Security

Schneider Electric partners with MK:U to develop smart campuses

Schneider Electric has announced a partnership with MK:U, part of Cranfield University. The two organisations will work closely together to shape the university courses of the future, ensuring that learning is applied to the real world, to prepare students to meet the current and future needs of the business world. Schneider Electric is investing with MK:U to train its degree apprentices in the coming years. Courses will include digital technology and solutions, cybersecurity, and a range of digital engineering options.  As the future campus of MK:U is developed, it will participate in the open tender process to provide expert advice on the smart technology required to create a sustainable-by-design campus from the ground up. Chris Collins, Country President and VP of Major Pursuits, Schneider Electric, says, “Students, businesses and the local community will all benefit from our partnership and the close collaboration that this will bring. Together, we can develop skills that are fit for future business, inspire a new generation, and help to promote DE&I talent to enter the STEM workforce though leading research and technology innovation projects.” “Working with MK:U, we will collaborate to innovate and promote sustainability to tackle the challenges of effective energy management that are critical to meeting net zero targets.” Professor Lynette Ryals OBE, Chief Executive of MK:U, says, “Close partnership with an organisation that has shared values and commitments to sustainability, inclusivity and representation in the industry is extremely important to us. MK:U is ‘built with business, for business’ and this partnership truly embodies this. This collaboration will help us shape education courses that will address the current and real challenges in the UK and ensure learning is aligned to business needs.” Click here for more on Schneider Electric.

Global Cyber Summit highlights Ukrainian experience amid geopolitical tensions

Nineteen Group, organiser of International Cyber Expo, has announced its programme for the annual Global Cyber Summit, sponsored by Sonatype, Opentext and Infoblox, and hosted at Olympia London on 26 and 27 September 2023. The summit returns with greater international appeal. Among other topics of discussion, guest speakers will provide the Ukrainian perspective on cyber security, in light of recent geopolitical events. With opening remarks by Professor Ciaran Martin CB, Chair of International Cyber Expo’s Advisory Council, the Global Cyber Summit assembles the industry’s great minds to review ongoing cyber threats, priorities and challenges. Uniquely, the programme this year invites advisors closely associated with Ukrainian government agencies to present their invaluable insight into the reality and impact of Russian cyber attacks on the country and beyond. Special guest speakers include, Oksana Kharchenko, a member of YouControl, who will delve into the challenges of managing sanctions risk in the current geopolitical setting; and Andrew Hural, Director, MDR of UnderDefense, who will reflect on the last 500 days of Russian cyber operations, determining the successes and failures of their espionage. Here are a few agenda highlights: Nicola Whiting MBE, co-owner of Titania Group, will reveal why diversity and inclusion efforts might be stalling and provide a new framework. Theresa Deumchen, Tech Policy Associate at Global Counsel, will examine the regulatory landscape concerning generative AI. Alexsander Gorkowienko, SecurityLabs’ Senior Managing Consultant at Spirent Communications, will explain how EU security regulations, such as the NIS 2 Directive, might affect businesses across the region. Jake Moore, Global Cyber Security Advisor at ESET, will shed light on his attempt to manipulate recruitment staff, land a job inside a company and gain full access to their data. Stewart Bertram, Head of Cyber Threat Intelligence at Elemendar, will utilise a mix of case studies and theories to expose the crossover between misinformation and cyber threat operations. Rashik Parmar, Group CEO of BCS, The Chartered Institute for IT, and Dr Saritha Arunkumar, IBM Public Cloud Worldwide Technical Leader - Security, will sit together on a panel to address the question: What does the rise of AI and quantum computing mean for the future of cyber security? Charlotte Hooper, Helpline Manager at The Cyber Helpline, will highlight the impact of cybercrime on individuals and what can be done to support them. Attendees can also take advantage of scheduled talks at the collocated International Security Expo. In fact, Joel Aleburu at Microsoft, will be speaking here about the role of cyber espionage in terrorist activities on the first day of the event, while Joe Wrieden, Intelligence Analyst at Cyjax, will assess the key role of Advanced Persistent Threats(APTs) in serious and organised crime on the second day. All sessions are CPD Certified. To register for free as a visitor: https://ice-2023.reg.buzz/dcnnAs press: https://www.internationalcyberexpo.com/press-pass-registration Click here for latest data centre news.

