Category Archives: Internet Security

What’s new in v8 of the CIS Controls from the Center for Internet Security –

Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Securitys Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that version. It also cleaned up the language of the CIS Controls, simplified some working, removed duplicate requirements, and created an abstract for each of the security measures.

Just as a reminder, the CIS Controls are a set of recommended actions that organizations can use to defend themselves against some of the most pervasive attacks in the threat landscape today. They serve as a starting point for organizations in that effort. As noted on the Center for Internet Securitys website, the Critical Security Controls use prioritization to help organizations to figure out where their digital defenses begin, focus their resources on actions that can provide protection against high-risk items, and then invest their remaining time and energy in tackling additional sources of digital risk for the business.

The CIS Controls are not a static entity. On the contrary, they regularly undergo an informal community process in which industry, government, and academic actors review the CIS Controls. Those individuals can then issue updates based upon organizations changing network environments and on the evolving digital threat landscape.

Those factors help to explain the release of CIS Controls v8. This updated version of the security measures now includes requirements pertaining to cloud and mobile technologies. (Regarding the former, the Center for Internet Security even created an entirely new control designed to help organizations manage their cloud service providers.)

These changes reflect just how organizations altered the way they do business as part of the shift to remote work. The Center for Internet Security expanded upon that reality in a blog post:

Since networks are basically borderless meaning there is no longer an enclosed, centralized network where all the endpoints reside the Controls are now organized by activity vs. how things are managed.

As part of this transition, the internal community process reduced the number of CIS Controls from 20 to 18. These Controls are as follows:

CIS Control 1: Inventory and Control of Enterprise Assets

CIS Control 2: Inventory and Control of Software Assets

CIS Control 3: Data Protection

CIS Control 4: Secure Configuration of Enterprise Assets and Software

CIS Control 5: Account Management

CIS Control 6: Access Control Management

CIS Control 7: Continuous Vulnerability Management

CIS Control 8: Audit Log Management

CIS Control 9: Email and Web Browser Protections

CIS Control 10: Malware Defenses

CIS Control 11: Data Recovery

CIS Control 12: Network and Infrastructure Management

CIS Control 13: Network Monitoring and Defense

CIS Control 14: Security Awareness and Skills Training

CIS Control 15: Service Provider Management

CIS Control 16: Application Software Security

CIS Control 17: Incident Response Management

CIS Control 18: Penetration Testing

The Center for Internet Security also grouped the Controls and a fewer number of corresponding Safeguards (formerly known as Sub-Controls) into three Implementation Groups (IGs). These designations help organizations to prioritize their implementation of the CIS Controls. To illustrate, the first implementation group (IG1) consists of basic hygiene that all organizations can use to lay the groundwork for defending themselves against digital threats. IG2 builds upon the practices of IG1, while IG3 encapsulates all the Controls and Safeguards.

Researchers at Tripwire are working on a new blog series that examines each of the 18 security measures contained within CIS Controls v8. Stay tuned for the first few installments of this series over the coming weeks.

In the meantime, readers can learn more about how Tripwires solutions align with version 7 of the CIS Controls by clicking here.

Read more:
What's new in v8 of the CIS Controls from the Center for Internet Security -

Internet Security Firewall Market Future Segment Overview 2021-28| Openmind Networks, Tata Communications, ANAM Technologies The Manomet Current -…

The new research report on the global Internet Security Firewall market will deliver an up-to-date assessment related to the present industry scenarios, current trends, major drivers as well as the overall industry environment. The Internet Security Firewall market report mainly focuses on top regions, development estimations between 2022 to 2028 including essential manufacturers, key industries, Internet Security Firewall market size, share, product introduction and so on. Apart from this, the global Internet Security Firewall market sheds light on the leading industry vendors along with their position in the international industry with the inclusion of Internet Security Firewall market status, potential development trends, Internet Security Firewall market growth drivers, challenges, profit status and pricing structure.

Download a free copy of the Internet Security Firewall market report:

Impact of COVID-19 on the Global Internet Security Firewall Market:

The ongoing health crisis COVID-19 pandemic continues to impact various industries across the world. While, a few industries have recorded a massive decline in demand ratio, and numerous others have continued to remain unscathed and also represent some promising growth opportunities. The pandemic also has at par affect on the global Internet Security Firewall market.

Drivers & Opportunities:

The report identifies the increasing demands and new technology in the global Internet Security Firewall market. Furthermore, it shows possible industry trends alongside the growing competition and advanced innovations. The study makes use of SWOT analysis and Porters Five Forces analysis in order to offer the state of competition in the Internet Security Firewall industry. In addition to this, the research study on the world Internet Security Firewall market provides a forward-looking approach on some crucial aspects including risk factors, key opportunities, and growth catalysts that are responsible for shaping the dynamics of the Internet Security Firewall market. Moreover, it delivers a wider point of view of the Internet Security Firewall industry by explaining its several segments to offer a detailed understanding of revenue generation prospects over the forecast timeline.

