24 June 2022

access control

Ping Identity Launches Ping Ventures

Ping Identity (NYSE: PING) has launched Ping Ventures, a new corporate venture capital fund that will fuel innovation in the identity security market. In addition, Ping Identity is also announcing the fund’s initial investment, Allthenticate, a unified access control and authentication company, that is in the process of closing. Ping Ventures will serve as an in-house corporate venture arm providing capital and guidance to startups building the next generation of identity and access management (IAM) solutions. The $50 million fund will invest in early stage, high-growth technology companies that will expand support for Ping Identity’s product portfolio by delivering integrated, complementary and add-on technologies and solutions. “Our mission has always been to deliver innovative products that address continuously evolving security risks and business needs,” said Andre Durand, CEO and founder of Ping Identity. “But keeping pace with new threats means we can’t do it all alone. Ping Ventures will provide businesses access to new innovations to engage their customers and employees in seamless and secure digital experiences.” Ping Ventures will act as a co-investor and strategic partner alongside lead investors looking for innovative startups in the Identity and Access Management space and adjacent markets. The technology focus of the fund will include but won’t be limited to online fraud and risk services, real-time identity verification, identity and data access governance, decentralised identity, machine identity, experience automation and dynamic authorisation and entitlement. The fund will be led by the Head of Corporate Development, Anton Papp. Alongside a monetary investment, Ping Ventures plans to provide start-ups with use of Ping’s hybrid portfolio of products and services, access to business and technical subject matter experts and access to leading industry standards architects. For more news updates, check out our May issue here. Media contact  Rebecca Morpeth Spayne,  Editor, Security Portfolio  Tel: +44 (0) 1622 823 922

Ping Identity Launches Ping Ventures Read More »

paul calatyud aqua security

Into The Cloud – Aqua Security

Paul Calatayud, Chief Information Security & Privacy Officer at Aqua Security   What does ‘security’ mean to you?  Security is a fluid concept, not in principle, but how it continues to take shape to mean much more than when I first started to learn about security. To me, security is the combination of identifying the risks within the company, communicating those risks to management and applying a strategy to ensure that those risks are mitigated.  What made you want to work in the industry?  I enlisted in the army straight out of high school. We’d been learning computer science in software development at school, but I didn’t want to follow the traditional career path. I told the recruiters I’d like to do something with computers, but something a bit more hands-on than software development. The army put me in network security, which was my entry into the cybersecurity world.  If you could talk to your younger self, what would you say?  My advice would be to work on understanding the people around you. Empathy has become a buzzword, but its importance can’t be overstated.   Describe a funny thing that happened to you recently?  I was in Milan, Italy with the entire Aqua Security organisation and we had this big masquerade ball and dinner party. The CEO had said to dress like royalty for our theme Kings and Queens of CNAPP. I decided to dress in a sash and a crown. The other guests and staff kept giving us a double take because they just wore suits!  What three traits define you?  Studious, curious and empathetic.   What’s the most important trend you see today?  One of the biggest trends at the moment is the focus on cloud security. Another trend of the past few years is the increased focus on trust. Technology can no longer become mainstream without trust.   To read the full article, check out our June issue here. Media contact  Rebecca Morpeth Spayne,  Editor, Security Portfolio  Tel: +44 (0) 1622 823 922

Into The Cloud – Aqua Security Read More »

