Tag Archives: Internet

WatchGuard and Deutsche Telekom partner to deliver enterprise-grade security solution for SMBs

Watchguard Technologies, the specialist in network security and intelligence, secure Wi-Fi and multi-factor authentication, has launched Business Network Protect Complete, an enterprise-grade security solution for SMBs built in partnership with Deutsche Telekom.

With fast Internet from Deutsche Telekom and security services delivered by WatchGuard, this all-in-one offering is designed to simplify the delivery of critical security for organisations lacking the resources to defend against cyber attacks on their own. The Business Network Protect Complete solution combines a DSL modem and Wi-Fi router with enterprise-level security protections, all within WatchGuard’s own Firebox T35-DW solution.

“There are significant differences between a modern firewall appliance and a commercially available router with NAT functionality. Individual mission-critical network areas such as production systems, management servers, VoIP components and printers must be deliberately divided, individually secured, and automatically monitored,” said Michael Haas, area sales director, Central Europe at WatchGuard. “This can only be done via firewalls such as Business Network Protect Complete with our Firebox T35-DW table-top appliance. The solution’s easy-to-implement segmentation makes it simple to identify potential weak points, initiate countermeasures and prevent attacks from spreading freely across networks.”

BNP Complete offers leading security services such as APT Blocker, Gateway Anti-Virus, Spam Prevention, URL Filtering, Application Control, Intrusion Prevention, SSL Inspection and more. In addition, this all-in-one security solution automatically transmits and processes data from more than 180 Deutsche Telekom honeypot sensors that power its security speedometer to recognise and block malicious IPs.

BusinessNetworkProtectionComplete

Gate to digitisation

“With the new offering, we’re able to address the needs of SMBs, including tax consultants, law firms, management consultants, insurance agents and larger medical practices, as well as customers in retail and logistics and other markets,” explained Christian Cronjäger, security product and portfolio manager at Deutsche Telekom. “The gate to digitisation with a fast Internet connection is not only wide open, but the WatchGuard firewall and its numerous security controls serve as a moat to protect sensitive data.”

This solution is suitable for all connections up to 200 Mbps max, while anything up to 20 employees can be covered. The basic protection license includes all hardware components, the EWS from Deutsche Telekom and the ‘Help Desk Service Plus’ managed security services package, which offers guaranteed interference suppression in 24 hours.

The all-in-one protection license also includes the APT Blocker module for protection against highly complex and largely unknown threats. This can be augmented with additional security services depending on customer requirements.

Since 24-7 operation is guaranteed via managed services, customers benefit from secure and reliable connections without having to invest the time and resources into overseeing security themselves. Additionally, Business Network Protect Complete eliminates high up-front costs by offering clients simplified and convenient monthly billing.

Leave a comment

Filed under Security Matters

NordVPN creates new generation password manager dubbed NordPass

NordVPN is creating a new generation password manager. NordPass will have a full range of features to ensure that passwords are as secure as possible. Its easy-to-use interface makes staying secure effortless.

“We can secure your connections with NordVPN and we can secure your files with NordLocker, but you still need a strong password for both,” explained Marty Kamden, CMO at NordVPN. “Passwords are the front line for your online account security. That’s why we’re introducing NordPass. It all started when we were looking for a safer and more productive way to deal with passwords within our company. In the end, this initiative has grown into something pretty exciting, which we decided to expand beyond the bounds of our own business.”

NordPass will remember and autosave all passwords, autofill online forms and allow the saving of private notes. Additionally, the new tool will generate strong passwords on the spot. NordPass will support major operating systems, offering browser extensions as well as native mobile and desktop apps.

ZeroEncryptionNordPass is created using the latest security practices and industry standards. It uses powerful Advanced Encryption Standard (AES-256-GCM) encryption with Argon2 for key derivation, which is virtually unbreakable. Additionally, the new tool will have a zero-knowledge encryption process to ensure ultimate security.

