Cyber Security Insights for Resilient Digital Defence

Infinidat named on the 2023 CRN Storage 100 List

Infinidat has announced that CRN has named it in its annual Storage 100 list in the software-defined storage category. The Storage 100 recognises industry-leading storage vendors that provide transformative, channel-friendly solutions and services. Infinidat was selected for the 2023 Storage 100 list because of its powerful commitment to pushing the boundaries of innovation through cyber resilient, software-defined storage enterprise solutions, while building strategic relationships with IT solution providers in the channel. Infinidat supports its channel partners with one of the most robust partner programs in the industry, earning a five-star rating from CRN last month for the second year in a row. “Infinidat has set a new standard for enterprise storage, delivering an outstanding portfolio of award-winning storage solutions for enterprises and service providers seeking the best in primary storage, modern data protection, disaster recovery, business continuity, and cyber storage resilience,” says Eric Herzog, CMO at Infinidat. “We’re very honoured to be named on the 2023 CRN Storage 100 list. It affirms our continued momentum working with our channel partners to shape the future of enterprise storage.” Supporting growth, Infinidat recently rolled out a series of new initiatives, extensions, and updates to its channel partner program worldwide. Among the most popular additions is the introduction of its major new sales enablement and training program - the Infuziast Certified Partner Program. Channel partners, ranging from sales consultants to technical personnel, will be able to earn certification and rewards through this new program. Infinidat is also establishing partner advisory boards for the channel this year. Go-to resource for IT solution providers The Storage 100 list is a valuable resource for solution providers looking for vendors, including Infinidat, that can support them in a complex storage market with portfolios in areas such as data protection, management and resilience, software-defined storage, and storage components. This year’s list represents the industry leaders of storage technology that can be used for on-premises or cloud deployments. Infinidat is a leader in cyber resilient storage for hybrid cloud implementations. Infinidat is the winner of more than 30 storage industry awards and recognitions since January 2022.  “CRN’s 2023 Storage 100 list recognises the leading vendors that are delivering transformative advancements in storage technology and bringing modern solutions to customers and solution providers that are built for the future,” says Blaine Raddon, CEO of The Channel Company. “We are honoured to recognise their contributions as the leading players in storage technology for 2023.”

Industry leader continues to define the API security market

Noname Security has announced enhancements to its API security platform to help organisations protect their API ecosystem, secure their applications, and increase cyber resilience. Noname enables secure growth with API security innovation  Today, APIs drive businesses, delivering value to customers, clients, patients, users, shareholders, and more. However, securing APIs - and all of the critical assets they connect - has become more difficult than ever as APIs attacks have increased exponentially. IBM Security X-Force reported that two-thirds of its analysed incidents were due to unsecure APIs. “APIs are the connective tissue for the digital world, but the explosion in API use has created new and rapidly growing threats to organisations across the globe. We created the Noname API Security Platform to uniquely address the modern API ecosystem, with discovery, insight, protection, and testing capabilities,” says Shay Levi, co-founder and CTO at Noname Security. “Doing so means not only securing APIs and their use, but also improving the speed at which our customers can expand their businesses.” Discover more and strengthen security posture Noname Security’s discovery and posture management solutions locate and provide insight to every API in an organisation’s ecosystem, uncovering vulnerabilities (including the most recent OWASP API Top Ten), protecting sensitive data, and proactively monitoring for changes, including in OpenAPI and other specifications. New capabilities enable customers to: • Gain complete visibility and detailed insights to protect APIs with customisable discovery, flexible tagging, and datatype assignments - including PII, PCI, PHI, and custom categories - for grouping APIs by application, business unit, and more. • Understand APIs in rich context with visualisations of business logic, physical network infrastructure, and API traffic to understand specific interactions and behaviour patterns. • Secure containerised applications with enhanced discovery and detection for Kubernetes (k8s). • Prioritise resources and eliminate blind spots with extensive infrastructure inventories for AWS and Azure, enabling organisations to find unprotected APIs, map the connections between APIs and infrastructure resources, pinpoint resources that could increase the attack surface, and resolve potential issues with full context. Stop attacks with runtime protection  Noname Security Runtime Protection detects and blocks API attacks with real-time traffic analysis, out-of-band monitoring, inline remediation options, and workflow integrations to increase SOC effectiveness. New capabilities enable customers to:  • Identify business-logic-based attacks immediately with updates to the industry’s most advanced anomaly detection engine using artificial intelligence and machine learning (AI/ML), including unsupervised online learning. • Reduce Mean-Time-To-Resolution (MTTR) with more context on issue records, including detailed remediation guidance and tools for deeper investigation. • Fully align with security operations centre (SOC) processes with automation, custom workflows, and integrations with existing systems such as ITSM, SIEM, SOAR, and more. Deliver secure APIs faster with active testing  Noname Security Active Testing is a purpose-built API security testing solution that helps organisations add security into the CI/CD pipeline without sacrificing speed. The newest version of active testing enables customers to:  • Shift left with integrations into the entire software development lifecycle (SDLC). Teams get dynamic API visibility across multiple states and environments throughout the CI/CD process. • Leave no API untested with a unique ability to find and test every API based on an understanding of the application’s business logic. • Empower developers with best-in-class usability such as simple set up and automation, in-line test results, and contextual guidance for request failure mitigation. Continuously adapt to changing environments Noname Security offers the most flexible and comprehensive set of deployment and integration options available. New capabilities enable customers to:  • Rapidly realise value with simplified step-by-step onboarding and in-app guidance. • Meet any deployment requirement with both agentless and agent-based options, including eBPF, and both out-of-band and inline protection options. • Easily manage complex deployments with automatic updates across cloud-hosted, self-hosted, hybrid, and distributed deployments. • Maintain data residency and reduce overhead with remote engines to aggregate traffic into a centralised console, allowing you to keep data within your control and reducing traffic. • Meet strict public-sector compliance requirements with a new hardened virtual appliance. • See the entire attack surface with additional integrations and improvements to Akamai, AWS ECS, Cloudflare, Oracle Cloud Infrastructure, Citrix, and other connectors.  