Key players of the Internet Security Firewall market report are:

SAPHewlett Packard EnterpriseCellusysOpenmind NetworksTata CommunicationsANAM TechnologiesAMD TelecomAdaptive MobileInfobipEVOLVED INTELLIGENCEMOBILEUMOMOBIO

Product types can be divided as:


Applications of this report is:

Small and Medium EnterpriseLarge Enterprise

Prime regions involved in the report are:

Internet Security Firewall North America Market(the United States, Canada, and Mexico) Asia-Pacific (China, Japan, Korea, India, and Southeast Asia) Internet Security Firewall Europe Market(Germany, France, UK, Russia, and Italy) The Middle East and Africa (Saudi Arabia, UAE, Egypt, Nigeria, and South Africa) Internet Security Firewall South America Market(Brazil, Argentina, Colombia, etc.)

The analysis on the Internet Security Firewall market gathers highly effective qualitative and quantitative assessment on the Internet Security Firewall market size along with exclusive research demonstrating various geographical applications evaluation. The global Internet Security Firewall market illustrates a prominent review of the complete outlook by wide-ranging ingredients such as research methodology, growth opportunities, pricing structure and competitive landscape. Several factors that comprise the basis for a successful business and major techniques that have been utilized to examine the information accurately.

Full Report of Internet Security Firewall Market for Better Understanding:

Vital Questions answered in the Global Internet Security Firewall Market Report:

What will be the Internet Security Firewall market growth rate during the predicted period? What are the crucial factors driving the global Internet Security Firewall market? Who are the precious manufacturers in the Internet Security Firewall market? What are the essential industry opportunities and the overview of the Internet Security Firewall market? What is the revenue share, sales as well as price analysis of top vendors of the Internet Security Firewall market?

Contact Us:

CALIBRE RESEARCHEmail : sales@calibreresearch.comWebsite : https://calibreresearch.comAddress : 3626 North Hall Street (Two Oak Lawn), Suite 610, Dallas, TX 75219 USA.

Continued here:
Internet Security Firewall Market Future Segment Overview 2021-28| Openmind Networks, Tata Communications, ANAM Technologies The Manomet Current -...

Cyber Security Market 2021 Size, Status and Global Outlook IBM Corporation, Cisco Systems, Inc., Dell Inc., Root9B LLC, Herjavec Group The Manomet…

Cyber Security Market Growth, Trends, And Forecast (2020- 2025)

The report presents an in-depth assessment of the Cyber Security including enabling technologies, key trends, market drivers, challenges, standardization, regulatory landscape, deployment models, operator case studies, opportunities, future roadmap, value chain, ecosystem player profiles and strategies. The report also presents forecasts for Cyber Security investments from 2020 till 2025.

The global cybersecurity market was valued at USD 161.07 billion in 2019, and is expected to reach USD 363.05 billion by 2025, registering a CAGR of 14.5%, during the period of 2020 2025.

The Cyber Security market is highly competitive and consists of a number of major players. Top Companies likeIBM Corporation, Cisco Systems, Inc., Dell Inc., Root9B LLC, Herjavec Group, Check Point Software Technologies Ltd, Palo Alto Networks, Symantec Corp, Trend Micro, Inc., Fortinet, Inc., FireEye, Inc., ProofPoint, Inc., Imperva, Inc., CyberArk Software, Ltd, AVG Technologies among others

Sep 2019 The Cisco Webex Control Hub launched extended security pack available for users and enabled the customers to protect data from accidental misuse and malicious attacks, while delivering the best user experience. It packages full-functionality Cisco Cloudlock CASB for Webex Teams with native Webex anti-malware capabilities powered by Cisco Talos ClamAV in Webex Cloud. Aug 2019 Check Point Software Technologies Ltd announced the launch of a Check Point branch office security solution to transform enterprise branch office connectivity with cloud-delivered security services. As enterprises increasingly move their on-premise branch office workloads and applications to SaaS applications, they are adopting Software-Defined Wide Area Networking (SD-WAN) to intelligently route traffic to cloud services.

