April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

IT Security

Partnership incorporates iSign biometic technology into AAEON rugged tablets

Anderson

LACEY, WA Jan. 2, 2017 AAEON and iSign Announce Partnership Enabling Rugged Tablet Computers with Biometric Signature Technology

AAEON Electronics, Inc., a leading manufacturer of rugged tablet computers, and iSign International Inc., a leader in biometric signature security solutions, today announced a technology partnership agreement. The partnership is a perfect marriage of AAEON’s rugged tablets and an unrivaled enterprise IT security solution for mobile device access. The biometric signature solution works on all of AAEON’s IP65 certified and MIL-STD-810G rugged tablet touch screens without the additional cost of optional biometric hardware. iSign’s technology is 99.999% secure and meets the most stringent mobile enterprise security standards.

AAEON rugged tablets range in size from 5.7” to 11.6” and offer a variety of optional accessories. The iSign software agent installs on the tablet and secures access to the device without the need for network connectivity. It automatically learns your biometric signature over time. The more you sign in to the device, the more accurately it recognizes a signature. IT policies can be configured for remote alerts and lock-down. Other security features includes iSign’s 2048 bit encryption, Dynamic PKI, and a proprietary GPS-based Biometric Signature.

“AAEON is extremely excited about this strategic partnership with iSign International” said Chuck Anderson, National Sales Manager of AAEON Electronic’s Rugged Mobile Division. “iSign’s biometric signature technology bundled with AAEON’s best-in-class rugged tablets is an affordable security solution for mobile device user verification. Securing corporate data and applications continues to be the #1 challenge for Enterprise IT mobile management. We’ve eliminated traditional biometric authentication hardware and complex VPN services while maintaining a 99.999% secure mobile platform.”

According to a Juniper Research report1 published in January, over 600 million mobile devices will have some form of biometric authentication by 2021, up from an estimated 190 million in 2016. The new research found that use cases for biometrics will transition from identification to verification where the biometric is stored on-device and alert notifications are sent to a service. A recent GCN article2 about mobile biometric authentication indicates that fingerprint and facial recognition biometrics are vulnerable. They can not only be hacked but have other cybersecurity vulnerabilities that include untrusted user interfaces and malware.

"iSign is excited to partner with a leading hardware manufaturer of rugged mobile devices" said Thien Pham, Chief Technology Officer. "iSign's unique approach to digital security with artificial intelligence allows us to create a cybersecurity game changing solution stack with unsurpassed protection against hacking."

About AAEON Electronics, Inc.

Established in 1992, AAEON is the industrial and embedded computing division of The ASUS Group of companies. Committed to innovative engineering, AAEON provides reliable, long-life computing platforms. These platforms include rugged tablets, industrial motherboards and systems, industrial displays, embedded controllers, network appliances, and integration services. As an Associate Member of the Intel® Internet of Things (IoT) Solutions Alliance, AAEON offers customized end-to-end services from initial product concept to board product design to mass manufacturing and after-sales service programs. AAEON is also a GSA government contract holder (#GS-35F-0470Y) serving Federal, State & Local government sectors. For more information on AAEON’s extensive breadth of products and services, please visit http://www.aaeon.com/.

About iSign International, Inc.

Established in 2016, iSign International is a private Texas corporation which has developed an original cyber security technology combining biometric signature recognition and projection, innovative devices pairing, Dynamic PKI encryption, GPS localization and univocal computer generated transactional password. iSign believes that its technology, which is covered by several patent pending claims, constitutes a game changing approach as it renders hacking practically impossible. Please visit http://www.isignintl.com to learn about our unsurpassed protection against hacking.

Crowley Government Services earns ISO/IEC certification

JACKSONVILLE, FL Dec. 28, 2016 Crowley Maritime Corp.’s government services group has achieved worldwide ISO/IEC 27001:2013 information security certification for enhancements made to the security of accessing, transmitting, processing and storing covered defense information related to its management of Military Sealift Command’s T-AGOS/T-AGM and BOBO vessels. ISO/IEC 27001:2013 is the most rigorous and recognized international standard for implementing and managing security controls to protect information assets. It complements the company’s existing ISO 9001, quality system and ISO 14001, environmental system certifications.

During the certification process, the American Bureau of Shipping (ABS) verified that Crowley had a robust framework in place to assess information security risks, identify threats and rapidly respond to any issues related to the fleet.

