Data Centre Security: Protecting Infrastructure from Physical and Cyber Threats

Chief Telecom and RETN to enhance DDoS protection

Chief Telecom, a major telecommunications provider in Taiwan offering high-performance data centre services, network solutions, and cloud services, has partnered with RETN, a global network services provider, to leverage RETN’s newly launched DDoS mitigation platform. The solution integrates RETN’s advanced DDoS mitigation technology with Chief Telecom’s strong IP Transit services customer portfolio, offering Chief Telecom’s customers protection against evolving cyber threats while maintaining high-quality, resilient internet connectivity. RETN’s platform provides automated threat detection and mitigation, leveraging machine learning to detect malicious traffic before it reaches the network, ensuring uninterrupted service even during large-scale cyberattacks. In addition, the new platform benefits from RETN’s extensive global network, which connects Europe and Asia, making Taiwan a crucial point in this intercontinental link. The partnership ensures that Chief Telecom can offer businesses in Taiwan robust security features, including volumetric attack protection, application layer defence, and protocol attack mitigation, all supported by a 24/7 Security Operations Centre (SOC) and real-time alerts. Tim Chiang, Vice President of Chief Telecom, says, “By partnering with RETN, we are empowering our customers in Taiwan with world-class DDoS protection and resilient network connectivity. This collaboration ensures that businesses can operate without fear of downtime, even in the face of the most sophisticated cyber threats.” Chief Telecom's Taipei Internet Exchange (TPIX) is one of the largest in Asia, connecting businesses and internet service providers (ISPs) across the region. Chief Telecom plays a key role in ensuring Taiwan’s status as a digital hub, delivering robust connectivity and innovative services to businesses in Taiwan and beyond. As Taiwan grows into a global technology hub with one of the highest internet penetration rates in Asia, businesses face an increasing threat of cyber attacks, especially Distributed Denial of Service (DDoS) attacks. Taiwan’s position as a key gateway for Asia-Pacific internet traffic also increases its exposure to cyber security risks. Chief Telecom thus sought a solution that could provide customers with enhanced DDoS protection, ensuring uninterrupted and secure network services, which are critical for Taiwan’s data-driven economy and high-tech industries. For more from Chief Telecom, click here.

Online event to focus on critical aspects of threat intelligence

ThreatQuotient, a threat intelligence platform innovator, has announced the launch of Cyber Rhino Threat Week, an online event offering key insights from industry leaders and ThreatQuotient executives. Together, they will tackle the most pressing aspects of threat intelligence management. The virtual event will run from 9-13 December and will examine the latest best practices in threat intelligence and addressing the ever-evolving landscape of cyber threats. Throughout the week, cyber security leaders and practitioners from all sectors are invited to attend five dedicated one-hour sessions with multiple registration time options to suit the three regions: the Americas, EMEA and APAC. Each session will focus on different aspects of threat intelligence providing guests with actionable insights and a comprehensive understanding of how to enhance the effectiveness of organisational threat intelligence programmes and initiatives. Commenting on the event, Gigi Schumm, Chief Revenue Officer at ThreatQuotient, says, “Cyber security teams increasingly depend on the strength of collective intelligence, not just to protect their own organisations but their industry and ecosystem of partners. “By equipping ourselves with and sharing the latest threat intelligence and best practices, we can develop strategies to prevent attacks and build industry-wide defences. Cyber Rhino Threat Week exemplifies this effort by gathering top industry insights from key players within the threat intelligence market such as the Head of SOC for Paris 2024, the President and CEO at Cyber Threat Intelligence, the EMEA Executive Director at FS-ISAC and the Technical Director for the National Directorate of Custom Intelligence and Investigations.” This inaugural event underscores ThreatQuotient's commitment to promoting intelligence sharing and collaboration across organisations in order to develop industry-wide responses to cyber threats. With Cyber Rhino Threat Week, ThreatQuotient offers participants a forward-thinking perspective on the future of collective intelligence in cyber security. The sessions featured include special guests and four partners (Dataminr, Team Cymru, Google Cloud and Cybersixgill) who are co-sponsors of the event. For further details and registration, click here. For more from ThreatQuotient, click here.