Click the link to get a Sample Copy of the Report:

Scope of the Report

High reliance on traditional authentication methods and low preparedness is challenging the market to grow. In a market scenario, where security professionals are recommending identity-management solutions, such as facial recognition and biometric identification, most of the companies in the region (over 80%) still use usernames and passwords as the exclusive means of logging in. These findings indicate that many of the enterprises in the region can face wide range of cyber threats and data breach incidents in environments for their customers, employees, and sensitive intellectual property

Key Market Trends

Aerospace and Defense Segment is Expected to Witness a Significant Growth

Airplane navigation and guidance systems can be highly susceptible to cyber-attacks, which can have widespread ramifications. Hence, the computers and networks for all the ground and air-borne operations need strong security infrastructure. The increasing adoption of machine-to-machine technologies (M2M) in the aerospace domain and the focus of the governments on cybersecurity to counter cyber terrorism has driven the growth of the cybersecurity market in this sector immensely for the past few years. Drones are being increasingly used by rogue elements to get critical data. Owing to their low cost and ease of use, drones can deliver a payload for surveillance, to capture data, and disrupt networks. In a recent incident, Chinese company DJI fixed a security vulnerability its drones had. Though no amount of data was stolen, the company stated in the case of any hacking, cybercriminals could have got control of an entire fleet of drones, given the tethered nature of its apps and services. With increasing data breaches in military defense, United States is laying high emphasis on its military and defense sector and are investing mainly in research and development of new weaponry systems. In October 2018, the US Government Accountability Office (GAO) released a report stating that most of the weapon systems that were under development are found to have mission-critical cyber vulnerabilities. Later that month, the US government signed the law to establish the Cybersecurity and Infrastructure Security Agency (CISA) in order to enhance national defense against cyber-attacks. The US Aerospace Industries Association focused on promoting policies that strengthen the aerospace and defense industry. Defense companies, such as BAE Systems PLC, General Dynamics Corporation, and Finmeccanica SpA, are engaged in developing cybersecurity solutions in the defense industry, especially in developing network security solutions and software, preventing cyber-attacks on military software systems, indicating the demand for these solutions in the aerospace and defense sector.

Asia-Pacific to Account for the Largest Market Growth

Asia-Pacific is expected to have highest market growth for cyber security solutions, over the forecast period. The strong presence of several market incumbents, coupled with recent security threats in the region, are expected to drive the adoption of these solutions further. India has experienced a rapid increase in cyber crimes registration, with the country ranking fifth in terms of the overall DNS hijacks. Also according to Gemalto, India accounts for 37% of the global breaches in terms of records compromised or stolen. Also the increasing number of malware and ransomware attacks in the country is also a significant factor driving the adoption of cybersecurity solutions. According to the 2019 Internet Security Threat Report by Symantec, the use of malicious PowerScripts increased by 1,000%, and ransomware infections of enterprises increased by 12%, in 2018. Moreover, South Korea is becoming one of the prime targets for cyber-attacks, due to the countrys increasing number of connected devices, advanced use of mobile devices, and significant intellectual property. In January 2019, according to the National Police Agency report, cybercrimes increased by nearly 14% in Korea in 2018 to reach about 150,000 cases. This drives the use of cybersecurity in this country.

Browse the Full report description and TOC at:

Highlights of this 2020-2025 Cyber Security Market Report:

The research includes historic data from 2014 to 2019 and forecasts until 2025 which makes the reports an invaluable resource for industry executives, marketing, sales and product managers, consultants, analysts, and other people looking for key industry data in readily accessible documents with clearly presented tables and graphs.

Media Contact Us:

Irfan Tamboli (Head of Sales) Market Insights Reports

Phone: + 1704 266 3234 | +91-750-707-8687|

Read the original:
Cyber Security Market 2021 Size, Status and Global Outlook IBM Corporation, Cisco Systems, Inc., Dell Inc., Root9B LLC, Herjavec Group The Manomet...

Ransomware attacks and the future role of the CISO – teissTalk – TEISS

On18 May,teissTalkhostJenny Radcliffewas joined by a panel of fourcybersecurity expertsin a wide-ranging discussion that covered government actions,ransomware attacksand the future of the CISO.

You canaccess avideoof the discussionhere

WillJoe Bidens new cybersecurity executive order change the ITlandscape?

The executive order, evenif its impactis mostlylimited to federal institutions and their contractors, is a milestone in cybersecurity legislation. Thanks to major ransomware attacks against key US infrastructure and the Vice Presidents advocacy of reasonable security and compliance with CIS (Centre for Internet Security) controls going back toher days as Attorney General in California, the Biden administration is expected to have the fight against cyber-attacks at thetopof its legislative and law-enforcement agenda.

The fact that the executive order talks about IoT security standards also suggests thatwerewitnessinga watershed moment. Although the executive orders main objective is to make federal institutions and their supply chains more transparent,itsvery unlikelytoleave the rest of the private sector intactin the long run.

Mandatory disclosure of data breaches and hackshasalready beenaround incritical industries such as pharmaceuticals and healthcare. Now,as a result ofthe executive order, an even wider circle of institutions and private enterprises will need to comply.