“Zero-knowledge encryption means you own the key to your passwords,” continued Kamden. “By the time your data reaches our servers, it’s already encrypted on your device, which means we have zero knowledge about the items saved in your vault. We couldn’t see your passwords even if we wanted to. These are only the essential features that come with the first version of NordPass. We’re very eager to expand its capabilities in the near future.”

At the moment, NordPass is going through internal stress-tests. It’s expected that the first beta version will be released this autumn.

NordVPN is a trusted online privacy and security solution used by over 12 million Internet users worldwide. It offers military-grade encryption with advanced privacy solutions and is recognised by the most influential tech sites and IT security specialists.

*For more information in NordPass access the NordVPN blog

Leave a comment

Filed under Risk Xtra

Hikvision awarded Cyber Essentials Plus accreditation by National Cyber Security Centre

Hikvision has been awarded Cyber Essentials Plus status – the highest accreditation in the programme. Operated by the National Cyber Security Centre (NCSC), the Cyber Essentials scheme is an independently assessed accreditation supported by the Government. The scheme is designed to carry out rigorous testing of Internet-enabled products connected to a given company’s infrastructure – in this case that of Hikvision – in order to ensure that, when connected to a network, those products are safe, secure and don’t provide a risk to devices on the rest of the network.

In partnership with five independent test houses, the Cyber Essentials Plus accreditation process covers a number of different areas to ensure users of Internet-enabled devices are assured of the highest level of protection against potential cyber threats and attacks. These independent test houses assess products through internal testing and vulnerability scanning. Cyber Essentials Plus accreditation is only awarded when testers are fully satisfied that the tested products don’t pose a risk to the wider network.

CyberEssentialsPLUSLogo

“Cyber security is really hot topic in the security industry so naturally we’re delighted to have been awarded Cyber Essentials Plus status,” explained Gary Harmer, sales director for Hikvision UK and Ireland. “As the only manufacturer in our industry to have received this level of accreditation, it’s confirmation of the confidence we at Hikvision have in our own operations.”

Hikvision will continue to work with the NCSC and other authorised bodies to maintain, develop and enhance the security of its products, operating environments and processes.

*An earlier version of the Press Release suggested that the Cyber Essentials Plus status relates to products and has caused some confusion. To clarify, Hikvision has been awarded Cyber Essentials Plus accreditation, which relates directly to the security and robustness of its own infrastructure within the company’s UK operation. It was never Hikvision’s intention to mislead the reader with any inference that the accreditation related in any way to the company’s own products. Hikvision sincerely apologises for the unclear statement about the award

*To find out more about Hikvision’s plans for enhanced cyber security, visit Stand D300 at IFSEC International between 19-21 June. IFSEC International runs at London’s ExCeL

Leave a comment

Filed under Risk Xtra

Free seminar set to help buyers and installers improve cyber security

Helping security buyers and installers to navigate the complex world of cyber security is the aim of a forthcoming event organised by the British Security Industry Association (BSIA). Supported by the Fire Industry Association (FIA), the event takes place in Solihull on Wednesday 4 October.

This free-to-attend, half-day gathering will include presentations from a wide range of cyber security experts and offer a particular focus on the potential vulnerabilities of ‘connected products’ – meaning any security product (ie intruder alarms, video surveillance systems and access control) that could be accessed or operated remotely via the Internet – and how these vulnerabilities can be combated.

Delegates will be informed about the potential cyber risks facing their business, with presentations from the West Midlands Police digital cyber crime team and an engaging and surprising demonstration from the Scottish Business Resilience Centre’s team of ‘ethical hackers’.

Attendees will also find out how they can combat the cyber threats they face, with presentations outlining the benefits of the Government’s Cyber Essentials accreditation and introducing the BSIA’s ongoing work in the field of cyber security.

BSIACyberSecurity

Finally, delegates will benefit from a summary of the new EU General Data Protection Regulation (GDPR), which is set to come into force in early 2018.

The event is open to security and fire solutions buyers and installers, or indeed anybody from either industry with an interest in improving their business’ cyber security and data protection policies.

