Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
The U.S. government spent billions on a system for detecting hacks and the Russians outsmarted it.
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=160223598
SolarWinds incident should be a catalyst to rethink federal cybersecurity
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=160426799
==================================================================
The Wave alternative below is worth the read!!!
http://www.wavesys.com/wave-alternative
Choose data protection that actually works.
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
http://www.wavesys.com/
http://www.wavesys.com/contact-information
10 of 15 of DOD’s Major IT Projects Are Behind Schedule, GAO Found
https://www.nextgov.com/it-modernization/2021/01/10-15-dods-major-it-projects-are-behind-schedule-gao-found/171155/
Lack of talent is one of the key reasons Defense officials cited for shortfalls implementing cybersecurity best practices.
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
Wave Systems Announces First U.S. Federal Government Customer for Wave Virtual Smart Card 2.0
http://www.wavesys.com/buzz/pr/wave-systems-announces-first-us-federal-government-customer-wave-virtual-smart-card-2.0
Lee, MA -
October 2, 2014 -
Wave Systems Corp. (NASDAQ: WAVX) marked an important sales milestone by announcing the first U.S. federal government customer for its Virtual Smart Card 2.0.
Since the Virtual Smart Card 2.0 became commercially available in late July 2014, Wave has entered into dozens of pilot deployments in multiple sectors, including healthcare, financial services, automotive, energy and utilities. However, today’s announcement marks the product’s first sale in the government sector.
“This is an important milestone for Wave,” said Bill Solms, CEO of Wave. “Wave Virtual Smart Card 2.0 has been purchased by a government agency with significant security requirements and one that requires redundant means of system authentication due to national security interests. This initial sale is modest compared to the addressable market within the Federal Government sector, but it is important to our strategy for marketing the Virtual Smart Card to address critical government infrastructure defense.”
“We believe that this sale, which was completed on a shorter sales cycle than we had anticipated, supports our view that customers are interested in the type of cyber security solution that Wave’s Virtual Smart Card 2.0 provides,” Solms added.
Wave Virtual Smart Card 2.0 is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7. It also supports Windows 8 and 8.1. Wave’s new solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, lower total cost of ownership, and a reduced risk of unauthorized use.
Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure PIN and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with TPM 1.2 or TPM 2.0
=================================================================
Army Reserve gets its first cyber general
https://www.fedscoop.com/army-reserves-first-cyber-general/
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
One Million Compromised Accounts Found at Top Gaming Firms
https://www.infosecurity-magazine.com/news/one-million-compromised-accounts/
Security researchers have warned gaming companies to improve their cybersecurity posture after discovering 500,000 breached employee credentials and a million compromised internal accounts on the dark web.
Tel Aviv-based threat intelligence firm Kela decided to investigate the top 25 publicly listed companies in the sector based on revenue.
After scouring dark web marketplaces, it discovered a thriving market in network access on both the supply and demand side.
This included nearly one million compromised accounts related to employee- and customer-facing resources, half of which were listed for sale last year.
Compromised accounts linked to internal resources like admin panels, VPNs, Jira instances, FTPs, SSOs, developer-related environments and more were found in virtually all of the top 25 gaming companies studied.
This could put these firms at risk of customer data theft, corporate espionage, ransomware and more. Kela said it had tracked ransomware attacks on four gaming companies in recent months.
“Credentials to internal resources of recently attacked companies – such as VPN, website management portals, admin, Jira and more – were put up for sale and hence were available for any potential attacker prior to the cyber-attacks that occurred,” it added.
“We also detected an infected computer (bot) which had credential logs to plenty of sensitive accounts that could be accessed by attackers upon purchase: SSO, Kibana, Jira, adminconnect, ServiceNow, Slack, VPN, password-manager and poweradmin of the company – all on a single bot. This strongly suggests that it’s used by an employee of the company with administrator rights. This highly valuable bot was available for sale for less than $10.”
Elsewhere, the researchers found half-a-million gaming employee credentials exposed on the dark web after breaches at third-party firms, many of which were available for free.
These could also provide attackers with a useful foothold in victim networks, they warned.
Kela urged gaming companies to invest in ongoing monitoring of their digital assets across the dark web, as well as enhanced staff training on things like password management, and deployment of multi-factor authentication (MFA).
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
Excerpt:
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Token-free, password-free user authentication
We know you’ve dreamt about shredding your list of passwords. Go on and do it.
Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
==================================================================
If these Top Gaming Firms' employees were using Wave VSC 2.0 and Wave solutions, things would be so much better for them!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Secret backdoor discovered in Zyxel firewall and AP controllers
https://www.bleepingcomputer.com/news/security/secret-backdoor-discovered-in-zyxel-firewall-and-ap-controllers/
Excerpt: Over 100,000 Zyxel devices are potentially vulnerable to a secret backdoor caused by hard coded credentials used to update firewall and AP controllers' firmware.
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
==================================================================
Use better security. Use Wave solutions!!!
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Microsoft Reveals That Russian Attackers Accessed Some of Its Source Code
https://www.darkreading.com/attacks-breaches/microsoft-reveals-that-russian-attackers-accessed-some-of-its-source-code/d/d-id/1339816
=================================================================
It appears that Microsoft could have used Wave's help in protecting its source code!! By only allowing known and approved devices access to the network, Microsoft with Wave's help could have prevented these SolarWinds attackers from gaining access to Microsoft's networks. The implication of this are that unknown and unapproved (unauthorized) devices are kept from accessing their network and sensitive data (ie. source code)!!
Use better security. Use Wave solutions!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
=================================================================
Happy New Year!
DOD Released Its First Enterprisewide Data Strategy in 2020. Here’s Why It Matters.
https://www.nextgov.com/analytics-data/2020/12/dod-released-its-first-enterprisewide-data-strategy-2020-heres-why-it-matters/171016/
==================================================================
http://www.wavesys.com/data-protection
Data Protection
To keep data safe, arm you devices
Security = data protection
When we talk about security, what we really mean is protecting data from theft and misuse. Proprietary information, R&D, corporate strategy, customer names and phone numbers, social security numbers, passwords … All have potential monetary value, and all are targets. Data theft is a growth industry. As an example, tens of thousands of new malware strains pop up daily. With online tools, even a non-technical person can create one in minutes.
The IT perimeter has vanished
Data protection is easy enough when your data is sitting in secure servers. But today, it’s not. The workforce is increasingly mobile. More than 60 percent of corporate data lives not on servers but on laptops, tablets, and other devices (and more and more of those devices are owned by employees). Data is dispersed, constantly moving, and constantly exposed to the Internet and all the malware, viruses, and hackers lurking there.
Wave’s solution: start with the device
The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.
We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.
==================================================================
I think what Wave says about data protection, and the Wave alternative could be very important to the DOD and U.S. government!
==================================================================
http://www.wavesys.com/wave-alternative
The Wave Alternative
Choose data protection that actually works.