Matt Dawson to help build team cultures at DTX + UCX Manchester

Manchester will play host to the north’s biggest digital and IT transformation event in May - with World Cup-winning rugby star, Matt Dawson, the former Director General of MI5, Dame Stella Rimington, and Greater Manchester Mayor, Andy Burnham, headlining as the city gears up for Tech Week 2023. Digital Transformation EXPO (DTX) has been a firm fixture in the region for seven years, running previously as IP EXPO. The 2023 event will see the greatest gathering of enterprise IT and digital professionals yet - with thousands flocking to Manchester Central on 17-18 May for keynote speeches, regional case studies, interactive panels, technical workshops and community socials. In light of enterprise IT teams feeling mounting pressure to balance accelerated innovation with cost optimisation, the event will focus on the cornerstone theme: ‘Together We Transform’. Uniquely placed to encourage collaboration, the combined showcase DTX + UCX Manchester 2023 will connect leaders in cloud, networks, data, devops, cyber security and the modern workplace to tackle the coming challenges together. Attendees will discuss and debate how to optimise tech stacks, unravel legacy data systems, design a next-generation engineering strategy, operate feature-rich modern workplace toolsets, build threat-responsive ecosystems, and meet changing customer demands. Matt Dawson - who is fast approaching the 20-year anniversary of his World Cup victory - will reflect on a long and varied career in a keynote interview on ‘Finding your edge: how to overcome weakness, trust your intuition and lead a team through hard times’. He will offer insights on how to build a world-class team culture, the lasting value of critique to guide tactics and what it takes to be your best, on and off the field. Dame Stella Rimington - the first woman to become Director General of MI5, and dubbed the real-life M from James Bond - will share how to lead in times of challenge and change. Revealing how she has navigated a life of unexpected opportunities, Dame Stella will discuss why human insight is still critical to success when assessing information, even as artificial intelligence advances at rapid speed. Greater Manchester Mayor, Andy Burnham, returns to close the show on day one with a first-look at the digital vision laid out in the Greater Manchester Digital Blueprint for 2023-2026. Other big hitters on the line-up include John Hobson, Chief Information Officer at Kellogg Company; Ben Morris, Global Director of Cyber Security at The Hut Group; Mivy James, Digital Transformation Director at BAE Systems Digital Intelligence; Adam Lindsay, Director of Business Operations at Groupon; Leanne Fitzpatrick, Director of Data Science at The Financial Times; Rob Black, Technology Director at Beauty Bay; and Risk Alkunshalie, Head of Technology at Manchester Airports Group. The brands behind cutting-edge enterprise IT technology will also be ready to showcase the tools needed to power a digital future. Taking centre stage are Dell, AWS, Okta, Ring Central, Blue Jeans, Threatlocker, Slalom Build, Sophos, Intel, Sentinel One and Gamma, along with many other exhibitors. Head of Research and Portfolio Development for DTX, Natasha Taylor, states, “Manchester is a world-leading hub of technology and innovation, which makes it the perfect place to host the biggest digital transformation and IT event the north has ever seen. “This year is going to be the best yet - featuring a phenomenal line-up of guest speakers, a huge variety of exhibitors and some surprises on the show floor. “We’re proud to bring together teams from all realms of the enterprise IT space, across every industry, to share ideas, tackle the latest challenges and troubleshoot tricky problems. Every year we witness the real-time collaboration needed to drive the delivery of ambitious transformation plans. “DTX + UCX Manchester is the place where great minds discuss ground-breaking ideas, and we can’t wait to hear what the big topics of conversation are this year.”

