Cyber threats continue to escalate in new ways, especially with new nation-state alliances that are in opposition to NATO countries cyber defenses.

Consider this article from the past week in the Wall Street Journal: Russia Supplies Iran With Cyber Weapons as Military Cooperation Grows. Heres an excerpt:

Russia is helping Iran gain advanced digital-surveillance capabilities as Tehran seeks deeper cooperation on cyberwarfare, people familiar with the matter said, adding another layer to a burgeoning military alliance that the U.S. sees as a threat.

Russia and Iran both have sophisticated cyber capabilities and have long collaborated with each other, signing a cyber-cooperation agreement two years ago that analysts said focused mostly on cyber-defense networks. Moscow has long resisted sharing digital-offensive capabilities with Iran in the past, for fear they will end up being sold later on the dark web, the people said.

Last September, I described how NATO countries were being hit with unprecedented cyber attacks. But this trend has been growing for much longer, and cyber attacks are now accelerating rapidly due to a more coordinated effort from NATOs enemies.

Since 2014, closer ties between China and Russia have attracted speculation about whether the relationship will continue to deepen into an alliance. The 2015 Sino-Russian cybersecurity deal seemed to mark further Sino-Russian cooperation another arenacyberspace. The pact has two key features: mutual assurance on non-aggression in cyberspace and language advocating cyber-sovereignty.

If this pact is merely treated as a non-aggression pact, then Sino-Russian cybersecurity cooperation has a similar pattern to their overall relationship, which appears to be intimate but is actually problematic. However, looking past the non-aggression elements of the pact illuminates the key element of the agreementChina and Russias pronounced support for the concept of cyber-sovereignty. The support for cyber-sovereignty echoes the centerpiece of Sino-Russian cooperation in the general termsa challenge to US dominance in the international system.

Fast-forward to 2020 for this piece in War on the Rocks: Peering into the Future of Sino-Russian Cyber Security Cooperation. Heres a passage from that:

Beijing and Moscow have long wanted to control their domestic internets. Now they are working together to remake global cyberspace in their own image. The two launch widespread cyber operations that threaten U.S. interests, and they want to reshape the internet to reduce U.S. influence. Chinese hackers have mounted a long campaign to steal intellectual property, as well as military and political secrets, and are a growing threat to U.S. critical infrastructure. Russian hackers pose the threat of cyber espionage, influence operations, and attacks on the infrastructure of the United States and its allies. Moreover, China and Russia have over the past five years worked together to tighten controls on their domestic internet and promoted the idea of cyber sovereignty to diminish U.S. sway over the global governance of cyberspace.

Over the next decade, China and Russia are likely to continue close technical and diplomatic cooperation. Beijing now appears more willing to adopt information operations techniques historically associated with Russian actors to shape the narrative on the responsibility for and response to the COVID-19 pandemic, but the two sides are unlikely to coordinate on offensive cyber operations. To counter these efforts, policymakers should revitalize U.S. cyber diplomacy, providing an alternative framing to cyber sovereignty and building a coalition of like-minded partners to define and enforce norms of behavior in cyberspace.

Moving to 2021, we get a report from the international journal Contemporary Chinese Political Economy and Strategic Relations entitled, Cybersecurity Cooperation between Russia and China: Prospects and Problems. It covers strategic and tactical steps by China and Russia to strengthen their technology and cybersecurity cooperation at many levels.

Early this year, Cyber News offered a report entitled, Cybercrime from Russia and China: what can we expect next?:

In a recently published study of both nations, whimsically titled The Bear and the Dragon, global cybersecurity analyst Cybersixgill highlights an increased tendency for independent threat actors that is to say, ones not working for partisan groups such as Killnet or Dragonbridge to share expertise.

While these two ecosystems have historically remained separate, recently, the Russian and Chinese cybercriminal worlds seem to have collided, said Cybersixgill. Late last year, a limited-access Russian-speaking cybercriminal forum resurfaced on the underground after a turbulent shutdown in October this time, with a notable Chinese presence.

