{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"product":{"reference-bonus":{"en":"Offer a reference bonus","ru":"Предложить бонус за референс","_type":"localeString"},"configurator":{"en":"Сonfigurator","ru":"Конфигуратор","_type":"localeString"},"i-sell-it":{"ru":"I sell it","_type":"localeString","en":"I sell it"},"i-use-it":{"en":"I use it","ru":"I use it","_type":"localeString"},"roi-calculator":{"_type":"localeString","en":"ROI-calculator","ru":"ROI-калькулятор"},"selling":{"en":"Selling","ru":"Продают","_type":"localeString"},"using":{"en":"Using","ru":"Используют","_type":"localeString"},"show-more-button":{"ru":"Показать еще","_type":"localeString","en":"Show more"},"hide-button":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"supplier-popover":{"_type":"localeString","en":"supplier","ru":"поставщик"},"implementation-popover":{"ru":"внедрение","_type":"localeString","en":"deployment"},"manufacturer-popover":{"en":"manufacturer","ru":"производитель","_type":"localeString"},"short-description":{"ru":"Краткое описание","_type":"localeString","en":"Pitch"},"i-use-it-popover":{"en":"Make your introduction and get a bonus from ROI4CIO or the supplier.","ru":"Внесите свое внедрение и получите бонус от ROI4CIO или поставщика.","_type":"localeString"},"details":{"en":"Details","ru":"Детальнее","_type":"localeString"},"description":{"en":"Description","ru":"Описание","_type":"localeString"},"product-features":{"en":"Product features","ru":"Особенности продукта","_type":"localeString"},"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"solutions":{"en":" Problems that solves","ru":"Проблемы которые решает","_type":"localeString"},"values":{"ru":"Ценности","_type":"localeString","en":"Values"},"сomparison-matrix":{"en":"Comparison matrix","ru":"Матрица сравнения","_type":"localeString"},"testing":{"_type":"localeString","en":"Testing","ru":"Тестирование"},"compare":{"_type":"localeString","en":"Compare with competitors","ru":"Сравнить с конкурентами"},"characteristics":{"en":" Characteristics","ru":"Характеристики","_type":"localeString"},"transaction-features":{"_type":"localeString","en":"Transaction Features","ru":"Особенности сделки"},"average-discount":{"ru":"Средняя скидка партнера","_type":"localeString","en":"Partner average discount"},"deal-protection":{"ru":"Защита сделки","_type":"localeString","en":"Deal protection"},"average-deal":{"_type":"localeString","en":"Average deal size","ru":"Средний размер сделки"},"average-time":{"_type":"localeString","en":"Average deal closing time","ru":"Средний срок закрытия сделки"},"login":{"ru":"Войти","_type":"localeString","en":"Login"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"to-know-more":{"en":"To know more","ru":"Чтобы узнать больше","_type":"localeString"},"scheme":{"en":" Scheme of work","ru":"Схема работы","_type":"localeString"},"competitive-products":{"en":" Competitive products","ru":"Конкурентные продукты","_type":"localeString"},"implementations-with-product":{"ru":"Внедрения с этим продуктом","_type":"localeString","en":"Deployments with this product"},"user-features":{"_type":"localeString","en":"User features","ru":"Особенности пользователей"},"job-roles":{"ru":"Роли заинтересованных сотрудников","_type":"localeString","en":" Roles of Interested Employees"},"organizational-features":{"en":"Organizational Features","ru":"Организационные особенности","_type":"localeString"},"calculate-price":{"en":" Calculate product price","ru":"Рассчитать цену продукта","_type":"localeString"},"selling-stories":{"en":" Selling stories","ru":"Продающие истории","_type":"localeString"},"materials":{"ru":"Материалы","_type":"localeString","en":"Materials"},"about-product":{"ru":"О продукте","_type":"localeString","en":"About Product"},"or":{"ru":"или","_type":"localeString","en":"or"},"program-sends-data":{"_type":"localeString","en":"Program Sends Data"},"calculate-roi":{"en":"Calculate Product ROI","ru":"Рассчитать ROI продукта","_type":"localeString"},"complementary-categories":{"ru":"Схожие категории","_type":"localeString","en":"Complementary Categories"},"program-receives-data":{"_type":"localeString","en":"Program Receives Data"},"rebate":{"ru":"Бонус","_type":"localeString","en":"Bonus"},"rebate-for-poc":{"_type":"localeString","en":"Bonus 4 POC","ru":"Бонус 4 POC"},"configurator-content":{"ru":"Рассчитайте стоимость продукта","_type":"localeString","en":"Calculate price for this product here"},"configurator-link":{"_type":"localeString","en":"here","ru":"тут"},"vendor-popover":{"ru":"производитель","_type":"localeString","en":"vendor"},"user-popover":{"_type":"localeString","en":"user","ru":"пользователь"},"select-for-presentation":{"ru":"выбрать продукт для презентации","_type":"localeString","en":"select product for presentation"},"auth-message":{"ru":"Вам нужно зарегистрироваться или войти.","_type":"localeString","en":"You have to register or login."