Infinidat appoints new regional director

Infinidat has announced the appointment of Richard Connolly as Regional Director for the UKI and the DACH (Germany, Austria and Switzerland) regions. Richard brings extensive experience selling enterprise storage, cyber security software, hybrid cloud storage, data centre solutions, and professional services to enterprise customers and service providers, including as a global sales director at Hitachi Vantara. He is responsible for driving sales growth in the UKI and DACH regions for Infinidat, reporting to Richard Bradbury, SVP, EMEA and APJ at Infinidat, effective immediately. “Richard Connolly is a strategic sales leader, who has a long, proven track record of exceeding sales growth targets. With his wealth of knowledge and his deep network of relationships with large enterprises across Europe, he will be an excellent leader to expand our market presence, continue to make our customers and partners more successful, and shift the balance of power in the storage industry to Infinidat’s award-winning enterprise storage solutions,” says Richard Bradbury, SVP, EMEA and APJ at Infinidat. "I am extremely excited to join Infinidat, recognised for the last 5 years as a leader in the Gartner Magic Quadrant for Primary Storage. Not only has the company substantially expanded and enhanced its enterprise solution portfolio in the last few years, but I strongly believe, with the business value, continuous innovation, and cyber storage capabilities that Infinidat offers to customers, we're well-positioned to solve some of the most complex problems and drive significant cost savings for enterprises," says Richard Connolly, Regional Director for the UKI and DACH regions at Infinidat. "Infinidat is one of the hottest companies in storage and I'm thrilled to contribute to the high-performance mindset that keeps customers at the centre of everything we do." Prior to joining Infinidat, Richard was the Director of Global & Strategic Accounts at Palo Alto Networks, where he drove large, cross-portfolio deals and transformed sales into a high-performance function. Before that, he worked at Hitachi Vantara as Global Sales Director, providing leadership to drive high sales growth. He also spent five years in sales roles at Avaya, leveraging professional services to improve outcomes for customers, particularly large financial service enterprises. Earlier in his career, he led infrastructure projects at JP Morgan and the Royal Bank of Scotland, among other major financial institutions. He earned an executive MBA from the London School of Economics. Click here for latest data centre news.

NCSC CEO warns AI must improve cyber security

The CEO of the National Cyber Security Centre has called for robust security systems in the early development of AI, amidst concerns that proper security measures are being overlooked. As businesses race to develop new AI products, a former intelligence chief explains that malicious attacks could have a “devastating” effect due to the rate AI is being developed in comparison to security. AI is set to play a huge role in many aspects of everyday life, from our homes and cities to high end national security, however, as businesses rush to develop products and secure their position in the market, the risk of misuse could act as a threat. The news follows the UK’s AI whitepaper, released earlier this year, which aims to put the UK on course to be the best place in the world to build, test and use AI tech after investing £2.5bn in the emerging technology since 2014. Suid Adeyanju, CEO of RiverSafe, comments, “AI-enabled cyber attacks present new challenges for security teams, adding increased complexities for organisations when protecting their devices and their data. Businesses evaluate their defence strategies to adapt, boosting their cyber security capabilities to ensure they are prepared for when an attack happens, either directly against their organisation or along the supply chain.” “Upskilling cyber workforces and ensuring diverse teams that can offer new and innovative ways of thinking to elevate expertise is an important part of the solution to defend against the new AI-powered threats. For businesses to protect themselves against the imminent and increasing threat of AI in cyber, strategies must be reassessed and more robust processes must be introduced.” Lindy Cameron, CEO of the NCSC, comments, "The scale and complexity of these models is such that if we don't apply the right basic principles as they are being developed in the early stages, it will be much more difficult to retrofit security." Click here for latest data centre news.

Veeam partners with Microsoft

Veeam Software has announced that it is integrating Veeam Backup for Microsoft 365 with Microsoft 365 Backup via its backup APIs to bring customers and partners new capabilities for backup, recovery, ransomware protection and business continuity. Veeam plans to utilise this integration to deliver new innovations and experiences to Microsoft customers that need the very best data protection and ransomware recovery to keep their businesses running. “Today, every business is a digital business,” says Danny Allan, CTO at Veeam. “That means fast, reliable access and availability of data is critical to keep businesses running. Veeam is the leading provider of backup and recovery for Microsoft 365, with over 15 million users protected. We’re delighted to extend our advanced capabilities to customers and partners using Microsoft 365 Backup. We plan to deliver innovative new features and capabilities, taking advantage of the power and reliability of the Veeam data platform which keeps businesses running.” “We’re excited to work with Veeam, and look forward to the unprecedented speed and scale of backup and restore experiences they can bring to customers with our new Microsoft 365 Backup solution,” says Jeff Teper, President, Collaboration Apps and Platforms, Microsoft. Veeam Backup for Microsoft 365 Veeam Backup for Microsoft 365 is being used to protect more than 15 million users. This adoption reflects customers’ shared responsibility to own and protect their critical Microsoft 365 data, eliminating the risk of losing Microsoft 365 data. It provides the lowest recovery point objectives (RPO), the broadest set of recovery options, and the flexibility to back up Microsoft 365 data to any location. Availability Work on the integration between Veeam Backup for Microsoft 365 and Microsoft 365 Backup via its backup APIs is underway, with general availability of the updated offering expected within 90 days of the Microsoft 365 Backup service being available. Click here for latest data centre news.

