AI News, An artificial intelligence solution to the cyber labor squeeze

The winners of the 2019 SC Awards Honored in the U.S.

That’s especially true when using RSA SecurID Access, a smart authentication platform that offers a host of user verification options, including mobile push notifications, one-time passwords, fingerprint and facial biometrics, SMS messages, voice recognition, FIDO tokens and hardware and software tokens.

Whenever a user requests access to sensitive data or systems, SecurID Access factors in variables such as user profile, threat risk and business impact to contextually generate a confidence score.

The SecureID Access data model is tuned to reduce the need for additional authentication by as much as 90 percent, but security admins can adjust assurance level settings up or down as desired, all from a centralized management console.

The solution can be applied toward a huge range of use cases involving cloud- and web-based systems, legacy applications, next-generation firewalls, privileged access management systems, managed workspaces and more from over 500 technology partners.

User organizations can quickly onboard new apps by using wizard-based connectors for leading authentication protocols or by reusing preexisting integrations executed by the company’s RSA Ready technology partner program.

The solution presents a unified control plane for data management services across the enterprise, including data found on endpoint servers, in cloud applications and in cloud workloads.

McAfee’s innovative cloud access security broker (CASB) solution allows security professionals to set consistent data and threat protection policies across SaaS, IaaS, PaaS, private cloud, hybrid cloud and multi-cloud environments – all from a centralized, single-pane console.

This provides users with total control over both physical and cloud-based assets, including endpoints, servers and virtual servers, data, apps and services, network-traffic flow and container workloads.

Collectively, these investigation tools benefit government agencies and law enforcement officers as they gather forensic evidence in criminal probes, while helping corporate investigators look into HR issues, compliance violations, regulatory inquiries and IP theft.

User organizations ultimately increase productivity and reduce staffing fees and outsourcing costs by automating the laborious investigation processes into a few simple steps, even as they collect evidence from vast datasets.

Forcepoint’s machine-learning-based Dynamic Data Protection solution dynamically assesses each worker’s behavioral risk score, continuously adjusting it up or down with each action he or she initiates on corporate or unmanaged networks, across multiple machines and accounts.

The solution’s dynamic scoring mechanism offers a significant advantage over traditional static risk assessments that can quickly become outdated, while the automated nature of the product helps relieve the burden on security analysts who would otherwise be overwhelmed sifting through endless red flags and security alerts.

large portion of that $3 million total – $2.4 million – is saved by avoiding maintenance, support and upgrade costs typically associated with legacy software solutions that are no longer needed.

FlexProtect for Database is a centralized platform that enables collaboration between an organization’s IT, security and compliance teams to ensure data protection and oversight across all on-premises database servers, big data environments and cloud database services.

Capable of processing and analyzing billions of database events, the solution automates the discovery and classification of sensitive data, the assessment of database vulnerabilities, and the identification of suspicious data – all to stop threats in real time.

Available as an on-premise, cloud-based or hosted solution, Fidelis Deception works by automating the discovery of the user organization’s environment and generating profiles of the most important assets, including even legacy systems, “shadow IT” systems and enterprise IoT devices.

Fidelis says its high level of automation enables deception layers to be managed and monitored in less than one hour per day by a tier-1 security analyst, with minimal false alarms.

It not only blocks attachments weaponized with malware, but it also seeks and destroys fraudulent wire transfer requests, URL links to credential phishing sites, and other social engineering and impersonation techniques.

Aided by its 2017 acquisition of The Email Laundry, FireEye has built a collection of proprietary URL defense and attachment detonation technologies, as well as threat intelligence, machine learning and deep relationship analysis capabilities, to help clients identify true positive alerts in just four minutes.

From authentication to federation to authorization to data governance, Ping covers IAM from all angles, helping organizations large and small control access to cloud and on-premises applications from a single management point.

Ping holds a number of key advantages over typical legacy solutions, including rapid deployment and integration, which takes mere hours or days versus weeks or months.

One customer, an unnamed U.S. telecom firm, saw an 80 percent reduction in its infrastructure footprint after switching from a legacy product to Ping, while also experiencing a twofold boost in performance.

The financial software company Intuit implemented Ping’s SSO solution, PingFederate, to ensure that its roughly 30,000 enterprise-wise identities could each use a single set of credentials to obtain one-click access to various applications.

In September 2017, Trustwave and its partner Inmarsat introduced an innovative way to introduce MSS to the maritime industry, delivering unified threat management services by way of satellite to commercial shipping and passenger vessels.

According to a model developed by Trustwave, a mid-size company managing its own SIEM deployment will spend more than $680,000 on hardware and personnel in year one alone, compared to just under $200,000 over the same time period if Trustwave MSS manages SIEM operations.

