Martello Joins Forces with Yorktel to Bring Vantage DX to Microsoft Teams Managed Service

Posted in Commentary with tags on February 28, 2024 by itnerd

 Martello Technologies Group Inc., a provider of experience management solutions purpose-built for Microsoft Teams, today announced a partnership with leading managed services provider Yorktel. The collaboration will bring Vantage DX to customers through Yorktel’s Modern Workplace as a Service (MWaaS) offering. Vantage DX is the Microsoft-recommended software that proactively detects problems before they impact Microsoft Teams users, providing tools to resolve these problems faster and optimize the Teams user experience.

A Microsoft Operator Connect partner headquartered in the United States, Yorktel is a leading provider of collaboration and managed service solutions for enterprise, public sector, education and healthcare customers worldwide. Committed to addressing hybrid workplace challenges, Yorktel has chosen Vantage DX for its MWaaS offering, to proactively manage the Microsoft Teams performance and user experience for its customers, maximizing uptime and productivity.

The partnership has already yielded a sales deal with a large North American multinational investment management firm with more than 40 locations globally to manage the Teams user experience for 5,000 employees in the US and Canada. This project also supported a major Federal Department requiring strict security provisions. With Microsoft Teams a mission-critical part of Yorktel’s offering, they expect to integrate Vantage DX into all new deployments.

Microsoft Teams experience management has become a pressing concern for enterprises and managed service providers. The recent State of Microsoft 365 Performance Management report produced by research firm EMA exposed an important blind spot for enterprise IT teams. While 81% of Teams users cited Teams performance issues such as poor video or audio quality as having a high or significant impact on their productivity, only 7% of IT teams said they had an accurate view of how Microsoft Teams is performing for users. Vantage DX closes this visibility gap for enterprises and managed service providers.

Interested in learning more about Martello’s Microsoft-recommended Vantage DX solution for Microsoft Teams? Read about Martello’s Partner Program and about Vantage DX.

Leave a comment »

Cado Security Labs Releases H2 2023 Cloud Threat Findings Report 

Posted in Commentary with tags on February 28, 2024 by itnerd

Cado Security, provider of the first cloud forensics and incident response platform, today announced the release of the Cado Security Labs H2 2023 Cloud Threat Findings Report, sharing deep insights into the cloud threat landscape to help security teams remain at the forefront of securing their organizations against the latest threats.

Cado Security Labs operates honeypot infrastructure across four distinct geographical regions to collect cloud attacker telemetry. The latter half of 2023 saw the introduction of “Cloudypots,” a new, more sophisticated, high-interaction honeypot system that allows researchers to honeypot accurate services quickly and safely. 

As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number – a collective effort to safeguard both large and small enterprises is critical. Security teams need to reassess their internal tools and approaches to ensure their ability to correctly identify, investigate, and respond to emerging cloud threats. 

The report provides insights into the second half of 2023, an analysis of real-world techniques employed by attackers, an overview of novel malware campaigns found in the wild targeting cloud environments, including Qubitstrike, Legion, Blackcat, Bioset, Cetus, P2Pinfect, and 9hits.

Key technical findings from attacker telemetry, which Cado Security covers in detail within the report, include:

  • Attackers target cloud services that require specialist technical knowledge to exploit. Attackers are increasingly targeting services, such as Docker, Redis, Kubernetes, and Jupyter, that require expert technical knowledge to exploit, different from what’s required for attacking generic Linux servers. 
  • Docker is the most commonly exploited “cloud-native” service for initial access. Although cloud-focused attackers aim to exploit various services typically deployed in cloud environments, Docker remains the most frequently targeted for initial access, with 90.65% of honeypot traffic when discounting SSH. 
  • Threat actors leverage hosting companies across the globe for their infrastructure. Identified malware campaigns, such as P2Pinfect, had a wide geographical distribution with nodes belonging to providers in China, the US, and Germany, which shows that regardless of where your infrastructure is located, it is still susceptible to Linux and cloud-focused attacks.
  • Cryptojacking is no longer the sole focus of cloud attackers. While cryptojacking is a legitimate and significant threat, Cado Security Labs has started to see a diversification in objectives displayed by recent Linux and cloud malware campaigns. For example, with the discovery of new Linux variants of ransomware families, such as Abyss Locker, there is a worrying trend of ransomware on Linux and ESXi systems. Cloud and Linux infrastructure is now subject to a broader variety of attacks. 