“This comprehensive standard, which includes regular follow-up surveillance audits, ensures our partners around the world that we have rigorous information security controls in place to protect the confidentiality, integrity and availability of Crowley’s information,” said Mike Golonka, vice president government services, Crowley. “We are pleased to expand our global framework to include this certification, which elevates the security standard for the maritime industry.”

Crowley’s global ship management group was originally awarded the contract for operation and maintenance of the T-AGOS/T-AGM fleet for the Military Sealift Command in December 2014 and for the BOBO fleet in August 2015. For the T-AGOS/T-AGM fleet of seven, Crowley provides personnel; operational and technical support (ashore and afloat); and equipment, tools, provisions and supplies. For the BOBO-class prepositioning fleet of six, Crowley provides full turnkey operation and management, including crewing, and scheduled and unscheduled repair and dry-dockings.

Over the past 124 years, Crowley has developed a portfolio of services to support the U.S. government’s operations both domestically and abroad. The team is led by industry and military-veterans who combine the technical and professional capabilities of the company to offer best-in-class operations, engineering, and contract management support. Crowley provides bundled vessel management solutions for Military Sealift Command; the Maritime Administration, as part of the Government's Ready Reserve Force (RRF) Program; and Naval Sea Systems Command. The group also provides other services including custodial services for vessels seized by U.S. government agencies; naval architecture and marine engineering; project management; specialized towing operations; specialty cargo moves; full transportation logistics; and a host of other offerings tailored specifically for the diverse needs of the government. For more information, visit Crowley.com/government.

For information on parent company, Crowley Maritime Corporation, its subsidiaries and business, visit http://www.crowley.com.

CACI earns ISO certification for IT infrastructure and security policies, practices

Mengucci

ARLINGTON, VA Dec. 21, 2016 CACI International Inc (NYSE: CACI) announced today that it has been certified for the International Organization for Standardization (ISO) 27001 credential for information security policies and practices. The enterprise-wide certification is independent verification that CACI’s internal corporate information technology (IT) infrastructure and information security policies and practices adhere to the best practices defined in the ISO standard. This is the second enterprise-wide ISO credential the company has received, having been certified for the ISO 9001:2015 quality management credential in May. CACI’s ongoing success in meeting industry-recognized standards reflects the company’s commitment to delivering excellence and high quality in all its solutions and services.

The ISO 27001 certification is earned on the basis of an external audit. Auditors examined every aspect of CACI’s internal information security policies and practices – those internal processes developed to ensure corporate information technology infrastructure and policies are secure and compliant. The certification defines requirements for information security management systems and serves as an industry-recognized measurement of effective policies and practices.

Receiving the ISO 27001 certification is key to CACI’s strategy for achieving compliance with the National Institute for Standards and Technology (NIST) Special Publication 800-171, the federal government’s set of requirements to safeguard covered defense information and cyber incident reporting. The NIST 800-171 is currently required for all Department of Defense contracts and is anticipated to become a government-wide requirement by 2017.

CACI Chief Operating Officer and President of U.S. Operations John Mengucci said, “The ISO 27001 certification, along with the ISO 9001:2015 certification announced in May, is a reflection of CACI’s commitment to ensuring our internal IT infrastructure and policies and practices meet the highest industry and government standards.”

Ken Asbury, CACI’s President and Chief Executive Officer, said, “This enterprise-wide certification, with its increased emphasis on information security policies and practices, is a testament to the excellence that we pursue at CACI as our constant goal. We are pleased at the recognition the International Organization for Standardization has given us, as it acknowledges CACI’s focus on our internal security.”

CACI provides information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. A Fortune magazine World’s Most Admired Company in the IT Services industry, CACI is a member of the Fortune 1000 Largest Companies, the Russell 2000 Index, and the S&P SmallCap600 Index. CACI’s sustained commitment to ethics and integrity defines its corporate culture and drives its success. With approximately 20,000 employees worldwide, CACI provides dynamic career opportunities for military veterans and industry professionals to support the nation’s most critical missions. Join us! www.caci.com.

Red Hat earns nine federal certifications for Linux 7.1

Smith

RALEIGH, NC Dec. 13, 2016 Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced that Red Hat Enterprise Linux 7.1 has received nine Federal Information Processing Standard (FIPS) 140-2 security certifications from the U.S. federal government’s National Institute of Standards and Practices (NIST). These certifications, achieved in 2016, emphasize Red Hat’s focus on delivering a more secure foundation for mission-critical systems, building upon Red Hat Enterprise Linux 7.1’s recent achievement of a Common Criteria security certification at Evaluation Assurance Level (EAL) 4+ as the first certified operating system to offer Linux Container Framework Support.

