NIST

ioXt Applauds FCC's Commitment to IoT Security Standards

Retrieved on: 
Friday, February 23, 2024

ioXt, the global standard for IoT security, commends the Federal Communications Commission (FCC) for its diligent work and commitment to advancing IoT security standards.

Key Points: 
  • ioXt, the global standard for IoT security, commends the Federal Communications Commission (FCC) for its diligent work and commitment to advancing IoT security standards.
  • "We commend the FCC and Chair Rosenworcel for their commitment to IoT security," said Grace Burkard, Director of Operations at ioXt.
  • "These policy wins reflect a shared dedication to advancing IoT security standards and ensuring the protection of consumers and businesses alike."
  • ioXt looks forward to continuing its work with the FCC and other stakeholders to further enhance IoT security standards and promote a safer digital environment.

Fortanix Surpasses Multiple Milestones, Reports Strong Growth for Fiscal Year 2024

Retrieved on: 
Wednesday, February 21, 2024

During the fiscal year ended Jan. 31, 2024, Fortanix registered strong performance in critical areas, including the largest deal in company history, record new customer acquisitions—including the company’s first customers in the Japan and MENA regions--and workforce expansion worldwide.

Key Points: 
  • During the fiscal year ended Jan. 31, 2024, Fortanix registered strong performance in critical areas, including the largest deal in company history, record new customer acquisitions—including the company’s first customers in the Japan and MENA regions--and workforce expansion worldwide.
  • Towards that end, Fortanix announced multiple new solutions and product enhancements to address important customer needs in the market.
  • The Fortanix Data Masking and Tokenization Solution, which addresses rising concerns around data breaches and expanding data privacy regulations.
  • Fortanix also formed a new partnership with DreamArts Corp. in Japan to provide BYOK to the company's SmartDB no-code/low-code development platform.

JFrog and Carahsoft Partner to Better Secure the Public Sector’s Software Supply Chain

Retrieved on: 
Tuesday, February 20, 2024

JFrog Ltd. (Nasdaq: FROG), the Liquid Software company and creators of the JFrog Software Supply Chain Platform , and Carahsoft Technology Corp. , the Trusted Government IT Solutions Provider®, today announced a partnership that empowers U.S. Government organizations to safeguard their software supply chains with automated DevSecOps workflows to secure software services consumed by citizens.

Key Points: 
  • JFrog Ltd. (Nasdaq: FROG), the Liquid Software company and creators of the JFrog Software Supply Chain Platform , and Carahsoft Technology Corp. , the Trusted Government IT Solutions Provider®, today announced a partnership that empowers U.S. Government organizations to safeguard their software supply chains with automated DevSecOps workflows to secure software services consumed by citizens.
  • View the full release here: https://www.businesswire.com/news/home/20240220801804/en/
    New partnership empowers U.S. Government organizations to safeguard their software supply chains with automated DevSecOps workflows to secure software services consumed by citizens.
  • Gartner predicts that 45 percent of organizations worldwide will experience a software supply chain attack by 2025 (a three-fold increase from 2021).
  • “JFrog’s platform provides agencies with unparalleled security, agility and peace of mind for their software supply chain.

SCYTHE Unveils Version 4.2 of Its Flagship BAS+ Platform

Retrieved on: 
Tuesday, February 20, 2024

"SCYTHE 4.2 represents a significant leap forward in our commitment to providing advanced cybersecurity solutions to multiple teams -- red, blue, purple, and IT -- who need an effective and user-friendly platform," said Marc Brown, VP of Product of SCYTHE. "With these new capabilities, we are setting a new standard for integration, adversarial emulation insight, and cybersecurity preparedness, ensuring that our clients are equipped to meet the evolving challenges of the digital age head-on."

Key Points: 
  • SCYTHE, the leading provider of advanced cybersecurity solutions, today announced the release of version 4.2 of its flagship adversarial emulation system, BAS+.
  • Incremental Command-by-Command Campaign Execution: SCYTHE 4.2 brings an innovative approach to campaign execution, enabling teams to execute tests incrementally, command by command.
  • Simplified Installation via Containers: Recognizing the importance of ease of deployment, SCYTHE has simplified the installation process for its on-prem version with a container-based approach.
  • The SCYTHE platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns.

Cybersecurity Milestone: Gemstar Attains CMMC Level 2 Self-Certification

Retrieved on: 
Monday, February 19, 2024

As of December 29, 2023, Gemstar successfully completed the Cybersecurity Maturity Model Certification (CMMC) Level 2 Self-Certification, marking a pivotal step in fortifying the company's security.

Key Points: 
  • As of December 29, 2023, Gemstar successfully completed the Cybersecurity Maturity Model Certification (CMMC) Level 2 Self-Certification, marking a pivotal step in fortifying the company's security.
  • “Empowered by dedication and resilience, Gemstar proudly stands at the pinnacle of cybersecurity excellence, achieving Level 2 CMMC self-certification —a testament to our unwavering commitment to advancing our cybersecurity posture and protecting sensitive information from cyber threats,” said Chase Williams, Gemstar’s Security and Compliance Manager.
  • Despite the expected mandate for certification being 1-2 years away, Gemstar proactively achieved CMMC Level 2 Self-Certification, positioning itself ahead of industry requirements.
  • Simplified Compliance: CMMC streamlines cybersecurity compliance, providing a single, unified standard for Gemstar and its partners.

