A trio of Maryland companies - Wilhelm Commercial Builders, Signals Defenses, and KCI Protection Technologies - have partnered to develop a holistic approach to cybersecurity called a Secure Work Environment. Their approach combines construction expertise, privacy-boosting window coatings, monitoring sensors, and vulnerability assessments to identify and address security weaknesses across physical and digital systems. Their solution aims to shield buildings and information from electronic intrusion through customized security measures. The partnership sees increasing demand and potential to become a global $20 million business within two years by providing adaptive cybersecurity solutions for businesses concerned about losses from theft of intellectual property.
CM Research Corporate Presentation 2014CM Research
Analysing Global Trends in Technology, Media and Telecoms
Our corporate presentation explains how we help CEOs, CTOs and CIOs predict the future of technology, media and telecoms.
Cyber-I, in association with Intel Security (formerly McAfee), recently delivered an executive over entitled "Security Trends Affecting Security Strategy".
Cyber-insurance and liability caps proposed as incentives by Department of Co...David Sweigert
It is important to note that while the incentives study was required within 120 days of the date of EO 13636, the preliminary version of the Framework is required within 240 days of the date of EO 13636. In addition, DHS will be establishing a voluntary program to support Framework adoption within 365 days of the signing of EO 13636. This report is limited by the current understanding of what the Framework will entail and would benefit from more specifics to inform the analysis and recommendation of the incentives designed for promoting its adoption. For example, knowledge of the Framework would allow the cost of Framework adoption to be quantified. Since the Framework is still under development, this was not possible, and so the incentives considered were evaluated at a more general level with the understanding that the analysis would be updated as needed as the Framework is developed. Since the Framework is still in development at the time of this writing, the incentives that are intended to promote its adoption were assessed prospectively, in terms of the likelihood that they will motivate organizations to adopt the Framework in the future. It is expected that the most effective incentives will not only promote adoption of the Framework.
CM Research Corporate Presentation 2014CM Research
Analysing Global Trends in Technology, Media and Telecoms
Our corporate presentation explains how we help CEOs, CTOs and CIOs predict the future of technology, media and telecoms.
Cyber-I, in association with Intel Security (formerly McAfee), recently delivered an executive over entitled "Security Trends Affecting Security Strategy".
Cyber-insurance and liability caps proposed as incentives by Department of Co...David Sweigert
It is important to note that while the incentives study was required within 120 days of the date of EO 13636, the preliminary version of the Framework is required within 240 days of the date of EO 13636. In addition, DHS will be establishing a voluntary program to support Framework adoption within 365 days of the signing of EO 13636. This report is limited by the current understanding of what the Framework will entail and would benefit from more specifics to inform the analysis and recommendation of the incentives designed for promoting its adoption. For example, knowledge of the Framework would allow the cost of Framework adoption to be quantified. Since the Framework is still under development, this was not possible, and so the incentives considered were evaluated at a more general level with the understanding that the analysis would be updated as needed as the Framework is developed. Since the Framework is still in development at the time of this writing, the incentives that are intended to promote its adoption were assessed prospectively, in terms of the likelihood that they will motivate organizations to adopt the Framework in the future. It is expected that the most effective incentives will not only promote adoption of the Framework.
Design and implementation of remotely managed embedded digital signage systemIJCSEA Journal
This paper is about a remotely managed digital signage system design considering embedded system design
rules and characteristics. Digital signage system design is based on various methods of using computer and
television screens as well as other kinds of display devices in ways that are as efficient as possible to
provide advertising and information to people in public areas. In modern digital signage systems, the
screens are divided into regions and layers, and the content on the screens is made up of several files. The
goals of this study are broadcasting information, advertisements at display contents in public areas such
as; subways, buses, malls, city squares and control these digital signs remotely.
The security challenge
Trust will become the byword of the mobile era. Consumers will need to trust that their data and
information is being kept securely when using mobile devices and services, while corporations will
need to trust that their service providers, technology environments and employees are adhering to
their security protocols.
As a result, demand for mobile security products and solutions is quickly picking up steam. Corporations –
keen to unleash the productive benefits of mobile without taking on additional risk – are hungry for
effective solutions, particularly those that can be outsourced or moved into the cloud.
Consumers have also proven willing to pay a premium for enhanced security and privacy on their
mobile devices opening up a new market of opportunity for those that can successfully commercialize
new consumer security solutions.
In this paper, we offer our thoughts
on where we believe Cloud is going from a business perspective and why it’s relevant for your organization. Our aim is to inspire creative thinking and spark dialog. For more perspectives on Cloud and to share your thoughts, please visit http://www.cisco.com/go/cloud.