},"add-to-comparison":{"ru":"Добавить в сравнение","_type":"localeString","en":"Add to comparison"},"added-to-comparison":{"_type":"localeString","en":"Added to comparison","ru":"Добавлено в сравнения"},"roi-calculator-content":{"en":"Calculate ROI for this product here","ru":"Рассчитайте ROI для данного продукта","_type":"localeString"},"not-yet-converted":{"ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later."},"videos":{"en":"Videos","ru":"Видео","_type":"localeString"},"vendor-verified":{"_type":"localeString","en":"Vendor verified","ru":"Подтверждено производителем"},"event-schedule":{"ru":"Расписание событий","_type":"localeString","en":"Events schedule"},"scheduling-tip":{"ru":"Выберите удобную дату и время и зарегистрируйтесь на ивент.","_type":"localeString","en":"Please, сhoose a convenient date and time and register for the event."},"register-to-schedule":{"_type":"localeString","en":"To register for the event please log in or register on the site.","ru":"Для того чтобы зарегистрироваться на ивент пожалуйста авторизируйтесь или зарегистрируйтесь на сайт."},"comparison-matrix":{"ru":"Матрица сравнений","_type":"localeString","en":"Comparison matrix"},"compare-with-competitive":{"ru":"Сравнить с конкурентными","_type":"localeString","en":" Compare with competitive"},"avg-deal-closing-unit":{"ru":"месяцев","_type":"localeString","en":"months"},"under-construction":{"en":"Current feature is still developing to become even more useful for you.","ru":"Данная услуга всё ещё находится в разработке.","_type":"localeString"},"product-presentation":{"_type":"localeString","en":"Product presentation","ru":"Презентация продукта"},"go-to-comparison-table":{"en":" Go to comparison table","ru":"Перейти к таблице сравнения","_type":"localeString"},"see-product-details":{"_type":"localeString","en":"See Details","ru":"Детали"}},"header":{"help":{"_type":"localeString","en":"Help","de":"Hilfe","ru":"Помощь"},"how":{"_type":"localeString","en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает"},"login":{"ru":"Вход","_type":"localeString","en":"Log in","de":"Einloggen"},"logout":{"en":"Sign out","ru":"Выйти","_type":"localeString"},"faq":{"ru":"FAQ","_type":"localeString","en":"FAQ","de":"FAQ"},"references":{"_type":"localeString","en":"Requests","de":"References","ru":"Мои запросы"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"autoconfigurator":{"_type":"localeString","en":" Price calculator","ru":"Калькулятор цены"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"en":"Catalogs","ru":"Каталоги","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"_type":"localeString","en":"Categories","ru":"Категории"},"for-suppliers":{"en":"For suppliers","ru":"Поставщикам","_type":"localeString"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"ru":"Сделки","_type":"localeString","en":"Deals"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"en":"Are you sure you want to delete","ru":"Подтвердите удаление","_type":"localeString"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"en":"Get reference from user","_type":"localeString"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"en":"Learn implementation reviews","_type":"localeString"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"en":"Explore IT products by category","_type":"localeString"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"_type":"localeString","en":"My Company","de":"Über die Firma","ru":"О компании"},"about":{"en":"About us","de":"Über uns","ru":"О нас","_type":"localeString"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"ru":"Тарифы","_type":"localeString","en":"Subscriptions","de":"Tarife"},"contact":{"ru":"Связаться с нами","_type":"localeString","en":"Contact us","de":"Kontaktiere uns"},"marketplace":{"ru":"Marketplace","_type":"localeString","en":"Marketplace","de":"Marketplace"},"products":{"de":"Produkte","ru":"Продукты","_type":"localeString","en":"Products"},"compare":{"ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche"},"calculate":{"de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost"},"get_bonus":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt"},"salestools":{"de":"Salestools","ru":"Salestools","_type":"localeString","en":"Salestools"},"automatization":{"_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения"},"b4r":{"_type":"localeString","en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference"},"our_social":{"en":"Our social networks","de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString"},"subscribe":{"de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter"},"subscribe_info":{"_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта"},"policy":{"ru":"Политика конфиденциальности","_type":"localeString","en":"Privacy Policy"},"user_agreement":{"en":"Agreement","ru":"Пользовательское соглашение ","_type":"localeString"},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"_type":"localeString","en":"Price calculator","ru":"Калькулятор цены"},"boosting":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"_type":"localeString","en":"blog","ru":"блог"},"pay4content":{"_type":"localeString","en":"we pay for content","ru":"платим за контент"},"categories":{"ru":"категории","_type":"localeString","en":"categories"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"en":"Email","ru":"Email","_type":"localeString"},"subscribe__name-label":{"_type":"localeString","en":"Name","ru":"Имя"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data","ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*"},"subscribe__submit-label":{"en":"Subscribe","ru":"Подписаться","_type":"localeString"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"ru":"Имя Фамилия","_type":"localeString","en":"Last, first name"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"de":"roi4presenter","ru":"roi4presenter","_type":"localeString","en":"Roi4Presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"ru":"Главная","_type":"localeString","en":"Home"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"_type":"localeString","en":"Registration","ru":"Регистрация"},"b2b-platform":{"ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"en":"First name","ru":"Имя","_type":"localeString"},"lastname":{"_type":"localeString","en":"Last name","ru":"Фамилия"},"company":{"_type":"localeString","en":"Company name","ru":"Компания"},"position":{"_type":"localeString","en":"Position","ru":"Должность"},"actual-cost":{"en":"Actual cost","ru":"Фактическая стоимость","_type":"localeString"},"received-roi":{"ru":"Полученный ROI","_type":"localeString","en":"Received ROI"},"saving-type":{"_type":"localeString","en":"Saving type","ru":"Тип экономии"},"comment":{"ru":"Комментарий","_type":"localeString","en":"Comment"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString","en":"With user agreement and privacy policy"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле","_type":"localeString"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"en":"Thank you for your understanding","ru":"Спасибо за ваше понимание","_type":"localeString"}}},"translationsStatus":{"product":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"product":{"title":{"en":"ROI4CIO: Product","ru":"ROI4CIO: Продукт","_type":"localeString"},"meta":[{"name":"og:type","content":"website"},{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"}],"translatable_meta":[{"translations":{"ru":"Конкретный продукт","_type":"localeString","en":"Example product"},"name":"og:title"},{"name":"og:description","translations":{"ru":"Описание для конкретного продукта","_type":"localeString","en":"Description for one product"}},{"translations":{"ru":"Продукт","_type":"localeString","en":"Product"},"name":"title"},{"name":"description","translations":{"ru":"Описание продукта","_type":"localeString","en":"Product description"}},{"translations":{"ru":"Ключевые слова продукта","_type":"localeString","en":"Product keywords"},"name":"keywords"}]}},"pageMetaDataStatus":{"product":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{"isid-industrial-threat-detection":{"id":3240,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/radiflow.png","logo":true,"scheme":false,"title":"iSID Industrial Threat Detection","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"isid-industrial-threat-detection","companyTitle":"Radiflow","companyTypes":["supplier","vendor"],"companyId":5113,"companyAlias":"radiflow","description":"Radiflow’s iSID Detection & Analysis Platform provides proactive cybersecurity for critical infrastructures through non-intrusive monitoring of distributed production networks for changes in topology and behavior.\r\n<br />iSID’s multiple security engines offer capabilities pertaining to specific type of network activity: modeling and visibility of OT and IT devices, protocols and sessions; detection of threats and attacks; policy monitoring and validation of operational parameters; rules-based maintenance management; and networked device management.<br />iSID employs Radiflow’s iSAP Smart Collectors, installed at distributed networks’ remote sites, to collect, compress (to prevent network overload) and send over GRE all LAN traffic from the local switch, using port mirroring to a centrally installed iSID over VPN tunnels.\r\n<br />iSID allows for different modes of deployment, allowing organizations to optimize their cyber-security expenditure: on-site at the industrial (ICS/SCADA-based) facility; at the operator’s central monitoring location; or at an MSSP’s SOC (Security Operations center) using the iCEN management platform for multiple instances of iSID.