TIA Invites Leading Organizations to Join the Global Effort to Strengthen IoT Supply Chain Security

Retrieved on: 
Thursday, March 7, 2024

 ARLINGTON, Va., March 7, 2024 /PRNewswire/ -- The Telecommunications Industry Association—the trusted industry association for the connected world— today announced that its Supply Chain Security Working Group within the QuEST Forum community has issued an open call for global organizations to join the group to collaboratively work to enhance the TIA SCS 9001 standard to include Internet of Things (IoT) supply chain security. SCS 9001 is the first-ever Supply Chain Security Management System that tackles the growing threat of supply chain cyber-attacks head-on. TIA is seeking stakeholders within the IoT ecosystem to join this group and lend their experience and expertise to help define and enhance SCS 9001 in the area of IoT supply chain security. The inaugural meeting for the IoT workgroup is scheduled for March 26th.

Key Points: 
  • SCS 9001 is the first-ever Supply Chain Security Management System that tackles the growing threat of supply chain cyber-attacks head-on.
  • TIA is seeking stakeholders within the IoT ecosystem to join this group and lend their experience and expertise to help define and enhance SCS 9001 in the area of IoT supply chain security.
  • "The lack of a single, universally accepted standard for IoT supply chain security risk management is a major challenge for organizations."
  • For questions or more information about SCS 9001 and how to participate in the supply chain work group, contact [email protected] .

HITRUST Announces Formation of AI Assurance Working Group to Ensure Security and Trust of AI Technologies in Business

Retrieved on: 
Thursday, March 7, 2024

FRISCO, Texas, March 7, 2024 /PRNewswire/ -- HITRUST, the leader in cybersecurity assurance, today announced the formation of the HITRUST AI Assurance Working Group. This pioneering initiative aims to establish a model for security control assurances for AI systems, supporting HITRUST's groundbreaking efforts to offer a path to AI Assessment and Certification. The Working Group has united industry experts and leaders from AI providers and early adopters, focusing on the shared goal of ensuring that both users and providers of AI systems manage the security risks associated with their AI models and services in a transparent, consistent manner that stakeholders can trust.

Key Points: 
  • FRISCO, Texas, March 7, 2024 /PRNewswire/ -- HITRUST, the leader in cybersecurity assurance, today announced the formation of the HITRUST AI Assurance Working Group.
  • The assurance of AI security controls is essential to building trust in use of AI technologies in business and must be scalable to ensure that these controls are properly implemented and effective.
  • The HITRUST AI Assurance Working Group is dedicated to helping HITRUST create a practical approach to security controls and assurances.
  • Given the dynamic nature of AI security and evolving regulatory requirements, the scope and objectives of the Working Group will continue to adapt.

FileCloud Launches Enhanced Compliance, Data Protection, and AI Capabilities for Secure Content Collaboration

Retrieved on: 
Thursday, March 7, 2024

AUSTIN, Texas, March 7, 2024 /PRNewswire/ -- FileCloud, a leader in content governance and collaboration for unstructured data, today announced several new product advancements to help customers meet enterprise data protection requirements.

Key Points: 
  • AUSTIN, Texas, March 7, 2024 /PRNewswire/ -- FileCloud , a leader in content governance and collaboration for unstructured data, today announced several new product advancements to help customers meet enterprise data protection requirements.
  • "FileCloud makes it simple for enterprise organizations to meet their content governance, privacy and compliance requirements, specifically when there are complex objectives in hybrid environments," said Jason Dover, Chief Product Officer at FileCloud.
  • "Our goal is to create solutions that enable customers to balance risk management with easy and frictionless content collaboration inside and outside their firewall boundaries.
  • This new functionality in FileCloud can bring automated organization and data management to  content sets  in conjunction with cloud services.

HITRUST Supports Release of NIST 2.0 and Unveils Companion Guide to Cyber Resilience

Retrieved on: 
Monday, March 4, 2024

"We continue our commitment to guiding organizations towards cyber resilience," said Robert Booker, Chief Strategy Officer at HITRUST.

Key Points: 
  • "We continue our commitment to guiding organizations towards cyber resilience," said Robert Booker, Chief Strategy Officer at HITRUST.
  • The companion document, titled "The HITRUST Approach to Cyber Resilience: Leveraging HITRUST to Implement the NIST Cybersecurity Framework Version 2.0," not only describes the nuances of NIST 2.0 but also equips organizations with practical insights to select appropriate controls and actions, further fortifying their cybersecurity posture.
  • "As organizations strive to mitigate evolving cyber threats, our approach provides a clear pathway to enhance cyber resilience," added Booker.
  • This will support use of NIST CSF version 2.0 as a selectable factor in HITRUST reports and will support NIST CSF version 2.0 for HITRUST r2 Assurance reports at the HITRUST 11.4 level.

Rank One Computing Rebrands as ROC: A Bold New Vision for American-Made, Globally Trusted Biometrics

Retrieved on: 
Monday, March 4, 2024

ROC helps leading FinTech brands verify users and prevent fraud with the latest advancements in face recognition, liveness, face analytics, digital authentication, and more.

Key Points: 
  • ROC helps leading FinTech brands verify users and prevent fraud with the latest advancements in face recognition, liveness, face analytics, digital authentication, and more.
  • ROC empowers governments and enterprise organizations with the capabilities to match latent fingerprints in seconds, and partial, single, and tenprints in milliseconds.
  • "We built this company to create incredibly powerful yet simple-to-integrate biometric solutions that make the world smarter, safer, and stronger.
  • ROC, formerly Rank One Computing, is an American-made multimodal biometrics company.