Trustwave MSS also delivers actionable threat intelligence sourced from a global network of SOCs anchored by a central fusion center, as well as from a database that incorporates findings from research, pen testing and incident response efforts.

The company also debuted its ONE Trust Network, a partnership of third-party solution providers whose products integrate into WorkspaceONE, thus providing additional functionality like threat detection, cloud security, analytics and authentication.

Meanwhile, health care IT company Cerner improved workflow by using Workspace ONE to create a location-aware, secure SSO solution that lets medical professional quickly “tap in” with their badge when logging in to different supported devices.

Because ForeScout’s platform continuously monitors device connection, behavior and compliance status, users can set policies based on real-time intel, instead of relying on scheduled scans to collect point-in-time information.

In April 2018, ForeScout released a major feature update offering enhanced insights into the fastest-growing devices on enterprise networks, including IPv6 addressable systems and devices managed by cloud network controllers.

The solution integrates with more than 130 networking and security technologies, normalizing and incorporating threat intelligence and vulnerability data into centralized repositories and a comprehensive network model that serves as a foundation for risk analysis, measurement, reporting and remediation.

Finalists 2019Absolute, The Absolute PlatformAlgoSec, AlgoSec Security Management SolutionBitSight Technologies, BitSight Security Ratings PlatformRiskLens, RiskLensSkybox Security, Skybox Security Suite Trust AwardBest SCADA Security Solution WinnerDragos for Dragos Platform The Stuxnet attack that disrupted Iran’s nuclear program and the BlackEnergy malware infection that sabotaged the Ukrainian electric grid exemplified the destruction and disruption that threat actors can cause by targeting industrial control systems.

The Dragos platform then combines these analytics with data imported from multiple sources, such as controller logs and data historian outputs, while also allowing alerts, IoCs and investigations to be sent to case management systems, SIEMs, and other tools through its robust APIs.

Each threat-behavior analytic is paired with an investigation playbook – created by Dragos’ threat operations center – which gives step-by-step response guides for each alert in order to facilitate the investigation and mitigation process.

It unifies SIEM capabilities by bringing together network and endpoint monitoring, security analytics (UEBA, network traffic and behavior analytics, and endpoint threat detection), and security automation and orchestration.

markedly flexible solution, the NextGen SIEM Platform offers horizontal scalability at the collection, data processing, data indexing, and analytics layers to allow customers to continue to add capacity without continually adding to overhead costs.

The company’s IntroSpect user and entity behavior analytics (UEBA) solution leverages AI fueled by over 100 machine learning models to detect anomalous network events and determine if the cause is an attack, exploit or breach.

January 2018 Gartner Magic Quadrant report predicted that by 2021, endpoint protection platforms “will provide automated, orchestrated incident investigation and breach response.” But CrowdStrike asserts that it has already achieved this objective via its fully integrated threat intelligence and endpoint protection platform, Falcon X.

Customers of Falcon X know that its unique cloud-native architecture provides robust breach prevention capabilities with deep visibility into cyber threat intelligence, endpoint events and motivations behind adversarial behavior.

Benefits include more efficient incident response, improved attack prevention, increased productivity, reduced capital outlays and operating expenses, regulatory compliance, and an almost immediate time-to-value due to minimal maintenance through CrowdStrike’s single-agent approach.

The solution’s malware search engine capabilities expand analysis to include all related files and variants, leading to a deeper understanding of attacks, plus an expanded set of IOCs to defend against future incursions.

In the past year, CrowdStrike has introduced data center coverage, added support for Docker containers, enabled the safe utilization of USB devices, launched a turnkey solution that combines endpoint protection technology with a dedicated team of professionals, presented additional features enabling real-time response and real-time search, and more.

It does the job of at least eight individual security products that would normally require their own separate management – including traditional firewalls, intrusion prevention systems, gateway antivirus, web filtering, secure email gateways, sandboxes, web application firewalls and CASB solutions.

And as one of the first UTM vendors to offer SD-WAN functionality, Fortinet reduces WAN complexity and operating expenses, allowing companies to monitor and route traffic based on quality of service while improving and securing the performance of SaaS applications.

Recognizing this “Cyber Exposure Gap,” Tenable created Tenable.io, a cloud-based vulnerability management solution that uses passive network monitoring, active scanning and an endpoint agent to comprehensively evaluate assets within a business infrastructure.

Even dynamic and short-lived IT assets such as cloud instances and containers are fully supported – while Tenable’s elastic asset licensing models reduce cost because companies aren’t required to pay for ephemeral assets that no longer exist.