<br /><br />","shortDescription":"Threat and vulnerability detection with system-wide visibility for ICS/SCADA OT networks.","type":"Hardware","isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"iSID Industrial Threat Detection","keywords":"","description":"Radiflow’s iSID Detection & Analysis Platform provides proactive cybersecurity for critical infrastructures through non-intrusive monitoring of distributed production networks for changes in topology and behavior.\r\n<br />iSID’s multiple security engines of","og:title":"iSID Industrial Threat Detection","og:description":"Radiflow’s iSID Detection & Analysis Platform provides proactive cybersecurity for critical infrastructures through non-intrusive monitoring of distributed production networks for changes in topology and behavior.\r\n<br />iSID’s multiple security engines of","og:image":"https://old.roi4cio.com/fileadmin/user_upload/radiflow.png"},"eventUrl":"","translationId":3241,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":532,"title":"Software","alias":"software","description":" Computer software, or simply software, is a collection of data or computer instructions that tell the computer how to work. This is in contrast to physical hardware, from which the system is built and actually performs the work. In computer science and software engineering, computer software is all information processed by computer systems, programs, and data. Computer software includes computer programs, libraries and related non-executable data, such as online documentation or digital media. Computer hardware and software require each other and neither can be realistically used on its own.\r\nAt the lowest programming level, executable code consists of machine language instructions supported by an individual processor — typically a central processing unit (CPU) or a graphics processing unit (GPU). A machine language consists of groups of binary values signifying processor instructions that change the state of the computer from its preceding state. For example, an instruction may change the value stored in a particular storage location in the computer—an effect that is not directly observable to the user. An instruction may also invoke one of many input or output operations, for example displaying some text on a computer screen; causing state changes that should be visible to the user. The processor executes the instructions in the order they are provided, unless it is instructed to "jump" to a different instruction, or is interrupted by the operating system. As of 2015, most personal computers, smartphone devices, and servers have processors with multiple execution units or multiple processors performing computation together, and computing has become a much more concurrent activity than in the past.\r\nThe majority of software is written in high-level programming languages. They are easier and more efficient for programmers because they are closer to natural languages than machine languages. High-level languages are translated into machine language using a compiler or an interpreter or a combination of the two. Software may also be written in a low-level assembly language, which has strong correspondence to the computer's machine language instructions and is translated into machine language using an assembler.","materialsDescription":" <span style=\"font-weight: bold; \">What is software?</span>\r\nSometimes abbreviated as SW and S/W, software is a collection of instructions that enable the user to interact with a computer, its hardware, or perform tasks. Without software, most computers would be useless. For example, without your Internet browser software, you could not surf the Internet or read this page. Without an operating system, the browser could not run on your computer. The picture shows a Microsoft Excel box, an example of a spreadsheet software program.\r\n<span style=\"font-weight: bold; \">How do you get software?</span>\r\nSoftware can be purchased at a retail computer store or online and come in a box containing all the disks (floppy diskette, CD, DVD, or Blu-ray), manuals, warranty, and other documentation.\r\nSoftware can also be downloaded to a computer over the Internet. Once downloaded, setup files are run to start the installation process on your computer.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Free software</span></span>\r\nThere are also a lot of free software programs available that are separated into different categories.\r\n<ul><li>Shareware or trial software is software that gives you a few days to try the software before you have to buy the program. After the trial time expires, you'll be asked to enter a code or register the product before you can continue to use it.</li><li>Freeware is completely free software that never requires payment, as long as it is not modified.</li><li>Open-source software is similar to freeware. Not only is the program given away free, but the source code used to make the program is also, allowing anyone to modify the program or view how it was created.