GovAssure, cyber security and NDR

By Ashley Nurcombe, Senior Systems Engineer UK&I, Corelight We live in a world of escalating digital threats to government IT systems. The public sector has recorded more global incidents and data breaches than any other over the past year, according to a recent Verizon study. That’s why it is heartening to see the launch of the new GovAssure scheme, which mandates stringent annual cyber security audits of all government departments, based on a National Cyber Security Centre (NCSC) framework. Now the hard work starts. As government IT and security leads begin to work through the strict requirements of the Cyber Assessment Framework (CAF), they will find network detection and response (NDR) increasingly critical to these compliance efforts. Why we need GovAssure GovAssure is the government's response to surging threat levels in the public sector. It is not hard to see why it is such an attractive target. Government entities hold a vast range of lucrative citizen data which could be used to carry out follow-on identity fraud. Government services are also a big target for extortionists looking to hold departments hostage with disruptive ransomware. And there's plenty of classified information in there for foreign powers to go after to gain a geopolitical advantage. Contrary to popular belief, most attacks are financially motivated (68%), rather than nation-state attempts at espionage (30%). That means external, organised crime gangs are the biggest threat to government security. However, internal actors account for nearly a third (30%) of breaches, and collaboration between external parties and government employees or partners accounts for 16% of data breaches. When the cause of insider risk is malicious intent rather than negligence, it can be challenging to spot because staff may be using legitimate access rights and going to great lengths to achieve their goals without being noticed. Phishing and social engineering are still among threat actors' most popular attack techniques. They target distracted and/or poorly trained employees to harvest government logins and/or personal information. Credentials are gathered in an estimated third of government breaches, while personal information is taken in nearly two-fifths (38%). Arguably the shift to hybrid working has created more risk here as staff admit being more distracted when working from home (WFH), and personal devices and home networks may be less well protected than their corporate counterparts. The growing cyber attack surface Several other threat vectors are frequently probed by malicious actors, including software vulnerabilities. The new Freedom of Information data reveals a worrying number of government assets are now using outdated software that vendors no longer support. Connected Internet of Things (IoT) devices are an increasingly popular target, especially those with unpatched firmware or factory default/easy to guess passwords. Such devices can be targeted to gain a foothold in government networks and/or to sabotage smart city services. Finally, the government has a significant supply chain risk management challenge. Third-party suppliers and partners are critical to efficiently delivering government services. But they also expand the attack surface and introduce additional risk, especially if third parties aren't properly and continuously vetted for security risks. Take the recent ransomware breach at Capita, an outsourcing giant with billions of pounds of government contracts. Although investigations are still ongoing, as many as 90 of the firm's clients have already reported data breaches due to the attack. What the CAF demands In this context, GovAssure is a long overdue attempt to enhance government resilience to cyber risk. In fact, Government Chief Security Officer, Vincent Devine, describes it as a "transformative change" in its approach to cyber that will deliver better visibility of the challenges, set clear expectations for departments and empower security pros to strengthen the investment case. Yet delivering assurance will not be easy. The CAF lists 14 cyber security and resilience principles, plus guidance on using and applying the principles. These range from risk and asset management to data, supply chain and system security, network resilience, security monitoring and much more. One thing becomes clear, visibility into network activity is a critical foundational capability on which to build CAF compliance programmes. How NDR can help NDR (Network Detection and Response) tools provide visibility. This kind of visibility will enable teams to map assets better, ensure the integrity of data exchanges with third parties, monitor compliance and detect threats before they have a chance to impact the organisation. Although the CAF primarily focuses on finding known threats, government IT leaders should consider going further, with NDR tooling designed to go beyond signature-based detection to spot unknown but potentially malicious behaviour.  Such tools might use machine learning algorithms to learn what regular activity looks like to better spot the signs of compromise. If they do, IT leaders should avoid purchasing black box tools that don't allow for flexible querying or provide results without showing their rationale. These tools can add opacity and assurance/compliance headaches. Open-source tools based on Zeek may offer a better and more reasonably priced alternative. Ultimately, there are plenty of challenges for departments looking to drive GovAssure programmes. Limited budgets, in-house skills, complex cyber threats, and a growing compliance burden will all take its toll. But by reaching out to private sector security experts, there is a way forward. For many, that journey will begin with NDR to safeguard sensitive information and critical infrastructure. Click here for more thought leadership.