The FIPS 140-2 certification program is a joint initiative between the U.S.-based National Institute for Standards and Technology (NIST) and the Communications Security Establishment (CSE) for the Government of Canada. This internationally recognized certification is mandated by national agencies in the U.S. and Canada and recognized in Europe and Australia. Information systems based on Red Hat Enterprise Linux 7 now have greater assurance that native cryptographic security systems, such as those used to encrypt data and provide more secure communications, have been formally evaluated to meet international cryptography standards.

Red Hat Enterprise Linux 7.1 has achieved FIPS 140-2 certification for the following modules:

 

  • OpenSSL
  • OpenSSH Server
  • OpenSSH Client
  • Libgcrypt
  • NSS
  • Libreswan
  • Kernel Cryptographic API
  • Kernel Cryptographic API with CPAFC
  • GnuTLS

The certified Red Hat Enterprise Linux 7.1 modules retain FIPS 140-2 certification when running on these hardware configurations:

  • HPE ProLiant DL380p Gen8 with PAA
  • HPE ProLiant DL380p Gen8 without PAA
  • IBM Power8 Little Endian 8286-41A
  • IBM z13 (single-user mode)

The U.S. Secretary of Commerce approves standards and guidelines that are developed by NIST for U.S. federal information systems. The FIPS 140 Publication Series coordinates the requirements and standards from cryptographic modules for hardware and software, and in order to achieve FIPS 140-2 validation, cryptographic modules are subjected to rigorous testing by independent, accredited test facilities.

The validation testing for today’s announcement was performed by atsec information security corporation’s Cryptographic and Security Testing Laboratory in Austin, Texas. atsec is an independent company with long-standing experience in international IT security standards.

Supporting Quotes

Paul Smith, vice president and general manager, Red Hat

“Protecting highly-sensitive data, from employee and customer financial data to national security details, is a critical need for modern IT departments, particularly those operating in the public sector. Red Hat understands the varied IT security needs of these organizations, and Red Hat Enterprise Linux’s FIPS 140-2 and Common Criteria EAL4+ certifications provide continued support of our commitment to deliver a highly-secure operating system for environments that require the strictest of protections.”

Yi Mao, manager, Cryptographic Security Test Laboratory, atsec information security

“Red Hat endeavors to keep assurances by having a third party lab working with them to perform code inspection and independent testing against rigorous standards in cryptography as well as product security. It has been a dramatic effort for Red Hat to take their stack of cryptographic libraries running on the operating system RHEL 7.1 through FIPS 140-2 validation. Their pursuit for greater security is demonstrated in the wide validation scope and deep understanding of security requirements, and we are honored to be Red Hat’s chosen lab for these FIPS 140-2 certifications and applaud their achievement.”

Additional Resources

Learn more about FIPS 140-2 compliance and Red Hat Enterprise Linux

Read more about Red Hat’s accredited and certified open source technologies

About Red Hat, Inc.

Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to provide reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As a connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT. Learn more at http://www.redhat.com.

Zenoss wins IT software contract with U.S. Air Force

Stock

AUSTIN, TX Dec. 14, 2016 Zenoss Inc., the leader in hybrid IT monitoring and analytics software, today announced that the company has been awarded the multisite software contract for the United States Air Force Distributed Common Ground System (DCGS). Under the contract, Zenoss will also provide software and services for extensibility and integration with key technologies including Cisco, VMware, EMC and Windows.

What is the US Air Force DCGS?

DCGS, also referred to as the AN/GSQ-272 Sentinel weapon system, produces military intelligence for multiple military branches. It is the Air Force’s key system for intelligence, surveillance and reconnaissance (ISR) information and is used for collection, processing and exploitation, analysis, and dissemination (PCPAD). The Air Force DCGS is currently composed of 27 regionally aligned, globally networked sites and is capable of providing worldwide, near-real-time simultaneous intelligence to multiple theaters of operation through a robust reach-back communications architecture.

The Zenoss Hybrid IT Monitoring Platform for the US Air Force DCGS

The multiyear contract calls for Zenoss to provide IT service assurance across security echelons. The Zenoss hybrid IT monitoring platform provides complete visibility into cloud, virtual and physical environments for secure federal agencies and public sector organizations.

