[CyberMDX in StreetInsider.com] Frost & Sullivan Recognizes CyberMDX as the Leader in Medical Devices and Assets Security Technology Innovation

According to the Frost & Sullivan report, “CyberMDX demonstrates thought leadership, technical excellence, and a unique customization ability to strengthen healthcare security through its platform. It also empowers the continuous discovery of medical devices and intelligent micro-segmentation policies and responses during cyberattacks.”

Read more here.

The post [CyberMDX in StreetInsider.com] Frost & Sullivan Recognizes CyberMDX as the Leader in Medical Devices and Assets Security Technology Innovation appeared first on OurCrowd Blog.

OurCrowd Blog

Sternum raises $6.5M Series A on its IoT security bet

If we have learned anything from the mass production of cheap internet-connected devices it is that security was an afterthought. Default passwords are the norm and security flaws aren’t patched, leaving entire fleets of smart devices vulnerable to attack.

But one Israeli security startup is taking a different approach to protect vulnerable Internet of Things devices.

Sternum, headquartered in Tel Aviv, provides an embedded integrity verification technology, known as EIV, which verifies that the app hasn’t been maliciously altered in some way. Its technology detects code vulnerabilities to prevent attacks before they are exploited. Its advanced detection system, or ADS, brings real-time threat detection, allowing companies to respond to attacks in real time.

It’s a novel idea for when there is no other way to secure a vulnerable device.

Earlier this year, Sternum was first with a fix for a new wave of vulnerabilities that hit millions of Internet of Things devices. Dubbed Ripple20, the vulnerabilities allow hackers to hijack potentially hundreds of millions of affected devices.

“Patching vulnerabilities is an endless game,” Sternum’s founder and chief executive Natali Tshuva told TechCrunch.

“Unlike many other solutions, we are not focused on patching every vulnerability on a device. We are solely focused on the exploitation stage, or the point at which the hacker takes advantage of a vulnerability to execute an attack,” she said.

Tshuva’s roots are as a security researcher, where she found several previously undiscovered vulnerabilities in Linux, Android and other embedded systems.

“I realized that there are real technological and market challenges to securing these devices properly,” she told TechCrunch. “I wanted to apply my know-how in cybersecurity, research, product and managing talented R&D teams to create innovative solutions that will truly solve the problem, end-to-end.”

It’s a bet that’s paying off.

The company revealed its $ 6.5 million Series A round, the company announced Tuesday. The round was led by Square Peg with participation from Merle Hinrich and European venture firm BTOV.

Philippe Schwartz, a partner at Square Peg, said he was “impressed with Sternum’s innovative products and diverse team, whose technologies will power our connected future with uncompromising security protection and rich, data-driven insights.”

Startups – TechCrunch

HacWare wants you to hate email security a little less

Let’s face it, email security is something a lot of people would rather think less about. When you’re not deluged with a daily onslaught of phishing attacks trying to steal your passwords, you’re also expected to dodge the simulated phishing emails sent by your own company all for the sake of checking a compliance box.

One security startup wants that to change. Tiffany Ricks founded HacWare in Dallas, Texas, in 2017 to help bring better cybersecurity awareness to small businesses without getting in the way of the day job.

“We’re trying to show them what they don’t know about cybersecurity and educate them on that so they can get back to work,” Ricks told TechCrunch, ahead of the company’s participation in TechCrunch’s Startup Battlefield.

Ricks, a former Pentagon contractor, has her roots as an ethical hacker. As a penetration tester, or “red teamer,” she would test the limits of a company’s cybersecurity defenses by using a number of techniques, including social engineering attacks, which often involves tricking someone into turning over a password or access to a system.

“It was just very easy to get into organizations by social engineering employees,” said Ricks. But the existing offerings on the market, she said, weren’t up to the task of educating users at scale.

“And so we built the product in-house,” she said.

HacWare sits on a company’s email server and uses machine learning to categorize and analyze each message for risk — the same things you would look for in a phishing email, like suspicious links and attachments.

HacWare tries to identify the most at-risk users, like those working in finance and human resources, who are more vulnerable to business email compromise attacks that try to steal sensitive employee information. The system also uses automated simulated phishing attacks using the contents of what’s in a user’s inbox already to send personalized phishing emails to test the user.