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Windows 7: A year after the end-of-support deadline, millions choose not to upgrade
https://www.zdnet.com/article/windows-7-a-year-after-the-end-of-support-deadline-millions-choose-not-to-upgrade/
==================================================================
Wave has a competitive advantage in that it provides Wave VSC 2.0 for Windows 10, 8 AND 7!!! For the budget conscious organization, Wave VSC 2.0 and Wave solutions provide better security!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Kawasaki Says Data Possibly Stolen in Security Breach
https://www.securityweek.com/kawasaki-says-data-possibly-stolen-security-breach
Kawasaki Heavy Industries on Monday revealed that information from its overseas offices might have been stolen following a security breach that occurred earlier this year.
Based in Japan, Kawasaki Heavy Industries is a multinational corporation best known for the manufacturing of motorcycles, heavy equipment, engines, ships, rolling stock, and aerospace and defense equipment.
On June 11, 2020, the company discovered that unknown actors breached its network. It immediately launched an investigation into the matter but, because the unauthorized access spanned multiple offices, it had no information to share publicly until now.
The thorough investigation, Kawasaki says, revealed that “some information from overseas offices may have been leaked to external parties.”
Kawasaki explained that the incident was discovered during an internal audit, which revealed “a connection to a server in Japan from an overseas office (Thailand) that should not have occurred.”
The company terminated communications between the affected office and its Japan headquarters and started an investigation that revealed additional unauthorized access to its servers in Japan, originating from overseas sites located in Indonesia, the Philippines, and the United States.
“We have enhanced monitoring operations to accesses from overseas offices and tightened access restrictions to block unauthorized accesses. Since then, we have continued to strengthen company-wide security measures,” the company announced.
During its investigation, the company conducted a security assessment of roughly 29,000 terminals in Japan and in overseas office networks where incidents possibly occurred.
Kawasaki also says that no further unauthorized access to its network has been observed since August, and that communications between the affected overseas offices and the Japan office have been restored at the end of November.
“Because Kawasaki handles important sensitive information such as personal information and social infrastructure-related information, information security measures have been a top priority for the company. However, the unauthorized access in question had been carried out with advanced technology that did not leave a trace,” the company reveals.
Although the investigation revealed that data might have been leaked, the company could not determine what information may have been compromised. However, it says no personal information was impacted. Regardless, the company is contacting potentially affected customers.
On November 1, 2020, Kawasaki established a Cyber Security Group, which the company says will continue to tighten monitoring and access controls between offices, and will also strengthen security measures, to ensure no similar incidents occur.
=================================================================
Assuming Kawasaki's cyber-defense was top-notch, why was there unauthorized access, and the attackers left without a trace??? Unknown and unapproved (unauthorized) devices WOULDN'T HAVE BEEN ALLOWED ACCESS TO THE NETWORK if Wave solutions were used!!! If Kawasaki and other organizations used Wave solutions, they wouldn't be having this problem!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Pentagon Targets Emerging Smart Technologies to Pilot in 2021
https://www.nextgov.com/emerging-tech/2020/12/pentagon-targets-emerging-smart-technologies-pilot-2021/170981/
==================================================================
This idea should be used in the U.S. government now, but maybe someone will finally hear of the idea in the Pentagon through a program like this. Only allow known and approved devices access to your network. Wave can accomplish this!! If it was being used along with Wave's other solutions, we wouldn't be having unauthorized devices spending weeks or months on government networks or company networks!!! It seems like a simple, yet powerful technology!!!
This is the right time to start using Wave!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
The Double-Edged Sword of Cybersecurity Insurance
https://www.darkreading.com/edge/theedge/the-double-edged-sword-of-cybersecurity-insurance/b/d-id/1339412
With ransomware on the rise, more organizations are opting to purchase cyber insurance -- tipping off criminals about how much to demand for access back to pilfered systems and data.
Cybersecurity insurance is no longer a luxury. As attacks have accelerated — and become more costly — the idea of hedging against a breach has gone mainstream. The global cyber-insurance market now stands at $7.8 billion, but it's projected to reach $20.4 billion by 2025, according to an October 2020 report from ResearchAndMarkets.
Indeed, companies are incorporating cybersecurity insurance into their overall business strategies, says Alexander Chaveriat, chief innovation officer at Tuik Security Group. But – and should we really be surprised? – cybercriminals have also recognized that where there's insurance, there's opportunity.
"Many gangs do reconnaissance before they pull the trigger on a ransomware attack," Chaveriat explains. "They'll see that the business has $2 million in cyber-insurance, and so they make this their ransom."
At the center of all of this is a harsh reality: Many organizations are opting to pay the ransom. Their desire to get systems up and running fast rather than deal with the time and expense of restoring data — even when the data exists — is fueling decision-making. However, this approach is also driving up the price of policies and contributing to more aggressive tactics. A 2019 ProPublica report notes that insurance companies are contributing to a rise in ransomware attacks by paying ransoms as large as six or seven figures.
Money for Nothing
The uptick in ransomware over the past few years is staggering. Cybersecurity firm Sophos reports that 51% of organizations have been hit by ransomware attacks within the past year, and the total cost to remediate an attack has risen to $761,106 per incident. There has even been a death associated with ransomware.
Just over 40% of cyber-insurance claims now involve ransomware, according to the 2020 "Cyber Insurance Claims Report" from insurance provider Coalition. The firm also reports a 260% increase in the frequency of ransomware among its policyholders. Cyber losses for a typical claim ranges from $1,000 to $2 million, it notes.
"We see many organizations either consider cyber-insurance for the first time or taking a closer look at their current cyber-insurance programs as an effective way to provide some balance sheet protection," says Robert Barberi, director of FINEX cybersecurity and professional risk at global risk management consultancy Willis Towers Watson.
In fact, ransomware is increasingly mentioned in US Securities and Exchange Commission (SEC) filings as a key risk factor. Yet large enterprises aren't the only ones feeling the pain.
"Cyber-insurance plays a big role for organizations that may not have the financial strength to survive a ransomware attack on their own," Barberi explains.
All of this has led to an uneasy reality: Cybergangs, peering inside a company's network or using public sources, can determine the ransom it can afford to pay and adjust the sum accordingly. Making matters worse, crooks increasingly pluck sensitive data — legal information, HR records, intellectual property, for example — and threaten to post it publicly if a company doesn't comply with their ransom demands.
Protection Schemes
There's good news and bad news. Despite cybergangs adopting more menacing and potentially destructive tactics, including cyber extortion, Willis Towers Watson reports that even with claim frequency rising by about 18% in 2020, an effective backup strategy can reduce ransomware costs by upward of 70%, Barberi says.
Nevertheless, the cost of a typical policy renewal is up by 10% to 20% as the industry updates actuarial tables to reflect increased risk and payouts, including an uptick in attacks that has occurred during the pandemic, according to Willis Towers Watson.
