US security agencies warn of threats to industrial, utility control networks

Key US government security organizations are warning that industrial control system (ICS)/supervisory control and data acquisition (SCADA)-based networks are being threatened by bad actors armed with custom software tools.The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.The alert did not identify which groups were making the threats, but it did recognize Dragos, Mandiant, Microsoft, Palo Alto Networks and Schneider Electric for helping put together the warning. Dragos has posted a paper about part of the threat.To read this article in full, please click here READ MORE HERE…

Read more

Cisco SD-WAN software gains broader application access, enhanced analytics

Cisco has tweaked its flagship SD-WAN software package to increase customer application flexibility and improve visibility into the performance of distributed resources.The company announced Cisco SD-WAN release 17.8, which adds support for new business and customized cloud applications, analytics and security features.SD-WAN buyers guide: Key questions to ask vendors
Specifically, the company upgraded the SD-WAN Cloud OnRamp for SaaS service, which links branch offices or individual remote users to cloud applications such as Cisco’s Webex, Microsoft 365, AWS, Google, Oracle, Salesforce and more.To read this article in full, please click here READ MORE HERE…

Read more

IBM z16: A mainframe designed for AI, hybrid cloud, security and open source

Today’s announcement of IBM’s new z16 mainframes promises a system that caters to enterprise needs that include support for AI, security, hybrid cloud, and open source efforts well into the future.The new, more powerful and feature-rich Big Iron boasts an AI accelerator built onto its core Telum processor that can do 300 billion deep-learning inferences per day with one millisecond latency and includes what IBM calls a quantum-safe system to protect organizations from anticipated quantum-based security threats.
[Get regularly scheduled insights by signing up for Network World newsletters.]To read this article in full, please click here READ MORE HERE…

Read more

IBM service aims to secure multicloud operations

IBM is launching a new service to help customers manage their data encryption keys in a hybrid cloud environment. Unified Key Orchestrator lets customers integrate all security key-management systems into one managed service that’s backed by Big Blue’s Hardware Security Module. HSM is IBM’s system that protects against physical or logical attacks and has special hardware to perform cryptographic operations and protect keys.Gartner: IT skills shortage hobbles cloud, edge, automation growth
Available from IBM Cloud, Unified Key Orchestrator lets customers maintain visibility and control over who has access to their critical data, while running workloads across hybrid or multicloud cloud environments. In addition, with a single, secure, cloud-based  view of an organization’s crypto keys, enterprises can create and revoke keys for their data across multiple clouds. At the same time, companies no longer need to rely on security experts with specialized knowledge of each individual cloud to handle security operations, according to IBM.To read this article in full, please click here READ MORE HERE…

Read more

Cisco IDs top 2022 security threats and what to do about them

2022 will be another busy year for enterprise incident responders as ransomware, supply chain and myriad zero-day attacks will continue to rise, according to Cisco’s Talos security experts.To help address the threats, the Cisco Talos team used a blog and online presentation to detail steps enterprises can take to defend themselves against the growing field of bad actors and also to point out lessons learned from recent damaging exploits such as the Log4j vulnerability and Microsoft Exchange server zero-day threats.Once, zero-day attacks were typically launched by state actors against service providers, but those days are gone, wrote Nick Biasini head of outreach at Cisco Talos in a blog about the security landscape in 2022. Now new, less experienced combatants seek out a broader range of targets, using less surgical attacks. “This has led to more risky behavior than we’ve seen historically, without as much regard for collateral damage,” he wrote.To read this article in full, please click here READ MORE HERE…

Read more

F5 integrates security for multi-cloud app protection.

F5 Networks has rolled out an integrated, cloud-based security platform and services aimed at protecting widely distributed enterprise applications.The company used its Agility conference this week to introduce its overarching Distributed Cloud Services platform, which will bring together security technologies from recent acquisitions, including Threat Stack, Volterra, and Shape Security, plus its own web-application firewall and other components to offer an integrated, secure, distributed application-management platform for on-prem or cloud deployment.How to build a hybrid-cloud strategy
“Modernizing apps includes transformational actions such as leveraging microservices, using multiple clouds and edge locations instead of a single cloud provider, and utilizing API-based communication to connect workloads and data,” wrote Haiyan Song, executive vice president and general manager of F5’s Security & Distributed Cloud Product Group in a blog about the new services.To read this article in full, please click here READ MORE HERE…

Read more

Palo Alto software advances end-to-end enterprise cloud security

Palo Alto Networks has bolstered its security software to better protect  enterprise Software-as-a-Service (SaaS) applications.The company rolled out a new version of its core cloud-security package, Prisma Cloud 3.0, which includes the ability to code security directly into SaaS applications. The package includes a cloud-access security broker (CASB) to control access to cloud resources.[Get regularly scheduled insights by signing up for Network World newsletters.]
Prisma is a cloud-based security bundle that includes access control, advanced threat protection, user-behavior monitoring, and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, Zero Trust network access and a secure web gateway. To read this article in full, please click here READ MORE HERE…

Read more

Juniper software triggers network response to threats

Juniper Networks continues to grow its enterprise cloud-security family with a new product that promises to protect application workloads in any cloud or on-premises environment.The company rolled out Juniper Cloud Workload Protection package–a  lightweight software agent that the company says controls application execution and monitors application behavior to help businesses spot and fix anomalies.Backup lessons from a cloud-storage disaster
The idea is to provide protection from attackers looking to exploit application vulnerabilities, said Kate Adam, senior director of security product marketing for Juniper Networks. To read this article in full, please click here READ MORE HERE…

Read more