Internet providers can also play a more prominent role in fighting cybercrime in the future by blocking internet traffic coming from rogue states and known threat actors.

Governments,automationandpeople:the three pillars of cyber-defence

Ransomware attackswereoriginally drivenbyfinancial gain. However, as the number of incidents disruptingcritical infrastructure andthreateninghuman livesis growing fast, it increasingly needs to be seen asa form ofcyberterrorism. As the perpetrators of cybercrime are oftenfinanced or even commissioned by nation states, governments of western democracies have recently taken afirmer stance on putting up a fight against them.

The UKs Integrated Defence Review published in March reserves the right to use nuclear weapons againstemerging technologies that could have a comparable impacttochemical, biological orothernuclear weapons, although its not completely clear whether this was meant to cover cyber- attacks.

Meanwhile, in a statement, the US administrationdidntrule outauthorising a kinetic response, or, in other words, active warfare in the event of a large-scale cyber-attack by a nation state.

Attribution, however,is much trickier in the case of cyber-attacks thanintraditional warfare, therefore,in order toavoid escalation and a potential cyber war,retaliation must be only the very last resort.

The current situation, where private businesses need to defend themselves against national threat actors without the support of the state is unprecedented. Therefore, what the business sector needsto better tackle cyber threats is a more active cyber-defenceposture adopted by their governments.

There have already been examples in the past when governments providedprotectionfor privateenterprisesto ensure the uninterrupted flow of global trade on the Mediterranean or the Atlantic.Businesses need a similar kind of supportnowin the cyberspace.

Although for medium-size and small businesses the scope for cyber defence is much more limited for lack of human and financial resources, automation and the use of secure software and multi-factor identification can go a long way.

As about 85 per cent of all breaches start with anemployeeclicking on an attachment or link that theyshouldnt, taking the human element out of the cyber threat equation is key. Withthe number of breaches in the cloud exceeding those on premises first time ever, cloud security is another area that needs to get to the forefront of the fight against cybercrime.

What will be the CISO of the futurelike?

The role of the CISO has been changing a lot over time. Originally the CISO was seen as a compliance and risk guru.Forrester has established five more types of CISOs (transformational, post-breach, tactical/operational, steadystateand customer-facing evangelist), which will probably whittle down to no more than two or three as the role will get more mature.

Demonstrating some self-deprecating humour, CISOssometimes refer tothemselvesaCrisis-Induced Sacrificial Officer, which points to the irony that people fulfilling this role are often held responsible forincidents which are beyond their control.

In the future, CISOs will probably have more leverage and willincreasinglyreport directly to the board. For this relatively new role toget more established, CISOs need to see and evaluate their own performance through the eyes of CEOs, asking themselves how many customers their efforts helpedthe businessto attract and retain.

teissTalkhostJenny Radcliffewas talking toKathleen Mullin, Chief Information Security Officer,HealthmapSolutions;Paul Raines, Chief Information Security Officer, United Nations Development Programme;Ian Hill, Global Director of Cybersecurity, Royal BAM Group;andSteve Moore, Vice President and Chief Security Strategist,Exabeam.

You can access the recording of thisteissTalkhere.

Read the original post:
Ransomware attacks and the future role of the CISO - teissTalk - TEISS

NCSC chief: Ransomware is more of a threat to Britain than hostile nations’ spies – The Register

Forget foreign spies. The head of Britain's National Cyber Security Center (NCSC) has warned it is ransomware that's the key threat for most people.

"What I find most worrying isn't the activity of state actors," NCSC chief exec Lindy Cameron told a national security audience, joining the chorus of organisations calling out ransomware criminals as the number one cybersecurity threat of the moment.

The speech marks the first time that GCHQ, the spy agency and parent body of the National Cyber Security Centre, has acknowledged a cyber threat as being of more concern to the UK than traditional state spying.

"Four nation states China, Russia, North Korea, and Iran have been a constant presence in recent years. And as I've said before, we face a determined, aggressive Russia, seeking traditional political advantage by new, high-tech means," said Cameron.

The NCSC's chief exec was giving defence think tank the Royal United Services Institute's (RUSI) Annual Security Lecture, which took place in between the G7 leaders' summit in Cornwall. The summit itself saw Russia named and shamed for harbouring ransomware criminals ahead of the first meeting between US president Joe Biden and Russian leader Vladimir Putin this week. Biden is expected to raise the problem of ransomware gangs with his opposite number.

Speaking to RUSI's audience of military officers, espionage officials and political policy wonks, Cameron described the structure of the current ransomware ecosystem the omnipresent as-a-service model and noted: "They may identify embarrassing or business-sensitive material that they can threaten to leak or sell to others. And they might even research your cyber insurance policy to see if you're covered to pay ransoms."