"In addition to the continued spike in ransomware attacks, increased incident response costs are driving higher losses for companies in highly regulated industries who experience data breaches because they are requiring more resources to navigate a more complex regulatory landscape, Barberi notes.
Unfortunately, there's no end in sight.
"With so many high-profile recent events, the expectation is that the marketplace for cyber-insurance will continue to harden, especially for companies that don't implement certain compensating controls," Barberi adds.
In fact, ransomware recovery firm Coveware indicates that the average ransomware payment in Q3 reached $233,817, reflecting an increase of 31% quarter over quarter.
Finding an effective solution is difficult. Barberi says that an outright ban on payments — an idea that the US Treasury Department has promoted — would be difficult to implement and introduce unanticipated consequences.
For example, "An outright ban could keep hospitals shutdown for weeks or months, which would have a disastrous impact to patient care," he points out.
Amid all the chaos, the insurance industry is pushing for more stringent cybersecurity measures. This includes policyholders using protections like multifactor authentication, wire transfer verification, specific time frames for installing critical patches, endpoint application isolation, and implementing an effective backup strategy. Some also require cybersecurity training for employees.
"Policies are becoming much more defined and stringent," Chaveriat observes.
Adds Barberi: "Companies that haven't yet implemented these controls, or those who have suffered recent losses, may experience premium increases well in excess of the average increases we're currently observing."
In the end, perhaps only one thing is certain: Insurance will continue to play a key role in protecting companies.
"With bad actors getting more sophisticated and with easier access to malware, ransomware attacks will likely continue to increase in frequency and severity, which, in turn, will continue to increase the demand for comprehensive cyber-insurance solutions," Barberi says.
==================================================================
You get cyber insurance, and you have a ransomware attack against your organization (see article). How about using Wave solutions and NOT having a successful ransomware attack against your organization!!! There is an end in sight... it's called Wave solutions from Wave Systems!!! Spread the Wave solutions word to all who could benefit!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Former Presidential Adviser Advocates Tougher Software Vendor Standards After Breach
https://www.nextgov.com/cybersecurity/2020/12/former-presidential-adviser-advocates-tougher-software-vendor-standards-after-breach/171024/
==================================================================
The Former Presidential Adviser should also advocate for these hardware standards (activated TPMs and SEDs) for software companies and all companies!!! With Wave's software and these hardware standards, SolarWinds like events wouldn't be repeated events!!!
==================================================================
http://www.wavesys.com/data-protection
Security = data protection
When we talk about security, what we really mean is protecting data from theft and misuse. Proprietary information, R&D, corporate strategy, customer names and phone numbers, social security numbers, passwords … All have potential monetary value, and all are targets. Data theft is a growth industry. As an example, tens of thousands of new malware strains pop up daily. With online tools, even a non-technical person can create one in minutes.
The IT perimeter has vanished
Data protection is easy enough when your data is sitting in secure servers. But today, it’s not. The workforce is increasingly mobile. More than 60 percent of corporate data lives not on servers but on laptops, tablets, and other devices (and more and more of those devices are owned by employees). Data is dispersed, constantly moving, and constantly exposed to the Internet and all the malware, viruses, and hackers lurking there.
Wave’s solution: start with the device
The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.
We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Merry Christmas and Happy Holidays!
Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack
https://www.theverge.com/2020/12/21/22194183/intel-nvidia-cisco-government-infected-solarwinds-hack
==================================================================
What is going to happen to these Big tech companies if another SolarWinds hack happens? Are they going to be prepared with the same old antivirus products or will they use a much more effective solution at detecting sneaky malware - Wave Endpoint Monitor? Wave VSC 2.0 and Wave SED management could further protect these organizations in a way that REALLY PROTECTS them!!!
activated TPMs + activated SEDs + Wave solutions = Happy Wave Customers!!
http://www.wavesys.com/malware-protection
Excerpts:
Only hardware-based security can beat malware
Wave’s solution: start with the device
If antivirus software doesn’t work, what does? The Wave alternative relies not on superficial layers of software but on standards-based hardware: self-encrypting drives (SEDs) and Trusted Platform Modules (TPMs), or security chips, that are already embedded in many of your computers and mobile devices. This hardware provides you with secure storage. When you turn the SED and TPM on and manage them with Wave, you suddenly have a broad, deep view into your network. Among other things, you’ll know immediately whether any one of your devices—computers, laptops, tablets, smartphones—has been tampered with. But Wave is proactive too: you can block the kinds of behaviors that invite malware in. Wave's Endpoint Monitor provides early detection for these low-lying sneaky attacks.
http://www.wavesys.com/products/wave-endpoint-monitor
Detect attacks before it’s too late
Malware can do its work for weeks or months before you ever know it’s there. But with Wave Endpoint Monitor, you can spot malware before it has a chance to cause damage.
Antivirus software can’t detect rootkits and other malware; it works at the level of the OS and isn’t very good at seeing deeper into the system. For example, it can’t tell whether the boot record is lying. The Wave alternative is to work with the Trusted Platform Modules (TPMs), or security chips, embedded in your devices. By using the TPM to attest to the security of the device each time that device boots, Wave looks below the operating system and can help detect threats lurking there. Every time a device boots up, Wave Endpoint Monitor makes a comparison against previous boot values, and if anything deviates from the norm, it alerts you immediately.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Cyber Insurance Market Expected to Surge in 2021
https://www.infosecurity-magazine.com/news/cyber-insurance-market-surge-2021/
The global cyber insurance market is projected to grow by 21% next year, reaching $9.5bn in value, according to new data by insurance firm Finaria.it.
This is as a result of greater recognition of the increasing cyber-threat landscape, exacerbated by the shift to remote working this year. Finaria added that the cyber insurance market is expected to reach $20.4bn by 2025, as more organizations look to protect themselves from malicious actors.
In its analysis, the company cited data showing that almost one-quarter of all cyber insurance claims between 2013 and 2019 were in the healthcare sector, an industry particularly heavily targeted by attackers this year amid the COVID-19 pandemic. Healthcare was followed by IT and telecommunications, insurance, retail and wholesale and manufacturing as the sectors with the most claims.
Almost three-quarters of claims in this period involved an insurance clause related to breach incident response and crisis management. In second place was data privacy breaches, with cyber-extortion in third.
In the first half of 2020, ransomware attacks were found to be the biggest cause of cyber insurance claims in North America.
Data from the Ponemon institute’s Cost of a Data Breach Report earlier this year was also highlighted, which showed that healthcare has the most expensive data breach costs, at $7.13m per incident, with energy in second at $6.39m per breach. This is followed by financial services ($5.85m), pharma ($5.06m) and technology ($5.04m).
