Security Roundup: National Cybersecurity Awareness Month

Written by Edward Gately
October 8, 2018

Cybercriminals are focusing now more than ever on servers and people.

… Tripwire’s automated asset discovery reach with visibility into industrial assets inclusive of their communication patterns, including, but not limited to, programmable logic controllers (PLCs), remote terminal units (RTUs) and distributed control systems (DCS). The companies’ combined technologies will provide visibility into and threat monitoring across IP and non-IP network segments within industrial control system (ICS) networks.

“By partnering with Claroty, we now enable visibility that’s both deeper, all the way down to level 0, and also broader,” said Kristen Poulos, Tripwire’s general manager of industrial cybersecurity. “Network traffic over the wire forms a complete picture. OT managers are equipped with maximum information and visibility to make decisions to support optimum safety, quality and productivity.”

New Cyber Attack Simulation Training Platform as a Service Available to Channel

Cyberbit and CloudRange Cyber have launched CloudRange’s Cyber Attack Simulation Training Platform as a Service (CASTaaS), the first cyber-range offering available through the IT channel in North America.

With the new service, cybersecurity technology manufacturers, MSSPs, VARs and technology distributors can offer their customers advanced, simulated cybersecurity training powered by the Cyberbit Range cyber simulation platform.

Debbie Gordon, CloudRange Cyber’s founder and CEO, tells us that before now, there have not been offerings for security operations center (SOC) analyst training using specific technologies.

“Most training has been configuration and administration-focused,” shew said. “With Cloud Range, companies can train their security teams on defending attacks in a simulated environment. The benefit for channel partners is that this offering overcomes one of the biggest buying objections in the industry today, which is the fact that it is very difficult to find candidates who will fill the roles required to use the new technologies. As a result, customers delay or abandon the purchasing process. This provides an immediate solution for channel partners to offer customers.”

CloudRange training can be conducted either remotely or at a customer’s site, and is administered by CloudRange instructors. Training courses will range from introductory to advanced, covering the most important security scenarios including incident response, forensics, industrial control system (ICS) attacks, as well as custom scenario capabilities.

“The ‘weakest link’ in cybersecurity today is the people,” Gordon said. “There is a severe shortage of skilled people, and an even greater shortage of experienced people. Most security analysts have never experienced a live attack, and Cloud Range can train people quickly and actually provide the experience by learning how to defend against cyberattacks in a hyper-simulated environment. By properly rehearsing the detection, response and remediation playbooks in a simulated environment, security teams dramatically improve their skill levels and are able to respond much faster and more effectively.“

Netwrix Report: Insiders Cause More than Half of Data Breaches

A survey of 1,558 organizations of various sizes and from many different regions and industries showed most cybersecurity incidents were caused by insider mistakes rather than hacker attacks, as assumed by most respondents.

Netwrix conducted an in-depth study of the major IT risks that are significant for most organizations and assessed respondents’ readiness to …