Cisco Study Reveals Canadian Employees Crave In-person Experiences, But Offices Are Not Delivering

Posted in Commentary with tags on March 5, 2024 by itnerd

Today, Cisco released findings from its Reimagining Workspaces Survey which showed working preferences are shifting as employees crave in-office collaboration and social interactions, and now, the race is on for workspace design and technology to catch up.

Study data found that 76 per cent of Canadian companies are choosing to partially or fully mandate a return to the office with productivity, team communication, and workplace culture as key drivers for the decision. Sixty-four per cent of employees positively support their organization’s decisions, however their motives have significantly evolved.

Canadians want to be in the office to collaborate (58%), ideate (27%), and foster connections with colleagues (28%), but current workspaces do not meet this need. Most (83%) employers allocate at least half the office to individual work stations. As a result, only 40 per cent of employees say their offices are very well prepared to support changing hybrid work needs.

Technology is a Baseline Expectation; AI-Enabled Features are Highly Desired
When it comes to the ideal workspace, both employees and employers agree that technology is foundational. Canadian employees ranked technology infrastructure and connectivity (93%) as the most important in office design, followed by layout and seating arrangements (90%), and collaboration and meeting spaces (86%).

Employees also see an opportunity for artificial intelligence (AI) to improve collaboration and their working experiences, but AI adoption among employers is not keeping pace. For example, while over half (53%) of employees agree AI-powered meeting room devices would be most useful to them, only 36 per cent of employers plan to invest in them. Similarly, while 81 per cent of employees agree AI-assistant tools would be most useful to them, only 61 per cent of employers intend to invest in these features.

Flexibility and Hybrid Work Models are Here to Stay
The data shows working preferences across all levels of employees are evenly split so flexibility will continue to be essential for organizations as they work to meet employee expectations. Of Canadian employers, 24 per cent prefer a mix of working from home and the office, 37 per cent prefer to be mostly in the office, and 34 per cent prefer working mainly from home. The trend is mirrored in employees as 29 per cent prefer a mix of working from home and the office, 34 per cent prefer to work mostly from the office, and 30 per cent prefer working mostly from home.

Office Redesigns are Underway
Organizations are beginning to transform office spaces. Two-thirds (64%) of employers have redesigned their office in the wake of the pandemic or are planning to do so in the next 24 months.

Regular enhancements to workspace layouts (63%) and technology features (60%) are the top items for organizations that have allocated budgets to office redesign, however considerations for AI and cybersecurity are lagging which means businesses may not be setting themselves up for long-term success. Only 21 per cent plan to prioritize AI technology in their office redesign and just 18 per cent have allocated a budget for cybersecurity. It is critical businesses allocate resources and focus on AI and cybersecurity. AI will fuel significant transformation for businesses that can successfully harness it and a strong cybersecurity posture will ensure that every organization, including its data, its people and its customers, is protected.

The Cisco Canada Reimagining Workspaces Survey is based on an online research survey conducted with 150 Canadian employers and 500 Canadian employees in January and February 2024.

Leave a comment »

New Zealand Central Bank Announces New 72 Hour Cyber Incident Notification Requirement

Posted in Commentary with tags on March 5, 2024 by itnerd

New Zealand’s central bank announced that banks must report major cyber incidents within 72 hours, as it plans to implement formal cyber reporting requirements over the next year after regulators supported proposals by the Reserve Bank of New Zealand (RBNZ) on the importance of having access to information on cyber resilience from the central bank.

Last year, after New Zealand saw a rise in cyber-attacks, the government was motivated to boost its cyber defenses by setting up a lead agency to make it easier for the public and businesses to seek help during network intrusions. Furthermore, RBNZ collaborated with the Financial Markets Authority (FMA), New Zealand’s financial markets regulator, to develop shared reporting requirements that can be used for both agencies.

The following RBNZ cyber resilience reporting requirements will be implemented in phases through 2024:

  • Material cyber incident reporting requirement: within 72 hours
  • Periodic reporting of all cyber incidents: large entities to be required to report all cyber incidents every six months and other entities annually
  • Self-assessment using the RBNZ’s Guidance on Cyber Resilience: large entities every year and other entities every two years.