Additionally, the company began a beta test of its Tenable.io Lumin visualization, analytics and measurement solution, which combines raw data with business asset criticality and threat context, helping CISOs better measure and communicate cyber risk.

Central to Kona Site Defender is its web application firewall that reduces risk of attacks and exploits in real time, while tailoring its protections and applying new rules based on a particular website’s ongoing traffic patterns.

The solution draws resources from Akamai Technologies’ worldwide infrastructure, including 235,000 servers and 2,400 data centers, as well as its globally distributed 24/365 Security Operations Center, which helps with security monitoring and attack support and mitigation.

Customers can further enhance their defenses with optional add-ons, including a client reputation module that generates a risk score for every source IP address, a “Bot Manager” tool, and Akamai’s Fast DNS service that offloads DNS resolution from one’s infrastructure to the cloud.

Finalists 2019Akamai Technologies, Kona Site DefenderContrast Security, Contrast Protect and AssessImperva, Imperva Web Application Firewall (WAF) ThreatX, Threat X WAFWhiteHat Security, WhiteHat Application Security Platform Excellence AwardBest Customer Service WinnerEndgame Endgame doesn’t waste any time getting to the bottom of its clients’ technical support needs, offering a seemingly endless array of speedy and helpful customer service offerings to organizations that deploy its endpoint security platform.

“It gives me peace of mind to know that I have the best security analysts in the world just a phone call away at Endgame – and that the analyst that responds to our support ticket is the one that will fix the problem, period,” says Endgame user Matthew Witten, information security officer at Martin’s Point Health Care in Portland, Maine.

Deploying as a set of automated container-based microservices via the open-source Kubernetes orchestration platform, the solution enables users to visualize the container environment, generate risk profiles, reduce the attack surface, and adaptively detect and stop malicious activity.

That’s why the CyberArk Privileged Access Security Solution is specifically designed to detect and prevent attacks on privileged user accounts and sessions across an organization’s entire network, including on-premises, cloud-based, DevOps, IoT and even RPA (robotic process automation) environments.

The latest version of its PAM solution, v10, delivers a 10x improvement in time spent on privileged account-related tasks, and a 5x reduction in the time auditors spend reviewing session records.

In its ongoing commitment to keep pace with recent evolutions in networking, CyberArk in 2018 acquired technology from Vaultive to deliver greater visibility and control over privileged admins and users in cloud-based environments.

It enables data protection by design and default, data protection impact assessments, vendor risk management, incident and breach management, targeted data discovery, data mapping, consent management, ePrivacy cookie consent, data subject access rights, portability and the right to be forgotten.

This facility represents the home base of the FortiGuard Labs team, which leverages leading-edge machine learning and AI technologies to develop threat intel that feeds the company’s solutions, used by more than 360,000 global customers.

Collectively, Fortinet’s solutions and services comprise its Security Fabric, an open-architecture tech approach that improves network visibility and automates threat response by uniting and integrating key security technologies across endpoints, network access points and email and web applications.

parsing information and monitoring it on a day-to-day basis.” Meanwhile, the solution also eliminates the need to invest in dozens of point products that add to the bottom line, not to mention data centers, hardware, setup fees and maintenance costs.

The platform allows users to introduce additional security controls, without any complex integrations or product upgrades, via AlienApps, which are modular integrated software components that extend USM Anywhere’s capabilities to third-party applications.

Axonius has discovered that 10 to 18 percent of its customer base’s user devices are unmanaged, while 16 to 24 percent of its clientele’s devices are missing an endpoint solution that’s already been paid for.

“Axonius has found a truly innovative way to crack the code around solving the security practitioner’s most glaring problem: how to identify the assets they are charged with protecting,” says customer Jim Rutt, CIO at Dana Foundation, a philanthropic organization that supports brain research.

“Their unique approach of integrating key applications ensures a 360-degree view of the organization’s technology assets and, more importantly, the relationships between these assets to form a holistic foundation by which an organization can base its security strategy.” Finalists 2019AxoniusCyberstoneIntezerMinerva LabsPasswordPing Professional AwardBest Cybersecurity Higher Education Program WinnerUniversity of Maryland University College The key to operating the finest cybersecurity teams in the world is diversity.

UMUC’s Master of Science in Cybersecurity Technology graduate program welcomes students who previously majored in criminal justice, human resources, psychology, politics, criminal justice, law, and even linguistics and art – with no GRE or other barriers to entry.

Lessons range from the basics of preparing executive presentations to recording podcasts – which is immensely helpful, as UMUC has partnered with several large federal government and private business organizations to provide job opportunities to students and graduates.