READY, SET, GO! Quality Programming From the Beginning to End! Shawn C. Petty
(OSTICON 2015 Presentation by Molly Health, Burnet County Consortium) ~ Provide innovative and intentional program strategies that can be implemented in any program whether it’s day one or year four. Learn how to structure your program to include aligning with the school day, using targeted tutoring, offering enrichment choices to sustain high student participation and attendance, and strategies for hiring/rotating staff.
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Black Duck by Synopsys
A wide spectrum of cybersecurity and open source security news in this week’s Open Source Insight, including the need for hospitals to ramp up their cybersecurity efforts; the need to include open source security in any plan to secure medical devices; a major data breach at Italian bank Unicredit; two Black Duck executives share their views on open source security in video interviews; and why the automotive industry many be close to an iPhone moment.
Design and implementation of remotely managed embedded digital signage systemIJCSEA Journal
This paper is about a remotely managed digital signage system design considering embedded system design
rules and characteristics. Digital signage system design is based on various methods of using computer and
television screens as well as other kinds of display devices in ways that are as efficient as possible to
provide advertising and information to people in public areas. In modern digital signage systems, the
screens are divided into regions and layers, and the content on the screens is made up of several files. The
goals of this study are broadcasting information, advertisements at display contents in public areas such
as; subways, buses, malls, city squares and control these digital signs remotely.
The security challenge
Trust will become the byword of the mobile era. Consumers will need to trust that their data and
information is being kept securely when using mobile devices and services, while corporations will
need to trust that their service providers, technology environments and employees are adhering to
their security protocols.
As a result, demand for mobile security products and solutions is quickly picking up steam. Corporations –
keen to unleash the productive benefits of mobile without taking on additional risk – are hungry for
effective solutions, particularly those that can be outsourced or moved into the cloud.
Consumers have also proven willing to pay a premium for enhanced security and privacy on their
mobile devices opening up a new market of opportunity for those that can successfully commercialize
new consumer security solutions.
In this paper, we offer our thoughts
on where we believe Cloud is going from a business perspective and why it’s relevant for your organization. Our aim is to inspire creative thinking and spark dialog. For more perspectives on Cloud and to share your thoughts, please visit http://www.cisco.com/go/cloud.
READY, SET, GO! Quality Programming From the Beginning to End! Shawn C. Petty
(OSTICON 2015 Presentation by Molly Health, Burnet County Consortium) ~ Provide innovative and intentional program strategies that can be implemented in any program whether it’s day one or year four. Learn how to structure your program to include aligning with the school day, using targeted tutoring, offering enrichment choices to sustain high student participation and attendance, and strategies for hiring/rotating staff.
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Black Duck by Synopsys
A wide spectrum of cybersecurity and open source security news in this week’s Open Source Insight, including the need for hospitals to ramp up their cybersecurity efforts; the need to include open source security in any plan to secure medical devices; a major data breach at Italian bank Unicredit; two Black Duck executives share their views on open source security in video interviews; and why the automotive industry many be close to an iPhone moment.
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
The potential trillion dollar Internet of Things (IoT) business opportunity rests precariously on one critical factor – security. 71% of executives in our survey agreed that security concerns will influence customers’ purchase decision for IoT products. However, despite increasing cyber attacks and ample warning from security experts, most organizations do not provide adequate security and privacy safeguards for their IoT products. In fact, only 33% of IoT executives in our survey believe that the IoT products in their industry are highly resilient to cyber security attacks. Further, despite rising consumer concerns regarding data privacy, 47% of organizations do not provide any privacy related information regarding their IoT products.
So, why are organizations lagging behind in securing their IoT products and systems? Key reasons for this include an expanded attack surface, inefficiencies in the IoT product development process, and the lack of specialized security skill-sets. For instance, our survey showed that only 48% of companies focus on securing their IoT products from the beginning of the product development phase. Building a secure IoT system begins with the recognition that security needs to be as much of a priority as the features and functionality of an IoT product. The report highlights the key measures that organizations must take in order to put security at the core of their IoT value proposition.
Partner with HARMAN Digital Transformation Solutions (DTS) to build products and solutions that address real customer needs in real-time, and accelerate business growth.
Value Journal, a monthly news journal from Redington Value Distribution, intends to update the channel on the latest vendor news and Redington Value’s Channel Initiatives.