SentinelOne bolsters India’s cyber defences

SentinelOne has announced the launch of a virtual data centre in Mumbai that will enable the growing number of Indian companies which rely on SentinelOne to shield their business from cyber attacks in a simple, compliant way.  “Cyber criminals are moving faster than ever, and companies must move with even greater speed to thwart their actions,” says Diwa Dayal, Managing Director, India and SAARC, SentinelOne. “At SentinelOne, we understand the stringent reporting requirements that Indian organisations must meet. And with the launch of our local data centre, we are uniquely positioned to help them do it.”Cyber attacks are on the rise. And no industry is immune. But some are more vulnerable than others. With SentinelOne, banking, financial services, healthcare, government and other organisations that are sensitive to data residency and privacy needs can leverage AI-powered protection to keep their assets secure.The company’s Singularity platform is a unified solution that combines endpoint protection, cloud security, identity threat detection and response and data ingestion with analytics in a single console. Using a native backend and the industry’s most performant security data lake, the solution offers complete data localisation and sovereignty with an India-based AWS Point-of-Presence (PoP). It is also the first open XDR solution in India that delivers complete data localisation and sovereignty. Hosted by its strategic partner, AWS, the Mumbai cloud data centre will provide direct, high-performance access to the Singularity platform, while allowing organisations to store their logs within Indian borders.“At SentinelOne, our mission is to defeat every attack, every second, of every day,” says Diwa. “And our new data centre is a testament to our commitment to India and to keeping its infrastructure and citizens safe as the threat landscape evolves.” Click here for more news on data centres.

Schneider Electric launches contractor program

Schneider Electric has announced the launch of a new partner program in the UK and Ireland. The Contractor Program offers online resources and digital tools via mySchneider portal to help contractors quickly and efficiently meet customer demands. It also offers opportunities to generate more business and training to support sales activities, as well as advice on sustainable solutions. In addition to the above, it includes the following benefits depending on whether the contractor is a registered, premier or premier plus customer: Personalised news, information and promotions. Advanced commercial and technical support. Digital platforms and tools. Training and education resources. Invitations to local partner events. Partner locator listing. EcoXpert badge eligibility. Hands-on training. A new world of energy The launch is part of Schneider Electric’s strategy to mitigate the energy crisis by calling on its customers, partners and suppliers to reduce the amount of energy used in their day-to-day operations and buildings and to select more sustainable solutions. In response to the ways in which the energy landscape has shifted dramatically in recent years, it has developed the mySchneider Contractor Program to answer the following challenges: demands for more electrification to reduce the usage of fossil fuels; an increase in cybersecurity; and demands from the market for multidirectional energy supplies. In the long term, the convergence of electric and digital brings disruptive new possibilities for contractors. It enables them to harness the potential for efficiency and sustainability, and more critically, in the near term, to directly impact energy security, an issue that has been front of mind for the UK and Irish governments and their citizens in recent years. David Williams, Vice President of Transactional Business at Schneider Electric, says, “As a global business, we understand the challenges our contractors and partners are facing around the world in light of the economic and political landscape and energy crisis. With the launch of the mySchneider Contractor Program, we are giving our partners priority access to our global partner ecosystem. We hope that by rewarding our contractors in this way that they will be empowered to stay ahead of the competition by offering the latest sustainable solutions to their customers.” Click here for latest updates on Schneider Electric.

