle (e.g., on creation, modification, backup, recovery, etc.) for the specific type of data to be inspected. Monitor for a variety of security conditions and events. When a new security condition or event occurs, upon analysis of the machine learning training data and inspection class policies, determine an inspection tool and a specific level of inspection to perform on specific data at a certain point in the data life cycle. Perform the determined cyber inspection operations. Dynamically adjust the class of inspection tool and the specific level of cyber inspection to perform on the data to lower the risk and impact of future cyber attacks. Dynamically adjust a time range to perform cyber inspection operations based on cyber attack indications. Perform cyber attack forensics and historical analysis to determine particular data objects attacked, attack patterns, attack timings, attack sources, and other proactive insights into cyber attack activities and consequences. Restrict access control to data objects similar to particular data objects attacked. For example, Compass might use these techniques to analyze cyber attack patterns and targets, recognize specific types of data or applications being targeted, and automatically restrict access control to similar types of data or applications in the enterprise. In another instance, the technology might enable Compass to analyze machine learning training data from previous cyber attacks and previous cyber inspection operations to determine whether a different cyber inspection tool or a different level of inspection would be more effective at detecting particular types of cyber attack patterns. And if so, it may dynamically adjust the cyber inspection tool or level of inspection it performs against particular types of data in future cyber inspection operations. The business outcome: lower risk of undetected cyber security events and continually improved data validation operations. "Organizations are in dire need of more proactive assistance in protecting their data and other IT resources and in detecting suspicious cyber activities," said Rob Marett, chief technology officer at Cobalt Iron. "These new techniques apply machine learning analysis to figure out in advance which cyber inspection tools will be best for different scenarios. This allows businesses to continually optimize cyber inspection operations, thus improving their ability to detect cyber events and validate data."