Cyber Security Insights for Resilient Digital Defence

New security platform to fight AI-based cyber attacks

OryxAlign has launched securyXDR, a fully managed extended detection and response (XDR) platform. An advanced form of antivirus and malware management, the system is part of a solution that will address the expected rise in sophisticated AI-phishing attacks. It will be valuable for SMEs, or those with a hybrid and remote workforce, across sectors including financial services, recruitment, legal and more. Traditionally, antivirus systems have operated in silos, being limited to detecting and responding to threats on individual devices, or endpoints. The solution was previously Endpoint Detection and Response (EDR). With the rise in hybrid and remote working, and the reliance on networked storage and cloud-based workflows, there is now a need for visibility of threats across a company’s entire IT ecosystem. “In 2023, we expect to see a sharp rise in sophisticated AI-based phishing attacks, as well as endpoint attacks on remote and hybrid workers. The criminals’ focus may change to SMEs as they are believed to have weaker security,” explains Nathan Charles, Head of Customer Experience. “But because we combine our XDR platform with EDR and email management we can fight fire with fire. “securyXDR is our new cyber security XDR platform that is offered as a fully managed service, in partnership with an outsourced security operation centre (SOC) that has 200 staff globally,” continues Nathan. “Given that even small networks can generate tens of thousands of cyber security alerts a day, the securyXDR managed service will alleviate the pressure on internal IT teams, taking them away from manually triaging and responding to individual threats, and focusing on more productive projects. “We know that the loss of productivity following a cyber attack can be just as devastating as the initial damage to your IT system. The cost of having an XDR system in place will more than pay for itself in the long run, by providing early detection of threats. What’s more, SOCs are uniquely positioned to respond to threats, by applying their broad learning from a high volume of attacks across their managed networks.” OryxAlign says that securyXDR stands out from other enterprise XDR platforms by offering customisable service plans based on customer needs. For example, users can select how long log files are stored to minimise storage costs, choose custom restore points for compromised endpoints, and set their choice of response urgency, typically from one to three hours.

Jane Frankland takes up advisory role at e2e-assure

e2e-assure has announced that Jane Frankland has joined the business as an advisor. Bringing over two decades of experience, her appointment reinforces e2e’s commitment to nurturing a diverse and unique set of skills and knowledge to help guide the company. Commenting on her new role, Jane says, “I'm thrilled to join e2e-assure and be part of a team that is dedicated to establishing trust, transparency and reliability in the increasingly complex world of cyber security. As experts in threat detection and response, an agile, innovative, and value-driven boutique player, serving clients of all sizes from the UK and Australia, e2e-assure serves an invaluable role in today's uncertain and expanding digital world. As an advisor, I'm looking forward to helping them scale, further innovate, and create a securer future for all.” Jane has built a stellar reputation as an award-winning leader, bestselling author, and women’s change agent. Referenced by Wiki, LinkedIn (as a Top Voice) and UNESCO, she works as a board advisor, speaker, consultant, coach and trainer. She is well-known for all the work she does to attract and retain women in cyber security through her writing, keynotes, consulting and her brand-new women's career platform, The Source. Rob Demain, CEO and Founder of e2e-assure comments, “We’re absolutely delighted and privileged to have Jane join the business. We recognised that, if we wanted to continue in our commitment to helping our customers succeed, we needed to ensure that we had someone with deep experience, a strong track record and gravitas. Visionary and highly respected within the market, Jane was a natural choice. We’re excited for her to be part of our journey, helping us to reinforce our mission - that is to give our customers greater access to faster, simpler and more cost-effective threat detection and response solutions.”