It cited apparent efforts by the forums administrators to enlist Chinese threat actors to their underground community, making sweeping changes to the forums interface to make it more accessible to both Mandarin- and English-speaking users.

Chinese recruits to the dark web platform were encouraged to participate in conversations, share tips, and collaborate with Russian counterparts on future attacks.

Finally, bringing us into late March 2023, the Atlantic Council published a report with the headline Xi and Putin just wrapped up talks in Moscow: What does it mean for the war in Ukraine and Chinas global standing?

They wrote: Its a friendship testing the limits. Chinese leader Xi Jinping left Russia on Wednesday after three days of talks with Russian President Vladimir Putin, in which Putin endorsed Chinas 'peace plan' for Ukraine and the two leaders stressed the need to 'respect legitimate security concerns of all countries' to end the war a talking point Russia has used to blame NATO and legitimize its war of aggression. What did this visit do for Putins international standing? What role might China play in the war? How should Washington view this partnership? Below, our experts cut through the pageantry and diplomat-speak.

TechSpot just published an article that explains how Russia and China want to become world leaders in tech, security, andAI. Thy describe how Russian President Vladimir Putin and China leader Xi Jinping agreed on several items in their recent summit, and the agreement: The presidents agreed to form new models of cooperation in industries such as artificial intelligence, Internet of Things, 5G, digital economy, and low-carbon economy. Technological sovereignty is the key to sustainability. We propose further improving strategic partnerships in specific industries. By combining our wealth of research capacity and industrial capabilities, Russia and China can become world leaders in information technology, cyber security, and artificial intelligence.

This YouTube video shows how even India is concerned about recent cybersecurity collaboration agreements between Russia and China:

The recent federal government discussions regarding a ban on TikTok and other Chinese or Russian companies from doing business in the U.S. is another example of the tensions that are rising at the moment.

Bottom line, the simultaneous challenges that include the war in Ukraine, cooperation between NATO enemies in cyberspace and hostile nation-state collaboration with cyber criminals is leading to an increased risk profile for cyber defenders in the U.S. and within NATO over the next decade. The global cyber temperature is rising, and the stakes have never been higher.

State and local governments need to visit the CISA Shields Up website to learn more about the latest cyber threats impacting their sectors and what they can do about them.

Original post:
Growing Nation-State Alliances Increase U.S. Cyber Risks - Government Technology

Objective: leadership in the digital industrial transformation market with advanced cybersecurity solutions for IT/OT (Information Technology/Operational Technology) infrastructures in the energy, oil & gas, and industrial sectors

The objective of the MoU (Memorandum of Understanding) signed by Leonardo and Siemens Digital Industries is an integrated offer of advanced cybersecurity solutions for IT/OT technologies (Information Technology/Operational Technology), which is dedicated to digital, secure, connected and integrated industrial infrastructures.

The agreement was created within a partnership between the two companies with the aim of bringing together specific development skills of services and solutions, which are aimed at protecting the IT/OT infrastructure (infrastructures with dedicated hardware and sofware devices) of industrial sites. The main area of intervention will concern the resilience against accidents and cyber attacks to automation and connectivity systems that monitor and supervise assets, equipment and processes of critical infrastructures.

With the growing use of digitization, energy and industrial plants are increasingly interconnected and distributed: a revolution that offers opportunities in terms of competitiveness and sustainability. However, this requires particular attention to issues surrounding cyber security. An IT attack on the "cyber-physical" systems of critical infrastructures can in fact have serious repercussions on the availability of essential services for citizens and their own safety. The collaboration between Leonardo and Siemens will allow for complete protection: from threat intelligence; the detection of cyber threats to OT infrastructures; to their protection, both with attack monitoring and management services based on the experience of Leonardo's Global Security Operation Center, with the integration of Siemens technological systems of products for the prevention and response to incidents concerning individual connected devices (endpoint protection).

