Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

Washington, DC, Sept.26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate.

The goal is to help avoid oversights, misunderstandings, or vague legislation that could invite abuses of power and short-sighted legislation of helpful technology.

As a result of collaborative efforts, the VTI Principles serve as a comprehensive set of best practices for VPN providers that bolster consumer confidence and provider accountability, promoting wider VPN adoption and access to the technology’s benefits.

Today VTI is announcing the launch of the VPN Trust Seal accreditation program, which provides a clear public indicator that a participating VPN provider follows established best practices for

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

By Neil Taurins

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority.

Related: SMBs too often pay ransom

Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association.

Nonprofits are equally at risk, and often lack cybersecurity measures. According to Board Effect, 80% of nonprofits do not have a cybersecurity plan in place.

Given the risk involved, small businesses and nonprofits must consider prioritizing cybersecurity policies and practices to stay protected, retain customers, and remain successful. Financial information is one of the most frequently targeted areas, so it’s crucial

News alert: SSH announces another US financial institution selects PrivX as its PAM solution

Helsinki, Finland, Sept. 22, 2023 – A leading global financial institution has selected PrivX as its privileged access management (PAM) solution. The customer is one of the largest and most important financial institutions in the world.

This is third major new significant lighthouse customer for PrivX in the USA. The initial contract value is approximately USD 0.25 million of annual recurring subscription revenue (ARR), including professional services. The contract is automatically renewable. Our approach with this customer is following our land-and-expand strategy.

Scalability, ease of use

The customer selected PrivX after a thorough evaluation of several leading PAM solutions. PrivX was chosen for its ease of use, scalability, and ability to help the customer eliminate

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

Chicago, Ill., Sept. 21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Also in attendance were Access Living, The College of Lake County, CyberSkills2Work, and Task Force Movement. Organizations gathered to discuss courses and programs to address the critical cybersecurity workforce needs in the United States.

Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing. As a part of this effort, each organization made the following commitments:

MxD, in collaboration with the University of Maryland, Baltimore County, created the Cybersecurity for Manufacturing Operational Technology (CyMOT) program to increase the security of U.S. manufacturers from cyber-attacks by providing role-based training to the next generation of cybersecurity workers in manufacturing.  The 60-hour live-instruction course series targets roles in Artificial Intelligence engineering and cybersecurity and has been utilized

GUEST ESSAY: Caring criminals — why some ransomware gangs now avoid targeting hospitals

By Zac Amos

Ransomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals.

Related: How Putin has weaponized ransomware

In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19 public health threat.

Many responded by saying they already avoid hospitals and emergency services infrastructure. Others promised to cease attacking health care facilities until the pandemic eased.

An April 2020 study from VMware Carbon Black revealed a 148% ransomware increase between March and April 2020. However, it’s worth noting that health care was the seventh-most targeted industry during that time, when it was

Black Hat Fireside Chat: Flexxon introduces hardened SSD drives as a last line defense

By Byron V. Acohido

Creating ever smarter security software to defend embattled company networks pretty much sums up the cybersecurity industry.

Related: The security role of semiconductors

Cutting against the grain, Flexxon, a Singapore-based supplier of NAND memory drives and storage devices, arrived at Black Hat USA 2023 calling for a distinctive hardware approach to repelling cyber attacks.

Flexxon recently introduced its X-PHY SSD drive which now comes embedded in certain laptop models from Lenovo, ASUS and HP. This innovation derives from security-hardened AI-powered memory and storage drives Flexxon supplies that go into medical equipment and industrial machinery.

I had the chance to get briefed about all of this by Flexxon’s founder and CEO Camellia Chan. For a full drill down

News alert: Omdia finds risk-based vulnerability management set to encompass the VM market

LONDON, Sept. 18, 2023 – The first comparative research into the evolution of the vulnerability management market authored by Omdia has found risk-based vulnerability management (RVBM) is set to encompass the entire vulnerability management market by 2027.

Omdia’s comprehensive market analysis is the first report that provides a strategic overview of RBVM and its broader evolution within cybersecurity that Omdia refers to as proactive security.

“The emergence of RBVM has been driven by several factors,” said Andrew Braunberg, Principal Analyst with Omdia and author of the report. “Traditional vulnerability management tools, which enterprises use to identify, prioritize, and remediate software security vulnerabilities, have increasingly struggled to meet the needs of the modern enterprise because of the challenges of digital transformation, the expanded and diversified attack surface, the proliferation of IoT devices, and the acceleration of