Dave Ratner, CEO, HYAS had this comment:

   “Regulations requiring timely reporting are popping up across multiple geographies and verticals, and while they are in general a good thing, the definition of what is and isn’t ‘material’ is often not entirely clear.  Nevertheless, for an organization to be in a position to comply with these new regulations will require cyber resiliency solutions that are capable of alerting them to the telltale signs of a breach and see the initial digital exhaust indicating an attack in progress.  Most organizations are likely not prepared today and need to prioritize resiliency in 2024 to ensure that they are.”


Mark B. Cooper, President & Founder, PKI Solutions follows with this comment:

   “With regulators adopting stricter notification requirements, now more than ever, banks need to respond with their own stricter, higher levels of security posture management practices if they’re going to avoid having to report incidents.

   “The challenges organizations face is no longer limited to just advanced encryption or identity protection measures, but it highlights the critical need for pro-active, vigilant monitoring to quickly identify misconfigurations and alert security resources and staff. Prompt remediation is essential to defend against attacks that lead to triggering a notification.”

Requirements like these are a good thing from two perspectives. First it makes sure that any incident isn’t covered up. Second, it will “encourage” organizations to up their game in terms of their cyber defences to make sure that they don’t get pwned. These sorts of requirements need to be put into effect everywhere as that is one thing that will make us safer.

Leave a comment »

US Agencies warn of ransomware gang targeting critical infrastructure

Posted in Commentary with tags on March 5, 2024 by itnerd

The CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an advisory warning of TTPs Phobos ransomware attacks are using to target government and critical infrastructure entities.

“Structured as a ransomware as a service (RaaS) model, […] Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars,” the advisory said.

Attack chains typically leveraged phishing as an initial access vector, or vulnerable networks are breached by hunting for exposed RDP services and exploiting them by means of a brute-force attack.

Once successful, the threat actors deploy additional remote access tools, taking advantage of process injection techniques to execute malicious code and evade detection, and making Windows Registry modifications to maintain persistence within compromised environments.

“Additionally, Phobos actors have been observed using built-in Windows API functions to steal tokens, bypass access controls, and create new processes to escalate privileges by leveraging the SeDebugPrivilege process. Phobos actors attempt to authenticate using cached password hashes on victim machines until they reach domain administrator access,” the agencies said.

Phobos has been active since May 2019, with multiple variants identified. Cisco Talos disclosed in November that those behind 8Base ransomware are utilizing a variant of Phobos for their attacks.

BullWall Executive, Carol Volk had this to say:

   “The recent Phobos advisory from CISA, the FBI, and the MS-ISAC sheds light on the continued rise of ransomware attacks targeting government and critical infrastructure sectors. As with many ransomware attacks, the Phobos attacks employed phishing and exploitation of vulnerable RDP services and highlights the importance of robust cybersecurity measures at every level.

   “Organizations must prioritize implementing multi-layered defense mechanisms, including strong email security protocols and regular security awareness training to thwart phishing attempts.  Additionally, securing remote access points and promptly patching vulnerabilities in RDP services can significantly reduce the risk of exploitation.

   “However, we continue to see that even well prepared defenses will be breached by determined actors, so regular air-gapped backups, a ransomware containment system and MFA to protect RDP sessions should be part of the defense stack for the day your defenses are breached.”


John Benkert, CEO, Cigent follows with this:

   “Broken record here. Protecting critical infrastructure from Ransomware-as-a-Service (RaaS) attacks requires a multifaceted approach that spans technological, regulatory, and educational domains. Given the increasing sophistication and accessibility of RaaS platforms, which allow even low-skilled attackers to launch ransomware campaigns, the security of essential services such as healthcare, energy, transportation, and water systems has never been more important.

   “The foundational step in defending against these threats involves the implementation of robust cybersecurity measures that already exist. This includes regular software updates and patch management to close vulnerabilities, advanced threat detection systems to identify and neutralize threats early, and comprehensive data backup strategies to ensure data integrity in the event of a breach.