Finaria.it commented: “Over the years, cyber-attacks and data breaches became one of the biggest risks in the business sector, compromising sensitive data, and causing a massive financial hit to companies and organizations worldwide. As data applications and technology in the business sector increase, organizations are becoming more vulnerable to these attacks and more aware of the need for insurance coverage for cyber-risks.
“If a costly data breach occurs, the company may not have enough resources to resolve these issues and cover the losses. Cybersecurity insurance can provide support to businesses, so cyber-attacks do not cripple their business.”
Earlier this year, a study found that more than 80% of UK businesses still don’t have cyber-related insurance, while another revealed that under 13% of SMEs in the UK have cyber insurance.
==================================================================
When you see big cyber insurance claims being held up in court, and a significant rise in the cyber insurance market 21%, 80% of UK businesses don't have cyber-related insurance (and need better security, Wave), SolarWinds, ransomware, data breaches, it's time for cybersecurity that works very effectively - Wave solutions!!!
==================================================================
http://www.wavesys.com/wave-alternative
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
SolarWinds incident should be a catalyst to rethink federal cybersecurity
https://federalnewsnetwork.com/reporters-notebook-jason-miller/2020/12/solarwinds-incident-should-be-a-catalyst-to-rethink-federal-cybersecurity/
Excerpt:
As someone who has followed Einstein since it's beginning, it wasn't designed to stop written code, malware embedded in patches and other threats. Einstein is not perfect by any means, but the money spent is not wasted in light of this attack.
==================================================================
Wave Endpoint Monitor can detect customized malware. Along with Wave VSC 2.0, and Wave SED management, these solutions could have paid for themselves several times over. I believe the price tag for Einstein was well over 2 billion, and did it protect the way Wave could have? Wave works effectively, and could have been had for a fraction of that.
When the market finally discovers (if it hasn't already) what Wave solutions can do, the line at Wave's door could be REALLY, REALLY LONG!!! Better to BUY Wave solutions from Wave Systems now!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Breach alerts dismissed as junk? New guide for sending vital emails may help
https://www.scmagazine.com/home/email-security/breach-alerts-dismissed-as-junk-new-guide-for-sending-vital-emails-may-help/
Excerpt:
The SolarWinds supply chain attack will likely prompt scores of compromised companies to send critical data breach notifications to their customers. But how many of these email notifications will go ignored, bounced or quarantined?
=================================================================
Instead of worrying about these data breach warning messages, organizations should be more focused on protecting themselves from data breaches with Wave VSC 2.0 and Wave ERAS!!!
Activated TPMs + activated SEDs + Wave Solutions = Happy Customers!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
"Use the security you already bought," says Trusted Computing Group at the Endpoint Security eSummit 2020
http://www.itnewsonline.com/Realwire/Use-the-security-you-already-bought-says-Trusted-Computing-Group-at-the-Endpoint-Security-eSummit-2020/24915
Beaverton, OR, USA, November 19, 2020 – Securing devices against rising security threats is critical to mitigate risks in today’s world of remote working and virtual meetings but can be challenging due to tight budgets. Unfortunately, many businesses fail to utilize the Trusted Computing features that are included in their PCs and other devices, leaving billions of devices vulnerable to threats, said Steve Hanna of Trusted Computing Group’s Technical Committee at the Endpoint Security eSummit today.
Speaking virtually at the Endpoint Security eSummit, Hanna highlighted that businesses cannot afford to forgo the security already bought and present in devices. All modern Windows PCs include a Trusted Platform Module (TPM) that can be used with built-in Windows features to prevent hackers from accessing information on the device. However, TPMs must be used to provide value – and this is something that gets overlooked by many.
“Forgetting to use your TPM is the equivalent of locking your car and leaving the keys in the door: it weakens your security and leaves your data vulnerable to theft,” Hanna added. “Users and administrators should take the time now to learn about the TPM and how they can use it. Otherwise, they are just wasting the money they spent on their PC!”
All modern Windows PCs are fitted with a TPM module; a standard component that protects the cryptographic keys used to encrypt hard drives and authenticate users so that hackers cannot gain access.
Beyond the TPM, most modern storage devices are Self Encrypting Drives (SEDs), whose hardware can encrypt the drive’s contents so that thieves can’t read any sensitive information stored on the device, even if they can get their hands on the device. Whilst TPMs and SEDs do not absolutely prevent security breaches, they provide strong hardware security capabilities that can be used to keep data more secure and protect user identity.
“The only thing stopping users from using the hardware security they already have is their lacking knowledge of how to use it,” continued Hanna. “Operators and authorities such as the National Cyber Security Centre are taking steps to promote the use of such measures, but it isn’t easy. TCG has made it our mission to make people aware of the capabilities of their own devices and help them use those capabilities more easily. TCG developed the standards for the TPM and SED. People have already purchased these devices. They should use them!”
Without utilising such built-in security systems, users are at risk of attacks. In 2018, losses due to such cybersecurity threats reached $8 billion – a 79% increase over the previous year. Such cases can be easily prevented by adopting readily available security, but are rising faster than user awareness.
“In an age of digital transformation, where computers have become even more essential, the emergence of never-before-seen vulnerabilities can be advantageous to criminals and costly to users,” Hanna concluded. “Threats to personal and corporate data are among the most common and invasive in the world of cybersecurity and preventing them has become a major concern as data pools expand – but the solution has been at the user’s fingertips all along.”
The Endpoint Security eSummit, organized by the CyberRisk Alliance, is taking place online on 18th November 2020. If you are interested in arranging a briefing with Steve Hanna about his presentation ‘Using the security you already bought – Trusted Computing’, please contact tcg@proactive-pr.com.
About TCG
TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry specifications and standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. More information is available at the TCG website, www.trustedcomputinggroup.org. Follow TCG on Twitter and on LinkedIn. The organization offers a number of resources for developers and designers at develop.trustedcomputinggroup.org.
CONTACT:
Proactive PR
+44 (0)1636 704 888
Email: press@trustedcomputinggroup.org
Source: RealWire
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
=================================================================
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=159638980
=================================================================
It seems very plausible that if given the opportunity to read this piece above from the TCG that all organizations would want to turn on their TPMs and SEDs with Wave software!!!
Hack Suggests New Scope, Sophistication for Cyberattacks
https://www.wsj.com/articles/hack-suggests-new-scope-sophistication-for-cyberattacks-11608251360
==================================================================
It's articles like these that makes one think, how in the heck is Wave solutions still not being widely used?!! The technology is so HELPFUL for great cybersecurity!!! Only known and approved devices would have had access to the network, and this would have helped tremendously in the above article!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Hacked Networks Will Need to be Burned 'Down to the Ground'
https://www.securityweek.com/hacked-networks-will-need-be-burned-down-ground
Excerpt:
“We have a serious problem. We don’t know what networks they are in, how deep they are, what access they have, what tools they left,” said Bruce Schneier, a prominent security expert and Harvard fellow.