“The United States military requires the most innovative IT products and services that ensure the highest levels of communication and coordination in support of its missions,” said Greg Stock, Chairman and CEO at Zenoss. “We are proud to partner with the US Air Force to deliver the most advanced hybrid IT monitoring and analytics solution for the one of the world’s most sophisticated weapon systems.”

About Zenoss

Zenoss works with the world's largest, most secure organizations to ensure their IT services and applications are always on. As the global leader in hybrid IT monitoring and analytics software, Zenoss provides complete visibility for cloud, virtual and physical IT environments. Zenoss customers gain IT performance and risk insights into their unique IT ecosystems through real-time analytics that adapt to the ever-evolving data center and cloud, enabling them to eliminate disruptions and accelerate business. Zenoss Service Dynamics is available for Amazon Web Services (AWS) GovCloud. For more information, visit www.zenoss.com.

Healthcare information organization chooses Prevalent Synapse, Churchill & Harriman to protect against cyber threats

WARREN, NJ Dec. 8, 2016 Prevalent, Inc., the leader in Third-Party Risk Management and Vendor Threat Intelligence, and Churchill & Harriman, the recognized leader in enterprise risk management and third-party risk assessments, today jointly announced that NH-ISAC has chosen the purpose-built Prevalent Synapse™ platform and Churchill & Harriman's risk assessment services for the third-party risk management element of its mission to protect the nation's critical healthcare infrastructure from physical and cyber threats.

"Third-party risk is a valid concern for any organization in the healthcare ecosystem," said Denise Anderson, NH-ISAC President. "We are excited to be working with Prevalent and Churchill and Harriman to leverage the NH-ISAC community and offer risk assessment services via CYBERFIT that are both efficient and affordable."

Prevalent's Synapse platform is purpose-built to minimize the burden of controls, information collection and distribution among members of vertical networks, delivering built-in workflows, network moderator functionality, and questionnaire and risk-scoring flexibility - all in a secure SaaS environment. Prevalent is bringing the experience built in its Legal, Higher Education, Asset Management, and Mortgage industry networks to NH-ISAC's CYBERFIT vendor network, leveraging not only its next generation platform developed on the foundation of that experience base, but also the network management experience unique to Prevalent.

"There's no substitute for experience," added Michael Wagner, Sr. Director of Johnson & Johnson and a member of the NH-ISAC Board of Directors. "While organizations have tried, none have delivered a vendor risk, evidence-sharing network for healthcare and the platform to run it. Prevalent is doing it today in multiple verticals."

"The security of our health system and the criticality of the data at risk makes what we are doing extremely important," continued Jonathan Dambrot, Prevalent CEO & Co-Founder. "It is an honor to be selected to participate in this groundbreaking effort with such prestigious partners. Working in conjunction with CYBERFIT and the NH-ISAC, we are creating a new model to reduce risk, reduce cost, and ensure members have the information they need to maintain security and compliance in our ever-interconnected environment."

In addition to Prevalent's next generation platform, CyberFit is also leveraging the expertise brought by the recognized Third-Party Risk Management leader Churchill & Harriman (C&H), who will contribute evidence analysis, vendor interaction, and evidence validation in the CYBERFIT network.

"The healthcare industry depends on C&H for thorough and complete third party risk assessments. With our focus on third-party risk management services, we have a unique perspective on the industry and the tools available from virtually all the software vendors," observed Ken Peterson, CEO and founder of C&H. "Prevalent is clearly the leader in network platform technology, delivering a proven product, validated by actual users."

For more information on the Synapse platform and the CYBERFIT network, contact [email protected]

About Prevalent

Prevalent is the leader in third-party risk management and cyber threat intelligence, helping global organizations manage and monitor the security threats and risks associated with third and fourth-party vendors. With the release of Prevalent Synapse™, organizations now have a purpose-built, unified platform that reduces both risk and cost in a shared assessment model, leveraging standardized content, automation, and threat intelligence. For more information regarding Prevalent, please visit www.prevalent.net, email [email protected] or call 877-PREVALENT.

About Churchill & Harriman

Churchill & Harriman (C&H) is a privately-held enterprise risk management consulting corporation. C&H is a trusted partner and advisor to industry leading consortiums, governing bodies and corporations, providing end-to-end enterprise risk management advisory services and solutions for multinational clients worldwide. For more information regarding Churchill & Harriman, please visit www.chus.com, email [email protected] or call 609-921-3551.