   “Let me be clear, solutions already exist in the commercial sector to protect against these threats. Instead of cultivating these commercial solutions, the government is more concerned with putting out regulations and standards that take years to approve and become obsolete before they are published.”

This should be a clear warning that defences for critical infrastructure specifically, but all organizations and sectors in general need to be a priority. The question is, how many warnings will it take for organizations to get the message?

Leave a comment »

Cloud Range Launches First Cyber Incident Commander Training 

Posted in Commentary with tags on March 5, 2024 by itnerd

Cloud Range, the industry’s leading cyber range solution to reduce exposure to cyber risk across the organization, today announced the launch of its new training program, Cybersecurity Incident Commander Training. Offered for a limited time at no cost, the training is tailored to those managing incidents in the security operations center (SOC).

Previously existing tools and training only focus on individual jobs and tasks in the SOC and, while critical to the team’s ability to detect and remediate incidents, they do not target the Incident Commander role. Further, many teams do not have a specific “commander” role or backup if the designated team lead is unavailable. This new training by Cloud Range is dedicated to the Incident Commander who oversees the SOC team when an incident or event occurs, such as a ransomware attack, data breach, or any other cybersecurity incident. 

Aligned with the job description developed by FEMA and the National Incident Management System (NIMS), the Incident Commander is one of the most critical roles during an incident because it orchestrates the team and resources and is the source of “ground truth” on the incident. That’s why the Incident Commander role requires “soft skills” such as leadership and communication that, without, can lead to team breakdowns. 

The Incident Commander training is a new stand-alone, online, self-paced course valued at $499. The goal is to provide security professionals with an overview of the responsibilities and skills needed to swiftly resolve an incident. Incorporating real-world scenarios enables learners to determine how to assign tasks, communicate across multiple levels of the organization, and lead the team effectively. The course is designed to highlight strengths and weaknesses so the trainee can improve their ability to manage their team in future situations. The result is that the Incident Commander has a better understanding of their role, how to manage an incident and improve time management, and how to elevate the performance of the incident response team. 

After successfully taking the course, which is the first part of the certification process, trainees receive a badge to show completion. 

Trainees are eligible for the complete certification after also being the Incident Commander during two of Cloud Range’s live-fire cyber attack exercises, which are dynamic, team-based simulations of real-world attacks on Cloud Range’s virtual cyber range. Like a flight simulator, the attack simulations enable the Incident Commander to fully step into the role, guide the team, work with the incident reporter, and practice all the skills and techniques required to be effective. The comprehensive, two-part training process gives security professionals deep knowledge, insight, and hands-on experience that equips them to be an effective Incident Commander.

Learn more and sign up for the Cloud Range Incident Commander Training, valued at $499 and offered at no cost for a limited time here.

Leave a comment »

Canadians Affected By “Battery Gate” To Get Paid By Apple

Posted in Commentary with tags on March 4, 2024 by itnerd

If you’re Canadian and you were affected by “Battery Gate”, I have some news for you. A court in BC has approved a settlement related to this where Apple will pony up $14.4 million CAD to make this issue go away. More information on how to submit a claim will be shared on the settlement website, but here’s the TL:DR in terms of who this covers:

  • You are a current or former resident of Canada (excluding Quebec)
  • You have to have owned a iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, and/or iPhone SE with iOS 10.2.1 or later installed or downloaded, and/or an iPhone 7 or iPhone 7 Plus with iOS 11.2 or later installed or downloaded, before December 21, 2017.
  • You need the serial number of said phone.

Now as usual for these sorts of things, Apple denies that it did anything wrong. And to be frank, $14.4 million CAD is a rounding error for Apple. But “Battery Gate” is done and dusted in Canada.

And I guess that it goes without saying that if you were affected by “Battery Gate”, you need to dig up that serial number and make sure you get your share of this.

3 Comments »

American Express Service Provider Pwned Exposing American Express Customer Data

Posted in Commentary with tags on March 4, 2024 by itnerd

American Express is warning customers that credit cards were exposed in a third-party data breach after one of its service providers was hacked. In the data breach notification filed with the state of Massachusetts, Amex said the breach occurred at one of its service providers used by their travel service division, American Express Travel Related Services Company. 