Other observations also include: 

  • Attackers continue to exploit web-facing services in cloud environments to help them gain access to cloud environments and invest significant time into hunting for misconfigured deployments of these services. 
  • Rust malware continues to increase as the language gains popularity in general software development and will also become increasingly popular in the malware community, with threat actors increasingly developing malicious payloads in Rust.

To ensure effective and efficient cloud incident handling, Cado Security Labs recommends that security teams establish a policy of regularly reviewing the security of deployed services in their cloud estate, reduce the attack surface by only deploying public-facing services when necessary, and use networking security features provided by their Cloud Service Provider (CSP), collect and aggregate logs from CSP’s control plane and for the individual services intended to run in their accounts, and hold a periodic review and automated alerting for anomalies found in these log sources.

To download the full report, visit https://offers.cadosecurity.com/h2-2023-threat-findings-report

Leave a comment »

Aptum Named a Major Player in 2024 IDC MarketScape Canadian Managed Multicloud Services Vendor Assessment

Posted in Commentary with tags on February 28, 2024 by itnerd

 Aptum, a global cloud solutions provider specializing in technology consulting and managed services, today announced it has been named as a Major Player in the IDC MarketScape: Canadian Managed Multicloud Services 2024 Vendor Assessment (doc # CA50302123, February 2024). The IDC MarketScape vendor assessment model is designed to provide an overview of the competitive fitness of ICT (information and communications technology) suppliers in a given market.

With more than 20 years of comprehensive hybrid multicloud expertise, Aptum is committed to being a leader in cloud innovation, providing end-to-end support and advice tech leaders need today ­­— across cloud, network, and infrastructure technologies — as they look to mitigate risks, build new services, or grow into new markets. Aptum’s cloud platform-agnostic approach, adoption framework and certified expertise help customers to successfully plan, navigate and accelerate their journey to the cloud. 

For more information about Aptum’s new managed multicloud services, visit www.aptum.com.

Leave a comment »

NIST updates 10 y/o cybersecurity framework adding focus on supply chain risk management 

Posted in Commentary with tags on February 28, 2024 by itnerd

Monday, NIST released version 2.0 of its cybersecurity framework (CSF) that emphasizes governance and supply chain issues for both public and private sector entities.

The new guidance outlines “high-level cybersecurity outcomes that can be used by any organization to better understand, assess, prioritize and communicate its cybersecurity efforts.” There are six core functions:

  1. Govern
  2. Identify
  3. Protect
  4. Detect
  5. Respond
  6. Recover

“Govern”, the new addition to the other five pillars, focuses on how an organization establishes, communicates and monitors its cybersecurity risk management strategy, expectations and policy and is intended to address the implementation and oversight of a cybersecurity strategy.

Laurie Locascio, director of NIST and undersecretary of Commerce for Standards and Technology, noted that 10 years ago before NIST’s initial CSF launched, there was discussion about the elements of “govern,” but agency leaders “really weren’t ready yet to incorporate it.”

In version 2.0, the focus on supply chain risks covers how various types of technologies rely on complex landscapes for outsourcing involving geographically diverse routes for both private and public sectors offering a variety of services. In the updated CSF, NIST points to Cybersecurity Supply Chain Risk Management (C-SCRM) as a systemic process to manage exposure to cybersecurity risks by developing appropriate “strategies, policies, processes and procedures.”

Emily Phelps, VP, Cyware starts with this comment:

   “By adding governance, NIST does a great job rounding out an already best-in-class framework. This will help organizations not only improve bidirectional information sharing between security teams, executives, and board members, it will help ensure consistent language and clear definitions around responsibilities.”

Greg Welch, CEO, CyberProtonics had this comment:

   “Cybercrimes are on the rise with more sophistication and computing resources. We believe all data should be encrypted and pleased to see NIST provide organizations with risk assessment strategies and procedures that will help safeguard against malicious actors.”