Finalists 2019Champlain CollegeNew York UniversityUniversity of Maryland University College (UMUC) Professional AwardCybersecurity Student of the Year WinnerKyle Joseph Baldes, Oregon State University In a matter of six months, Oregon State computer science student Kyle Baldes transformed himself from security neophyte to an artificial intelligence expert presenting proprietary research findings to senior cyber executives.

From day one his commitment, resolve and ability to learn at a staggering pace impressed me greatly.” Finalists 2019Kyle Joseph Baldes, Oregon State UniversityNick Gregory, New York UniversityPhilip Smith, Texas A&M University SystemCasey Stephens, Texas A&M Engineering Experiment Station Professional AwardBest IT Security-related Training Program WinnerCircadence for Project Ares Meet Athena, the natural language-processing AI system that serves as a host and advisor to trainees learning on Circadence Corporation’s Project Ares cybersecurity training and assessment platform.

James McQuiggan, product and solution security officer, Americas, at Siemens Gamesa, says that (ISC)² provides a “wealth of opportunities” to “stay current on best practices, standards and regulations, and also to network with the best professionals in the information security community.” A

Compliance manager for the EMEA Region, adding that CS&A “continues to be instrumental in communicating the changes, training, upgraded capabilities and tools available to hundreds of GDPR stakeholders across the company.” To ensure its workforce remains vigilant, KC this year debuted its mandatory cybersecurity awareness training and assessment program, which uses gamification techniques to teach employees to recognize and avoid social engineering scams.

OIS also played an integral part in migrating the entire state’s email system to Microsoft Office 365 and incorporating advanced threat prevention features into it, having, the California Highway Patrol says, “the most pronounced net positive impact to reducing the phishing threat the state has ever seen.” OIS instituted a centralized anti-phishing training service, debuted California’s first Information Security Leadership Academy and formed an in-house dedicated cybersecurity advisory team to aid high-risk state entities Liebert’s influence extends to other states as well – his California Cybersecurity Maturity Metric (CCMM), which objectively measures a cybersecurity program implementation, was posted by the National Institute of Standards and Technology (NIST) for other states to use.

Companies pursuing biometrics-based authentication were further helped by FIDO’s September 2018 launch of its Biometric Component Certification Program, the first in the industry program designed to certify that biometric recognition systems successfully meet globally recognized performance standards and are viable for commercial use.

The program delivers significant time and cost savings to biometrics vendors because it enables them to test and certify their technology only once in order to validate their system’s performance, and then repeatedly re-use that third-party validation across their potential and existing customer base.

In a press release at the time, FIDO Alliance Executive Director Brett McDowell said that the new and improved certification program “enables enterprises and online services to make better informed risk management decisions when registering credentials from FIDO-enabled devices, resulting in more accurate and reliable scores on the back-end while delivering better user experiences on the front end due to lower instances of intrusive ‘step up authentication’ challenges.” Just last December, the FIDO Alliance reached what is arguably the highest bar set in information and communication technology (ICT) standardization when the International Telecommunication Union’s Telecommunication Standardization Sector (ITU-T) recognized UAF 1.1 and CTAP as international standards.

Probabilistic Machine Learning and AI

How can a machine learn from experience? Probabilistic modelling provides a mathematical framework for understanding what learning is, and has therefore ...

AWS re:Invent 2017: An Eye in the Sky: How Radiant Solutions Processes Satellite (MCL251)

This planet is a big place filled with amazing and unusual things. Understanding every object, location, and action on this pale blue dot is an enormous ...

Kalaris Conference 2018 | Panel 1: The New Age of Artificial Intelligence

There are many opportunities for intelligence analysis to leverage AI, algorithms, and automation to further the national security mission. These tools improve ...

Anastassia Lauterbach, NED Dun & Bradstreet | Artificial Intelligence and Societies. Quo Vadis?

Addressing key challenges around the introduction of new cognitive and artificial intelligence technologies in USA, Europe and Asia. Speaker's Bio: Dr.

Atlas, The Next Generation

A new version of Atlas, designed to operate outdoors and inside buildings. It is specialized for mobile manipulation. It is electrically powered and hydraulically ...

Futurist David Shrier, MIT Media Lab: Data Science and More (CXOTalk #323)

For the full transcript, see The future of cybersecurity rests on AI ..

iAngels VC Breakfast Club Event in Tel Aviv - "Software transforming the way the world works"

A discussion led by iAngels founding partner, Mor Assia with Amnon Drori from Octopai, Nimrod Luria from Prifender and Yariv Tabac from DBmaestro. Octopai ...

Inside a Google data center

Joe Kava, VP of Google's Data Center Operations, gives a tour inside a Google data center, and shares details about the security, sustainability and the core ...