Darren Williams, CEO and Founder, BlackFog had this comment:

     “The potential impact of the American Express data breach is not yet known, as it is unclear whether customers’ data was simply accessed or if it has been exfiltrated through the third party provider. If the sensitive data of customers, including card numbers and expiration dates, has been exfiltrated by attackers, it can be used to not only make fraudulent purchases, but also to extort customers into further payments. All service providers who hold customer data should be investing in threat intelligence and anti data exfiltration technology to avoid attacks just like these.”

Since American Express filed a data breach notification, I assume that more details will be forthcoming. Because this data breach could be bad, or really really bad. And it is in everyone’s best interests to find out which.

Leave a comment »

Action1 Achieves 376% YoY Growth in 2023

Posted in Commentary with tags on March 4, 2024 by itnerd

Action1 Corporation, a provider of the #1 risk-based patch management platform designed for distributed enterprise networks, today announced outstanding results for 2023, including 376% global sales growth. Other key highlights include recognition by trusted review platforms G2 and Gartner Digital Markets and achievement of authoritative security certifications.

Market Momentum:

  • Action1 reported a 376% global sales growth compared to 2022, thanks to the rapid expansion in the US, Europe, and worldwide.
  • Action1 demonstrated exceptional growth in multiple sectors, including education, healthcare, and technology.

Product Enhancement:

  • Action1 has introduced real-time vulnerability discovery and remediation to empower organizations to reduce the mean time to remediate (MTTR) vulnerabilities.
  • The company extended its Software Repository maintained in-house by security experts for streamlined third-party patching, which now includes 99% patching coverage for most enterprise environments.
  • Action1 has established a data center in Europe, enabling EU customers to meet the stringent GDPR standards, ensuring data residency and sovereignty, and is now looking to further expand by opening a data center in Australia.

Industry Certifications:

  • Action1 became the first patch management vendor to achieve SOC 2 and ISO 27001 certifications, underscoring its commitment to security.

Recognition:

  • Action1 has been consistently rated as the #1 easiest-to-use patch management solution by G2.
  • Gartner Digital Markets awarded Action1 31 badges in six categories.
  • G2 recognized Action1 as High Performer and Momentum Leader for patch management in its quarterly reports for multiple times, rewarding the company for excellence and for its high-growth trajectory.

Research:

Leave a comment »

ServiceNow, Hugging Face, and NVIDIA Release New Open-Access LLMs to Help Developers Tap Generative AI to Build Enterprise Applications

Posted in Commentary with tags on March 4, 2024 by itnerd

ServiceNowHugging Face, and NVIDIA, has announced StarCoder2 which was released on February 28th, a family of open‑access large language models (LLMs) for code generation that sets new standards for performance, transparency, and cost‑effectiveness.

StarCoder2 was developed by the BigCode community, stewarded by ServiceNow, the leading digital workflow company making the world work better for everyone, and Hugging Face, the most‑used open‑source platform where the machine learning community collaborates on models, datasets and applications.

Trained on 619 programming languages, StarCoder2 can be further trained and embedded in enterprise applications to perform specialized tasks such as application source code generation, workflow generation, text summarization, and more. Developers can use its code completion, advanced code summarization, code snippets retrieval, and other capabilities to accelerate innovation and improve productivity.

StarCoder2 offers three model sizes: a 3 billion‑parameter model trained by ServiceNow, a 7 billion‑parameter model trained by Hugging Face, and a 15 billion‑parameter model built by NVIDIA with NVIDIA NeMo and trained on NVIDIA accelerated infrastructure. The smaller variants provide powerful performance while saving on compute costs, as fewer parameters require less computing during inference. In fact, the new StarCoder2 3 billion‑parameter model also matches the performance of the original StarCoder 15 billion‑parameter model.

Fine‑Tuning Advances Capabilities with Business‑Specific Data

StarCoder2 models share a state‑of‑the‑art architecture and carefully curated data sources from BigCode that prioritize transparency and open governance to enable responsible innovation at scale.  