Espria launches Security Service Edge solution

A new enhanced network security solution has been launched by Espria, a provider of digital workspace solutions. Espria Security Service Edge (SSE) has been designed and developed for any organisation currently using legacy VPN solutions or Always On VPN. Based on Zero Trust principals, Espria SSE replaces the traditional connections to the user's applications, delivering enhanced network security and a seamless user experience that does not compromise on performance or security. Espria thus claims that its Espria SSE is the complete cloud-based solution for workforce access. Brian Sibley, Virtual CTO at Espria comments, “Espria SSE replaces legacy VPNs with ZTNA to minimise the risk of implicit trust and lateral movement and has been designed to reduce the complexity of your existing security estate, as well as cost. With fewer security tools to manage, it means organisations will experience increased efficiency and reduced OpEx. “Furthermore, by leveraging existing Conditional Access policies, organisations will be able to maximise their existing investment in Microsoft tools, while enhancing their security position.” Brian continues, “Cyber security breaches and attacks remain a constant threat for businesses of all sizes. According to the UK Government’s latest Cyber Security Report 2024, half of businesses (50%) and around a third of charities (32%) have reported some form of cyber security breach or attack in the last 12 months. By far the most common type of breach or attack is phishing (84% of businesses and 83% of charities). “Espria's new SSE solution has been launched in response to this rise in attacks, and specifically developed to protect existing investments in Microsoft security solutions. By delivering a solution that unifies an existing security administration, Espria has, for the first time, made available an enhanced security solution that is not only seamless, but cost effective and less complex for users.” Espria SSE is offered in a number of packages dependent on the individual requirement of an organisation. For more from Espria, click here.

Feature - The ways to fight back against rising DDoS attacks

By Tema Hassan, Senior Product Manager at Zayo Europe. One of the most prevalent cyber threats, DDoS (Distributed Denial of Service) attacks target an organisation's online presence by flooding its internet service with traffic, preventing user access. These attacks can entirely disrupt a business’ connectivity and often serve as a smokescreen for more malicious incursions, such as ransomware. You only have to look at the data to see the scale of the issue. Zayo Europe's findings indicate a notable increase in the intensity of DDoS attacks and their impact on businesses from the second half of 2023 to the first half of 2024. On average, a DDoS attack lasted 45 minutes, representing an 18% increase from this time last year. This results in a staggering cost of £4,600 per minute for unprotected organisations, translating to an average of £207,000 per attack. This data alone highlights the severe financial implications of these attacks. Why are DDoS attacks on the rise? DDoS attacks are intensifying for several reasons, one of which, AI, is a double-edged sword. On the one hand, criminals are using AI to make their attacks more sophisticated and bypass traditional defence mechanisms. On the other hand, mitigation platforms can leverage AI to efficiently detect and counter emerging threats. Since DDoS attacks remain a profitable tactic for cybercriminals, businesses can expect these attacks to continue as a harsh reality. Political tensions also appear to be fuelling the increase in DDoS attacks. Government actors and activists frequently use these attacks to make statements or signal intentions. For instance, Imperva's 2024 DDoS report found notable surges in DDoS attacks in Ukraine (519%), Israel (118%), and China (84%). How can businesses protect themselves? While it’s not possible to prevent criminals from targeting businesses with DDoS attacks, the duration of an attack can be minimised to the point where it is nearly imperceptible. This is done via an automated redirect of traffic to a system known as a ‘DDoS scrubber’ that ensures that only legitimate traffic passes through. No matter how long or how severe the attack is, a business that takes this zero-tolerance approach will be properly defended. The attack could last for hours - much like those experienced by governments - but the automated DDoS protection will frustrate the attackers as their efforts will have limited impact. So data centre professionals should certainly be suggesting to clients that they invest in increasing their security. A robust network infrastructure is also critical for data centres and their clients to effectively counter DDoS attacks. As traffic increases due to 5G, AI, and other technological advancements, threat detection becomes even more important. Organisations need to rely on agile, modern networks as the backbone for connectivity and security. Data centres must adopt these modern, flexible networks and move away from legacy and outdated technologies that create vulnerabilities. Without a flexible, up-to-date infrastructure, effective security becomes impossible. Don’t wait until it’s too late As the data indicates, cyber crime is on the rise and shows no sign of slowing down any time soon. While certain sectors - such as manufacturing, telecommunications, and government entities - are more at risk, DDoS attacks can affect any digital business. Any organisation that holds sensitive data could become a target, even if the company is early in its digital journey. Waiting to find out if you’ll be targeted is akin to leaving the key in your front door at night. Businesses must be proactive and take the necessary steps to protect the organisation, the employees and clients. Otherwise, they risk discovering first-hand just how devastating DDoS attacks can be. For more from Zayo Europe, click here.