"Thanks to this agreement, Leonardo and Siemens can create new synergies based on complementary technologies and skills, with the aim of jointly developing solutions capable of responding more effectively to the growing cybernetic challenges in the industrial and energy sector", said Alessandro Profumo, Leonardo's Chief Executive Officer. "In this regard, Leonardo's evolutionary path traced to the Be Tomorrow 2030 strategic plan continues, the aims of which are to make our company the cornerstone of a technological ecosystem capable of protecting the safety of citizens and promoting, together with institutions and partners, the country's long-term competitiveness".

We are very satisfied with this partnership which focuses on cybersecurity, an essential factor for the development of a secure and reliable digital economy. With innovative technology that combines the real and digital world in order to guarantee security, protecting comapnies know-how and their productivity, we help them to be more competitive. Together with Leonardo, we combine their undoubted ability to integrate systems with our technology, creating a unique synergy and proposal to the market. Our goal, therefore, is to create further value for the Italian industry and help our country in its digital transformation, said Giuliano Busetto, Head of Siemens Digital Industries.

The agreement provides an integrated commercial proposition both with joint solutions and with proprietary products and services of the two companies, to meet the needs of the oil & gas, energy, and industry markets. The agreement also regulates cyber security training, with a catalogue of courses dedicated to the OT sector, which will be able to take advantage of the platforms and infrastructures of Leonardo's Cyber & Security Academy.

The technological solutions created will also be able to become part of Xcelerator, Siemens' open digital platform, which includes a complete portfolio of hardware, software and digital services enabled for the Internet of Things (IoT).

Leonardo, a global high-technology company, is among the top world players in Aerospace, Defence and Security and Italys main industrial company. Organized into five business divisions, Leonardo has a significant industrial presence in Italy, the United Kingdom, Poland and the USA, where it also operates through subsidiaries that include Leonardo DRS (defense electronics), and joint ventures and partnerships: ATR, MBDA, Telespazio, Thales Alenia Space and Avio. Leonardo competes in the most important international markets by leveraging its areas of technological and product leadership (Helicopters, Aircraft, Aerostructures, Electronics, Cyber & Security Solutions and Space). Listed on the Milan Stock Exchange (LDO), in 2021 Leonardo recorded consolidated revenues of 14.1 billion and invested 1.8 billion in Research and Development. The company has been part of the Dow Jones Sustainability Indices (DJSI) since 2010 and has been confirmed among the global sustainability leaders in 2022. Leonardo is also included in the MIB ESG index.

Siemens Digital Industries (DI) is an innovation leader in automation and digitalization. Closely collaborating with partners and customers, DI drives the digital transformation in the process and discrete industries. With its Digital Enterprise portfolio, DI provides companies of all sizes with an end-to-end set of products, solutions and services to integrate and digitalize the entire value chain. Optimized for the specific needs of each industry, DIs unique portfolio supports customers to achieve greater productivity and flexibility. DI is constantly adding innovations to its portfolio to integrate cutting-edge future technologies. Siemens Digital Industries has its global headquarters in Nuremberg, Germany, and has around 76,000 employees internationally.Siemens AG (Berlin and Munich) is a technology company focused on industry, infrastructure, transport, and healthcare. From more resource-efficient factories, resilient supply chains, and smarter buildings and grids, to cleaner and more comfortable transportation as well as advanced healthcare, the company creates technology with purpose adding real value for customers. By combining the real and the digital worlds, Siemens empowers its customers to transform their industries and markets, helping them to transform the everyday for billions of people. Siemens also owns a majority stake in the publicly listed company Siemens Healthineers, a globally leading medical technology provider shaping the future of healthcare. In addition, Siemens holds a minority stake in Siemens Energy, a global leader in the transmission and generation of electrical power.In fiscal 2022, which ended on September 30, 2022, the Siemens Group generated revenue of 72.0 billion and net income of 4.4 billion. As of September 30, 2022, the company had around 311,000 employees worldwide. Further information is available on the Internet at http://www.siemens.com. In Italy Siemens has its headquarters in Milan. It has global competence centers on electric mobility and smart grid, industrial software, smart building as well as Digital Enterprise Experience Center (DEX). Committed to Education, the company carries out annual training initiatives aimed at students in High Technical Institutes and STEM undergraduates, boasts collaborations with universities, ITS Angelo Rizzoli and ITS Lombardia for New Mechanical and Mechatronic Technologies. It is a founding member of the Milan Polytechnic Foundation. For more information, visit http://www.siemens.it