The US FBI's recent success in recovering a cryptocurrency ransom paid by the Colonial Pipeline Company from ransomware crew Darkside is a very rare one.

Cameron's speech highlighted what the British government is doing to tackle not only ransomware but national cybersecurity weaknesses as a whole starting to break from protecting only itself to taking an interest in the security of taxpaying businesses and private citizens alike.

Speech ... NCSC chief exec Lindy Cameron

"In some respects, our response to ransomware is straightforward: we need to continue to build the UK's cyber resilience so that attacks cannot reach their targets in the first place," said Cameron, highlighting her organisation's guidance on how not to get pwned by internet crooks. This is targeted at SMEs and bigger companies alike, including large sections in simple words for executives and non-technical managers to digest.

"It's about preparing, planning, exercising all the way up to board level, working on the assumption that a cybercriminal will be as interested in your weaknesses as a burglar in your open window," she added.

But on top of the cybersecurity hygiene practices, with which Register readers will be well familiar, there's what Cameron described in her speech as the "whole-of-nation approach" to tackling the ransomware menace. She also mentioned "the cyber insurance industry, which has a role to play in bearing down on the payment of ransoms and cryptocurrency entities who facilitate suspicious transactions."

Britain's interventionist approach to cybersecurity includes a new law giving politicians the power to block mergers and acquisitions of British companies by halting "potentially hostile foreign direct investment." The last few months have seen the Conservative government boasting of market interventions that would have Adam Smith spinning in his grave.

Yet perhaps conscious of the huge role played by private industry in securing British businesses, Cameron gave it an unusual public nod, saying: "The government can't do this alone. We will continue to take a whole-of-society approach to improving the cyber resilience of the UK. Industry, academia, and civil society all have a role to play."

Wide-ranging as it was, the week's focus on international cybersecurity and ransomware so far means Cameron's closing call for more "partnerships with partners around the world" might bear fruit if Russia, China, and others are prepared to play ball.

Go here to read the rest:
NCSC chief: Ransomware is more of a threat to Britain than hostile nations' spies - The Register

Cyber and AI experts bring ideas to life to help combat national security concerns – De Montfort University

Cyber security and artificial intelligence (AI) experts at De Montfort University Leicester (DMU) have been given an opportunity to turn their ideas into commercial products as part of a government-funded accelerator programme.

The initiative, called CyberASAP (Cyber Security Academic Startup Accelerator Programme), is funded by the UK Government Department for Digital, Culture Media & Sport (DCMS) and delivered through KTN and Innovate UK. It aims to develop and sustain a security sector that meets national security demands as part of the governments 1.9billion national cyber security strategy.

(Image: Adi Goldstein/Unsplash)

Two teams made up of academics from DMUs Cyber Technology Institute (CTI) and Institute of Artificial Intelligence (IAI) successfully secured funding in the first phase of the programme, which requires each team to identify the value proposition of their prospective product.

With the support of KTN, the two teams have learned a lot of skills needed to operate in a start-up environment, through a series of interventions (including bootcamps, workshops, and mentoring), giving participating teams vital insights into the key milestones necessary to take their product from the lab to the market.

Dr Richard Smith, Associate Professor of Cyber Security at DMU, said: The CyberASAP programme provides academics with the skills to operate in the commercial world. It is about taking the skill base in UK universities and teaching academics how to exploit their research, skills and expertise within the commercial market.

CyberASAP was launched in 2017 and since then has helped more than 90 teams from universities across the UK to develop their innovations.

The first DMU team, called CyberAgents, is led by Dr Smith alongside Professor Daniela Romano. Together they are developing an incident response team using human/AI hybrid technology.

Many organisations have limited Incident Response capabilities and need to improve them in a safe environment, explained Dr Smith. We use behavioural science and data science to create innovative human/AI team defending together.

The AI-agent learns human-like creativity but with faster than human reasoning, and can plug any skill gaps in an organisations capability. Also, the more the agent learns, the more it improves.

The second team, SACRED, is being led by Dr Mary He, alongside Professor Yingjie Yang and Dr Francisco J Aparicio Navarro.

They are developing a unique and innovative web security tool, driven by advanced AI technology, to detect malicious web crawlers (computer programs that are calibrated to automatically search the Internet, also called spider or bot), thus protecting online services and websites of businesses or organisations and ensuring their customers privacy and data security.

Both teams have made effort to analyse the market size, competitors and potential collaborators of their prospective products, added Dr He. The CyberASAP initiative will speed up the pace of the UK cybersecurity development, tackling the global challenges in cybersecurity, and therefore helping to implement the National Security Strategy of the UK; to use all our national capabilities to build Britain's prosperity, extend our nation's influence in the world and strengthen our security.