Infinidat launches cyber security awareness campaign

Infinidat, a provider of enterprise storage solutions, marked the beginning of Cybersecurity Awareness Month by kicking off a campaign to raise awareness about the critical need for enterprises to increase their cyber resilience with next-generation data protection and recovery capabilities in the battle against cyberattacks. Throughout the month of October, Infinidat will be contributing to awareness-building efforts across its social media channels about the emergence of cyber resilient storage as the last line of defence against ransomware and malware. “As we embark into Cybersecurity Awareness Month, we’re excited to help enterprises better understand how to incorporate a cyber-centric, recovery-focused strategy with our InfiniSafe capabilities into their overall cybersecurity approach,” says Eric Herzog, CMO at Infinidat. “Cyber attacks have evolved to increasingly target enterprise storage infrastructure. However, the combination of cyber resilience and cyber security closes the gap and vastly improves the ability to mitigate the impact of cyber attacks, especially ransomware. Broader awareness of best practices in cyber resilience and cyber recovery will be one of the crowning achievements of this month dedicated to cyber security.” Protecting data is one of the most critical actions an IT team must do in their data centre today, and expectations for restoring data and backing up data at multi-petabyte scale have changed. IT teams need to increase next-generation data protection capabilities, and there needs to be data integrity and high reliability with 100% availability, which Infinidat provides. Best practices require an enterprise to ensure data validity and near-instantaneous recovery of primary storage and backup repositories, regardless of the size. This accelerates digital disaster recovery when a cyberattack happens. Krista Macomber, Research Director, Cybersecurity at The Futurum Group, comments, “Cyber security is established as a board-level priority. Given that, it is the data that attackers are after. CIOs and CISOs have begun to critically evaluate the cyber resilience of their organisation's enterprise storage implementations. With this in mind, the need for cyber resilience has established new table-stakes criteria within the storage infrastructure. Strategic planning for capabilities, like Infinidat's InfiniSafe Automated Cyber Protection that helps to mitigate data loss and downtime resulting from a cyber incident, has become critical.” Bob Elliott, VP Strategic Alliances, at Mainline Information Systems, adds, “We’re seeing a growing focus on cyber resilience and rapid recovery in enterprise data infrastructure, especially against threats like ransomware. Adopting a recovery-first strategy helps protect businesses from massive cyber attacks. As IT leaders recognise the importance of next-gen data protection, we expect increased adoption of these solutions. In today’s security-driven landscape, boosting cyber resilience is essential for safeguarding storage systems.” Core pillars of next generation data protection in a cyber-first architecture include: immutable snapshots, logical air-gapping, a fenced forensic environment, and near-instantaneous cyber recovery. These dimensions of cyber resilience are available within Infinidat’s core storage operating system. Moreover, the cyber resilient capabilities that complement, utilise, extend and enable these pillars include cyber detection and automated cyber protection. Infinidat’s InfiniSafe suite provides extensive cyber resilience capabilities, including InfiniSafe Cyber Detection and InfiniSafe Automated Cyber Protection (ACP) along with the stack of all the core pillars of next-generation data protection. InfiniSafe provides secure, end-to-end capabilities to orchestrate with existing security solutions to detect, contain, mitigate and recover from a cyber attack. For more from Infinidat, click here.