New group formed to overcome attacks against data centres

Operators will be given the tools to enhance the security measures within their data centres as a result of the new Data Centre Work Group, formed by the Trusted Computing Group (TCG). Data centres play a crucial role for business operations across the globe, but they remain prime targets for cyber criminals. Should an interposer position themselves between the Central Processing Unit (CPU) and a hardware Root of Trust - such as the Trusted Platform Module (TPM) - within a data centre, they can cause significant damage by gaining possession of legitimate control signalling between the CPU and the TPM. Interposers can even inject their own boot code into the CPU and wield an authorisation key to fool a remote verifier to make the TPM attest the integrity of fraudulent information. This allows them to snoop, suppress and modify vital signals and measurements, and, as a result, will be able to access and exploit secrets and information from within the data centre, weaponising it against the operator. To this end, the Data Centre Work Group at TCG has been formed to establish trust within systems and components within a data centre, focusing primarily on developing protective measures against any active interposers within a system. The Work Group will examine the existing attack enumerations against data centres, and devise ways to avoid or mitigate them. These attacks include the feeding of compromised boot code to the CPU, impersonations of the CPU to the TPM, the suppression and injection of false measurements to a legitimate TPM, and the redirection of legitimate measurements to an attacker controlled TPM. “With the formation of this Work Group, a TPM will be empowered to protect the resources and communication of a CPU to which it is bound with precise, given measurements”, says co-Chair of the Data Centre Work Group, Dennis Mattoon. “The TPM will also be able to prove the measurements and the correct CPU instance of a given object to a verifier. We look forward to developing our plans to continue establishing trusted computing within data centres”. Dennis and Jeff Andersen have been confirmed as the co-Chairs of the Work Group. Dennis is a Principal Software Development Engineer for Microsoft Research, and co-Chairs the attestation, supply chain security, DICE, and marketing work groups at TCG. Jeff is a Staff Software Engineer at Google and became a member of the TCG in 2021. “We’re delighted to publicly announce the formation of the new Work Group”, says Jeff. “Current data centre hardware designs make it difficult for CPUs to be permanently bonded with the TPM, creating a gap for malicious entities to exploit. Our goal is to overcome the interposers operating within this area and mitigate the significant threats they can bring to data centres.” The Work Group will also look at protecting the data centre against hackers looking to clear platform configuration registers (PCRs) in the legitimate TPM by falsely asserting that the CPU has reset. As a result, operators will be able to trust that the components and hardware found within the system are operating successfully without the fear it may become weaponised by an attacker.

Neterra stopped nearly 500,000 DDoS attacks in 2022

Neterra protected its customers from 488,151 DDoS attacks in 2022. To do this, the company implemented various effective solutions that include a cloud platform, specialised hardware equipment, and a combination of the two. Of the total number of attacks, its cloud platform stopped 135,590 and its hardware stopped 352,561. DDoS attacks aim to disrupt (wholly or partially) user access to the services or equipment of a specific company - targeted as a victim. Often, for example, the victim's website becomes unavailable, loads slowly and returns errors. While the company is under attack and struggling to restore normal operations, the perpetrators take advantage of the breach to gain access to its resources. Most DDoS attacks aim to steal data, money, or intellectual property. Customers of Neterra's DDoS protection service can monitor statistics of attacks against them in real time through the unified monitoring system, as well as make periodic inquiries, for example - the number of attacks daily, monthly, and annually. They can also see what each of the attacks looked like. In addition to protection from DDoS attacks, Neterra offers complete solutions for enterprises for both cyber security, such as backup and ransomware protection, and for connectivity - dedicated internet access (DIA), data centre and managed services, IT service and resource rental.

Macquarie Telecom delivers 17 consecutive halves of growth

Macquarie Telecom Group has announced its results for the half-year, which ended 31 December 2022. Chairman, Peter James, says, “This result represents our 17 consecutive half of EBITDA growth, an outstanding achievement demonstrating the continuing momentum in our business and the capability of our people.” Key Points • 17 consecutive halves of profitable growth. • Revenue of $172.5 million, an increase of 16% on 1H FY22 ($149.3 million). • Earnings before interest, tax, depreciation, and amortisation (EBITDA) of $51.3 million, an increase of 26% on 1H FY22 ($40.5 million). • Net profit after tax of $8.5 million, an increase of 133% on 1H FY22 ($3.7 million) reflecting the increased profitability across all segments. • Capital expenditure for 1H FY23 was $33.2 million (1H FY22: $68.9 million) driven by Growth Capex of $15.0 million, Customer Related Capex of $11.6 million and Maintenance Capex of $6.6 million. Chief Executive David Tudehope, says, “We are very pleased to deliver another strong result for our shareholders. We continue to grow by staying ahead of emerging trends in the technology sector and investing in the right solutions for our customers. We pair the best technology with the best customer service and operate in markets that continue to have significant growth potential, such as digital infrastructure and cyber security.” Outlook • FY23 EBITDA is expected to be approximately $102 to $104 million which includes Macquarie Data Centres expected EBITDA of $32 to $33 million. Continuing investment in Cloud Services & Government and Macquarie Data Centres underpins this profitable growth. • ATO contract extension demonstrates the continued demand from our Federal Government Agencies for cyber security services, providing high confidence for future growth in the Government business. • Site preparation works are underway to prepare the Macquarie Park Data Centre Campus in anticipation of obtaining the DA for IC3 Super West. • Telecom operational efficiencies will continue. • Net debt to be reduced in FY23. • FY23 Total Capex is expected to be between $72 - $76million. • FY23 Depreciation is expected to be between $63 and $67 million.