Email remains the most popular way for attackers to use phishing and other social engineering attacks to try to steal sensitive information, according to Verizon’s annual data breach report. These attackers want your passwords or to try to trick you into sending sensitive documents, like employee tax and financial information.

But as the adage goes, humans are the weakest link in the security chain.

Stronger security features, like two-factor authentication, makes it far more difficult for hackers to break into accounts but it’s not a panacea. It was only in July that Twitter was hit by a devastating breach that saw hackers use social engineering techniques to trick employees into giving over access to an internal “admin” tool that the hackers abused to hijack high-profile accounts and spread a cryptocurrency scam.

HacWare’s approach to email security appears to be working. “We’ve seen a 60% reduction in reducing phishing responses,” she said. The automated phishing simulations also help to reduce IT workload, she said.

Ricks moved the bootstrapped HacWare to New York City after securing a place in Techstars’ accelerator program. HacWare is seeking to raise a $ 1 million seed round, said Ricks. For now, the company is “laser focused” on email security, but the company has growth in its sights.

“I see us expanding into just trying to understand human behavior and trying to figure out how we can mitigate that risk,” she said.

“We believe that cyber security is an integrated approach,” said Ricks. “But first we definitely need to start with the root cause, and the root cause is we need to really get our people the tools they need to empower them to make sound cybersecurity decisions,” she said.

Startups – TechCrunch

[NanoLock in Total Telecom] OPTAGE and NanoLock to Enable Nationwide IoT Security in Japan

 NanoLock Security, the market leader of ironclad protection for IoT and connected edge devices, today announces its commercial collaboration with OPTAGE, a leading Japanese service provider and subsidiary of the Kansai Electric Power Company to power a new nationwide service offering to cyber-protect, update, and manage connected devices across Japan.

Read more here.

The post [NanoLock in Total Telecom] OPTAGE and NanoLock to Enable Nationwide IoT Security in Japan appeared first on OurCrowd Blog.

OurCrowd Blog

[NanoLock in PR Newswire] OPTAGE and NanoLock to Enable Nationwide IoT Security in Japan

 NanoLock Security, the market leader of ironclad protection for IoT and connected edge devices, today announces its commercial collaboration with OPTAGE, a leading Japanese service provider and subsidiary of the Kansai Electric Power Company to power a new nationwide service offering to cyber-protect, update, and manage connected devices across Japan.

Read more here.

The post [NanoLock in PR Newswire] OPTAGE and NanoLock to Enable Nationwide IoT Security in Japan appeared first on OurCrowd Blog.

OurCrowd Blog

[Morphisec in PR Web] SANS Institute Examines Intuitive Endpoint Security with a Review of Morphisec

Morphisec, the leader in Moving Target Defense, today announced the release of “Intuitive Endpoint Security: A SANS Review of Morphisec,” a whitepaper review of Morphisec’s intuitive and responsive solution to endpoint protection by the SANS Institute.

Read more here.

The post [Morphisec in PR Web] SANS Institute Examines Intuitive Endpoint Security with a Review of Morphisec appeared first on OurCrowd Blog.

OurCrowd Blog

[Kenna Security in Security Informed] Kenna Security Announces David La France As Vice President Of Engineering To Overcome Cultural And Engineering Challenges

Kenna Security, the enterprise provider in risk-based vulnerability management, has hired David La France to be its new vice president of engineering. In that role, he will oversee Kenna’s development, architecture, quality assurance, systems, reliability, program management, and documentation.

Read more here.

The post [Kenna Security in Security Informed] Kenna Security Announces David La France As Vice President Of Engineering To Overcome Cultural And Engineering Challenges appeared first on OurCrowd Blog.

OurCrowd Blog

[Kenna Security in GlobeNewswire] Kenna Security Adds David La France as Vice President of Engineering

Kenna Security, the enterprise leader in risk-based vulnerability management, has hired David La France to be its new vice president of engineering. In that role, he’ll oversee Kenna’s development, architecture, quality assurance, systems, reliability, program management, and documentation. “Dave is that rare talent that understands both the cultural and engineering challenges that companies face during high growth phases,” said Karim Toubba, CEO of Kenna Security. “He’s a strong contributor who can make an immediate impact in leading our engineering team and driving success for our business.”

Read more here.

The post [Kenna Security in GlobeNewswire] Kenna Security Adds David La France as Vice President of Engineering appeared first on OurCrowd Blog.

OurCrowd Blog