The data centre operators investing in DDoS mitigation

By Adrian Taylor, VP EMEA at A10 Networks For commercial data centre operators, business is good. Inventory and workloads are growing, while the percentage of vacant capacity is shrinking - indicators of success that have led to a projected industry revenue of nearly £50 billion by 2025. Although the future of the industry is looking bright, there are some threats on the horizon. The cost of downtime continues to grow. The Uptime Institute found one in four data centre incidents of downtime exceed $1 million. As DDoS attack methods become more sophisticated, effective and frequent, data centre operators need to bank on mitigation. A recent survey by A10 Networks and Gatepoint Research found that senior decision makers at commercial data centres are under siege from cyber criminals. Data centre and colocation providers are concerned not only about the cost of intensifying DDoS attacks, but also about lost business and reputational damage. Dissatisfied with their current data centre security and DDoS defence capabilities, many are seeking better ways to address the threat - and an increasing number want to extend that protection-as-a-service to their tenants as well. The simple yet devastating DDoS threats As disclosed in the latest A10 Networks DDoS Threat Report, DDoS threats are soaring. The number of tracked DDoS weapons in the environment has nearly tripled in the past two years, and the 3.45 Tbps DDoS attack on Microsoft Azure in late 2021 showed the unprecedented scale hackers are now capable of achieving. Of course, size isn’t everything - even attacks under 500Mbps that slip through data centre security gaps can have a significant impact on service. In fact, these smaller exploits are proliferating fast, as botnets-for-hire make it easy for even unskilled hackers to wreak havoc. A single compromised server can open the door to a flood of malicious traffic in under half a minute. Commercial data centre operators are all too aware of the situation, reporting to A10 Networks that DDoS threats in their networks are growing more sophisticated (64%), more frequent (48%), and larger (38%). Even a single DDoS attack can have a serious impact, impairing or denying mission-critical services for an individual data centre tenant or across the entire facility - and nearly one in 10 survey respondents are suffering such incidents weekly, or more. Lost business and customer attrition from a DDoS attack is a concern for nearly two-thirds of providers, and rightly so. Staying ahead of evolving tactics While data centre security and DDoS defence capabilities such as fast detection and response can limit the damage from a DDoS attack, time is of the essence. Data centre and colocation providers need to be able to distinguish a sudden flood of fraudulent requests from legitimate usage in real time, at massive scale, to filter out malicious traffic without disrupting their customers’ normal business operations. DDoS mitigation solutions typically offer features and capabilities such as benchmarking, anomaly detection, IP reputation lists, connection and rate limits, and attack mitigation, but these essential DDoS defence tasks need to be performed thoroughly and frequently. The A10 Networks-Gatepoint survey reported that data centre operators missed attacks, saw slowed performance, decreased service availability, and in an alarming number of cases, an inability to adequately detect DDoS threats at all. Nearly two in five are planning to re-evaluate their DDoS defence solution in the near future. Tenant shielding services Value-added services are a core element of the commercial data centre business, with a large majority of survey respondents going beyond space, power, and cooling to offer managed network services, professional IT consulting services, and remote management and troubleshooting. Given the tenant mix of the typical commercial data centre, often dominated by financial services, retail, and government customers, data centre security services are also a very popular offering. DDoS mitigation is particularly well suited to this model. From the tenant’s perspective, a DDoS mitigation service makes it possible for even small businesses to tap into high-end features such as machine learning, automation, and rapid mitigation. For the data centre provider, protection for individual tenants can reduce the risk of an out-of-control attack causing ancillary damage to neighbouring tenants or the data centre itself. When offered free of charge, DDoS mitigation can be a powerful competitive differentiator and customer enticement. Offered on a paid basis, potentially in multi-tiered models, DDoS mitigation services can open a rich new revenue stream. However, many in the industry have been slow to respond to either the advantages or the necessity of tenant DDoS mitigation, with only 58% offering such services either free or for an added fee. As DDoS threats increase, investing in effective mitigation services is a vital step for data centre operators, in order to protect tenants, themselves, and to fulfil the bright projections for the industry.