Dr Smith added: Not only does CyberASAP help to grow the innovation produced by DMU academics, it increases our universitys footprint and brand in the commercial sector.

Posted on Thursday 10th June 2021

Read the original:
Cyber and AI experts bring ideas to life to help combat national security concerns - De Montfort University

CIO Leadership: Building Trust at the Executive Level Will Drive the Discussion at the 2021 HMG – GlobeNewswire

WESTPORT, Conn., June 16, 2021 (GLOBE NEWSWIRE) -- HMG Strategy, the Worlds #1 digital platform for enabling technology executives to reimagine the enterprise and reshape the business world, is excited to be hosting its 2021 HMG Live! Chicago CIO Executive Leadership Summit on June 17. HMG Strategys highly interactive digital events bring together the worlds most distinguished and innovative business technology leaders to discuss the most pressing leadership, strategic, cultural, technology and career challenges and opportunities that technology executives face today and into the future.

The 2021 HMG Live! Chicago CIO Executive Leadership Summit will focus on recommendations from CIOs and business technology executives on how to build trusting relationships across the C-suite along with advice for regaining trust after it has been lost.

The CEO and members of the executive team are relying on the CIO and other technology executives to offer bold ideas for developing new go-to-market models and other business innovation, said Hunter Muller, President and CEO of HMG Strategy. But in order to succeed with these efforts, technology leaders must have trusting relationships in place with members of the executive team.

Top-tier business technology executives and industry experts speaking at the 2021 HMG Live! Chicago CIO Executive Leadership Summit will include:

Valued Partners for the 2021 HMG Live! Chicago CIO Summit include Akamai, Auth0, BetterCloud, Blue Prism, Check Point Software Technologies, Darktrace, Forescout Technologies, Gigamon, Globant,, Illumio, RingCentral, SafeGuard Cyber, SIM Chicago, Skybox Security, Starburst, Upwork and Zscaler.

To learn more about the 2021 HMG Live! Chicago CIO Executive Leadership Summit and to register for the event, click here.

HMG Strategy will be hosting its 2021 HMG Live! Toronto CIO Executive Leadership Summit on June 21. Key topics that will be explored at this event include recommendations for cultivating a connected culture into the future including one that embraces diversity, equity and inclusion. Speakers at this event will also share recommendations for working with the CEO and the Board on looming cyber threats, including how best to communicate these risks and articulate where funding is needed most.

Prominent technology executives speaking at this event will include:

Valued Partners for the 2021 HMG Live! Toronto CIO Executive Leadership Summit include Akamai, Auth0, BetterCloud, Blue Prism, Check Point Software Technologies, The CIO Association of Canada, Darktrace, Forescout Technologies, Globant,, Infoblox, Illumio, RingCentral, Rubrik, SafeGuard Cyber, SIM Toronto, Skybox Security, and Zscaler.

To learn more about the 2021 HMG Live! Toronto CIO Executive Leadership Summit and to register for the event, click here.

HMG Strategy will also be hosting its 2021 HMG Live! New York Global Innovation Summit on June 24. Timely topics to be discussed at this event will include the role that business technology executives can play in reimagining how the business operates, applying security innovation to address the evolving threat landscape, along with real-world use cases for applying hot technologies such as artificial intelligence, machine learning, robotic process automation, the Internet of Things, computer vision and augmented reality.

World-class executives speaking at the 2021 HMG Live! New York Global Innovation Summit will include:

Valued Partners for the 2021 HMG Live! New York Global Innovation Summit include Akamai, Auth0, BetterCloud, Darktrace, Forescout Technologies, FPT Corporation, Globant,, Incorta, Illumio, NPower, RingCentral, SafeGuard Cyber, SIM New York Metro, Skybox Security, Starburst, Zendesk and Zscaler.

To learn more about the 2021 HMG Live! New York Global Innovation Summit and to register for the event, click here.

To learn about HMG Strategys upcoming CIO and CISO Summits, click here.


The HMG Strategy 2021 Global Leadership Institute Awards honor exemplary technology leaders and leadership teams who are delivering exceptional value to their organizations. This award recognizes those who have reimagined and reinvented themselves to place their organizations on the fast track to groundbreaking transformation in dynamic times. Technology executives and their teams who receive these awards are being recognized for accomplishments in the following areas: Diversity, Equity and Inclusion; Leading into the C-suite; Creating New Go-to-Market Business Models; Modernizing Enterprise Architecture; and Building a Culture of Trust.

World-class technology executives who were recognized for their contributions to their companies and to the industry at the 2021 HMG Live! U.K. CIO Executive Leadership Summit on June 16 include:

To learn more about HMG Strategys 2021 Global Leadership Institute Awards and to nominate a deserving executive, click here.