==================================================================
It's amazing how long organizations have struggled with cybersecurity, and Wave has had superior solutions for years.
Wave has the solutions to stop the problem referenced from the article with only known and approved devices being allowed on the network via the fact that Wave VSC 2.0 can identify BOTH users and DEVICES!!! Who has to burn hacked networks to the ground when you can have Wave!!! Or, why take months for these projects.
You need multi-factor authentication.
Fast.
You need Wave Virtual Smart Card.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
CISA: SolarWinds Not the Only Initial Attack Vector in Massive Breach
https://www.darkreading.com/attacks-breaches/cisa-solarwinds-not-the-only-initial-attack-vector-in-massive-breach/d/d-id/1339755
Excerpt:
"This is a patient, well-resourced, and focused adversary that has sustained long duration activity on victim networks. Organizations with suspected compromises need to be highly conscious of operational security, including when engaging in incident response activities and planning and implementing remediation plans."
WHY?? If organizations purchased Wave solutions, this wouldn't be happening!!! Please see excerpt below!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
FireEye Identifies Killswitch for SolarWinds Malware as Victims Scramble to Respond
https://www.darkreading.com/attacks-breaches/fireeye-identifies-killswitch-for-solarwinds-malware-as-victims-scramble-to-respond/d/d-id/1339746
=================================================================
Why didn't antivirus detect this malware? Wave Endpoint Monitor should be used widely by organizations to detect malware!! Could your anti-malware work better?
Great information on Wave Endpoint Monitor can be found at:
http://www.wavesys.com/malware-protection
http://www.wavesys.com/products/wave-endpoint-monitor
http://www.wavesys.com/
=================================================================
And to contact Wave for more information, please see the link below:
http://www.wavesys.com/contact-information
Trump Twitter Account Hacked, No Charges: Dutch Prosecutors
https://www.securityweek.com/trump-twitter-account-hacked-no-charges-dutch-prosecutors
==================================================================
Wave solutions (ie. Wave VSC 2.0 and Wave Knowd) could be helping out the President, government, and those in critical industries and many others as well. Its amazing what activated TPMs, SEDs and Wave software could do to dramatically improve the security posture for employees and organizations!!!
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
The U.S. government spent billions on a system for detecting hacks and the Russians outsmarted it.
https://www.washingtonpost.com/national-security/ruusian-hackers-outsmarted-us-defenses/2020/12/15/3deed840-3f11-11eb-9453-fc36ba051781_story.html
=================================================================
Wave could help the federal government out with their cybersecurity in a BIG WAY at a fraction of the cost of EINSTEIN!!! And Wave solutions work very effectively!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
SolarWinds hackers have a clever way to bypass multi-factor authentication
https://arstechnica.com/information-technology/2020/12/solarwinds-hackers-have-a-clever-way-to-bypass-multi-factor-authentication/
Hackers who hit SolarWinds compromised a think tank three separate times.
==================================================================
Wave VSC 2.0 was tested by a Global Financial Services Company, a government agency and others successfully!!! Why take a chance and go with unsuccessful or unproven MFA products!!!
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
Get better security at less than half the cost
Passwords are weak. Tokens are expensive. Don’t compromise on security or price.
Wave Virtual Smart Card does anything your physical smart cards and tokens do, but it starts with hardware you already have: the Trusted Platform Module (TPM), a hardware security chip built into the motherboard of most business-class PCs. You may not even know you have it, but once you do, the TPM can be used in a myriad of ways. Wave turns it into a smart card, embedded directly into your laptop.
What can it be used for?
What do you use your smart card for today? With the exception of keying open the door at work, Wave Virtual Smart Card can perform any of the services or applications you rely on your smart card for today. Secure VPN, WiFi, remote desktop, cloud applications – it can all be done with a virtual smart card.
One helpdesk call you'll never get: "I lost my virtual smart card again..."
There are so many ways to lose a token – couch cushions, street drains, curious toddlers. In fact, up to 30% of all tokens are eventually lost. It’s much harder to lose a laptop, and you notice a lot faster when you do.
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
What will you do with >50% TCO savings?*
Tokens and smart cards require an additional hardware purchase, plus the time and money to ship to remote users. Use something that’s already in the users’ hands (the TPM), and your acquisition and deployment costs are lower.
Then consider the management savings in not having to replace lost and stolen tokens. That means fewer helpdesk calls, less interruption of user productivity, and fewer acquisition and shipping costs.
When we say “secure”…
…we mean it. Our solution starts with a proven hardware root-of-trust. Multi-factor authentication is an established best-practice for strong authentication: the TPM-based virtual smart card is one factor (something you have) and the user PIN is a second factor (something you know).
*Actual number may vary. Contact us today to receive more details and a free quote.
Key Features:
• Full lifecycle management of virtual smart cards
• Intuitive interface to create (or delete) virtual smart cards
• Command line option to create and delete virtual smart cards
• Flexible PIN policies
• Helpdesk-assisted PIN reset and recovery
• Generates reports for compliance
• Integrates with Active Directory
• Supports familiar use cases ? Virtual Private Network (VPN)
? Local logon
? Remote logon
? Remote desktop access
? Intranet/Extranet
? Cloud applications
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Bank regulators mull stricter rules for reporting of data breaches
https://www.americanbanker.com/news/bank-regulators-mull-stricter-rules-for-reporting-of-data-breaches
==================================================================
In addition to activated TPMs and SEDs, banks should have protection such as Wave VSC 2.0 as well as Wave's other solutions. Please see the press release below. It is very enlightening!!! Wave solutions could keep MANY banks from having data breaches.
==================================================================
Wave Announces 5-Year Master License Agreement for Virtual Smart Card 2.0 with Leading Global Financial Services Company
Wins competitive evaluation against market leader in two-factor authentication tokens
http://www.wavesys.com/buzz/pr/wave-announces-5-year-master-license-agreement-virtual-smart-card-20-leading-global
Lee, MA -
December 17, 2015 -
Wave Systems Corp. (NASDAQ: WAVX) announces a five-year master licensing agreement (MLA) with a leading global corporation (as determined by the 2015 Fortune Global 500 List) for its Virtual Smart Card 2.0 solution. This MLA sets the terms and pricing for licenses and maintenance across the customer’s global organization and establishes it as their preferred two-factor authentication solution. Instead of one large license purchase for the entire organization, each of the customer’s subordinate divisions will make separate orders in accordance with the terms of this MLA.
The first purchase of 2,000 VSC 2.0 licenses under this agreement, when added to a previous purchase, completes the requirement for the customer’s global IT division. That division will now lead the internal effort to standardize the remaining 150,000+ endpoints within their organization with the new Wave VSC 2.0 solution. While there are no minimum order requirements under the agreement, discussions for additional orders are underway.