Panzura announces Customer Security Advisory Council

Panzura has announced the formation of its Customer Security Advisory Council, chaired by Chris Hetner, a respected leader in cyber security. The Council will provide education and awareness around data resiliency with a mission of advancing business, operational, and financial alignment to cyber security risk governance. “It is a privilege to chair Panzura's Customer Security Advisory Council and share my experience and knowledge on this critical issue,” says Chris Hetner. “The current cyber security ecosystem is largely focused on addressing technical level threats used to inform measures to mitigate risk. While the cyber security ecosystem continues to evolve, it still lacks the ability to contextualise cyber threats and incidents to business, operational, and financial exposures. Education and awareness on this issue is imperative for businesses of all sizes to mitigate the risk involved from a material cyber security incident, and ultimately, stay in business.” With over 20 years of experience as a cyber security expert, Chris Hetner is recognised for raising cyber risk to the Corporate Council level to protect industries, infrastructures, and economies. He served as the Senior Cyber Security Advisor to the Chair of the United States Securities and Exchange Commission and as Head of Cyber Security for the Office of Compliance Inspections and Examination at the SEC. “Chris brings the ability to contextualise cyber risk to a business in terms of financial cost. He is also at the forefront of ever-evolving cyber security risk governance requirements and will provide ongoing education to Panzura customers to ensure their cyber security and operational resiliency,” says Katie McCullough, Panzura Chief Information Security Officer. “We are honoured our customers will benefit directly from his invaluable experience and knowledge.”

DCIG names the InfiniBox family one of the top five storage arrays

Infinidat has announced that DCIG has named its InfiniBox SSA II / InfiniBox one of the world’s top five high-end storage arrays. This ranking is based on independent research that DCIG conducted in the large enterprise market and among cloud service providers. 'The all-flash InfiniBox SSA II and hybrid InfiniBox arrays showcase Infinidat’s thorough understanding of enterprise high-end storage requirements,' according to the DCIG report. Among the product features that DCIG called out as exceptional in the InfiniBox platform is cyber resilience with InfiniSafe technology, which features near-instantaneous recovery, immutable snapshots, a fenced forensic network environment and remote logical air gapping for primary storage. “Being named one of the top five high-end storage arrays clearly shows Infinidat’s attention to the business and technical values essential to large enterprise storage deployments,” says Eric Herzog, CMO at Infinidat. “This is the second consecutive year that DCIG has selected Infinidat in a top five list, which affirms the confidence that enterprise customers have in the Infinidat portfolio of cyber resilient storage solutions. We’re building on the momentum we gained in 2022 when DCIG named Infinidat as one of the top SaaS vendors. When large organisations need enterprise storage, Infinidat has the attention of their key decision-makers.” “Large enterprises look to high-end storage arrays to provide a combination of high performance, high availability, cyber storage resilience, and comprehensive enterprise data services for all their business-critical data,” says Ken Clipperton, DCIG Lead Analyst for Storage. “The all-flash InfiniBox SSA II and hybrid InfiniBox arrays showcase Infinidat’s thorough understanding of these requirements, including guaranteed recoveries in less than one minute.” The InfiniBox SSA II is the industry’s fastest all-flash storage array with an unprecedented 35 microseconds of latency. InfiniBox says that it provides unmatched high availability, comprehensive cyber storage resilience, ease of use, autonomous automation, and high reliability, plus comprehensive AIOps integration. Enterprise customers obtain optimal application and workload performance, simplify substantial storage consolidation, and reduce CAPEX and OPEX. The InfiniBox and InfiniBox SSA II platforms for enterprise primary storage deployments are not only the most cyber resilient and most reliable storage solutions in the industry, but also the highest performing, according to Infinidat. Every InfiniBox and InfiniBox SSA II comes with a strong set of guaranteed SLAs: 100% availability guaranteed, performance guaranteed, and cyber resilience guaranteed. The solution delivers maximum performance with minimum administrative overhead. The DCIG report also highlighted a number of appealing attributes of the InfiniBox platform, including: • AI inside and outside the storage system with InfiniOps, which includes Neural Cache and the company’s data distribution and placement engine utilising machine learning to optimise data placement without tuning. • InfiniVerse, which leverages InfiniMetrics telemetry for cloud-based monitoring, AI-based predictive analytics, and AIOps support software, enabling Infinidat support engineers to take preventative actions before the customer is impacted. • InfiniBox Online Data Mobility, which enables non-disruptive workload movement between InfiniBox systems, ideal for organisations requiring more high-end storage than a single array provides. • Flexible consumption and deployment models, leveraging storage-as-a-service (STaaS). • Infinidat’s fully configured, rack-based approach, which facilitates rapid deployment at a customer location and instant capacity expansion.

