CISA

Scribe Security Harnesses Its Software Trust Hub to Support CISA's Secure Software Development Attestation Form

Retrieved on: 
Tuesday, October 24, 2023

TEL AVIV, Israel, Oct. 24, 2023 /PRNewswire/ -- Scribe Security, a leading software supply chain security provider, announced today that its solution now enables organizations to validate their commitment to secure Software Development Lifecycle (SDLC) practices in alignment with CISA's Secure Software Development Attestation Form. Scribe's attestation-based platform automatically gathers and authenticates evidence, providing organizations with essential proof of adherence to CISA's stringent security standards and ensuring a safe harbor when signing the CISA Attestation Form.

Key Points: 
  • TEL AVIV, Israel, Oct. 24, 2023 /PRNewswire/ -- Scribe Security, a leading software supply chain security provider, announced today that its solution now enables organizations to validate their commitment to secure Software Development Lifecycle (SDLC) practices in alignment with CISA's Secure Software Development Attestation Form.
  • This shift in the landscape of software supply chain security necessitates a commitment to rigorous security measures, all while maintaining development efficiency.
  • "Scribe has evolved to be an ideal solution for organizations that need to meet high rigor in securing SDLCs and compliance requirements such as the Secure Software Development Attestation Form."
  • These attestations are securely stored in a dedicated data lake, ensuring a seamless and continuous mechanism for generating the requisite evidence to meet CISA's Secure Software Development Attestation Form compliance standards.

1touch.io and QuintessenceLabs Join Forces to Address Quantum Computing Security Challenges

Retrieved on: 
Tuesday, October 24, 2023

NEW YORK, Oct. 24, 2023 /PRNewswire/ -- 1touch.io, a pioneer in sensitive data intelligence, and QuintessenceLabs, renowned for its quantum-safe encryption, today announced a strategic Independent Software Vendor (ISV) partnership. The collaboration is set to strengthen enterprise defenses against the cryptographic threats posed by quantum computing.

Key Points: 
  • The collaboration is set to strengthen enterprise defenses against the cryptographic threats posed by quantum computing.
  • The advent of quantum computing has cast a shadow over traditional cryptographic algorithms, such as RSA, AES-128, ECC, and Diffie-Hellman, which have long been pillars in safeguarding sensitive data.
  • QuintessenceLabs amplifies this defense framework with quantum-resistant cryptographic algorithms, establishing a foundation for an efficient transition in the quantum era.
  • Stop by Booth #101 and learn how to strengthen enterprise defenses against the cryptographic threats posed by quantum computing.

CAST Highlight 2023 fall release includes new capabilities for faster, safer cloud migration and continuous optimization

Retrieved on: 
Wednesday, October 18, 2023

NEW YORK and PARIS, Oct. 18, 2023 (GLOBE NEWSWIRE) -- CAST, the software intelligence leader, has announced the fall release of CAST Highlight, featuring Cloud Maturity Insights and Cloud Service Recommendations for Oracle Cloud Infrastructure.

Key Points: 
  • NEW YORK and PARIS, Oct. 18, 2023 (GLOBE NEWSWIRE) -- CAST, the software intelligence leader, has announced the fall release of CAST Highlight, featuring Cloud Maturity Insights and Cloud Service Recommendations for Oracle Cloud Infrastructure.
  • These new capabilities facilitate faster and safer cloud migration, continuous post-migration optimization, and expanded cloud service recommendations, including cloud-native services for Oracle Cloud Infrastructure.
  • “CAST Highlight's Cloud Maturity Insights and Cloud Service Recommendations enable organizations to redefine and broaden their approach to cloud migration and optimization,” said CAST Highlight Vice President Greg Rivera.
  • "Now businesses can enhance the cloud maturity level of their applications by using our cloud software intelligence with already-migrated applications.

TSA renews cybersecurity requirements for passenger and freight railroad carriers

Retrieved on: 
Monday, October 23, 2023

WASHINGTON, Oct. 23, 2023 /PRNewswire/ -- The Transportation Security Administration (TSA) announced updates to three security directives (SD) regulating passenger and freight railroad carriers in the continued effort to enhance the cybersecurity of surface transportation systems and associated infrastructure. These revised directives, which were set to expire on Oct. 24, have been renewed for one year, and include updates that seek to strengthen the industry's defenses against cyberattacks.

Key Points: 
  • WASHINGTON, Oct. 23, 2023 /PRNewswire/ -- The Transportation Security Administration (TSA) announced updates to three security directives (SD) regulating passenger and freight railroad carriers in the continued effort to enhance the cybersecurity of surface transportation systems and associated infrastructure.
  • It requires TSA-specified passenger and freight railroad carriers to take action to prevent disruption and degradation to their infrastructure with a flexible, performance-based approach, consistent with TSA's requirements for pipeline operators.
  • The revised security directives, Enhancing Rail Cybersecurity, and the revised SD series, Enhancing Public Transportation and Passenger Railroad Cybersecurity, include a requirement for covered owners and operators to test a minimum of two objectives in their Cybersecurity Incident Response Plan every year.
  • To view TSA's security directives and guidance documents, please visit: TSA Cybersecurity Toolkit or https://www.tsa.gov/sd-and-ea .

Fortress Information Security Selected to Partner with CISA's Joint Cyber Defense Collaborative

Retrieved on: 
Tuesday, October 17, 2023

ORLANDO, Fla., Oct. 17, 2023 /PRNewswire/ -- Today, Fortress Information Security (Fortress) is announcing it is now part of the Joint Cyber Defense Collaborative (JCDC), America's preeminent public-private sector partnership of cybersecurity organizations. Established by the Cybersecurity and Infrastructure Security Agency (CISA) in 2021, JCDC brings together cyber defenders to proactively gather, analyze, and share actionable cyber risk information to defend America against hostile cyber threat actors.  