“Our five-year agreement with this customer is the first very large scale contract for VSC 2.0 and is an important milestone for Wave,” said Bill Solms, President and CEO of Wave Systems. “This customer is a major global financial services company and their standards for protecting their systems from unauthorized access and the integrity of their data are of the highest order. Wave had to pass a very rigorous technical and business review to win the competition. We believe that this client’s decision to choose Wave Virtual Smart Card 2.0 over their incumbent solution gives us tremendous credibility in the two-factor authentication market. We will remain engaged with this company in order to complete the additional sales and deployments in the months ahead.”
Wave Virtual Smart Card 2.0 is a tokenless, hardware-based, two-factor authentication solution that offers superior security at less than half the cost of comparable solutions. It is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7, 8 and 10. It also provides management support for the Microsoft Virtual Smart Card on Windows 8 and 10. Wave’s VSC solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, significantly lower total cost of ownership, and a greatly reduced risk of unauthorized access.
Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure Passphrase and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with both TPM 1.2 and TPM 2.0 security chips
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
SEC filings: SolarWinds says 18,000 customers were impacted by recent hack
https://www.zdnet.com/article/sec-filings-solarwinds-says-18000-customers-are-impacted-by-recent-hack/
In SEC documents filed today, SolarWinds said it notified 33,000 customers of its recent hack, but that only 18,000 used a trojanized version of its Orion platform.
==================================================================
It would've been interesting to see how the Solar Winds experience would have turned out if organizations (especially critical industries) were required to have their TPMs and SEDs, that are built-in to computers, activated. With the right software (Wave), this whole experience could have been much better!!!
==================================================================
http://www.wavesys.com/wave-alternative
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Data Leak Exposes Details of Two Million Chinese Communist Party Members
https://www.infosecurity-magazine.com/news/data-leak-chinese-communist-party/
Sensitive data of around two million members of the Communist Party of China (CPC) have been leaked, highlighting their positions in major organizations, including government agencies, throughout the world.
According to reports from The Australian newspaper, featured in the Economic Times, the information includes official records such as party position, birthdate, national ID number and ethnicity. It revealed that members of China’s ruling party hold prominent positions in some of the world’s biggest companies, including in pharmaceutical giants involved in the development of COVID-19 vaccines like Pfizer and financial institutions such as HSBC.
The investigation by The Australian centred around the data leak, which was extracted from a Shanghai server in 2016 by Chinese dissidents.
It noted that CPC members are employed as senior political and government affairs specialists in at least 10 consulates, including the US, UK and Australia, in the eastern Chinese metropolis Shanghai. The paper added that many other members hold positions inside universities and government agencies.
The report emphasized there is no evidence that spying for the Chinese government or other forms of cyber-espionage have taken place.
In her report, The Australian journalist and Sky News host Sharri Markson commented: "What's amazing about this database is not just that it exposes people who are members of the Communist Party, and who are now living and working all over the world, from Australia to the US to the UK, but it's amazing because it lifts the lid on how the party operates under President and Chairman Xi Jinping.
"It is also going to embarrass some global companies who appear to have no plan in place to protect their intellectual property from theft, from economic espionage."
In September, the Cybersecurity and Infrastructure Security Agency (CISA) and the US Department of Justice issued a joint advisory warning US government agencies and private sector companies to be on high alert for cyber-attacks by threat actors affiliated with the Chinese Ministry of State Security (MSS).
=================================================================
http://www.wavesys.com/data-protection
Security = data protection
When we talk about security, what we really mean is protecting data from theft and misuse. Proprietary information, R&D, corporate strategy, customer names and phone numbers, social security numbers, passwords … All have potential monetary value, and all are targets. Data theft is a growth industry. As an example, tens of thousands of new malware strains pop up daily. With online tools, even a non-technical person can create one in minutes.
The IT perimeter has vanished
Data protection is easy enough when your data is sitting in secure servers. But today, it’s not. The workforce is increasingly mobile. More than 60 percent of corporate data lives not on servers but on laptops, tablets, and other devices (and more and more of those devices are owned by employees). Data is dispersed, constantly moving, and constantly exposed to the Internet and all the malware, viruses, and hackers lurking there.
Wave’s solution: start with the device
The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.
We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.
=================================================================
http://www.wavesys.com/wave-alternative
================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
Be prepared, use better security, use Wave solutions!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
US Investigating Computer Hacks of Government Agencies
https://www.securityweek.com/us-investigating-computer-hacks-government-agencies
==================================================================
Wave Systems Announces First U.S. Federal Government Customer for Wave Virtual Smart Card 2.0
http://www.wavesys.com/buzz/pr/wave-systems-announces-first-us-federal-government-customer-wave-virtual-smart-card-2.0
Lee, MA -
October 2, 2014 -
Wave Systems Corp. (NASDAQ: WAVX) marked an important sales milestone by announcing the first U.S. federal government customer for its Virtual Smart Card 2.0.
Since the Virtual Smart Card 2.0 became commercially available in late July 2014, Wave has entered into dozens of pilot deployments in multiple sectors, including healthcare, financial services, automotive, energy and utilities. However, today’s announcement marks the product’s first sale in the government sector.
“This is an important milestone for Wave,” said Bill Solms, CEO of Wave. “Wave Virtual Smart Card 2.0 has been purchased by a government agency with significant security requirements and one that requires redundant means of system authentication due to national security interests. This initial sale is modest compared to the addressable market within the Federal Government sector, but it is important to our strategy for marketing the Virtual Smart Card to address critical government infrastructure defense.”
“We believe that this sale, which was completed on a shorter sales cycle than we had anticipated, supports our view that customers are interested in the type of cyber security solution that Wave’s Virtual Smart Card 2.0 provides,” Solms added.
Wave Virtual Smart Card 2.0 is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7. It also supports Windows 8 and 8.1. Wave’s new solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, lower total cost of ownership, and a reduced risk of unauthorized use.
Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure PIN and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with TPM 1.2 or TPM 2.0
=================================================================
Be prepared, use better security, use Wave solutions!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Intel's Habana Labs hacked by Pay2Key ransomware, data stolen
https://www.bleepingcomputer.com/news/security/intels-habana-labs-hacked-by-pay2key-ransomware-data-stolen/
==================================================================
http://www.wavesys.com/data-protection
Security = data protection
When we talk about security, what we really mean is protecting data from theft and misuse. Proprietary information, R&D, corporate strategy, customer names and phone numbers, social security numbers, passwords … All have potential monetary value, and all are targets. Data theft is a growth industry. As an example, tens of thousands of new malware strains pop up daily. With online tools, even a non-technical person can create one in minutes.
The IT perimeter has vanished
Data protection is easy enough when your data is sitting in secure servers. But today, it’s not. The workforce is increasingly mobile. More than 60 percent of corporate data lives not on servers but on laptops, tablets, and other devices (and more and more of those devices are owned by employees). Data is dispersed, constantly moving, and constantly exposed to the Internet and all the malware, viruses, and hackers lurking there.