</li></ul>\r\n<span style=\"font-weight: bold; \">How do you use computer software?</span>\r\nOnce the software is installed on the computer hard drive, the program can be used anytime by finding the program on the computer. On a Windows computer, a program icon is added to the Start menu or Start screen, depending on your version of Windows.\r\n<span style=\"font-weight: bold;\">How to maintain software?</span>\r\nAfter the software is installed on your computer, it may need to be updated to fix any found errors. Updating a program can be done using software patches. Once updates are installed, any problems that may have been experienced in the program will no longer occur.\r\n<span style=\"font-weight: bold;\">How is software created and how does it work?</span>\r\nA computer programmer (or several computer programmers) writes the instructions using a programming language, defining how the software should operate on structured data. The program may then be interpreted or compiled into machine code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Software.png"},{"id":824,"title":"ATP - Advanced Threat Protection","alias":"atp-advanced-threat-protection","description":" Advanced threat protection (ATP) refers to a category of security solutions that defend against sophisticated malware or hacking-based attacks targeting sensitive data. Advanced threat protection solutions can be available as software or as managed services. ATP solutions can differ in approaches and components, but most include some combination of endpoint agents, network devices, email gateways, malware protection systems, and a centralized management console to correlate alerts and manage defenses.\r\nThe primary benefit offered by advanced threat protection software is the ability to prevent, detect, and respond to new and sophisticated attacks that are designed to circumvent traditional security solutions such as antivirus, firewalls, and IPS/IDS. Attacks continue to become increasingly targeted, stealthy, and persistent, and ATP solutions take a proactive approach to security by identifying and eliminating advanced threats before data is compromised.\r\nAdvanced threat protection services build on this benefit by providing access to a global community of security professionals dedicated to monitoring, tracking, and sharing information about emerging and identified threats. ATP service providers typically have access to global threat information sharing networks, augmenting their own threat intelligence and analysis with information from third parties. When a new, advanced threat is detected, ATP service providers can update their defenses to ensure protection keeps up. This global community effort plays a substantial role in maintaining the security of enterprises around the world.\r\nEnterprises that implement advanced threat protection are better able to detect threats early and more quickly formulate a response to minimize damage and recover should an attack occur. A good security provider will focus on the lifecycle of an attack and manage threats in real-time. ATP providers notify the enterprise of attacks that have occurred, the severity of the attack, and the response that was initiated to stop the threat in its tracks or minimize data loss. Whether managed in-house or provided as a service, advanced threat protection solutions secure critical data and systems, no matter where the attack originates or how major the attack or potential attack is perceived.","materialsDescription":" <span style=\"font-weight: bold;\">How Advanced Threat Protection Works?</span>\r\nThere are three primary goals of advanced threat protection: early detection (detecting potential threats before they have the opportunity to access critical data or breach systems), adequate protection (the ability to defend against detected threats swiftly), and response (the ability to mitigate threats and respond to security incidents). To achieve these goals, advanced threat protection services and solutions must offer several components and functions for comprehensive ATP:\r\n<ul><li><span style=\"font-weight: bold;\">Real-time visibility</span> – Without continuous monitoring and real-time visibility, threats are often detected too late. When damage is already done, response can be tremendously costly in terms of both resource utilization and reputation damage.</li><li><span style=\"font-weight: bold;\">Context</span> – For true security effectiveness, threat alerts must contain context to allow security teams to effectively prioritize threats and organize response.</li><li><span style=\"font-weight: bold;\">Data awareness</span> – It’s impossible to determine threats truly capable of causing harm without first having a deep understanding of enterprise data, its sensitivity, value, and other factors that contribute to the formulation of an appropriate response.