The foundation of StarCoder2 is a new code dataset called The Stack v2 which is more than 7x larger than The Stack v1. In addition to the advanced data set, new training techniques help the model understand low‑resource programming languages (such as COBOL), mathematics, and program source code discussions.

StarCoder2 advances the potential of future AI‑driven coding applications, including text‑to‑code and text‑to‑workflow capabilities. With broader, deeper programming training, it provides repository context, enabling accurate, context‑aware predictions. These advancements serve seasoned software engineers and citizen developers alike, accelerating business value and digital transformation.

Users can fine‑tune the open‑access models with industry or organization‑specific data using open‑source tools such as NVIDIA NeMo or Hugging Face TRL.

Organizations have already fine‑tuned the foundational StarCoder model to create specialized task‑specific capabilities for their businesses.

ServiceNow’s text‑to‑code Now LLM was purpose‑built on a specialized version of the 15 billion‑parameter StarCoder LLM, fine‑tuned and trained for ServiceNow workflow patterns, use‑cases, and processes. Hugging Face also used the model to create its StarChat assistant.

BigCode Fosters Open Scientific Collaboration in AI

BigCode represents an open scientific collaboration jointly led by Hugging Face and ServiceNow. Its mission centers on the responsible development of LLMs for code.

The BigCode community actively participated in the technical aspects of the StarCoder2 project through working groups and task forces, leveraging ServiceNow’s Fast LLM framework to train the 3 billion‑parameter model, Hugging Face’s nanotron framework for the 7 billion‑parameter model, and the end‑to‑end NVIDIA NeMo cloud‑native framework and NVIDIA TensorRT‑LLM software to train and optimize the 15 billion‑parameter model.

Fostering responsible innovation is at the core of BigCode’s purpose, demonstrated through its open governance, transparent supply chain, use of open‑source software, and the ability for developers to opt data out for training. StarCoder2 was built using responsibly sourced data under license from the digital commons of Software Heritage, hosted by Inria.

StarCoder2, as with its predecessor, will be made available under the BigCode Open RAIL‑M license, allowing royalty‑free access and use. Furthermore, the supporting code for the models resides on the BigCode project’s GitHub page.

All StarCoder2 models will also be available for download from Hugging Face and the StarCoder2 15B model is available on NVIDIA AI Foundation models for developers to experiment with directly from their browser, or through an API endpoint.

For more information on StarCoder2, visit https://huggingface.co/bigcode.

Leave a comment »

CyberProtonics Redefines Data Protection with the Most Powerful, Lightweight, Quantum-Resistant Software-Based Cryptosystem for Digital Ecosystem, IoT and Generative AI

Posted in Commentary with tags on March 4, 2024 by itnerd

CyberProtonics, trailblazers in quantum-resistant data protection, today introduced the first lightweight, software-based cryptosystem that makes being quantum-ready easy, affordable, and practical. Embeddable virtually anywhere, any time, the advanced cryptosystem generates blistering-fast encryption speeds of 512 bits to up to 10K bits, rendering data useless when a breach occurs. CyberProtonics also today announced a major OEM agreement with Simplifi, leaders in secure remote computing.

Legacy-friendly and plug-and-play features allow its cryptosystem to seamlessly integrate in all types of applications, including IoT, e-sim, and generative AI Private Large Language Models (PLLMs). CyberProtonics protects data at rest and in transit, without performance impacts, and is recognized as the first truly lightweight quantum-resistant commercial solution for rendering stolen data completely useless.

Anywhere, Anything, Every Time Protection

In today’s increasingly hostile cyber threat landscape, everyone should be protected from bad actors and malicious cyberattacks, wherever their data resides. CyberProtonics adds an indispensable, affordable additional layer of quantum-resistant security at the source where data is created to protect legacy, current, and future cybersecurity system architectures, networks, and devices.

Among applications are:

Work from Home: Employees continue to work from home, and cybersecurity is more important than ever for the hybrid workforce. CyberProtonics keeps confidential work data secure, at rest or in transit.