Veeam releases new Veeam Data Platform

Veeam Software has introduced the new Veeam Data Platform, a platform delivering advanced data security, recovery and hybrid cloud capabilities. The Veeam Data Platform, which includes Veeam Backup and Replication (VBR) v12, provides secure backup and fast reliable recovery that keeps business running. It brings together the latest features offered from Veeam into a single solution that is offered in three enterprise-grade editions for protecting cloud, virtual, physical, SaaS and Kubernetes applications across complex and expanding IT environments, and the increasing set of challenges facing every organisation from outages to errors and ransomware. Veeam Data Platform delivers the three key requirements to keep a business running: data security, data recovery and data freedom to back up and use data from anywhere without platform or cloud lock-in. There are three enterprise-grade editions: Foundation, Advanced and Premium. All editions contain Veeam’s VBR and Instant Recovery; Advanced and Premium editions also deliver advanced resiliency features including monitoring, analytics and recovery. • Foundation Edition offers complete data protection with VBR v12, which adds more than 500 new features and enhancements. • Advanced Edition combines VBR with Veeam ONE to give customers intelligent monitoring and observability to identify and resolve any backup or recovery problems before they begin. • Premium Edition offers enterprise Modern Data Protection and recovery capabilities as the premier offering - with VBR, ONE and Veeam Recovery Orchestrator (VRO). Building on the other editions, Premium adds the full automation of complex data recovery process with near-zero Recovery Point Objectives (RPOs) while automating testing and providing complete data resiliency with the confidence of one click recovery. Premium edition customers are also eligible for the new Veeam Ransomware Warranty which covers the cost of data recovery, up to $5 million, in the event of a ransomware or cyber attack. “Organisations are more vulnerable than ever. Over the past 12 months, 85% of organisations were attacked at least once - up from 76%,” says Danny Allan, CTO and Senior Vice President of Product Strategy at Veeam. “We understand IT leaders feel they aren’t sufficiently protected and as IT environments continue to grow more complex and demanding, it’s now obvious that Modern Data Protection must be integrated into the overall ‘cyber preparedness’ plan. The Veeam Data Platform brings the best of Veeam solutions together to deliver a single platform with relentless security, reliable data recovery and trusted data freedom, and is designed to give our customers the choice to leverage the right solution that fits their needs and keeps their business running.”  All editions of Veeam Data Platform leverage the latest backup and recovery technology of VBR v12 as its foundation. New functionality that advances enterprise-grade recovery capabilities ensures confidence in the face of disaster or cyber attacks across the hybrid cloud, including: • New Direct-to-object storage backups: take full advantage of the unlimited scalability of on-premises and cloud object storage without sacrificing performance. Send backups directly to Veeam’s ecosystem of object storage partners on-premises with the performance needed to meet goals or backup your edge locations directly to cloud object storage. • Immutability for every workload: ensure backups can always be restored after a cyber attack with comprehensive, enterprise-grade immutability options, including on-premises object, block and file storage, hardened repositories and deduplicating storage appliances, cloud object storage and tape. • Cyber resilient: enable the fastest response to ransomware attacks by identifying, alerting and restoring only clean data, including automation and proven recovery orchestration for all workloads. Empower a zero-trust journey with multi-factor authentication (MFA), password-less service accounts (gMSA) for Windows and single-use credentials for Linux, and fortify defence against cyber attacks with Kerberos-only and IPv6-only environment support. • Hybrid-cloud optimised: achieve even greater efficiency and security across the hybrid cloud with immutable backups for cloud-native AWS and Microsoft Azure workloads, new cloud-integrated agents for lift-and-shift workloads, and unified cloud monitoring and reporting. • Ecosystem Excellence: Veeam Universal Storage API 2.0 and new Smart Object Storage API provide even more future-proofing for enterprise scalability and offsite resiliency. Ecosystem vendors include Pure Storage, Scality and Object First as the inaugural launch partners that integrate with these new APIs. Veeam’s monitoring and analytics solution delivers intelligent insights and visibility within the NEW Veeam Data Platform Advanced and Premium Editions to help identify and resolve issues before problems arise, ensuring the highest protection of critical data. The latest version expands on new capabilities and includes support for more Veeam backup solutions (including Veeam Backup for Microsoft 365). Additionally, new monitoring and visibility capabilities include immutability reporting and data protection statuses for multi-cloud. These new advances deliver more value and insight into businesses’ data protection strategy than ever before. The new Veeam Data Platform Premium Edition also includes recovery orchestration, one of the most powerful tools to cut down time to recovery - delivering confidence in business resiliency. By automating planning, testing and orchestrating the steps needed to recover from a disaster, businesses can simplify operations and prove backup compliance. The Veeam Data Platform now delivers automated, orchestrated recovery to Microsoft Azure, instant restore of Veeam Agents backups as virtual machines (VMs), and an automated recovery rollback for clean, ransomware-free data recoveries. Platform extensions may be added to any of the Veeam Data Platform editions, or operated standalone, including backup for Kubernetes with Kasten K10 by Veeam, Veeam Backup for Microsoft 365, and Veeam Backup for Salesforce.