On June 22, HMG Strategy will be hosting the HMG Security Innovation Webinar. Research conducted by HMG Strategy reveals that one of the top focus areas for CISOs and security leaders is working with the CEO and the executive team to enable innovation and grow the business. In this exclusive webinar, HMG Strategy President and CEO Hunter Muller asks the CEOs and leaders of innovative cybersecurity technology companies about the challenges they solve for clients, the innovation they deliver to companies, and how their solutions are differentiated in the market.

Speakers for this highly interactive event include Ritesh Agrawal, CEO, Airgap Networks Inc.

To learn more about this event and to register for the webinar, click here.

About HMG Strategy

HMG Strategy is the world's leading digital platform for connecting technology executives to reimagine the enterprise and reshape the business world. Our regional and virtual CIO and CISO Executive Leadership Series, authored books and Digital Resource Center deliver unique, peer-driven research from CIOs, CISOs, CTOs and technology executives on leadership, innovation, transformation and career ascent. HMG Strategy offers a range of peer-driven research services such as its CIO & CISO Executive Leadership Alliance (CELA) program which bring together the worlds top CIOs, CISOs and technology executives to brainstorm on the top opportunities and challenges facing them in their roles.

HMG Strategy also produces the HMG Security Innovation Accelerator Panel, a new webinar series thats designed to connect enterprise CISOs and security leaders with the most innovative cybersecurity companies from across the world.

The HMG Strategy global network consists of over 400,000 senior IT executives, industry experts and world-class thought leaders.

To learn more about the 7 Pillars of Trust for HMG Strategy's unique business model, click here.

A photo accompanying this announcement is available at

Read more here:
CIO Leadership: Building Trust at the Executive Level Will Drive the Discussion at the 2021 HMG - GlobeNewswire

Global Fastly outage takes down many on the wibbly web but El Reg remains standing – The Register

Updated A not-inconsiderable chunk of the World Wide Web, including news sites, social networks, developer sites, and even the UK government's primary portal, has been knocked offline by an apparent outage at edge cloud specialist Fastly though your indefatigable The Register remains aloft.

Mid-morning UK time (09:58 UTC) today, reports began to flood in about errors on a range of seemingly disparate sites: everywhere from Reddit, Twitter, GitHub, Stackoverflow, The Guardian, The Verge, and crowdfunding platform Kickstarter to GOV.UK, the UK government's primary web platform, had started to throw 503 cache errors or connection failure messages to would-be visitors.

Ironically, even legendary webcomic xkcd fell offline.

The root cause, according to security expert Mikko Hypponen and others in the field: Fastly, an edge-centric cloud computing specialist founded in 2011 by former Wikia chief technical officer Artur Bergman, which is apparently having a bad start to the day.

"Fastly edge platform is having problems, which means a big part of the internet is having problems. This includes Twitter. Even itself is unavailable in many locations," Hypponen wrote of the outage. "Basically, internet is down."

Click to enlarge

Boasting 1,000 employees and an annual revenue of $200m, Fastly is responsible for optimising websites primarily through its content delivery network (CDN), which appears to have been at the heart of today's outage.

Fastly's status page confirmed "potential impact to performance with our CDN service" starting at 09:58 UTC today which is a somewhat understated way of putting the glitch. At the time of writing, investigations were under way with no timescale yet provided for a fix.

A spokesperson for Fastly confirmed to The Register that the company is "aware of the issue and can confirm it's global," and that "all hands are on deck and working hard to resolve."

Fastly updated its status at 10:44 UTC to say the issue had been "identified and a fix is being implemented."

Fastly has applied the fix, and told customers at 11:57 UK time (10:57 UTC) they "may experience increased origin load as global services return."

To our readers affected, we offer a virtual beer or colddrink. We hope the rest of this day goes better.

See the original post here:
Global Fastly outage takes down many on the wibbly web but El Reg remains standing - The Register

What is a firewall? Understanding the security measure that protects against cyber threats – Business Insider

Many of us live with the fear of a cyberattack disrupting our computer-dependent lives not to mention their potential to wreak havoc on an entire country.

Fortunately, we have security measures like firewalls, which prevent bad actors from gaining unwanted access to networks.

Preventing your internet from crashing isn't the only positive you can gain from a network firewall. There are also customizable uses for firewalls, like blocking inappropriate online content from your children.

Here's what you need to know about firewalls, including how they work and why they're important.

A firewall is like a bouncer for your internet activity, creating a security barrier between your home network and unwanted intrusion from the internet at large.

Firewalls can be cloud-based, or they can be a physical piece of hardware that you buy and connect to your modem and router. (For the most part though, modems and routers will come with pre-implemented firewall technology.)