Wave’s solution: start with the device
The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.
We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
If you are thinking how to protect against ransomware and data breaches, think better security, think Wave solutions!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Wave Joins ARM TrustZone Ready Program
Committed to Helping Chip Manufacturers Implement Industry Standard Security for Mobile Platforms
http://www.wavesys.com/buzz/pr/wave-joins-arm-trustzone-ready-program
==================================================================
In light of Kaspersky having a phone, it's perplexing that the contents in this article haven't been pursued (to my knowledge)!
Even though it is 8 years later, Wave was way ahead of it's time. Wave's solutions could be very helpful now!!! The article is interesting!
Lee, MA -
September 26, 2012 -
Wave Systems Corp. (NASDAQ:WAVX) today announced that it has joined the ARM TrustZone® Ready Enablement Program to provide support and infrastructure for implementing enterprise security capabilities in mobile devices. As a partner in the program, Wave joins other industry leaders in helping chip manufacturers design and implement new industry standard security capabilities within ARM’s TrustZone architecture to enable full cross-platform interoperability across PCs, tablets, smartphones and other mobile devices.
TrustZone Technology (developed by ARM, the world’s leading semiconductor IP supplier) is a System-on-Chip security concept that involves a hardware-isolated space for a Trusted Execution Environment (TEE). Once integrated, core security services such as cryptography, storage and user interfaces can enable services to be deployed with a new level of security and convenience.
The primary goal of ARM's TrustZone Ready enablement program is to guide chip and device manufacturers to design robust, industry-certified security architecture into their products that will meet the needs of service providers looking to deploy secure services on secured platforms. Companies that implement system-wide security into their platforms can benefit from this program through a cohesive set of design blueprints, market requirements, and checklists aligned with industry standards.
“Smart phones, tablets and other devices are essential for today’s enterprise, and require access to sensitive applications and data. While these devices have excellent security for the mobile operator’s services, they lack basic security for use within an enterprise network,” commented Steven Sprague, Wave’s CEO. “ARM, with the TrustZone Ready Program, is taking the lead in making sure that standards-based security implemented in the TrustZone Trusted Execution Environment (TEE) is integrated into chipsets for mobile devices. Wave is committed to sharing its expertise in Trusted Platform Module (TPM) implementations, application development and trust infrastructure support.”
“Wave’s infrastructure for managing TPM and TPM-mobile-enabled devices will allow enterprise users to exploit the full capabilities of Trusted Computing Group standards across multiple device types,” added Jon Geater, Director of Technology for ARM Secure Services Division and Board Representative of ARM at GlobalPlatform. “ARM welcomes Wave into the TrustZone Ready Program as a valuable partner that will bring secure enterprise services to TrustZone secured devices running GlobalPlatform Trusted Execution Environments.”
Eliminating passwords, Providing Health Measurements for mobile devices
The TPM, shipped on more than half a billion PCs, is a cryptographic component built on specifications from the Trusted Computing Group. The TPM brings strong, enterprise-grade security features to consumer devices that are widely deployed in enterprise networks. The TPM for mobile devices is uniquely designed to support the security needs of multiple stakeholders, allowing enterprises to provide strong security in end-user applications, satisfy the security requirements of third-party application developers, and support other parties.
With a TPM Mobile implemented within the hardware-based security boundaries of ARM’s TrustZone and protected by a full function Trusted Execution Environment, enterprises will be able to take advantage of the strong security of the TPM in the following ways:
• Protect corporate devices and user identities
• Measure and attest to the integrity and health of the mobile device
• Implement secure network access
• Provide secure messaging for corporate traffic
• Reduce the need for user passwords, with reliance on the device itself as a strong authentication token for access to services and data, including cloud-based functions.
• Offer central control over devices which are lost or stolen to protect sensitive data
Increased emphasis on trusted computing is driving the security industry toward hardware-based technologies that offer improved access control, encryption, and the early detection of malware. With Wave’s industry-leading trusted computing solutions, customers are empowered to secure endpoint data, protect data-in-motion and ensure that only trusted devices gain access to the enterprise network. Wave’s solution will provide enterprises with cross-platform interoperability between PCs and mobile devices for trusted computing-based functions and applications.
Kaspersky
Methinks, it would seem that Kaspersky would want to use Wave and the TPM given these two PRs from Wave and Widepoint - (Post #246257).
Microsoft warns of ad-scamming, credential-stealing malware hitting Edge, Chrome, Firefox, Yandex browsers
https://www.theregister.com/2020/12/10/adscamming_credentialstealing_malware/
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
http://www.wavesys.com/malware-protection
http://www.wavesys.com/products/wave-endpoint-monitor
==================================================================
Does any company other than Wave protect credentials, and detect malware the way these two Wave solutions do? And in addition to that Wave has Wave SED management!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Hackers are selling more than 85,000 SQL databases on a dark web portal
https://www.zdnet.com/article/hackers-are-selling-more-than-85000-sql-databases-on-a-dark-web-portal/
Hackers break into databases, steal their content, hold it for ransom for 9 days, and then sell to the highest bidder if the DB owner doesn't want to pay the ransom demand.
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
Excerpts:
What can it be used for?
What do you use your smart card for today? With the exception of keying open the door at work, Wave Virtual Smart Card can perform any of the services or applications you rely on your smart card for today. Secure VPN, WiFi, remote desktop, cloud applications – it can all be done with a virtual smart card.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Lawyer up: Following a breach, companies often call outside counsel first
https://www.scmagazine.com/home/security-news/legal-security-news/lawyer-up-following-a-breach-companies-often-call-outside-counsel-first/
Outside counsel is increasingly the first call for businesses after a breach, even before the incident response teams.
According to CrowdStrike’s Global Incident Response report released this week, outside counsel (rather than an organization itself) arranged 49 percent of incident response engagements.
Shawn Henry, president of services and chief security officer at CrowdStrike, singled it out as one of the most interesting statistics in a broad-ranging report.
“It’s an increase for sure,” said Henry. “In the past, it was more likely in Fortune 500-sized companies — larger companies have outside counsel already on retainer. We’ve seen an increase from companies smaller than that.”
The common wisdom is that companies should engage outside counsel to be shielded by attorney-client privilege. Companies might be less enthusiastic about unearthing evidence for a lawsuit and scale back the depth of their investigation into a breach accordingly.
But there are other reasons. Lawyers experienced with breaches may be better equipped to handle an increasingly complex regulatory and business environment. They are also useful to bring in on the ground floor, said Craig Hoffman, partner at the law firm BakerHostetler. Not only can they help coordinate disparate business, law, and tech interests that often don’t operate in sync, they have experience with the incident response companies that breach victims often need to help address the risk.
“We’ve seen thousands of matters,” Hoffman said. “We know the choices you’ll face and how others have faced them.”