Registration for the event will be open from 9.00 am, with presentations kicking off at 9.45 am and the event expected to finish at around 1.30 pm. A full programme and online booking forms for both delegates and exhibitors are available on the BSIA’s website at: https://www.bsia.co.uk/events.aspx

Leave a comment

Filed under Risk UK News

Social engineering “a top cause of cyber incidents” finds Cyber Resilience Report

Research commissioned by Crises Control from the Business Continuity Institute for its annual Cyber Resilience Report 2016 confirms much of what we already suspected about the changing nature of the cyber threat and the way that cyber criminals have found new ways to defeat corporate perimeter security.

66% of respondents to the survey reported that their companies had been affected by at least one cyber security incident over the last 12 months. The costs of these incidents varied greatly, with 73% reporting total costs over the year of less than €50,000, but 6% reporting annual costs of more than €500,000.

The increased difficulty of breaching perimeter security and the increased human resources available to cyber criminals has combined to produce a new point of attack. This is focused on the weakest link in the corporate security chain, which is now human beings rather than technology.

The term ‘social engineering’ describes this attack vector, which relies heavily on human interaction and often involves tricking people into breaking normal security procedures. The BCI research shows clearly that phishing (ie obtaining sensitive data through false representation) and social engineering is now the single top cause of cyber disruption, with over 60% of companies reporting being hit by such an incident over the past 12 months.

A further 37% were hit by spear phishing (ie phishing through identity fraud).

BCICyber

The research has also confirmed that, to effectively counter this threat, companies now need behavioural threat detection provided by a cyber security network monitoring solution. These plug-in devices monitor your network for signs of suspicious insider activity and failed attempts to hack into the system.

They can also provide invaluable intelligence to be acted upon proactively to nip a successful hack or insider threat in the bud.

Traditional anti-virus monitoring software is no longer enough. The BCI research shows that 72% of companies have this software in place, but only 26% of real cyber security incidents were actually discovered through this route. Much worse, 18% of incidents came to attention through an external source such as a customer, a supplier or the impact on a public website.

Network monitoring solutions are much more effective than anti-virus software in terms of alerting companies to a cyber breach, with 63% of businesses having network monitoring software in place and 42% of cyber incidents being brought to attention through the work of the IT Department to whom such systems report.

The scale of the cyber threat can feel overwhelming at times, but educating your own employees about the nature of the threat and then putting in place the right solutions can go a long way towards mitigating the social engineering threat and significantly enhancing your corporate cyber resilience.

The message is simple… Act now before it’s too late.

Leave a comment

Filed under Risk UK News

Unwitting cyber scammers cold call industry expert at C3IA Solutions

Would-be cyber scammers made a megabyte blunder when they cold-called Matt Horan of C3IA Solutions: Horan is one of the country’s top cyber security experts. Realising the crooks were trying to take control of his computer, Horan put the call on speaker phone and asked a colleague to record it, with hilarious consequences.

After stringing out the conversation for 35 minutes – during which time he was passed to more senior ‘helpers’ as he posed as an ignorant computer user – Horan then informed the caller that he had no Internet connection.

This prompted the fraudster to use an expletive before hanging up in anger. An edited video of the call has been amusing people across social media.

Horan is keen that the video is used to help people avoid falling for cyber scams. He told Risk UK: “One of the weakest parts of any business’ cyber security is the staff. They do nothing malicious, but can easily assist fraudsters. Along with ‘phishing’ e-mails, this type of phone scam is common and can cause huge amounts of damage.”

Matt Horan, director of C3IA Solutions

Matt Horan of C3IA Solutions

Horan continued: “The caller purports to be from Microsoft or a similar outfit and informs the person who answered the call that there’s a problem with their computer. They then instruct that person to look at the computer’s ‘systems and events logs’, which is simply a log of every action taken. They tell them that this is evidence of ongoing malicious attacks. After that, they try and entice them to log into TeamViewer or something similar which means they then can gain remote access and control of the target computer.”

In addition, Horan stated: “They then have all the information on a computer or network and can infect the system, read e-mails, steal passwords or encrypt the stored data. They can basically do anything they want. Obviously, this can cause massive harm to a business and may well lead to data loss, the theft of funds and the stealing of intelligence as well as cause acute embarrassment.”