Key stories from the October Edition:
•Redington Value Signs Agreement to Become FireEye Distributor
•Gigamon Announces Distribution Agreement with Redington Value
•Aruba ESP Unifies IoT, IT and OT Networks
•Nutanix Announces HCI Software Innovations
•Oracle Cloud Guard and Oracle Maximum Security Zones Now Available
•Gigamon Partners with Nokia to Deliver 5G Solution
•Huawei Launches Digital OptiX Network Solutions in the Middle East
•QR Codes Pose Significant Security Risks to Enterprises: MobileIron
•Soft Skills and Tech Critical to Maximize Value From AI: Microsoft
•Palo Alto Networks Introduces Next-Generation SD-WAN Solution
•Cisco’s Webex Enables Rapid Adoption of New Remote Learning Models for MEA
•Trend Micro Blocked 8.8 Million COVID-19 Threats
•Ooredoo Kuwait partners with Nutanix to launch VDI-as-a-Service for businesses
•Talend Introduces Measure of Data Health
•VMware Advances 5G Telco Cloud Portfolio
•Mimecast Announces Integration with Theta Lake
The impact of a security breach on MSP's and their clientsJose Lopez
This solution brief outline the financial and reputation impact of a security breach for a MSP and his customers. Choosing the best Antivirus/Antimalware and content control solution for a MSP is critical for protect his customers properly against new and emerging threats.
Security Redefined - Prevention is the future!!Daniel L. Cruz
Android is winning the mobile market in numbers of devices and applications. Soon, Android will also dominate the evolving IOT device and application market. Device+Application security certification testing must become embedded as a process and every piece of software capable of being exposed to hackers.
Industrial Control Systems Go Mobile in the CloudLockheed Martin
Industrial control systems are increasingly becoming interconnected with local area networks, wide area networks, extranet networks, and cloud computing environments. Cloud and mobile technologies provide a competitive advantage for global companies. In this research, a DevOps approach to cloud-based applications development was used to create a capability for industrial control systems management and reporting.
According to current government guidelines, everyone who cannot do their job from home should now go to work, provided their workplace is open. As people start to trickle back into the workplace over the next few months, we’re going to see the emergence of a very dierent workplace. More people are going to continue to work remotely, whether full-time or part-time, and businesses are going to have to deal with the impact of the predicted recession.
The future is in the cloud, or at least it's migrating there. Offering scalability, flexibility and agility, the cloud is the obvious solution for businesses seeking to make sense of the deluge of data. Cloud services can also help companies meet sustainability goals and even cut costs. But cloud strategies need to be carefully crafted to avoid the risks of remote storage and realise the potential of cloud-enabled efficiencies.
Corporate America is Being ATTACKED and the Entry Vector May be SurprisingSignals Defense, LLC
Risks are introduced into networks by a user’s own
digital/Radio Frequency (RF) fingerprint, a digital/
RF fingerprint is the unique RF and trail of data that
Corporate America is Being ATTACKED and the
Entry Vector May Be Surprising
each person emits, this digital/RF fingerprint
is the culmination of device and device usage....
Signals Defense CSO details how you can defend yourself 'digitally' against an attacker by understanding how you are vulnerable and the steps you can take to protect yourself.
Incident Response (IR) and cleanup methodology to identify the scope of compromises, identify malicious scripts and programs to eradicate network systems.
Wireless Security: Not just 802.11 Anymore by Rick Mellendick, Signals Defens...Signals Defense, LLC
Signals Defenses's own, Rick Mellendick shares his expertise on wireless security. Rick is currently is Chief Security Officer for Signals Defense, and has been a security architect for multiple Federal agencies and corporations.
Rick has over 17 years of IT and security experience. His background is in designing secure networks in multi-platform/multi-classification environments and designing and developing secure wireless networks with non-traditional strategies using offensive techniques to better defend networks.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
Holistic approach to cybersecurity being engineered by maryland companies 8-13
1. Reprinted with permission from
The Business Monthly, Inc.
August 2013
Holistic Approach to Cybersecurity:
Being Engineered By Maryland Companies
By George Berkheimer, Senior
Writer
A trio of Maryland compa-
nies has combined their comple-
mentary focuses to develop one
of the first holistic approaches to
cybersecurity in the nation.
Established in May, cy-
ber-oriented alliance combines
the construction expertise of
Wilhelm Commercial Builders
(WCB) of Annapolis Junction,
the privacy-boosting window
coatings and monitoring sensors
of Owings Mills-based Signals
Defenses (SD) and the vulner-
ability assessment capabilities
of KCI Protection Technologies
(KCI), headquartered in Sparks.
With that mixture of skill
sets, the associated companies
are ably positioned to not only
identify the weak spots in any
given business’s physical and
network security precautions,
but also to engineer and build the
solution.
Targeting both existing fa-
cilities and new construction
projects, the partners assert they
can handle anything from shield-
ing a small conference room
to hardening entire multi-story
buildings against electronic in-
trusion.
In cybersecurity jargon, this
new defense concept is called
a Secure Work Environment
(SWE), said WCB CEO Wayne
Wilhelm, and its benefits are
obvious.