About NH-ISAC

NH-ISAC, a non-profit health sector-led organization is recognized by the nation's health sector, the US Department of Health and Human Services (HHS), the US Department of Homeland Security (DHS), the National Security Agency (NSA), FBI, and the National Council of ISACs (NCI Directorate) representing all national critical infrastructures. Headquartered at the Global Situational Awareness Center, Global Institute for Cybersecurity + Research, NASA/Kennedy Space Center, NH-ISAC is the tactical and operational arm advancing national healthcare and public health critical infrastructure resilience – all hazards (cyber and physical) security intelligence situational awareness analysis and reporting, secure trusted two-way information sharing, countermeasure solutions, incident response, leading practice and education. For more information, visit www.nhisac.org.

Iron Mountain, ITRenew offers secures technology equipment disposal for federal agencies

Sharpe

BOSTON Nov. 30, 2016 As U.S. Federal agencies plan to replace outdated technology equipment, it becomes increasingly important to deploy IT asset disposition (ITAD) programs that ensure data security and provide e-waste recycling and value recovery services. To help address this growing challenge, Iron Mountain Incorporated (NYSE: IRM), the global leader in storage and information management, and ITRenew, a leader in IT lifecycle management, today announced a partnership that combines ITRenew’s ITAD software and services with Iron Mountain’s secure chain of custody and logistics to serve government entities and federal agencies across the U.S.

Iron Mountain’s end-to-end Secure IT Asset Disposition service enables agencies to safely and securely dispose of their equipment, including PCs and laptops, servers, hard drives and mobile devices, with the peace of mind that such disposal complies with applicable data security and e-waste disposal regulations. Through the combination of Iron Mountain and ITRenew, outdated government IT equipment will be securely transported and tracked through Iron Mountain’s secure chain of custody and delivered to ITRenew’s refurbishing and recycling facilities. ITRenew’s ITAD processing services will include 100 percent sector-verified data erasure, asset remarketing, R2-certified recycling and regulation compliance reporting. Data erasure will be performed with Teraware, ITRenew’s proprietary data sanitization platform.

“Our relationship with ITRenew offers Federal agencies a unique combination of secure logistics and environmentally-sustainable IT asset disposition and remarketing, with Teraware – their industry leading data erasure and asset management workflow platform,” said John Sharpe, general manager of Secure IT Asset Disposition at Iron Mountain. “Federal agencies are facing many of the same IT asset disposition challenges as the private sector, made more complicated by both the nature of the data stored on the equipment and the stringent regulations surrounding the storage and destruction of that data. The combination of ITRenew’s powerful software, services that are ADISA certified for data sanitization at a forensic level, and Iron Mountain’s reputation as the trusted guardian of our customers’ most important assets will deliver peace of mind to Federal agencies. They will know that their data and IT assets are managed and disposed of properly and safely.”

“This is a natural fit between two industry leaders, leveraging each other’s strengths to fill a market need,” said Aidin Aghamari, vice president of corporate strategy, ITRenew. “ITRenew has the national footprint, scalable architecture and remarketing expertise necessary to process anything from PCs to mobile devices to mass-storage devices with equal levels of security, efficiency and value recovery.”

This joint service offering will enable Federal agencies to:

  • Customize a secure IT asset recovery and environmentally sustainable disposition solution to fit their needs.
  • Reclaim value from viable retired equipment, in which assets are wiped clean of sensitive data for a certificate of sanitization, then tested, repaired and resold.
  • Leverage proven processes that ensure sensitive data will not get into the wrong hands and that it has been certifiably destroyed according to DoD NISPOM and NIST standards – either electronically via ITRenew’s Teraware software or physically destroyed.
  • Maintain environmental responsibility by working with an R2 certified recycler, in which electronic waste is disposed of properly to repurpose materials for future use.

About ITRenew

Based in Silicon Valley, ITRenew specializes in complete lifecycle management for enterprise IT, mobile and data center equipment, processing millions of IT assets through a network of company-owned facilities. The independently-owned company has been recognized by Gartner as a Visionary in the 2014 Magic Quadrant for IT Asset Disposition, Worldwide.* Teraware, ITRenew’s proprietary data sanitization and asset management platform, has been adopted by the world’s largest cloud companies and is used to erase more than four million hard drives a year. Through an ADISA Claims Test, Teraware is the only solution to be certified to erase solid-state drives at a forensic level and has been recognized by Gartner as a competitive differentiator. All ITRenew facilities are 100 percent dedicated to ITAD services and have been R2, ISO 9001, ISO 14001 and OHSAS 18001 certified for secure asset recovery and data sanitization, environmental management, quality and occupational health and safety.