virtualDCS signs agreement with Seagate

virtualDCS is continuing to improve the speed at which its partners can restore, move, and consolidate data after forming a unique partnership with Seagate. The new Seagate Lyve offering, known as CloudCover Shuttle at virtual DCS, offers a fast and secure method of physical data transfer to avoid long transfer times that are dependent on internet bandwidth. The shuttle enables businesses to move their data quickly, securely, and simply from endpoints to the edge and to the landing destination of the data - be it private, public, or hybrid clouds.   Organisations that are seeding backup data, recovering data after a disaster, or carrying out hardware upgrades and cloud migrations, can now access a physical data ‘shuttle’ service, without the need for capital expenditure and hardware purchases. The shuttle offers a range of storage capacities and is delivered promptly, as well as being securely encrypted and tracked while it is being transported. Once the shuttle is returned, it will then undergo a full crypto-erase. The new offering is an extension of the virtualDCS CloudCover suite of services, which enables virtualDCS partners and their customers to backup and replicate business-critical data on their terms. Kurt Kiefer, Chief Revenue Officer at virtualDCS, says, “Our CloudCover suite is extremely popular, offering a comprehensive range of data protection services from full backups to near real-time failover of systems, as well as protecting against ransomware and other cyber threats. “Although data protected by the CloudCover suite can be recovered almost immediately, the ability for an organisation to fully restore and move data back to its own systems after a DR event often brings additional challenges. A stage that’s frequently underestimated by many is the reabsorption of the data back to its original location, or even to a cloud platform. ”Even though a few terabytes can be restored relatively quickly, for larger datasets it can take days, weeks, or even months and will completely saturate networks and internet bandwidth. CloudCover Shuttle addresses this challenge of repatriating data back to its origin in a timely, controlled, and secure manner. “Joining forces with Seagate Lyve solutions, CloudCover Shuttle offers organisations a level of security and encryption that exceeds anything else in the market including user-based permissions, tracking and crypto-erase. “This is particularly compelling for organisations operating in industries that have high levels of compliance and that can’t risk their data falling into the wrong hands, as well as anyone who understands the value and concept of time to data. “Crucially, we’ve also created a simple pricing model, where customers pay for the time they need the shuttle, rather than having to buy their own physical device, which would require a substantial investment and take up more valuable time.” Steve Jones, Lyve Business Development Manager at Seagate, says, “virtualDCS is always exploring how it can maximise data innovation. It has identified that many organisations faced a problem around data logistics and time to data after recovering from a disaster, which until now has been a big industry challenge. “Our new collaboration addresses this problem by providing one of the fastest, most reliable and secure data storage and transfer services giving a clear competitive advantage not only to virtualDCS, but also to its partners and customers.”   