Internet of Things (IoT): CyberProtonics’ cybersecurity protocols protect IoT devices and networks from the latest threats with reliable and robust security.

Generative AI: Large Language Models that companies want to keep private are protected by CyberProtonics’ proprietary cryptosystem.

Defense: CyberProtonics’ 512-bit to 10k-bit encryption protects data at rest or in transit in theaters of operations, supporting unmanned aerial vehicles (UAVs), wearable devices, connected vehicles, smart infrastructure, and portable communications.

Satellite: End-to-end encryption in the ground terminal and in the satellite itself safeguards transmissions, ensuring data security and confidentiality.

Industrial Control Panel: Protects critical infrastructure with next-generation quantum-resistance technology, designed to ensure reliable and resilient security for factories, power plants, and wastewater treatment facilities.

Commercial Data: Banking and finance, healthcare, hyperconnected commerce, and more.

A New Era in Data Protection

CyberProtonics’ proprietary software employs a robust licensing engine for both connected and air-gapped models and solutions, with varying time periods and iterations. It delivers:

Strength: Post-quantum symmetric key-based encryption, with key lengths of 512 bits, increasing up to 10k bits.

Speed: Lightning-fast operation does not affect a device’s computing or memory cycles, even for the smallest sensor or IoT device.

Size: The lightweight footprint of CyberProtonics’ cryptosystem’s binary runtime enables end-to-end encryption at the data generation source, with single-digit MB of code.

Security: Encryption of data in transit and at rest for both on-premises legacy systems and modern secure access service edge.

Breach Immunity and Unwavering Compliance: Valuable data is made useless. Full compliance with regulatory mandates and industry standards such as GDPR, HIPAA, PCI DSS, and SOX is automatic and assured.

Market-Proven SDK: Symmetric key encryption optimized for small footprint applications (crucial for IoT devices), stronger than any currently deployed application of AES, RSA, or ChaCha20. Fully automated key management that eliminates manual key distribution human errors. C language callable APIs.

Leave a comment »

Apple Gets Slapped With An Almost $2 Billion Fine For Taking Shots At Spotify

Posted in Commentary with tags on March 4, 2024 by itnerd

On a day where Apple wanted to control the narrative by launching new MacBook Air models, the EU has decided to rain on their parade. The European Commission has fined Apple €1.8 billion which is $1.95 billion USD for anti-competitive conduct against rival music streaming services. By rival music streaming services, that would be Spotify:

The European Commission has fined Apple over €1.8 billion for abusing its dominant position on the market for the distribution of music streaming apps to iPhone and iPad users (‘iOS users’) through its App Store. In particular, the Commission found that Apple applied restrictions on app developers preventing them from informing iOS users about alternative and cheaper music subscription services available outside of the app (‘anti-steering provisions’). This is illegal under EU antitrust rules.

I encourage you to read the full decision as I’m not sure that I buy into this reasoning. Regardless of whether you do or don’t buy into that reasoning, Apple is pretty ticked off about this decision:

Today, the European Commission announced a decision claiming the App Store has been a barrier to competition in the digital music market. The decision was reached despite the Commission’s failure to uncover any credible evidence of consumer harm, and ignores the realities of a market that is thriving, competitive, and growing fast.

The primary advocate for this decision — and the biggest beneficiary — is Spotify, a company based in Stockholm, Sweden. Spotify has the largest music streaming app in the world, and has met with the European Commission more than 65 times during this investigation.

Today, Spotify has a 56 percent share of Europe’s music streaming market — more than double their closest competitor’s — and pays Apple nothing for the services that have helped make them one of the most recognizable brands in the world. A large part of their success is due to the App Store, along with all the tools and technology that Spotify uses to build, update, and share their app with Apple users around the world.

That’s pretty much why I don’t buy into the EU’s decision. Spotify the last time I checked was the big boy on the block. So I unless I am missing something, I can’t see how Apple is the bad guy here. Yes, Apple aren’t saints and have been known to do things to take out or impair competition. But I’m honestly not seeing it here. Apple is going to appeal the decision and that appeal will be interesting to watch.

Leave a comment »

« Older Entries
Newer Entries »