About Iron Mountain

Iron Mountain Incorporated (NYSE: IRM) is the global leader for storage and information management services. Trusted by more than 220,000 organizations around the world, Iron Mountain’s real estate network comprises more than 85 million square feet across more than 1,400 facilities in 45 countries dedicated to protecting and preserving what matters most for its customers. Iron Mountain’s solutions portfolio includes records management, data management, document management, data centers, art storage and logistics, and secure shredding, helping organizations to lower storage costs, comply with regulations, recover from disaster, and better use their information. Founded in 1951, Iron Mountain stores and protects billions of information assets, including critical business documents, electronic information, medical data and cultural and historical artifacts. Visit www.ironmountain.com for more information.

Israeli university researchers demonstrate malware that makes a computer become a spying device

Elovici

BEER-SHEVA, Israel, Nov. 22, 2016 Researchers at Ben-Gurion University of the Negev (BGU) have demonstrated malware that can turn computers into perpetual eavesdropping devices, even without a microphone.

In the new paper, “SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit,” the researchers explain and demonstrate how most PCs and laptops today are susceptible to this type of attack. Using SPEAKE(a)R, malware that can covertly transform headphones into a pair of microphones, they show how commonly used technology can be exploited.

“The fact that headphones, earphones and speakers are physically built like microphones and that an audio port’s role in the PC can be reprogrammed from output to input creates a vulnerability that can be abused by hackers,” says Prof. Yuval Elovici, director of the BGU Cyber Security Research Center (CSRC) and member of BGU’s Department of Software and Information Systems Engineering.

"This is the reason people like Facebook Chairman and Chief Executive Officer Mark Zuckerberg tape up their mic and webcam," says Mordechai Guri, lead researcher and head of Research and Development at the CSRC. "You might tape the mic, but would be unlikely to tape the headphones or speakers."

A typical computer chassis contains a number of audio jacks, either in the front panel, rear panel or both. Each jack is used either for input (line-in), or for output (line-out). The audio chipsets in modern motherboards and sound cards include an option for changing the function of an audio port with software –a type of audio port programming referred to as jack retasking or jack remapping.

Malware can stealthily reconfigure the headphone jack from a line-out jack to a microphone jack, making the connected headphones function as a pair of recording microphones and turning the computer into an eavesdropping device. This works even when the computer doesn’t have a connected microphone, as demonstrated in the SPEAKE(a)R video.

The BGU researchers studied several attack scenarios to evaluate the signal quality of simple off-the-shelf headphones. "We demonstrated it is possible to acquire intelligible audio through earphones up to several meters away," said Dr. Yosef Solewicz, an acoustic researcher at the BGU CSRC.

Potential software countermeasures include completely disabling audio hardware, using an HD audio driver to alert users when microphones are being accessed, and developing and enforcing a strict rejacking policy within the industry. Anti-malware and intrusion detection systems could also be developed to monitor and detect unauthorized speaker-to-mic retasking operations and block them.

About American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.

AABGU, which is headquartered in Manhattan, has nine regional offices throughout the United States. For more information, visit www.aabgu.org.

AITC wins contract to support Army Intelligence Center of Excellence

WINTER SPRINGS, FL Nov. 15, 2016 Continuing to make headlines, Advanced IT Concepts (AITC) announced today that it has been awarded two new contracts to support the United States Army's Intelligence Center of Excellence (ICoE) in Fort Huachuca, Arizona. The contracts, with a combined Period of Performance (POP) of five years, will focus on the development of Unit Tasks Lists (UTL) and Collective Tasks Lists (CTL) for the Theater Intelligence Brigade (TIB) and other military intelligence units, in support of the Chief of Staff of the Army's (CSA) Initiative for Assessing and Reporting Training Readiness (ARTR). The TIB contract has four subject matter experts for a one-year data collection period and task analysis effort. The ARTR contract also has four subject matter experts for up to five years and will revise all military intelligence unit collective training tasks, create new tasks as required to comply with collective task standards and business rules established by the Chief of Staff of the Army.