Dave Ratner, CEO, HYAS served this comment:

   “As a key part of ‘Govern’ in version 2.0 of the NIST cybersecurity framework, organizations need change how they have historically thought about security and focus on business and operational resiliency versus pure prevention. Especially with rampant supply chain attacks, not to mention constantly adapting tactics and techniques, criminals will unfortunately continue to infiltrate organizations of all sizes. Appropriate governance requires recognizing this fact across the entire business and all aspects of digital risk, and ensuring that cyber resiliency is implemented to efficiently identify, isolate, and address breaches before they expand and cause significant damage.”

John Benkert , CEO, Cigent adds this comment:

   “The National Institute of Standards and Technology (NIST) recently added “Govern” as a new function to its Cybersecurity Framework, emphasizing the importance of governance in managing cybersecurity risks. This addition underscores the understanding that effective cybersecurity is not just about technology but also involves clear governance structures, policies, and processes to ensure comprehensive risk management. This is long overdue and has been talked about outside of NIST circles for many years.  Cybersecurity has to start at the top levels of organizations which includes C-level executives including the CFO.

Troy Batterberry, CEO and Founder, EchoMark followed with this comment:

   “A vast majority of cybersecurity events are caused by inadequate security practices that can be traced back directly to insufficient prioritization and funding. While moving the discussion into the board room will help in some cases, many organizations under financial stress will continue to make difficult tradeoff decisions that result in more breaches. When they do happen, the criminals involved extract money to fund further criminal activity. Breaches impact not only the business but the customers too. This unfortunately may be a situation where further regulatory requirements are needed to protect customers and ultimately the public.”

Stephen Gates, Principal Security SME, Horizon3.ai had this to say:

   “In terms of responding to risk, NIST defines the available actions one could take as accepting, avoiding, mitigating, sharing, or transferring risk to others. And in the case of just-in-time and lean manufacturing, suppliers can potentially transfer their cyber risk to their buyers. Meaning, if you rely on a host of suppliers that help support your mission, an outage-inducing cyberattack on one of them will likely impact you as well.

   “Soon, organization who have extensive supply chains will begin to require that their suppliers continuously access their own infrastructure to identify their truly exploitable weaknesses, verify those weaknesses have been remediated, and prove that their cyber risk is not being transferred to their buyers. Although the term “report” appears eight times in the recent NIST Cybersecurity Framework (CSF) 2.0, it does not necessarily define a reporting standard or framework to address the third-party supplier “risk transfer” issue that many are being subjected to.”

NIST updating its cybersecurity framework shows that they’re keeping up the ever changing cybersecurity landscape. Assuming that organizations are paying attention, this will benefit us all.

Leave a comment »

Fortra Brings Managed Extended Detection and Response to Market

Posted in Commentary with tags on February 27, 2024 by itnerd

Fortra today introduced an innovative next step in its managed services solutions – Fortra Extended Detection and Response (XDR). Delivered as a managed service, Fortra XDR provides comprehensive visibility and coverage across endpoints, network, and cloud environments, bringing to market a 24/7, scalable, sustainable, and comprehensive security solution. 

While other XDR solutions take a tools-centric approach, Fortra XDR provides customers with not only unrivalled technology, but also with security experts who will address midsize and enterprise organization’s desired security outcomes. 

Fortra XDR is backed by a global Security Operations Center (SOC) that performs 24/7 monitoring, threat hunting, security investigations, and incident triage with a 15-minute escalation SLA for high and critical incidents detected. Organizations building efficiencies and automation into their security strategy can use Fortra XDR for automated response actions such as host isolation. Response actions detected on the endpoint will result in SOC-deployed response actions for the customer. 

For more information about Fortra XDR, visit: https://www.alertlogic.com/extended-detection-and-response/

Leave a comment »

Palo Alto Networks Launches Private 5G Security Solutions with Partner Ecosystem

Posted in Commentary with tags on February 27, 2024 by itnerd

Palo Alto Networks today announced end-to-end private 5G security solutions and services in collaboration with leading Private 5G partners. Bringing together Palo Alto Networks® enterprise-grade 5G Security and Private 5G partner integrations and services allows organizations to easily deploy, manage, and secure networks throughout their entire 5G journey. The launch addresses the need and desire for validated 5G integrations and furthers Palo Alto Networks strategic vision of an integrated, ecosystem approach to safeguard 5G deployments.