C3IA Solutions trains staff at businesses to be ‘cyber-savvy’ and always to hang up on calls like this. If staff are in doubt they should contact their IT support.

“Firms such as Microsoft don’t make calls like the one I took, but they seem authentic,” explained Horan. “Often, the scammers work in pairs so the initial caller can pass over the call to a ‘senior supervisor’, as they tried with me. This gives an added authenticity. Caution should be the watchword when taking calls like this one.”

*The video can be viewed on YouTube: https://youtu.be/ncIehp0fBT8

Based in Poole, Dorset, C3IA Solutions is one of fewer than 20 companies certified by the Government’s National Cyber Security Centre. In addition to its work with Government agencies including GCHQ, the company operates a commercial section that works with businesses, assisting them with their cyber security.

C3IA (a military term) Solutions was set up in 2006 by Horan and Keith Parsons. It has 84 personnel on contract of whom 33 are employees and 51 are associates. The business operates in the defence and security sectors serving both SMEs and multi-national firms.

C3IA is a leading provider of secure ICT, technical programme management and information security services and solutions.

The company takes its Corporate Social Responsibility seriously, supporting serving and past members of the Armed Services. Indeed, the business sponsors those engaged in personal and team development through arduous sporting and other challenges.

Leave a comment

Filed under Risk UK News, Uncategorized

“Faster response times needed to combat cyber threat” finds BCI survey

Two thirds of respondents to a global survey carried out by the Business Continuity Institute report that they had experienced at least one cyber incident during the previous twelve months, while 15% stated they had experienced at least ten incidents during the same period.

The frequency of these cyber incidents demonstrates exactly why it’s so important for organisations to have plans in place to mitigate them or otherwise lessen their impact.

The Cyber Resilience Report, conducted by the BCI and sponsored by Crises Control, found that there was a wide range of response times for cyber incidents. Almost a third of organisations (31%) stated that they responded within one hour. However, one fifth (19%) take a worrying four hours or more in responding to a cyber event, while almost half (44%) take more than two hours to respond. This has clear implications for the time taken to return to business as usual, and the ultimate cost of the incident to the host organisation.

IntelligenceLedSecurity2

Even if businesses wish to respond immediately to a cyber attack, the nature of the attack may render them unable to do so. The research finds that phishing and social engineering are the top causes of cyber disruption, with over 60% of companies reporting being hit by such an incident over the past 12 months and 37% attacked by way of spear phishing.

The BCI has discovered that 45% of companies were hit by a malware attack and 24% by a Distributed Denial of Service episode. All these forms of attack will, in different ways, render an organisation’s own network either contaminated or inoperable. Their website may have been taken down and they may well have to switch off their Internet connection until they can secure themselves from further attack.

A detailed study of 369 business continuity and resilience professionals from across the world, the research also reveals that the costs of these incidents varied greatly, with 73% reporting total costs over the year of less than €50,000, but 6% reporting annual costs of more than €500,000.

David James-Brown FBCI, chairman of the BCI, commented: “This piece of research is one of the most timely, insightful and relevant the BCI has ever produced. Cyber attacks tend to target the weakest links of an organisation. That calls for a greater awareness of cyber crime. As the cyber threat evolves, it’s crucial to stay on top of it, building long-term initiatives and regularly updating recovery plans.”

Rickie Sehgal, chairman of Crises Control, added: “Rapid communication with employees, customers and suppliers is vital for any company in terms of responding effectively to a major business disruption event such as a cyber attack. When your business is at risk, even a one-hour delay in responding to an incident can be too long. Taking more than two hours to respond, as almost half of companies appear to do, is simply unacceptable.”

Leave a comment

Filed under Risk UK News, Uncategorized

Protectas SA and Bosch Security Systems partner on new cloud-based monitoring services in Switzerland

Protectas SA and Bosch Security Systems are now partnering to provide remote video monitoring services to Protectas customers in Switzerland, home to two major Protectas Remote Control Centres.