Exertis signs Veeam to cyber security portfolio

Exertis Enterprise has added Veeam Software to its portfolio - increasing its cyber security offering with a full range of solutions from the backup and recovery provider. The partnership is focused on opportunities in the UK, and Exertis is an official Veeam distributor. The vendor provides organisations with resiliency through data security, data recovery and data freedom for their hybrid cloud. The company offers a single platform for all workloads (cloud, virtual, physical, SaaS and Kubernetes) that gives businesses the peace of mind that their apps and data are protected, and always available so that they can keep their businesses running. Veeam’s software is infrastructure-agnostic, allowing for avoidance of proprietary hardware lock-in, thus optimising TCO and data mobility. “We are delighted to start this new partnership with Exertis Enterprise and welcome them as a distributor to the United Kingdom. Exertis Enterprise are demonstrated experts in cyber security, and as more businesses focus on the protection of their business-critical applications and data to provide cyber resiliency against ransomware attacks and cyber threats, it was a natural choice for us to begin this partnership together,” comments Alex Walsh, Channel and Alliances Director UKI, Veeam. Dominic Ryles, Director of Sales and Commercial - Security at Exertis Enterprise, says, “As the global impact of ransomware continues to rise exponentially, there is a fundamental need for organisations to secure their last line of defence by investing in advanced technologies that prepare for potential attacks. As a market-leader for the sixth time in the 2022 Gartner Magic Quadrant for Enterprise Backup and Recovery Software Solutions, I’m excited to announce that we have joined forces with Veeam to deliver modern data protection to our channel partners, enabling them to use a single platform to own, control, and protect all of their customer data, anywhere, across all workloads. “This is an exciting addition as we continue to expand our cyber security portfolio to enable our channel partners with the most secure, advanced, and powerful solutions on the market to reduce downtime and data loss, whilst meeting stringent SLAs and generating an additional profitable revenue stream.”

Acronis seals cyber protection partnership with Fulham FC

Acronis has announced a three-year partnership with London´s oldest professional football club, Fulham FC. EveryCloud.co.uk will support Acronis as its delivery partner, providing its cutting-edge cyber protection solutions and cloud backup service to the club. Under EveryCloud.co.uk, Acronis will provide Premier League side Fulham FC with a full suite of cyber protection solutions. Arturs Banks, Head of IT of Fulham FC, says, “We are very pleased to be working with Acronis and EveryCloud.co.uk, and we look forward to incorporating them into our cloud backup and file security infrastructure. Its support and expertise will be invaluable to Fulham FC and the Fulham FC Foundation as we continue to prioritise data and cyber security at the club.” Ronan McCurtin, VP of Sales Europe, Israel and Turkey, Acronis, says, “We are proud to be partnering with Fulham FC, a club that understands the importance of keeping their data protected. With EveryCloud.co.uk we have the right partner who will support us in providing the team with a full suite of Acronis cyber protection solutions to protect the team's data assets and optimise data workflow, facilitating the team performing at its best both on and off the pitch.” Paul Richards, Director of Technology, EveryCloud.co.uk, adds, “EveryCloud.co.uk is delighted to partner with Fulham FC alongside our partner Acronis to deliver a complete suite of cyber protection services. Our proven track record of working with Acronis will enable Fulham FC to further protect their data, systems and infrastructure with the reliability and performance of Acronis’ products and services. Even the strongest defence needs backup.”