“The threats that we are
facing from the use and demand
of progressive technology is
staggering, and the world is not
becoming a safer place anytime
soon,” Wilhelm said. “It is our
mission to help [clients] … pre-
serve the integrity of information
and provide the proper counter-
measures to secure privacy of
information in the workplace.”
Understanding and
Adapting
Wilhelm’s general contract-
ing company boasts more than
20 years of experience providing
construction services to commer-
cial and government customers
at the classified and unclassified
levels, which include Sensitive
Compartmented Information Fa-
cilities (SCIFs) and Tempest-cer-
tified projects.
“Partnering with [SD and
KCI] provides the additional
resources and technology nec-
essary to produce a turn-key ap-
proach … by providing consult-
ing services, protective products
and monitoring and detection
systems to ensure protection at
all threat levels,” he said.
At the Howard County
Chamber of Commerce’s Cy-
ber 4.01 conference in June,
representatives from the three
companies conducted a presen-
tation that spelled out just how
vulnerable most businesses are,
even to some decidedly low-tech
forms of intrusion.
“A sufficiently determined,
not necessarily well-funded
adversary can gain access into
almost any organization,” said
KCI President John Fannin.
More common ploys include
bugs planted inside buildings by
people posing as contractors,
vendors and employees; laser lis-
tening and recording devices that
can convert window vibrations
back into clear speech; and even
simple photography of exposed
documents through a window
from the parking lot.
KCI’s red-teaming efforts —
attempts to gain malicious entry
into a client company’s physical
and cyber assets with permis-
sion from its leadership cadre
to validate its security program
effectiveness — consistently
succeed in finding ways to breach
security.
Vulnerability assessments
like these make up the core of
an effective security program,
Fannin said. “They can help
companies understand, anticipate
and adapt.”
What Haystack?
Among the solutions SD
offers are optically-clear film
coatings that make windows
resistant to radio frequency and
infrared exploitation, and are
even blast-resistant in some cas-
es.
Additionally, the company
is currently working out the life-
cycle support components of its
new SD Gabriel system, which
is scheduled to hit the market in
the coming weeks.
The low-cost, real-time mon-
itoring system uses high-quality
radio frequency (RF) sensors
whose affordability, until re-
cently, was limited to federal
government and military clients
with deep pockets.
“This will be a real differ-
entiator in the marketplace …
costing on the order of magnitude
of seven times less than current
technology,” said Tom Jones,
director of SD’s Secure Work
Environment Services division.
“We built a demonstration SWE
facility where we plan to begin
on-site demonstrations for po-
tential clients in late July.”
Used in combination with
construction techniques that
reduce the RF energy infiltrating
or emanating from a building,
the sensors can easily identify
and defend against attacks using
clandestine technology such
as laser microphones and even
hard-to-detect frequency-hop-
ping bugs.
“We’ve got to control the RF
battlefield,” said Ron Waranows-
ki, managing director at SD.
“You can’t economically do
Tempest any more, you have to
do the next best thing. When you
build a SWE, you cut the weeds
down and the threat sticks out
quickly.”
Game Changer
Hospitality, banking and
manufacturing businesses have
Continued on pg. 2
2. Reprinted with permission from
The Business Monthly, Inc.
August 2013
Holistic Approach to Cybersecurity:
Being Engineered By Maryland Companies
want to be held hostage.”
As businesses warm to the
SWE concept, Jones said the
team of companies is typically
seeing requests to turn confer-
ence rooms into soft SCIFs at
the moment, but anticipates the
demand for more robust projects
will grow soon.
“We’ve met with some sig-
nificant Fortune 100 companies,
and 10 companies are doing
beta testing with our technology
now,” Wilhelm said. “This is
really the beginning of some
incredible stuff. We’re set up to
be international in scope, and
in two years we’re anticipating
increased revenues of more than
$20 million annually because of
this opportunity.”
Part of the trio’s appeal,
Fannin said, is its ability to offer
clients whatever level of service
and product they want, or can
afford, ranging from just an
assessment up to a full-design,
turn-key SWE.
“Some companies just want
to know what they can do to
improve their layers of protec-
tion, and we can provide them
with a prioritized list,” Fannin
said, adding that every client has
different thresholds of need and
may find some risks acceptable.
“Real-time monitoring is
the big game changer,” Wilhelm
said. “With Tempest, nobody
knew what was happening in
between accreditation cycles
unless they were doing periodic
bug sweeps. Now they can have
24/7 coverage if they want it.”
Continued from pg. 1
long been targets of corporate
espionage techniques, and legal
and accounting firms are equally
at risk, said Jones.
“A growing number of other
businesses have expressed ex-
treme interest in getting these
types of technology and defense
deployed in their environments,”
he said. “It’s been estimated that
corporations lose between $200
and $250 billion in intellectual
property each year. They don’t