Bosch cloud-based monitoring services enable Protectas to offer a vast portfolio of video monitoring services securely and cost-effectively from a centralised cloud server.

For its small- and medium-size customers, Protectas offers a highly effective ‘live intervention’ service, with IP cameras from Bosch monitoring key areas. Cameras detect suspicious behaviour and notify personnel at the Protectas Remote Control Centre. From this central location, the security operators view video, and can investigate and verify the suspicious behaviour being reported.

SecuritasProtectasBoschMonitoring

Through a remote audio connection, the operator notifies intruders that the police are on the way, preventing further damage.

Other vital monitoring services include video verification for indoor areas, virtual guard tours and virtual assistant, which provides immediate remote video and audio support to employees in distress with just one push of an emergency button.

The system is also designed for easy and inexpensive start-up. With only an IP camera and an Internet connection, end customers can begin using the Site Monitor App immediately for live and remote video monitoring. Benefits also include industry-specific business support services such as customer traffic reports for high-traffic retail facilities.

Fastest possible emergency response

Bosch cloud-based monitoring services and Protectas’ highly-trained operators work in synergy to ensure the fastest possible emergency response. Cloud-based alarm bundling intelligently groups related events together, significantly reducing the operator capacity needed per incident. As soon as the operator on duty initiates the alarm response process, cloud-based monitoring services displays the video operation interface, which renders a clear perspective of the situation to enable a swift and sure emergency response.

Arnaud Ducrot, CTO at Protectas, explained: “At Protectas, we’re really confident that this partnership will serve our remote guarding strategy. Including mature, efficient and cost-effective cloud services in our security solutions, especially on-site and mobile guarding, makes an important difference to our small- and medium-size customers.”

Protectas SA belongs to Securitas AB (which, incidentally, is not affiliated with the Swiss company of the same name, Securitas AG). From a broad range of services of specialised guarding, technology solutions and consulting and investigations, the business customises offerings that are suited to the individual customer’s needs in order to deliver the most effective security solutions.

Leave a comment

Filed under Risk UK News, Uncategorized

IS cyber attack on the UK “could cripple all forms of communication and infrastructure” warns Bitdefender

Following the news that the British Government is set to double UK cyber crime funding to combat the IS threat, Catalin Cosoi (chief security strategist at Bitdefender) offers an insight into what an Islamic State-orchestrated cyber attack might look like and where defences must be improved.

“A cyber attack from Islamic State could have devastating consequences for British businesses and infrastructure.

“As organisations continue to deploy innovate technologies to increase productivity, the number of attack surfaces is increasing and leaving businesses exposed.

“A possible worst case scenario is the crippling of all communication and critical infrastructures, ranging from mobile phones to water supplies, electricity and gas. This could be co-ordinated alongside a physical tactical assault, as disrupting any form of communication or Internet-connected technology could be used as a serious tactical advantage on the ground.

GlobalInternetConcept2Page8

“It’s conceivable that, although IS might not have the necessary technical skills, it could potentially outsource these types of attack to parties that do. After all, the black market is now riddled with such services, all waiting for the right buyer.

“Adding £1.9 billion per annum to the budget for fighting cyber crime is a step in the right direction, but this needs to be supported with an extensive review of critical infrastructure.

“There have been several incidents where industrial SCADA systems have been found plugged directly into the Internet and accessible by anyone. If this situation doesn’t change, we’re leaving the door open for any organised attacker including IS.”

Security threat countermeasures

Catalin Cosoi’s work is helping to set the agenda for the development of new security threat countermeasures.

Over the last 11 years, Cosoi has acquired a thorough understanding of key areas of technology such as cloud computing, outbreak detection, proactive phishing detection and mobile threats.

Bitdefender is a global security technology company that delivers solutions in more than 100 countries through a network of value-added alliances, distributors and reseller partners.

Since 2001, Bitdefender has consistently produced award-winning business and consumer security technology, and is a leading security provider in virtualisation and cloud technologies.