Hoffman said that the increase CrowdStrike noticed in engagement of outside counsel meshes with BakerHostetler’s own experience. In 2019, the firm assisted around 1,000 cases. In 2020, it’s looking more like 1,600.
Henry singled out ransomware as a growing legal issue that may lead chief information security officers to call a law firm before an IR company. In October, the Department of Treasury warned companies that it would not tolerate paying ransoms to sanctioned entities. While Hoffman notes that nearly all ransomware comes from criminals, not sanctioned entities, this could still compel companies to seek legal counsel.
Those aren’t the only regulations that drive the move toward getting outside counsel involved early in the process, said Michael Phillips, chief claims officer at the cyber insurance firm Resilience.
“I see this most often to ensure that victims of cybercrime can receive candid and comprehensive legal advice about the incident” to ensure they comply with existing laws, he said via email. “Over the past eight years, there has been an explosion of privacy regulations and breach laws hitting the books; for example, the California Consumer Privacy Act, the New York DFS cybersecurity regulation, and the EU’s GDPR.”
Regardless, Hoffman sees the increase as an encouraging sign that companies recognize the risk.
“As more companies identify the right way to do incident response, they set up plans in advance,” he said.
=================================================================
Invest wisely in cybersecurity solutions such as Wave solutions so you don't have to call outside counsel!!! The increase in cases from 1,000 to 1,600 doesn't show other cybersecurity is working effectively!! Use better security, use Wave solutions!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Lightning does strike twice: If you get hacked once, you'll probably be attacked again within a year
https://www.zdnet.com/article/lightning-does-strikes-twice-if-you-get-hacked-once-youll-probably-be-attacked-again-within-a-year/
==================================================================
http://www.wavesys.com/wave-alternative
Excerpts:
Choose data protection that actually works.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
FireEye Cyberattack Compromises Red-Team Security Tools
https://threatpost.com/fireeye-cyberattack-red-team-security-tools/162056/
=================================================================
After reading this article, isn't it time for Wave Systems to be leading the cybersecurity sector and helping Fireye with it's cybersecurity? Many companies should be using Wave VSC 2.0 and Wave ERAS so that IT can ensure that only known and approved devices are accessing your network!!! This can keep the hackers from accessing sensitive data!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
First Federal IoT Security Legislation Becomes Law
https://www.bankinfosecurity.com/first-federal-iot-security-legislation-becomes-law-a-15539
=================================================================
It seems like a simple process to use Wave ERAS to activate an organization's TPMs and SEDs. And then unauthorized (unknown and unapproved) devices don't have access to the network. Not using this seems almost ludicrous. It should be an immediate requirement. Otherwise cyber attacks will continue unabated!!!
TPMs and SEDs are already built-in, why not make it a requirement to activate them?!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Why Companies Should Stop Scaring Employees About Cybersecurity
https://www.wsj.com/articles/why-companies-should-stop-scaring-employees-about-cybersecurity-11607364000
==================================================================
A better alternative to scaring employees about cybersecurity is to simply use Wave solutions from Wave Systems! Nearly all if not all the problems in this article could be solved by using Wave solutions. Thus saving the need for scare tactics by employers!!! If many more organizations knew of the capabilities of Wave solutions and tried them, the cybersecurity market could be on a much better foundation with those who use Wave, activated TPMs and SEDs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Foxconn electronics giant hit by ransomware, $34 million ransom
https://www.bleepingcomputer.com/news/security/foxconn-electronics-giant-hit-by-ransomware-34-million-ransom/
==================================================================
Wave Systems has solutions that protect against ransomware. Foxconn and others have revealed that they needed ransomware protection like Wave solutions. Why not try solutions that work very effectively... Wave solutions!! Don't let ransomware hurt your company!!! Use better security, use Wave solutions!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Cybercrime costs the world more than $1 trillion, a 50% increase from 2018
https://www.helpnetsecurity.com/2020/12/07/cybercrime-costs-world/
Cybercrime costs the world economy more than $1 trillion, or just more than one percent of global GDP, which is up more than 50 percent from a 2018 study that put global losses at close to $600 billion, McAfee reveals.
Beyond the global figure, the report also explored the damage reported beyond financial losses, finding 92 percent of companies felt effects beyond monetary losses.
“The severity and frequency of cyberattacks on businesses continues to rise as techniques evolve, new technologies broaden the threat surface, and the nature of work expands into home and remote environments” said Steve Grobman, SVP and CTO at McAfee.
“While industry and government are aware of the financial and national security implications of cyber-attacks, unplanned downtime, the cost of investigating breaches and disruption to productivity represent less appreciated high impact costs.
“We need a greater understanding of the comprehensive impact of cyber risk and effective plans in place to respond and prevent cyber incidents given the 100s of billions of dollars of global financial impact.”
The hidden costs of cybercrime
The theft of intellectual property and monetary assets is damaging, but some of the most overlooked costs of cybercrime come from the damage to company performance. The survey revealed 92 percent of businesses felt there were other negative effects on their business beyond financial costs and lost work hours after a cyber incident.
The report further explored the hidden costs and the lasting impact and damage cybercrime can have on an organization, including:
System downtime – Downtime is a common experience for around two thirds of respondents’ organizations. The average cost to organizations from their longest amount of downtime in 2019 was $762,231. Thirty-three percent of survey respondents stated IT security incident resulting in system downtime cost them between $100,000 and $500,000.
•Reduced efficiency – As a result of system downtime, organizations lost, on average, nine working hours a week leading to reduced efficiency. The average interruption to operations was 18 hours.
•Incidence response costs – According to the report, it took an average of 19 hours for most organizations to move from the discovery of an incident to remediation. Many security incidents can be managed in-house, but major incidents can often require outside consults with high rates that form a significant portion of the cost of a large-scale incident.
•Brand and reputation damage – The cost of rehabilitating the external image of the brand, working with outside consultancies to mitigate brand damage, or hiring new employees to prevent against future incidents is part of the cost of cybercrime. 26 percent of the respondents identified damage to brand from the downtime experienced because of a cyber-attack.
Companies unprepared for cyber incidents
Through the research and analysis, the report found a lack of organization-wide understanding of cyber risk. This makes companies and agencies vulnerable to sophisticated social engineering tactics and, once a user is hacked, not recognizing the problem in time to stop the spread.
According to the report, 56 percent of surveyed organizations said they do not have a plan to both prevent and respond to a cyber-incident. Out of the 951 organizations that actually had a response plan, only 32 percent said the plan was effective.
The report concludes with key ways for businesses to deal with cybercrime. These include uniform implementation of basic security measures, increased transparency by organizations and governments, standardization and coordination of cybersecurity requirements, providing cybersecurity awareness training for employees, and developing prevention and response plans.
=================================================================
Wow, with figures such as the ones in the title of the article, it appears that existing cybersecurity is not working!! Organizations should try Wave solutions, and see why they don't have to become part of these statistics!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information