Six Degrees gains Microsoft Cloud Security

Six Degrees has announced that it has successfully renewed its Microsoft Azure Expert MSP status and gained new Microsoft Cloud Security and Threat Protection specialisations.  These credentials demonstrate its commitment to holding deep technical expertise, backed by a demonstrable track record and a strategic relationship with Microsoft. Combined, they allow the company to enable organisations to achieve more through secure, integrated cloud services.   This brings several benefits to customers:  Designations aligned to the Microsoft solution areas recognise its broad technical capabilities and demonstrated success delivering technology solutions.  Benefits aligned to its solutions partner designations include product benefits, go to market services, co-sell eligibility, skilling and sales enablement resources, making it easier for customers to buy Microsoft solutions.  Specialisations further validate deep technical expertise after the company attains a Solutions Partner designation, giving customers reassurance that it is well placed to maximise its Microsoft investments.  Simon Crawley-Trice, CEO, Six Degrees, says, “I am delighted to have renewed our status as an Azure Expert MSP program member and I look forward to enabling many more organisations to succeed through the intelligent application of Microsoft technology. This isn’t a time to rest on our laurels, though. At Six Degrees we never stand still when it comes to our partnerships, and we will work to attain further specialisations which align to our core capabilities across cloud, cyber security and connectivity.”  Eleri Gibbon, Director, Services Partners, Microsoft UK, says, “In today’s challenging operating landscape, organisations will benefit from integrated secure cloud solutions that enable them to achieve competitive differentiation while protecting their people and their customers. By embracing the Microsoft Azure stack throughout their secure cloud offerings, Six Degrees is well placed to deliver these solutions to benefit organisations throughout the UK.” 

VMware unveils research on NHS data storage

VMware has unveiled a research sharing that the majority (87%) of UK consumers believe it is important that their NHS patient data is stored in the UK. The study of more than 2,000 UK citizens has revealed that people still have cyber security concerns when it comes to where their personal and sensitive data is stored. Of those who stated it is important for their data to be stored in the UK, more than a third (39%) think that their data stored within the country’s national borders would ensure it complies with UK data privacy regulations. A fifth (22%) do not trust other countries to safeguard their data as well as the UK, and 21% think it will be less susceptible to foreign cyber threats or access foreign entities. Despite this, the research shares a good level of trust in the NHS when it comes to storing and analysing patient data. For instance, 59% of respondents expressed confidence in the NHS's ability to safeguard their sensitive information. But when asked about where their data is stored, most UK public had doubts on their data residing outside of their national boundaries. Businesses share the same attitude. 42% of business leaders are extremely concerned about their critical data being managed by US cloud providers, and 62% have expressed that their current clouds are not meeting their data sovereignty requirements, according to the latest IDC research. Many NHS and social care providers today use non-national public clouds. This means that patient data is currently hosted in a provider currently deemed adequate by the UK, however, if this is a non-national provider, the data could be subject to external jurisdictional control. “This consumer opinion matters as it echoes business sentiment. These findings demonstrate the increasing importance of data integrity and sovereignty in helping the NHS, among other highly regulated industries, realise and unlock the true value of their sensitive and critical data," says Guy Bartram, Cloud Evangelist EMEA, VMware. “By embracing cloud sovereignty, the NHS can build public trust and assertively maintain governance, fortify data protection and help unlock the true value of critical and sensitive patient data in delivering patient services.” "While there are vast rewards to be harvested through applying AI to healthcare data, we have to remember that each data point relates to a patient, and every patient should trust that their privacy is maintained,” says Darren Adcock, Senior Product Manager, Redcentric. “By harnessing the power of AI and advanced technologies within a secure and sovereign cloud framework, the NHS ensures that groundbreaking advancements in healthcare never compromise patient privacy and trust. Sovereign clouds serve as a pivotal enabler, allowing the NHS to drive progress responsibly, ethically, and with the utmost dedication to patient wellbeing.” Sovereignty extends beyond where data is stored, but also how it is used by platforms such as AI, which analyses the data to feed algorithms. The general public surveyed hold diverse opinions regarding AI in healthcare, with 45% open to its use for improved services and 44% happy with the NHS using the technology to process their patient data, if it helped the NHS to process diagnostic tests faster. However, concerns exist, with 25% saying they are against the NHS using AI to process their patient data. “Ongoing digital transformation and the increased use of emerging technologies such as AI, have spurred both excitement for true innovation to revolutionise our NHS, but also a new urgency for how this boom in data will be securely managed and stored,” says Dr Will Venters, Associate Professor of Information Systems, London School of Economics. “With the increased use of multiple clouds to create, store and distribute apps, which the NHS needs, relies on from frontline clinicians through to optimising operations, it is essential to patient trust that the NHS protects sensitive patient data, and this can be achieved by protecting it with sovereign clouds. AI has created new data opportunities so it is critical the NHS can make better use of its data, to build a resilient and patient-centric healthcare system that the UK needs.”