perimeter security

Multilayered approach to airport perimeter

Technical Editor for Security Buyer, Stefaan Pinck, VP Global Business Development, Sales Traffic & Security at Teledyne FLIR explores perimeter protection in airports  In more ways than one, airports are the beating heart of the globe’s transportation industry. In 2021, for example—even amid a global pandemic—airports across Europe, the Middle East, and Africa served hundreds of millions of travelers. For example, more than 37 million passengers passed through Istanbul Airport alone. Aside from commercial travel, however, airports are also key points of intra- and international trade. Basically, if an import or export is “light, expensive, fragile, or perishable,” it flies, according to Forbes. In 2021, for example—even amid the international trade crisis directly related to the COVID-19 pandemic—the majority of the United Kingdom’s £29.9 billion of exports and £47.8 billion in imports passed through London’s Heathrow Airport.   When it comes to perimeter security, because airports experience high volumes of commercial traffic and operate as key trade points trade, they also represent one of the world’s most vulnerable critical infrastructure facilities. For this reason, airports should deploy a multilayered perimeter protection strategy, powered by field-proven technologies, in order to prepare for every possible kind of threat.   The Importance of airport perimeter security  In the European Union, critical infrastructure is defined as “an asset, system or part thereof located on EU territory, which is essential for the maintenance of vital societal functions, health, safety, security, economic or wellbeing of people, and the disruption or destruction of, which would have a significant impact on at least two Member States, as result of the failure to maintain those functions,” according to European Parliament Research Service.   Because airports, specifically, are categorised as critical infrastructure, in the United States, they are “mandated to adequately prepare for natural disasters, terrorism, civil disobedience, employee violence, systems failures, pandemics, cyber-attacks, and other forms of human interference, due to their location, geography, and criticality,” according to the US Cybersecurity & Infrastructure Security Agency. Though this mandate doesn’t extend to airports around the world, this approach to airport perimeter security is still vital. And yet, because of the complexity, magnitude, and cost of many PIDS, effective disaster preparedness continues to elude many international airports.  Today’s leading PIDS, however, are designed to secure airport perimeters against every conceivable threat, protecting travelers and trade assets alike, all while guaranteeing return on investment for years to come. Purpose-built to preempt and disrupt potential perimeter intrusions, these end-to-end systems deploy and layer perimeter surveillance devices such as thermal and visible cameras, radar, and artificial intelligence (AI)-enabled video analytics to create system redundancy and guarantee superior situational awareness.  To read the full article, check out our June issue here. Media contact  Rebecca Morpeth Spayne,  Editor, Security Portfolio  Tel: +44 (0) 1622 823 922

Multilayered approach to airport perimeter Read More »

utilties

Protecting utilities from cyberattacks

With the exponential growth of digital infrastructure over the past few years, it is paramount to maintain protection of these systems from cyberattacks.  The Covid-19 pandemic has changed the world we live in irrevocably in numerous ways that we could never have accounted for. As many workers were forced into lockdown across the globe, the importance of remote working served as a lifeline for many companies struggling to keep their heads above water in a very turbulent financial climate.   With this increased dependency on working from home, the digital landscape for corporations underwent a renaissance period of development: attitudes towards remote working were deemed more acceptable than they were five years prior. To accommodate this, evolution and innovation in digital infrastructure was necessary. This unprecedented exponential growth was not without its forthcomings, however: something was bound to be left behind and that proved to be the security protecting these new digital systems.   The amount of cyberattacks, particularly on utility companies, increased by over 750 within the first year of the pandemic as more workers moved to remote working – hacking has seen an unfortunate boom in the wake of this innovation as there are more easily exploitable targets online than there ever were before.   Hackers in previous years often targeted individuals with somewhat benign phishing schemes that served to advertise a phony product or collect data from victim’s social media accounts. These kinds of attacks were especially prevalent during the early 2010s: I have a distinct memory of a popular individual in my school falling for one of these phishing scams which consequentially spread like wildfire throughout their Facebook friends list – within 48 hours, nearly half of my news feed was saturated with the same phishing link.   I don’t think it’s necessarily true either that people have grown increasingly aware of these scams – I think hackers have simply gotten better at disguising them. Therein lies the key issue: the need for more secure cybersecurity, including training workers on how better to identify bad actors, has become paramount in this new world where cyberattacks are not only becoming more prevalent, but more malicious also.  We have only experienced sobering warnings thus far of the consequences of a coordinated attack on utility companies, but it is only a matter of time before an assault on these same companies proves to be devastating. While it is on corporations to improve their digital infrastructure to prevent an attack, it is on us as individuals to become more aware of the dangers of large-scale hacks and how we can better protect ourselves and our colleagues from them.  In order to understand how hackers operate and disrupt systems you must look to exactly how they do this with the many types of cyberattacks they have in their arsenal.   To read the full article, check out our June issue here. Media contact  Rebecca Morpeth Spayne,  Editor, Security Portfolio  Tel: +44 (0) 1622 823 922

Protecting utilities from cyberattacks Read More »