90% of cybersecurity incidents could be avoided, survey reveals

Organisations are navigating a landscape of mixed emotions as the Network and Information Security Directive 2022/2555 (NIS2) enforcement date approaches. A regulation that's aimed at strengthening cybersecurity across the EU by expanding the scope and increasing the rigour of security requirements, NIS2 goes into effect on 18 October 2024. Veeam Software, the data resilience expert, commissioned a new survey from Censuswide that revealed that only 43% of EMEA IT decision-makers believe NIS2 will significantly enhance EU cybersecurity. This is despite an overwhelming 90% of respondents reporting at least one security incident that the NIS2 directive could have prevented in the past 12 months. Alarmingly, 44% of respondents experienced more than three cyber incidents, with 65% of those categorised as “highly critical”. The survey results, which encompass the views of over 500 IT decision-makers from Belgium, France, Germany, the Netherlands, and the UK, revealed the state of play less than a month before this directive takes effect. Although nearly 80% of businesses are confident in their ability to eventually comply with NIS2 guidelines, up to two-thirds state they will miss this imminent deadline. Barriers to NIS2 compliance Achieving NIS2 compliance requires businesses to implement essential measures, such as defining incident response plans, securing supply chains, assessing vulnerabilities, and evaluating overall security levels. This includes all affiliated organisations, partners, and supply chains. However, several barriers to compliance persist. Key challenges cited by IT decision-makers include technical debt (24%), lack of leadership understanding (23%), and insufficient budget/investments (21%). Notably, 40% of respondents reported decreased IT budgets since the political agreement for NIS2 was proclaimed effective in January 2023, despite its stringent penalties, which are comparable to those of the EU's flagship data privacy legislation, the General Data Protection Regulation (GDPR). 63% of respondents view the GDPR as strict, and 62% express the same sentiment about NIS2. Competitive pressures amid cyberthreats The slow pace of NIS2 adoption is likely due to the multitude of competing priorities and business pressures that face these organisations. Respondents rank NIS2 lower in urgency than 10 other issues, including the skills gap, profitability, and digital transformation. Worryingly, 42% of respondents who consider NIS2 insignificant for EU cybersecurity improvements attribute this to inadequate consequences of non-compliance, which has led to widespread apathy towards the directive. Additional key findings from the survey include: 74% of respondents see NIS2 as beneficial, but 57% doubt it will have any substantial impact on overall EU cybersecurity posture. Sceptics cite additional concerns such as NIS2's lack of comprehensiveness (35%), belief that compliance doesn’t guarantee security (34%), and overlap with existing regulations (25%). Other barriers include a lack of focus on NIS2 compliance (20%), tight timelines (19%), cybersecurity skills shortage (19%), directive complexity (19%), and organisational silos (19%). Despite conflicting views, most respondents perceive NIS2 positively in the context of their organisation's regulatory obligations, feeling optimistic (33%), confident (32%), and encouraged (27%). Andre Troskie, EMEA Field CISO at Veeam, states, “NIS2 brings responsibility for cybersecurity beyond IT teams into the boardroom. While many businesses recognise the importance of this directive, the struggle to comply found in the survey highlights significant systemic issues. The combined pressures of other business priorities and IT challenges can explain the delays, but this does not lessen the urgency. “Given the rising frequency and severity of cyberthreats, the potential benefits of NIS2 in preventing critical incidents and bolstering data resilience can't be overstated. Leadership teams must act swiftly to bridge these gaps and ensure compliance, not just for regulatory sake but to genuinely enhance organisational robustness and safeguard critical data.” For more from Veeam, click here.