The speed, reliability, and flexibility of 5G networks are essential to national infrastructure and mission-critical environments; however, the massive amounts of data transmitted across 5G networks provide a target for threat actors seeking to exploit vulnerabilities. C-Level executives agree – in a recent Palo Alto Networks study, almost 70% of executives identified 5G-connected devices as a growing threat vector in operational technology (OT). With 5G also expected to contribute $1 trillion to the global economy in 2030, there is urgency to better protect today’s more complex networks, cloud-native solutions, and distributed environments to facilitate this growth.  

Fueled by a convergence of AI, Zero Trust, regulatory, and compliance mandates, Palo Alto Networks 5G Security helps organizations protect themselves against the latest threats, ensuring comprehensive security across evolving network landscapes. Combining industry-leading security solutions with disruptive Private 5G partner technologies and services enables customers to build security into their networks from the ground up, protecting the entire 5G infrastructure and mission-critical traffic it carries.

Palo Alto Networks Private 5G partners are vetted via lab testing and have proven success with customers with Private 5G networks. Initial Private 5G partners include Celona, Druid, Ataya, NETSCOUT, NVIDIA, and NTT DATA.

  • Celona, Druid, Ataya: Organizations building new private 5G networks with these partners can easily secure radio networks through integrations with Palo Alto Networks 5G Security.
  • NETSCOUT: Pervasive, packet-level network visibility will combine at scale with Palo Alto Networks 5G Security, helping security teams gain deep visibility to make intelligent policy decisions.
  • NVIDIA: Scalable 5G security ensures that AI-powered applications are optimized for speed, security, traffic accuracy, and data isolation to maintain data sovereignty and achieve multi-terabit, cost-effective security for mobile networks.
  • NTT DATA: An innovative and complete technology stack, network infrastructure capabilities, and trusted IT consulting and global system integration services help customers quickly and easily deploy, manage, and secure their private 5G networks.

See what Palo Alto Networks has in store for 5G at Mobile World Congress Barcelona, Hall 4 #4D55.

Leave a comment »

PKI Solutions Debuts New Version of PKI Spotlight

Posted in Commentary with tags on February 27, 2024 by itnerd

PKI Solutions — a Public Key Infrastructure technology leader with practices covering PKI Design/Redesign and Implementation, PKI assessments, training, and support services — today introduced a new version of PKI Spotlight, a real-time monitoring and alerting system that provides live status, availability, configuration, and security of PKI environments (Microsoft PKI and others) and hardware security modules (HSMs). The latest release of PKI Spotlight has increased its award winning “Best Practices” alerting to more than 115. These Best Practice alerts are designed to aid organizations with operational resiliency, security posture management, threat detection, and refined PKI operational and configuration best practices.

Unfortunately for most organizations, their PKI was installed and then almost forgotten. In reality, a healthy PKI (like most security systems) needs constant review. PKI Spotlight maintains the security and integrity of PKIs with visibility into configurations that can impact identity and encryption systems in a manner that reduces an organization’s risk for business continuity and security threats.

The benefits of best practice alerts in PKI Spotlight’s latest release include:

  • Heightened Security Preparedness: Administrators gain enhanced ability to identify and rectify potential security weaknesses in real-time. These alerts cover areas from cryptographic algorithm compliance, trust chain validation, security configuration settings, and emerging threats. Addressing these alerts quickly helps organizations bolster their security preparedness and reduce the risk of threats.
  • Enhanced Compliance and Regulatory Adherence: Compliance with industry regulations and standards is critical for PKIs to enable organizations to strengthen their compliance posture. These alerts offer insights into compliance violations and highlight areas that require immediate attention and improvement. This helps organizations adhere to industry and company standards, safeguard sensitive data and meet regulatory compliance.
  • Streamlined PKI Management Efficiency: Streamlined PKI management helps administrators prioritize their efforts based on the criticality of each alert for better resource allocation and efficient operations, which reduces administration tasks.
  • Continuous Learning and Knowledge Enrichment: Continuous learning and knowledge enrichment among PKI administrators and security teams through regular alerts and implementing recommended practices fosters a culture of security awareness. Administrators gain valuable insights into emerging threats, industry best practices, and evolving compliance requirements. This empowers them to make informed decisions, proactively address vulnerabilities, and stay ahead of potential security risks.
  • Removing the Unintended Consequences Risk: All too often, people who manage a PKI will perform a simple change which can have a cascading effect throughout the PKI. PKI Spotlight will send an alert that this change is in violation of a Best Practice and allow the company to make the correction quickly.

For more details, go to https://www.pkisolutions.com.

Leave a comment »

Your Voice is Power Returns to Engage Thousands of Canadian Students in Coding Education Through Music 

Posted in Commentary with tags on February 27, 2024 by itnerd

Amazon Future Engineer, Amazon Music and TakingITGlobal are proud to launch the 2024 edition of Your Voice is Power, an educational program and remix competition that teaches computer science and coding skills to middle and high school students using music from Indigenous artists. After reaching more than 15,000 students in 2023, Your Voice is Power has raised the target to more than 20,000 in 2024, as part of its mission to inspire and prepare young people for the careers of the future. 

Your Voice is Power is a flagship initiative of Amazon Future Engineer Canada, a computer science and STEM education program that seeks to afford all young people the opportunity to realize their potential.  A June 2023 report from The Dais, a public policy and leadership institute at Toronto Metropolitan University, shows that, according to Statistics Canada, Indigenous Peoples in Canada engage in tech-related employment and industry at only half the rate of people from non-Indigenous communities. By sparking an early interest in STEM education, programs like Your Voice is Power can help students from underrepresented communities build the digital literacy and skills that can lead to transformative technology careers. 

The Your Voice is Power curriculum is available at no cost to teachers and students in grades 7 through 12. The curriculum was built by TakingITGlobal with extensive year-long collaborations with the Cloud Innovation Centre at the University of British Columbia (UBC) that involved hundreds of hours of consultation and review. The UBC CIC, which is a private/public collaboration between Amazon Web Services (AWS) and UBC, facilitated connections to Indigenous experts, students and alumni as well as to UBC faculty.  

The Your Voice is Power lesson plan features eight modules that teach the basics of coding while engaging students in discussions on the First Nations, Inuit, and Métis experience in Canada, including topics like Residential Schools, the Sixties Scoop, and the Truth and Reconciliation Commission’s 94 Calls to Action. Students can remix music from Indigenous artists such as Jayli Wolf, Dakota Bear, Samian, and Twin Flames using EarSketch, a free online code editor available in English, French, Ojibwe, and Inuktitut. All participants are encouraged to submit their remixes to a competition in which two winners – one Indigenous, one identifying as an ally – will receive $5,000 (CAD) scholarships.  

The deadline to submit entries to the 2024 student competition is May 31, 2024, and the winners will be selected in June. 

New for 2024, Juno Award-nominated artist Aysanabee will provide music for the Your Voice is Power curriculum, and will also join the student competition judging panel. Aysanabee is an Oji-Cree singer-songwriter who has received three 2024 Juno Award nominations for his album Here and Now, in the categories of Contemporary Indigenous Artist of the Year, Songwriter of the Year, and Alternative Album of the Year. 

Amazon Music ‘Your Voice is Power’ Playlist 

Amazon Music subscribers in Canada are able to stream an exclusive Your Voice is Power playlist featuring songs by artists including Twin Flames, Jayli Wolf, Dakota Bear, Samian, and many others featured in the program. This playlist features music celebrating themes of perseverance and determination, showcasing foundational moments in music spanning 30+ years of music making.  