*More information is available at: http://www.bitdefender.com/

Leave a comment

Filed under Risk UK News, Uncategorized

Siemens Building Technologies introduces latest version of Datacenter Clarity LC

Siemens Building Technologies has launched the latest version of Datacenter Clarity LC, an advanced software solution that harnesses a combination of real-time monitoring and Computational Fluid Dynamics in one single DCIM platform to enable data centre owners and managers to protect their data centre infrastructure with greater accuracy and efficiency.

The rapid growth in social networking, Internet usage, electronic banking, paperless storage and modern IT services such as virtualisation and cloud computing means the UK’s dependence on safe and secure data centres is paramount to the business continuity of corporations and infrastructures.

Higher levels of security are now required to ensure that data centre facilities are safe and the integrity of the data, buildings and assets involved is assured.

Datacenter Clarity LC is an advanced integrated software platform combining information from vital sub-systems that traditionally operate in isolation into a single, powerful solution that monitors energy and building management, physical security, fire safety, power and communications, zones and raised floors, racks, servers and data storage systems as well as switches and routers.

Importantly, this solution bridges the gap between IT and facilities’ processes, enabling both parties to manage assets and workflows.

The outcome is a complete, real-time dashboard that can represent assets in a state-of-the-art 3D model and deliver a fully-automated and smart data centre environment with resultant cost and energy savings and improvements in manpower resources.

Rapid growth in social networking, Internet usage, electronic banking, paperless storage and modern IT services such as virtualisation and cloud computing means the UK’s dependence on safe and secure data centres is paramount to the business continuity of corporations and infrastructures

Rapid growth in social networking, Internet usage, electronic banking, paperless storage and modern IT services such as virtualisation and cloud computing means the UK’s dependence on safe and secure data centres is paramount to the business continuity of corporations and infrastructures

Assessment of critical situations

The data centre market is increasingly demanding technology that will assess critical situations, distribute information, co-ordinate workflows, maximise uptime and manage resources. Siemens has responded by delivering a solution that guarantees a scalable, secure, seamless, resilient and intelligent environment.

The benefits that Datacenter Clarity LC brings include significant reductions in energy consumption thanks to the precision monitoring of data from multiple systems, a wide range of management tools for improved capacity planning, forecasting and simulation, increased asset availability to enable business continuity and the realisation of advanced intelligence and analytics.

The software delivers real-time energy management in server rooms due to its ability to harness Computational Fluid Dynamics (CFD) analysis technology combined with real-time environmental monitoring to realise a complete set of capabilities for cooling management. Datacenter Clarity LC continuously monitors the air temperature in server rooms and instantly identifies any potential problem areas such as hot spots.

In addition to real-time environmental monitoring, Datacenter Clarity LC also provides predictive capabilities in a virtual 3D data centre model before any equipment is actually purchased by the end user. Having both real-time environmental monitoring and CFD capabilities within a single DCIM platform is unique to Siemens and enables a faster return on investment for the customer.

Multi-dimensional dashboards and KPIs

Multi-dimensional dashboards and Key Performance Indicators provide second-by-second information on data centre performance. Real-time monitoring – as well as alarm and critical event notification with escalation – enable immediate response and corrective action to ensure the protection of sensitive material and irreplaceable data.

Datacenter Clarity LC now includes a browser-based 3D application. This affords an intuitive and portable solution that facilitates deployment, usage and accessibility with no local footprint. This new web client interface is cross-browser and cross-device compatible to include tablets for maximum convenience and ease of use.

Phiippe Heim, portfolio manager for Siemens’ data centre team, commented: “Datacenter Clarity LC will be at the heart of the next generation of data centres. Currently, the major challenge for this critical environment is to reduce costs while improving operations. This new development from Siemens ensures the full protection of assets, better consolidation across all essential services and improved energy consumption to achieve green credentials.”

Datacenter Clarity LC is based on Siemens’ tried-and-tested Product Lifecycle Management software which has a proven 20-year pedigree. Operating in critical environments across the globe, over nine million PLM licenses have been issued to date.

Leave a comment

Filed under Risk UK News