biometrics

Ethical responsibility

What ethical concerns are factored around the increasing use of biometrics, and which sectors is it most appropriate for?  Biometrics as an authentication method has rapidly caught on not just for accessibility, ease of use and contactless attributes, but for the precise security. Biometrics are, with some notable exceptions, unique, and although false positive matches can occur in any probabilistic system at scale, a malicious actor or a false positive is highly unlikely to receive access to that person’s services, accounts, and sensitive data with their own biometrics. But as with any security measure, biometric systems can be hacked.  Biometrics represents a huge advancement from the centuries-old use of paper documentation like ID cards, passports and visas. Biometrics provide a very convenient form of identity. You may forget your password or leave your wallet at home, but you’re never without your fingertips or face.  Biometrics are also unique. Unlike your name, your fingerprints, irises and face are identifiers that belong to you and no one else. IDs or docs can be forged, and passwords can be breached. It’s much harder for a would-be identity thief to capture and use your biometric signature.  Biometrics also provide for built-in strong authentication. When multiple biometrics are provided in concert, it creates a holistic picture of a biometric identifier that has many high-fidelity unique matching modalities. The combination of these modalities makes it increasingly hard to replicate for hackers and thieves. Also, because it’s very hard for thieves to replicate biometric identifiers, it’s more likely that people gaining access to things like airline flights and secure facilities are who they say they are. Consumer security and business trust are both preserved and enhanced.  Convenience and risk  The convenience of unlocking your phone with a fingertip is undeniable. But there are many outstanding questions in the field of biometrics as identity.  One of the greatest advantages of a biometric signature is that it is unique to each person and doesn’t change over time. Ironically, unchangeability is also one of biometrics’ greatest vulnerabilities. Once biometric data has been breached, it’s compromised forever. We can’t change our physical attributes like we change a password.  Privacy and confidentiality are also issues with deep ethical implications. If privacy means having control over how and when we are represented to others, then biometrics that uniquely identifies us might easily be encroaching on our fundamental privacy. That’s especially true when you acknowledge that we, as individuals, don’t control the collection, storage, or use of these proxy bits of our identity.  After all, despite the multiple modalities, it turns out that biometrics aren’t 100% failsafe. Sensors can be spoofed, or their readings inaccurate. The capabilities of hackers and thieves evolve almost as quickly as the technology to keep them at bay. One example is the new DeepMasterPrint, by Philip Bontrager and other researchers, who demonstrated a machine-learning-based exploit that can hack many cellphone fingerprints. (Bontrager lists preventative measures against the hack here)  Most significant new technological advances offer benefits but also carry risks. Biometrics are no exception. And because of the very personal nature of biometrics, the stakes are particularly high. Biometrics is a powerful technological advancement in the identification and security space. But with that power comes a deep need for accountability and close ethical scrutiny.  To read the full article, check out our June issue here. Media contact  Rebecca Morpeth Spayne,  Editor, Security Portfolio  Tel: +44 (0) 1622 823 922

Ethical responsibility Read More »

fake news

Misinformation threat ‘will grow’ say business leaders

Misinformation is a major threat to companies around the world and the danger is likely to grow in future, say business leaders.That is according to the newly-published survey Does fake news affect your business? from thought leadership specialist, iResearch Services.Most of the 600 business leaders and 1,000 consumers surveyed said that misinformation is an extreme problem or a common issue.And more business leaders (54%) than consumers (44%) believe it will be a bigger problem in 20 years. Yogesh Shah, CEO at iResearch Services, says, “Misinformation thrives where there is a lack of accurate information. This suggests that businesses that are actively and effectively communicating information to their customers and the public are best poised to stay ahead of fake news and possess more credibility.”WHY DO MOST BUSINESSES THINK THINGS WILL BE WORSE IN 20 YEARS? Business leaders consider manipulated content – including fake news, distorted images and clickbait headlines – to be the biggest threat to their companies. Around one in three (37%) of both consumers and business leaders believe that manipulated context has the most impact on society and businesses. Across industries, it is seen as the biggest threat by business leaders in financial services (43%), healthcare (37%), marketing and communications (34%), and information technology and services (33%).The issue of misinformation is vital for business sales and profitability, as most consumers (85%) say they would not buy a product from a company associated with misinformation. Reinforcing that message, 90% of consumers surveyed say reliable information is a “very important” or “fairly important” factor, affecting whether they choose to buy a product or service from a particular business. One form of misinformation – ‘greenwashing’, where businesses claim their products are more environmentally friendly than they are in reality, is a major issue for the sustainability sector and those investing in it.Most consumers aged 18-55 (67%) surveyed say businesses are doing at least what they say regarding sustainability. But those over 56 are much more skeptical, with 62% saying businesses are doing less than they promise.More than two-thirds (68%) of business leaders say their sustainability messaging accurately reflects the level of activity taken, but 41% of consumers assert they are doing less than they say. “This gap between the sentiments of business leaders and consumers indicates that companies still have more work to do to communicate their efforts when it comes to sustainability,” says Yogesh. For more news updates, check out our May issue here. Media contact  Rebecca Morpeth Spayne,  Editor, Security Portfolio  Tel: +44 (0) 1622 823 922

Misinformation threat ‘will grow’ say business leaders Read More »

Scroll to Top