Veeam announces integration with Palo Alto Networks

Veeam Software, a data resilience expert, has announced a new integration with Palo Alto Networks, a global cybersecurity specialist, to simplify security operations and strengthen data resilience. This integration addresses the pressing need for organisations to take an integrated approach to protecting their data backups and proactively respond to cyber threats through the capabilities offered by Veeam’s new apps and Palo Alto Networks Cortex XSIAM and Cortex XSOAR. With this new integration, Veeam is the first Palo Alto Networks partner to independently design and develop a data collector, dashboards, and reports for Cortex XSIAM. Dave Russell, SVP of Strategy at Veeam, explains, "Cyber threats are a reality for every single organisation. It takes teamwork to fight this escalating battle against ransomware. We are excited to integrate with Palo Alto Networks to provide customers with capabilities to further strengthen their data resilience. This powerful integration enables our 550,000 customers to better protect their backups and respond to cyberattacks faster, tightening their security posture and helping to ensure reliable, rapid and trusted recovery.” In today's digital landscape, ransomware attacks are on the rise, with 96% specifically targeting an organisation's backups according to the Veeam 2024 Ransomware Trends Report. This alarming reality poses a significant challenge for IT and security leaders worldwide. Traditional tools struggle to scale for large enterprises, resulting in a high volume of alerts and overwhelming manual processes for security teams. To combat these challenges and fulfil customer demand, Veeam and Palo Alto Networks have integrated technology to centralise, scale, and automate data monitoring and incident response. By integrating Palo Alto Networks AI-driven security operations centre (SOC) platform with Veeam's recovery capabilities, organisations can identify and respond to cyberattacks faster, helping to ensure the resilience of their business-critical backup data. "We are thrilled to collaborate with Veeam, empowering organisations to respond and react more quickly to threats facing their critical data," says Pamela Cyr, VP of Technical Partnerships at Palo Alto Networks. "By combining the power of Palo Alto Networks' AI-driven SOC platform with data resilience capabilities from Veeam, we can help customers identify and respond to threats, ensuring the resilience of business-critical data. The new integration demonstrates our shared commitment to providing organisations with tools and technologies that help them proactively combat evolving cyber threats and strengthen their security posture." The integration introduces two new applications – the Veeam apps integrated with Cortex XSIAM and Cortex XSOAR that leverage a bi-directional API connection to monitor, detect, and respond to security incidents impacting critical business data and data backups. The Veeam app integrated with Cortex XSIAM brings data from Veeam Backup & Replication and VeeamONE environments into Cortex XSIAM, providing a centralised view of data and backup security-related activity. The Veeam app, integrated with Cortex XSOAR, enables regular API queries against Veeam Backup & Replication and Veeam ONE, monitoring for significant security events or alerts. Both applications are included at no charge to Veeam Data Platform Advanced and Premium customers. For more from Veeam, click here.

UK data centres designated Critical National Infrastructure

The UK government has made the country’s data centres Critical National Infrastructure to protect the country’s data against IT outages, cyber attacks and environmental emergencies. It’s the first Critical National Infrastructure designation since 2015, putting data centres alongside water, energy and emergency services systems, giving them greater government support when recovering from critical incidents. As part of the designation, a dedicated CNI data infrastructure team of senior government officials will be formed to monitor for potential threats, working closely with agencies such as the National Cyber Security Centre and emergency services to ensure data, from photos to NHS records, is protected. Jennifer Holmes, CCO at LINX, comments, “Data and network traffic is growing exponentially as people and businesses rely more and more on digital services. Here at LINX we have been classed as critical national infrastructure in the UK for many years and wholly support this recognition for our data centres, many of whom are valuable partners of ours. “As data continues to scale, resilient infrastructure becomes increasingly important to ensure uninterrupted data flow and protect against downtime, which can prove costly across many sectors. “This move should form part of a wider internet redundancy strategy, creating protocols and fail-safes to reroute network traffic in the event of an outage. Threats such as cyber attacks or extreme weather conditions are a case of when, not if, so it’s vital to have redundancies in place to not only protect data centres, but ensure networks stay online." With the CNI designation, the government will work to build contingency plans to mitigate risks and damage caused in the event of an attack against a data centre. This will work in tandem with the proposed Cyber Security and Resilience Bill to strengthen the UK’s cyber defences. Technology Secretary Peter Kyle says, “Data centres are the engines of modern life, they power the digital economy and keep our most personal information safe. Bringing data centres into the Critical National Infrastructure regime will allow better coordination and cooperation with the government against cyber criminals and unexpected events.” It follows the Chancellor’s announcement of an £8 billion investment in the UK data centre market, aiming to create 14,000 jobs and spark economic growth. The UK is currently home to the highest number of data centres in Western Europe, becoming an increasingly valuable driver of the UK economy.