If you've ever tried to set up your own server with port forwarding, for instance, you may have been foiled by your router's firewall.

Your computer will also in all likelihood come with its own proprietary firewall, like the Windows Defender Firewall that comes installed on Windows PCs.

There are many types of firewalls, but the gist of how they work is similar: a firewall works by closing your network off by default to most internet traffic, or at the very least, requesting your permission before allowing the traffic in.

Among the distinct forms and types of firewalls in use today, the following are some of the most common.

Having some kind of firewall as a line of defense for your home network has become increasingly important as more devices are internet-enabled. After all, you don't want to worry that your porch's smart light bulb which you installed as a means to dissuade burglars is creating a cybersecurity loophole in your network.

There are benefits beyond security as well: A properly configured firewall can keep your internet running more quickly by routing traffic more efficiently.

Finally, a firewall can also be programmed to act as a content moderator for kids by restricting their access to certain websites. Those sorts of settings won't be standard for a firewall, but can be configured with most of them.

Read more:
What is a firewall? Understanding the security measure that protects against cyber threats - Business Insider

Is the Internet (Briefly) Breaking a Sign of Things to Come? – Vanity Fair

At one point during Tuesday mornings brief global internet outage, The Guardian was covering it solely via Twitter thread. Thus ends my uncomfortable 50 minute period of being the only person in the entire newspaper capable of publishing content, tech reporter Alex Hern tweeted once the site came back onlineat least for him, he noted, as scattered disruptions continued to plague some of the worlds biggest online news platforms, as well as the UK governments home page, some Amazon sites, and streaming services like Hulu and HBO Max. The Verge pivoted to Google Docs to share the news with readers (and briefly forgot to restrict the documents editing abilities, allowing random people to chime in before editors realized what was going on). Were all on pins and needles right now, CNN New Day co-anchor John Berman told his colleague Brian Stelter, who popped onto the program this morning to address the baffling failure as CNNs own website, along with several other publishers, went dark. Right now no indication that this is a cyberware or ransomware attack, but it is one of the most widespread web outages that I have ever seen, said Stelter, CNNs chief media correspondent.

Early risers signing on to check the latest from major online outlets including the New York Times, the Financial Times, BBC, and Cond Nast-owned sites like Reddit and Vanity Fair were greeted with unusual error messages amid the temporary but massive crash, which, as of now, doesnt appear to be rooted in anything malicious. The outage seemed to stem from a problem at Fastly, a content-delivery network (or CDN) that many large companies use to speed up loading times for websites and enhance reliability, among other services, according to the Guardian. Just before 6 a.m. Eastern on Tuesday, the cloud computing provider acknowledged a service issue that had caused disruptions and, about an hour later, stated on its website that the issue has been identified and a fix has been applied.

Fastly-supported apps such as Spotify, Pinterest, and Twitch were among other sites and apps impacted; Twitter, PayPal, and Etsy also experienced problems, according to the Times. Madeline Carr, the director of the Research Institute for Sociotechnical Cyber Security, told the Times there does need to be a level of accountability for companies that provide the infrastructure for websites, since so many rely on it. In the last generation of cybersecurity, it was about ensuring websites were protected or had adequate security, she said, but when youre talking about something like Fastly, in a sense it doesnt matter how secure your own website is.

The sweeping outage comes on the heels of a ransomware attack that last month caused a multi-day shutdown of Americas largest fuel pipeline, which is why, as Berman noted, cybersecurity concerns were among the immediate reaction to Tuesdays crash. But even with no apparent foul play involved, that a glitch at one San Francisco-based technology firm took down huge sites in dozens of countries reflects the reliance that the most popular pages on the internet have on a few big technology firms to help them distribute content and host users, Bloomberg reports. As Stelter noted, This is the internet infrastructure, and when the lights flicker, it has global effects.

More Great Stories From Vanity Fair

The Lab-Leak Theory: Inside the Fight to Uncover COVID-19s Origins Ben Crump Is Thriving in Bidens Washington Why Its Not a Great Time to Be Matt Gaetz AOCs Endorsement Could Change the NYC Mayors RaceBut It May Never Come Trump Has Been Telling People Hes Going to Be President Again Is Juan Williamss Exit From The Five Thanks to a Greg Gutfeld Blood Feud? Republicans Reason Not to Want to Investigate January 6: Theyre to Blame Trumps Inner Circle Is Scrambling at the Likelihood of Criminal Charges From the Archive: 60 Minutes Is Going Down

Not a subscriber? Join Vanity Fair to receive full access to and the complete online archive now.

Originally posted here:
Is the Internet (Briefly) Breaking a Sign of Things to Come? - Vanity Fair