New security platform to fight AI-based cyber attacks

OryxAlign has launched securyXDR, a fully managed extended detection and response (XDR) platform. An advanced form of antivirus and malware management, the system is part of a solution that will address the expected rise in sophisticated AI-phishing attacks. It will be valuable for SMEs, or those with a hybrid and remote workforce, across sectors including financial services, recruitment, legal and more. Traditionally, antivirus systems have operated in silos, being limited to detecting and responding to threats on individual devices, or endpoints. The solution was previously Endpoint Detection and Response (EDR). With the rise in hybrid and remote working, and the reliance on networked storage and cloud-based workflows, there is now a need for visibility of threats across a company’s entire IT ecosystem. “In 2023, we expect to see a sharp rise in sophisticated AI-based phishing attacks, as well as endpoint attacks on remote and hybrid workers. The criminals’ focus may change to SMEs as they are believed to have weaker security,” explains Nathan Charles, Head of Customer Experience. “But because we combine our XDR platform with EDR and email management we can fight fire with fire. “securyXDR is our new cyber security XDR platform that is offered as a fully managed service, in partnership with an outsourced security operation centre (SOC) that has 200 staff globally,” continues Nathan. “Given that even small networks can generate tens of thousands of cyber security alerts a day, the securyXDR managed service will alleviate the pressure on internal IT teams, taking them away from manually triaging and responding to individual threats, and focusing on more productive projects. “We know that the loss of productivity following a cyber attack can be just as devastating as the initial damage to your IT system. The cost of having an XDR system in place will more than pay for itself in the long run, by providing early detection of threats. What’s more, SOCs are uniquely positioned to respond to threats, by applying their broad learning from a high volume of attacks across their managed networks.” OryxAlign says that securyXDR stands out from other enterprise XDR platforms by offering customisable service plans based on customer needs. For example, users can select how long log files are stored to minimise storage costs, choose custom restore points for compromised endpoints, and set their choice of response urgency, typically from one to three hours.

Jane Frankland takes up advisory role at e2e-assure

e2e-assure has announced that Jane Frankland has joined the business as an advisor. Bringing over two decades of experience, her appointment reinforces e2e’s commitment to nurturing a diverse and unique set of skills and knowledge to help guide the company. Commenting on her new role, Jane says, “I'm thrilled to join e2e-assure and be part of a team that is dedicated to establishing trust, transparency and reliability in the increasingly complex world of cyber security. As experts in threat detection and response, an agile, innovative, and value-driven boutique player, serving clients of all sizes from the UK and Australia, e2e-assure serves an invaluable role in today's uncertain and expanding digital world. As an advisor, I'm looking forward to helping them scale, further innovate, and create a securer future for all.” Jane has built a stellar reputation as an award-winning leader, bestselling author, and women’s change agent. Referenced by Wiki, LinkedIn (as a Top Voice) and UNESCO, she works as a board advisor, speaker, consultant, coach and trainer. She is well-known for all the work she does to attract and retain women in cyber security through her writing, keynotes, consulting and her brand-new women's career platform, The Source. Rob Demain, CEO and Founder of e2e-assure comments, “We’re absolutely delighted and privileged to have Jane join the business. We recognised that, if we wanted to continue in our commitment to helping our customers succeed, we needed to ensure that we had someone with deep experience, a strong track record and gravitas. Visionary and highly respected within the market, Jane was a natural choice. We’re excited for her to be part of our journey, helping us to reinforce our mission - that is to give our customers greater access to faster, simpler and more cost-effective threat detection and response solutions.”

New group formed to overcome attacks against data centres

Operators will be given the tools to enhance the security measures within their data centres as a result of the new Data Centre Work Group, formed by the Trusted Computing Group (TCG). Data centres play a crucial role for business operations across the globe, but they remain prime targets for cyber criminals. Should an interposer position themselves between the Central Processing Unit (CPU) and a hardware Root of Trust - such as the Trusted Platform Module (TPM) - within a data centre, they can cause significant damage by gaining possession of legitimate control signalling between the CPU and the TPM. Interposers can even inject their own boot code into the CPU and wield an authorisation key to fool a remote verifier to make the TPM attest the integrity of fraudulent information. This allows them to snoop, suppress and modify vital signals and measurements, and, as a result, will be able to access and exploit secrets and information from within the data centre, weaponising it against the operator. To this end, the Data Centre Work Group at TCG has been formed to establish trust within systems and components within a data centre, focusing primarily on developing protective measures against any active interposers within a system. The Work Group will examine the existing attack enumerations against data centres, and devise ways to avoid or mitigate them. These attacks include the feeding of compromised boot code to the CPU, impersonations of the CPU to the TPM, the suppression and injection of false measurements to a legitimate TPM, and the redirection of legitimate measurements to an attacker controlled TPM. “With the formation of this Work Group, a TPM will be empowered to protect the resources and communication of a CPU to which it is bound with precise, given measurements”, says co-Chair of the Data Centre Work Group, Dennis Mattoon. “The TPM will also be able to prove the measurements and the correct CPU instance of a given object to a verifier. We look forward to developing our plans to continue establishing trusted computing within data centres”. Dennis and Jeff Andersen have been confirmed as the co-Chairs of the Work Group. Dennis is a Principal Software Development Engineer for Microsoft Research, and co-Chairs the attestation, supply chain security, DICE, and marketing work groups at TCG. Jeff is a Staff Software Engineer at Google and became a member of the TCG in 2021. “We’re delighted to publicly announce the formation of the new Work Group”, says Jeff. “Current data centre hardware designs make it difficult for CPUs to be permanently bonded with the TPM, creating a gap for malicious entities to exploit. Our goal is to overcome the interposers operating within this area and mitigate the significant threats they can bring to data centres.” The Work Group will also look at protecting the data centre against hackers looking to clear platform configuration registers (PCRs) in the legitimate TPM by falsely asserting that the CPU has reset. As a result, operators will be able to trust that the components and hardware found within the system are operating successfully without the fear it may become weaponised by an attacker.