Key Points: 
  • ORLANDO, Fla., Oct. 17, 2023 /PRNewswire/ -- Today, Fortress Information Security (Fortress) is announcing it is now part of the Joint Cyber Defense Collaborative (JCDC), America's preeminent public-private sector partnership of cybersecurity organizations.
  • Established by the Cybersecurity and Infrastructure Security Agency (CISA) in 2021, JCDC brings together cyber defenders to proactively gather, analyze, and share actionable cyber risk information to defend America against hostile cyber threat actors.
  • As a united front, JCDC members enable synchronized and holistic cybersecurity planning, cyber defense, and robust responses to attackers.
  • Fortress brings to JCDC its vast experience in building collaborations with organizations dedicated to producing supply chain security solutions for the U.S. power grid.

CYBER.ORG Partners with National Cyber Scholarship Foundation to Empower K-12 Educators and Students with Increased Access to Cyber Resources

Retrieved on: 
Wednesday, October 11, 2023

CyberStart America is a free national program for high school students to explore their cybersecurity skills and access educational resources developed by cybersecurity professionals.

Key Points: 
  • CyberStart America is a free national program for high school students to explore their cybersecurity skills and access educational resources developed by cybersecurity professionals.
  • To help eliminate the cybersecurity workforce gap in the U.S., CyberStart America is designed as a gateway into the cybersecurity industry.
  • Starting this school year, CyberStart America is now accessible through the CYBER.ORG Range, removing barriers that limited the ability for educators and students to run the program.
  • For more info on the CYBER.ORG Range and how to partner with CYBER.ORG to expand access to cybersecurity careers, visit www.cyber.org .

SolarWinds Commemorates Cybersecurity Awareness Month by Highlighting Software Industry’s Secure by Design Progress

Retrieved on: 
Monday, October 9, 2023

SolarWinds (NYSE:SWI), a leading provider of simple, powerful, secure observability and IT management software, commemorates Cybersecurity Awareness Month by highlighting the software industry’s progress toward becoming more Secure By Design.

Key Points: 
  • SolarWinds (NYSE:SWI), a leading provider of simple, powerful, secure observability and IT management software, commemorates Cybersecurity Awareness Month by highlighting the software industry’s progress toward becoming more Secure By Design.
  • Informed by years of experience from industry-leading cybersecurity experts, the SolarWinds Secure by Design initiative is a gold-plated cybersecurity approach to software build systems and processes that set a new standard in software supply chain security.
  • SolarWinds developed Secure By Design to address the evolving threat of highly sophisticated and unforeseeable cyberattacks, including those by advanced nation-state threat actors.
  • With a focus on creating more secure environments, the SolarWinds Secure By Design guiding principles were designed to make both the company and the software industry at large safer.

IDEMIA, HYPR and Wavelynx Collaborate to Launch Converged Access Card

Retrieved on: 
Thursday, October 12, 2023

RESTON, Va., Oct. 12, 2023 /PRNewswire/ -- IDEMIA, the world-leading provider of secure identity and biometric solutions, announced today the development of a secure, standards-based converged access card for the enterprise access market, in collaboration with HYPR, the identity assurance company that's become the gold-standard in passwordless authentication, and Wavelynx, a leader in secure and interoperable reader and credential solutions. The creation of this one-of-a-kind smart credential will help organizations meet compliance and regulatory requirements and security best practices.

Key Points: 
  • This new converged access card serves as one badge for both physical and network access based on open and interoperable standards, using secure phishing-resistant technologies for authentication of the credentials.
  • "We are excited to see our collaboration come together in this new converged card that will set the standard for secure access solutions.
  • "The partnership with IDEMIA and Wavelynx to develop a converged access card helps to further that goal.
  • "The three-way partnership between HYPR, IDEMIA, and Wavelynx highlights the power of open standards and interoperability," said Hugo Wendling, CEO, Wavelynx.

SecurityBridge Webinar to Demystify SAP Compliance for NIST and CISA

Retrieved on: 
Wednesday, October 11, 2023

"This webinar is a great opportunity to ensure that companies are on the right track toward compliance in 2024 and beyond." -- Bill Oliver, Technical Director for the Americas at SecurityBridge

Key Points: 
  • SecurityBridge, a leading global provider of SAP security solutions, has announced it will be holding a webinar to provide SAP users, business leaders, and security professionals with the valuable insights needed to ensure compliance with National Institute of Standards and Technology (NIST) and Cybersecurity and Infrastructure Security Agency (CISA) regulations.
  • NEW YORK, Oct. 11, 2023 /PRNewswire-PRWeb/ -- "Mastering NIST & CISA Compliance for SAP" will take place on Tuesday, October 17, 2023 at 1:00 PM EST.
  • "This webinar is a great opportunity to ensure that companies are on the right track toward compliance in 2024 and beyond."
  • "In today's digital landscape, there are threats around every corner—that's what NIST and CISA help us safeguard against," said Oliver.

eMoney Advisor Expands Leadership Team with Addition of Jason Novak as Head of Information and Security

Retrieved on: 
Tuesday, October 10, 2023

"We're thrilled to have him join our core leadership team and evolve our information and security strategy."

Key Points: 
  • "We're thrilled to have him join our core leadership team and evolve our information and security strategy."
  • Novak joined eMoney in 2014, previously serving as senior vice president of security and IT operations and director of security.
  • Additionally, Novak is certified in Risk and Information Systems Control (CRISC) and is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified Information Security Manager (CISM).
  • He is a member of the Information Systems Audit and Control Association (ISACA) and International Information Systems Security Certification Consortium, Inc. (ISC)².