Kiteworks boosts data collection capabilities with new acquisition

Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network (PCN), has acquired 123FormBuilder, a provider of advanced data collection through secure web forms and form-driven private content workflows. Kiteworks says that this strategic move further strengthens its position as a trusted provider for organisations seeking to protect sensitive content across their entire content communications ecosystem. “We are very excited to welcome Florin and the talented team at 123FormBuilder to the Kiteworks family,” says Amit Toren, SVP of Corporate and Business Development at Kiteworks. “123FormBuilder’s emphasis on security and compliance aligns with our PCN vision. Our customers will benefit from no-code, dynamic form creation, as well as bidirectional integration of web forms with various solutions such as Salesforce, Stripe, Shopify, HubSpot, and others. “In addition, this acquisition further solidifies Kiteworks’ aggressive growth strategy and demonstrates our continued momentum in expanding our market presence and technological capabilities through strategic M&A activities.” Integrating 123FormBuilder’s advanced data collection through secure web forms and form-driven private content workflows into the Kiteworks Private Content Network will enable 123FormBuilder’s customers to benefit from a unified platform that centralises tracking, control, and security of sensitive content communications. Consolidation of audit logs into one platform will also streamline compliance tracking and reporting for 123FormBuilder customers. 123FormBuilder offers a comprehensive, modern, secure web forms platform, enabling customers to build secure registration forms, order forms, surveys, and other form types quickly and easily. The company offers advanced no-code, drag-and-drop online form creation that includes conditional logic, e-signature functionality, multipage forms, file uploads, and integrations with over 45 popular tools for streamlined workflow automation. “123FormBuilder is thrilled to join the Kiteworks family and contribute to its PCN vision, empowering organisations to manage security and compliance risk across communication channels,” notes Florin Cornianu, CEO of 123FormBuilder. “Our team at 123FormBuilder has worked tirelessly to develop a secure and user-friendly platform for data collection, a technology that will thrive under Kiteworks’ guidance. The acquisition extends our long-term security and compliance commitment to innovation bolstered by a profitable, well-funded organisation committed to the highest security and compliance standards.” Kiteworks’ acquisition of 123FormBuilder follows on the heels of its recent $456 million growth equity investment. For more from Kiteworks, click here.

Custocy partners with Enea for AI-based NDR integration

Custocy, a pioneer in artificial intelligence (AI) technologies for cybersecurity, is to embed Enea Qosmos deep packet inspection (DPI) and intrusion detection (IDS) software libraries in its AI-powered network detection and response (NDR) platform. This integration will enable Custocy to improve accuracy and performance and support product differentiation through detailed traffic visibility and streamlined data inspection. Custocy uses layered, multi-temporal AI functions to detect immediate threats as well as persistent attacks. This approach streamlines the work of security analysts through attack path visualisation, improved prioritisation, workflow support and a radical reduction in the number of false-alarm alerts (‘false positives’). By integrating Enea software into its solution, Custocy will have the exceptional traffic data it needs to extend and accelerate this innovation while meeting extreme performance demands. Enea’s deep packet inspection (DPI) engine, the Enea Qosmos ixEngine, is the most widely embedded DPI engine in the cybersecurity industry. While it has long played a vital role in a wide range of security functions, it is increasingly valued by security leaders today for the value it brings to AI innovation. With market-leading recognition of more than 4,500 protocols and delivery of 5,900 metadata, including unique indicators of anomaly, Qosmos ixEngine provides invaluable fuel for AI innovators like Custocy. In addition, the Enea Qosmos Threat Detection SDK delivers a two-fold improvement in product performance by eliminating double packet processing for DPI and IDS, optimising resources and streamlining overheads. And thanks to Enea Qosmos ixEngine’s packet acquisition and parsing library, parsing speed is accelerated while traffic insights are vastly expanded to fuel next-generation threat detection and custom rule development. These enhancements are important, as demand for high-performing NDR solutions has never been higher. NDR plays a pivotal role in detecting unknown and advanced persistent threats (APTs), which is a challenge certain to become even more daunting as threat actors adopt AI tools and techniques. Custocy is well-positioned to help private and public organisations meet this challenge with a unique technological core built on AI that has earned the company a string of awards; the latest being Product of the Year at Cyber Show Paris. Jean-Pierre Coury, SVP Embedded Security Business Group, comments, “Custocy has developed its solution from the ground up to exploit the unique potential of AI to enhance advanced threat detection and security operations. AI is truly woven into the company's DNA, and I look forward to the additional value it will deliver to its customers as they leverage the enhanced data foundation delivered by Enea software to support their continuous AI innovation.” Custocy CEO, Sebastien Sivignon, adds, “We are thrilled to join forces with Enea to offer our customers the highest level of network intrusion detection. The Enea Qosmos ixEngine is the industry gold standard for network traffic data. It offers a level of accuracy and depth conventional DPI and packet sniffing tools cannot match. Having such a rich source of clean, well-structured, ready-to-use data will enable Custocy to dramatically improve its performance, work more efficiently and devote maximum time to AI model innovation.”