This effort is being implemented with AITC's strategic partner, Intelligence, Communications and Engineering (ICE), Inc., located in Sierra Vista, AZ. The work will be primarily based at Fort Huachuca, AZ, along with some efforts at the seven TIB's located both inside and outside the continental U.S.

"Being awarded this contract is another significant achievement for AITC. It continues to boost our reputation as a trusted professional services provider for the federal government. It also translates to more work, program support staff and revenue for our company, spurring more success to our local economy and state. We are continuing to strive for success adding to our contract portfolio, "says Gabe Ruiz, AITC President & CEO.

The contracts provide direct support to the U.S. Army's Training and Doctrine Command (TRADOC) and the ICoE Training Development and Support Program based at Fort Huachuca. The total value of both contracts over five years (if all options exercised) is $3.9 million.

"The Army's intelligence community utilizes the latest technology and equipment, along with highly trained and skilled personnel to develop critical information and make operational decisions. AITC is proud to support this effort to advance the training and skill development that is central to future successful missions," says Wells Barlow, AITC Business Development Manager.

AITC was awarded the contract based on several years of exceptional past performance in a similar capacity. These were part of the 10 new contracts received by AITC in the last two months with a combined value of more than $13 Million, building the company's momentum after recently announcing the win of the $70 Million Army Medical Simulation Support Services (MS3) contract.

About Advanced IT Concepts (AITC):

AITC is an SDVOSB and SBA 8(a) certified IT systems integrator, value-added reseller and service provider to federal, state and local governments. For more than 10 years, AITC draws upon significant telecommunications and Information Technology proven experience to ensure customers' goals are met by delivering superior client services through a full suite of IT specialized services. For details, visit www.aitcinc.com.

DFLabs to discuss standardizing, automating data breach incident reports in Abu Dhabi

Forte

BOSTON Nov. 14, 2016 DFLabs, the global leader in cyber incident response automation and orchestration, announced today its CEO and ISO Co-Editor Dario Forte will present on “Standardizing and Automating Incident Response and SOC: State of the Art” at RSA Conference 2016 Abu Dhabi held November 15-16 at the Emirates Palace. DFLabs will also discuss the Supervised Active Intelligence™ paradigm and will illustrate how playbooks dedicated to breach notification, response and compliance activities can be tailored to the Cooperation Council for the Arab States of the Gulf (GCC) and international upcoming regulatory environment.

DFLabs' CEO will also meet local CISOs to preview one of the largest data sets on the market, the IncMan RP playbook, a unique new module of the company’s cyber incident response automation and orchestration platform, IncMan. The playbook set is based upon regulations and industry standards and gives customers immediate access to a large number of pre-built incident and data breach response actions to follow. Providing the most playbooks available today to handle the entire breach response process - from technical to operational and legal - it is divided into state/federal, industry sector and type of incident/breach segments and works with both human and machine based processes.

Active data breach and privacy regulations are making incident response platforms mandatory. DFLabs is the first mover in fast growing categories of Security Operations, Analytics and Reporting (SOAR) and Security Incident Response Platforms (SIRP).

“DFLabs has a strong presence in the GCC region, including the United Emirates. We are proud to participate at this high-profile RSA event to share an important overview of the state of the art of automation and orchestration for cyber incident response and global standards as well preview our unique playbook and vision for supervised active intelligence,” said Dario Forte, Founder and CEO of DFLabs.

In his RSA Conference session on Wednesday, November 16th from 14:20pm- 15:10 hrs, Forte will cover how in the past two years, five standards have been published with the purpose of supporting Cybersecurity Operations and Incident Response, along with new automated technology platforms. As one of the ISO Co-Editors, Forte will give an overview on the entire ISO-SC27 Incident Response spectrum, along with insights on how to implement it within any size of organization. The presentation also will discuss the state of the art technology, including the role of machine learning, automation and SOC management architectures.

RSA Conference 2016 Abu Dhabi will host a group of diverse cyber security experts and influential speakers from the GCC and aims to provide a platform to discuss the changing cybersecurity landscape in the region and develop sound practices for mitigating both current threats and ones expected to emerge in the future. The conference will also aim to showcase the significant progress made in the government’s vision of promoting regional cybersecurity initiatives.

About DFLabs

DFLabs is a recognized global leader in cyber incident response automation and orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milano, Italy. For more information visit: http://www.dflabs.com.

Pages

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...