See the article here:
Leonardo and Siemens collaborate on a new integrated offer ... - Leonardo

2022 was an unforgettable year of events that impacted people and organizations around the world. It included the tail-end of COVID-19 upheavals, a rise in cyber incidents, increasingly extreme weather, the war in Ukraine, and much more. It seemed like organizations faced a new crisis every week that challenged their people, supply chains, and IT systems to be even more resilient than they already are.

So, what did we learn about managing it all?

To find a few answers, I spoke with BlackBerry AtHoc Vice President of Product and Services Ramon Pinero. With a career in critical event management (CEM) spanning more than 20 years, I knew he'd be able to provide a unique take on the major CEM-related trends of 2022.

The following are Ramons comments from our conversation.

The increase in cyber incidents during the pandemic had a negative impact on already-stretched IT teams, so it wasnt surprising that by 2022 there was an increase in investment in cybersecurity. This coincided with the expansion of the jurisdiction for business continuity professionals. Those same individuals responsible for keeping people safe during the pandemic had to incorporate cyber incidents into their plans, something not traditionally in their wheelhouse. However, given the brand reputation damages that can result from a cyberattack, including the impact on revenue and the effects on people and morale, it's understandable that business continuity departments are now incorporating cyber into their playbooks.

This also factors into something that began before 2022: The expansion of ITs jurisdiction puts it on a collision course and an eventual convergence with security. When we think of security within an organization, we often think of physical models: badge access, fire suppression, workplace violence or theft, and cameras and monitoring for suspicious activity. Cybersecurity coming under the umbrella of security overall has manifested in an internal struggle with budgets. Who owns it? Security and facilities?

Where we once kept Physical Security Operation Centers (PSOC) and Cyber Security Operation Centers (CSOC) separate, we saw these moving closer together in 2022. Where they fully merged, we created the Global Security Operation Center (GSOC). The GSOC has the ultimate responsibility for employee safety: facilities, security, and now cybersecurity, too. Secure communications solutions need to be comprehensive in scope, and security-focused organizations learned in 2022 just how valuable CEM solutions that address that full spectrum really are.

Extreme weather events are more frequent, and the impacts are increasing. In September 2022, Hurricane Ian pounded Florida. We had parts of the Gulf Coast's weather systems affecting the Eastern Seaboard and witnessed heat and wildfires on the West Coast. If you can't get to work because of weather conditions, or you're unable to work from home because the weather interrupted the internet connection, that's a significant productivity hit.

I think those organizations most impacted in 2022 were simply not as prepared as the ones who've already experienced those types of situations. Whats exacerbating the impact of these outages is that so much of our work relies on our connectivity, and that's almost the first thing to go. In the past, we would drive to work, sit at a desk, and use paper. We werent so reliant on being connected digitally across the globe. Critical event management and public safety alert systems need to work even when internet connectivity is down; for many solutions, thats a challenge.

Last year there was an improvement in mass notification awareness to keep people safe, driven by the war in Ukraine and regulatory enactments occurring in the European Union (EU). Here in the United States in California, I grew up getting my Saturday morning cartoons interrupted by Emergency Broadcast System tests. While many member states in the EU dont really have nationwide emergency mass notification systems, there's a growing call for them now. Were seeing newer technologies that can achieve that, like cell broadcasts and location-based SMS, to get the word out.

I think we became safer in 2022 despite everything going on because weve seen more organizations making deeper investments in CEM.

Unfortunately, people are still falling through the gaps. There are many places in rural communities that still need broadband access and better and more resilient cellular access available in emergency conditions. This is why BlackBerry invests in technologies that integrate with legacy forms of mass notifications, like sirens. For instance, I live in Northern California and there's a tsunami warning system installed every few miles along the coast.