Neterra stopped nearly 500,000 DDoS attacks in 2022

Neterra protected its customers from 488,151 DDoS attacks in 2022. To do this, the company implemented various effective solutions that include a cloud platform, specialised hardware equipment, and a combination of the two. Of the total number of attacks, its cloud platform stopped 135,590 and its hardware stopped 352,561. DDoS attacks aim to disrupt (wholly or partially) user access to the services or equipment of a specific company - targeted as a victim. Often, for example, the victim's website becomes unavailable, loads slowly and returns errors. While the company is under attack and struggling to restore normal operations, the perpetrators take advantage of the breach to gain access to its resources. Most DDoS attacks aim to steal data, money, or intellectual property. Customers of Neterra's DDoS protection service can monitor statistics of attacks against them in real time through the unified monitoring system, as well as make periodic inquiries, for example - the number of attacks daily, monthly, and annually. They can also see what each of the attacks looked like. In addition to protection from DDoS attacks, Neterra offers complete solutions for enterprises for both cyber security, such as backup and ransomware protection, and for connectivity - dedicated internet access (DIA), data centre and managed services, IT service and resource rental.

Macquarie Telecom delivers 17 consecutive halves of growth

Macquarie Telecom Group has announced its results for the half-year, which ended 31 December 2022. Chairman, Peter James, says, “This result represents our 17 consecutive half of EBITDA growth, an outstanding achievement demonstrating the continuing momentum in our business and the capability of our people.” Key Points • 17 consecutive halves of profitable growth. • Revenue of $172.5 million, an increase of 16% on 1H FY22 ($149.3 million). • Earnings before interest, tax, depreciation, and amortisation (EBITDA) of $51.3 million, an increase of 26% on 1H FY22 ($40.5 million). • Net profit after tax of $8.5 million, an increase of 133% on 1H FY22 ($3.7 million) reflecting the increased profitability across all segments. • Capital expenditure for 1H FY23 was $33.2 million (1H FY22: $68.9 million) driven by Growth Capex of $15.0 million, Customer Related Capex of $11.6 million and Maintenance Capex of $6.6 million. Chief Executive David Tudehope, says, “We are very pleased to deliver another strong result for our shareholders. We continue to grow by staying ahead of emerging trends in the technology sector and investing in the right solutions for our customers. We pair the best technology with the best customer service and operate in markets that continue to have significant growth potential, such as digital infrastructure and cyber security.” Outlook • FY23 EBITDA is expected to be approximately $102 to $104 million which includes Macquarie Data Centres expected EBITDA of $32 to $33 million. Continuing investment in Cloud Services & Government and Macquarie Data Centres underpins this profitable growth. • ATO contract extension demonstrates the continued demand from our Federal Government Agencies for cyber security services, providing high confidence for future growth in the Government business. • Site preparation works are underway to prepare the Macquarie Park Data Centre Campus in anticipation of obtaining the DA for IC3 Super West. • Telecom operational efficiencies will continue. • Net debt to be reduced in FY23. • FY23 Total Capex is expected to be between $72 - $76million. • FY23 Depreciation is expected to be between $63 and $67 million.