Leave a comment »

Radiant Logic Spring Release Unlocks Value of Data in Identity-First Security  

Posted in Commentary with tags on February 27, 2024 by itnerd

Radiant Logic, the leader in identity data management and analytics, today announces the spring release of the RadiantOne Identity Data Platform, featuring a completely redesigned user experience with analysis and visualization capabilities designed to make it easier to connect, manage and secure identity data. The RadiantOne Identity Data Platform unites decades of data expertise with cutting-edge analytics tools to provide a unified identity data layer for the enterprise—now even easier to use with the introduction of RadiantOne AI and its generative AI Data Assistant (AIDA). Enabled by a reinvented user experience, organizations can automate complex identity management processes and streamline business operations while minimizing the identity-related attack surface. 

Data quality and data integration remain a critical challenge for large and complex enterprises. A recent study from ISMG found that more than half of organizations have suboptimal visibility into their identity data and that legacy identity systems remain the greatest challenge for integration. Gartner corroborates this finding in a recent report, noting that“Identity and access data directly impacts IAM capability effectiveness, but most organizations struggle with data availability and quality.” To address these two pervasive challenges to an organization’s identity security posture, the RadiantOne Identity Data Platform connects and correlates data from any source, providing insight and visibility across diverse identity stores and the entire IT estate, including legacy systems.

The spring release is built on Radiant Logic’s big data heritage and is available in a variety of deployment options, including our SOC2 certified SaaS offering or a self-managed deployment. This release introduces RadiantOne AI, a data lake-powered artificial intelligence engine that uses the power of large language models augmented with advanced data visualization capabilities to deliver AI-driven analytics and decision making assisted by our GenAI chatbot, AIDA. RadiantOne AI enhances the usability of the organization’s identity data, boosting access decision speed and accuracy and unlocking the power of data for identity-first security and improved governance. 

The RadiantOne spring release introduces the following innovations:

  • AI-Driven Insights: RadiantOne AI, our data lake-powered artificial intelligence engine, is designed to leverage identity data to understand and mitigate risk. AIDA is the Generative AI chatbot that brings RadiantOne AI to life within the platform.AIDA’s first use case will be guiding the user access review process. With RadiantOne’s complete data and relationship model, AIDA can see into every layer of the access chain to find and alert reviewers to any misallocated rights, which can then be automatically remediated under reviewer control.
  • A Modern User Experience: A simplified UX allows users to take a drag-and-drop approach to identity data pipelines, getting teams to work faster by reducing the training required for implementation and using the platform. The API-first, low code/no code interface simplifies configuration tasks and gets customers up and running quickly, so there’s an even shorter time-to-value for RadiantOne.  
  • Enhanced Visibility: Radiant Logic’s new identity data lake isa centralized repository that ingests and stores large volumes of structured and unstructured identity data. The data is then processed and used to provide data consistency across RadiantOne through a Master User Record, which can then power the modern directory, analytics, machine learning, and other forms of intelligent action. This supports RadiantOne in illuminating the access chain for improved audit, compliance and data quality initiatives.
  • Identity Analytics on SaaS: The entire RadiantOne Identity Data Platform, including Identity Analytics, is now fully cloud-native, so it can be deployed as SaaS, in a private cloud, or on-premises, with feature parity across all deployment models.

Radiant Logic will showcase their solutions at the Gartner IAM Summit in London on March 4-5, 2024. Meet their identity experts there to ask questions or get a demo of their new AI solutions.

You can also sign up here to be added to the exclusive wait list for RadiantOne AI.

Leave a comment »

Energy and Infrastructure Industry Sees Steady Growth in Business and Vendor Email Cyberattacks

Posted in Commentary with tags on February 27, 2024 by itnerd

Abnormal Security has published new research about the growth of BEC/VEC attacks in the energy and infrastructure industry. 

The energy and infrastructure industry is a top target for VEC attacks, with 65% of Abnormal customers experiencing a VEC attempt between February 2023 and January 2024

BEC attacks increased by 18% in the following six months, reaching a weekly average of 0.63 attacks per 1,000 mailboxes.

Despite flatlining over the Christmas holiday, the number of weekly attacks experienced by energy and infrastructure organizations jumped in the new year, peaking at 1.41 per 1,000 mailboxes in the second week of January.

You can read the research here.

Leave a comment »

« Older Entries
Newer Entries »