More granularly, employers do have a duty to keep their employees safe during the workday. I know there are teams that accept 'good enough.' They ask: Why do I need a critical event management system when I can just blast an email or text message to my staff? This approach is risky for both the business and its people because there is no structure, no consistency, and no accountability. Theres not even a guarantee a message has been received, understood, or acted upon. Doing only the minimum without a fully-fledged system and defined plans isnt a viable safety strategy.

Id like to thank Ramon for his insights on the evolving state of CEM.In the coming weeks, well speak to other CEM experts about what they believe the industry can expect in 2023.Emergencies and business disruptions happen. Its how you prepare and respond to them that determines their impact.To discover how customers using BlackBerryCEM solutions are able to deploy their response teams faster and enable them to better prepare for, respond to, and recover from critical events more quickly, talk to a BlackBerry expert now.

Go here to see the original:
CEM in 2022: Another Big Learning Curve - BlackBerry Blog

Xponance Inc. has positioned itself for potential gains in Zscaler, Inc. by increasing its stake in the company during the fourth quarter of last year, according to their 13F filing with the SEC. The firms holdings in Zscaler now amount to 11,436 shares valued at $1,280,000 as of their most recent filing.

Zscaler is a cloud-based internet security platform that provides a range of services including Zero Trust Exchange and Zscaler Internet Access. Founded by Jagtar Singh Chaudhry and Kailash Janakiraman, the company has a market capitalization of $15.05 billion with a price-to-earnings ratio of -45.30 and a beta of 0.85.

Despite opening at $103.74 on Friday, which represents a 52-week low for the stock, Zscalers moving average prices have been higher over both 50 and 200 days. Further metric analysis reveals an impressive quick ratio and current ratio indicating favorable liquidity ratios for the company.

Xponances position increase could prove to be astute as industry experts predict growth within the cybersecurity sector over the next few years due to increasing cyber threats and data breaches worldwide. As businesses continue to rely on digital solutions such as cloud computing and remote-working software, investing in companies that provide secure internet access may continue to be an attractive option for investors seeking long-term gains.

Overall, Xponances move demonstrates confidence in Zscalers business strategy while also positioning themselves well during this period of potential cybersecurity industry growth. While variables such as market competition and cybersecurity trends remain factors that investors must consider before making investment decisions, this move by Xponance exhibits confidence in Zscalers future success.

Zscaler, a leading cloud security company, has seen recent activity from institutional investors and insiders. Institutional investors have been adding or reducing their stakes in the companys stock. International Assets Investment Management LLC boosted its stake by 2.7%, Flagship Harbor Advisors LLC by 3.4%, Huntington National Bank by 29.8%, Brown Advisory Inc. by 2.3%, and ICICI Prudential Asset Management Co Ltd by 23.8%. In total, institutional investors and hedge funds own 45.33% of the stock.

The company has also seen insider selling activity, as Robert Schlossman sold 3,645 shares for $389,249.55 on March 16th and now owns 132,553 shares valued at $14,155,334.87. COO Dali Rajic sold 5,638 shares worth $602,082.02 on the same day and now owns 291,182 shares valued at $31,095,325.78.

Equities research analysts have issued several reports on Zscalers stock with ratings ranging from Moderate Buy to Strong Buy. Deutsche Bank Aktiengesellschaft lowered their target price to $140 from $190 while Wedbush reduced their price target from $180 to $150 based on data compiled from Bloomberg.com.

Zscaler focuses on cloud network security through its Zero Trust Exchange platform that securely connects users to applications without exposing them to risks traditionally associated with remote access solutions.

As cloud computing grows more popular among businesses worldwide due to its economic efficiency and consolidated operational approach therein lays a long-term opportunity for firms like Zscaler that specialize in protecting enterprises sensitive data stored off-premises through dedicated facilities with secure networks providing tangible advantages over less secure public connections.

In conclusion, Zcaler is slowly making its mark as it continues to reshape the cybersecurity market through innovation and making cloud computing safe for businesses.

See the article here:
Xponance Inc. Increases Stake in Zscaler, Inc. Amid Predicted ... - Best Stocks