</li></ul>\r\nWhen a threat is detected, further analysis may be required. Security services offering ATP typically handle threat analysis, enabling enterprises to conduct business as usual while continuous monitoring, threat analysis, and response occurs behind the scenes. Threats are typically prioritized by potential damage and the classification or sensitivity of the data at risk. Advanced threat protection should address three key areas:\r\n<ul><li>Halting attacks in progress or mitigating threats before they breach systems</li><li>Disrupting activity in progress or countering actions that have already occurred as a result of a breach</li><li>Interrupting the lifecycle of the attack to ensure that the threat is unable to progress or proceed</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-ATP.png"},{"id":50,"title":"IPC - Information Protection and Control","alias":"ipc-information-protection-and-control","description":"Information Protection and Control (IPC) is a technology for protecting confidential information from internal threats. IPC solutions are designed to protect information from internal threats, prevent various types of information leaks, corporate espionage, and business intelligence. The term IPC combines two main technologies: encryption of storage media at all points of the network and control of technical channels of information leakage using Data Loss Prevention (DLP) technologies. Network, application and data access control is a possible third technology in IPC class systems. IPC includes solutions of the Data Loss Prevention (DLP) class, a system for encrypting corporate information and controlling access to it. The term IPC was one of the first to use IDC analyst Brian Burke in his report, Information Protection and Control Survey: Data Loss Prevention and Encryption Trends.\r\nIPC technology is a logical continuation of DLP technology and allows you to protect data not only from leaks through technical channels, that is, insiders, but also from unauthorized user access to the network, information, applications, and in cases where the direct storage medium falls into the hands of third parties. This allows you to prevent leaks in those cases when an insider or a person who does not have legal access to data gain access to the direct carrier of information. For example, removing a hard drive from a personal computer, an insider will not be able to read the information on it. This allows you to prevent the compromise of confidential data even in the event of loss, theft or seizure (for example, when organizing operational events by special services specialists, unscrupulous competitors or raiders).\r\nThe main objective of IPC systems is to prevent the transfer of confidential information outside the corporate information system. Such a transfer (leak) may be intentional or unintentional. Practice shows that most of the leaks (more than 75%) do not occur due to malicious intent, but because of errors, carelessness, carelessness, and negligence of employees - it is much easier to detect such cases. The rest is connected with the malicious intent of operators and users of enterprise information systems, in particular, industrial espionage and competitive intelligence. Obviously, malicious insiders, as a rule, try to trick IPC analyzers and other control systems.","materialsDescription":"<span style=\"font-weight: bold; \">What is Information Protection and Control (IPC)?</span>\r\nIPC (English Information Protection and Control) is a generic name for technology to protect confidential information from internal threats.\r\nIPC solutions are designed to prevent various types of information leaks, corporate espionage, and business intelligence. IPC combines two main technologies: media encryption and control of technical channels of information leakage (Data Loss Prevention - DLP). Also, the functionality of IPC systems may include systems of protection against unauthorized access (unauthorized access).\r\n<span style=\"font-weight: bold; \">What are the objectives of IPC class systems?</span>\r\n<ul><li>preventing the transfer of confidential information beyond the corporate information system;</li><li>prevention of outside transmission of not only confidential but also other undesirable information (offensive expressions, spam, eroticism, excessive amounts of data, etc.);</li><li>preventing the transmission of unwanted information not only from inside to outside but also from outside to inside the organization’s information system;</li><li>preventing employees from using the Internet and network resources for personal purposes;</li><li>spam protection;</li><li>virus protection;</li><li>optimization of channel loading, reduction of inappropriate traffic;</li><li>accounting of working hours and presence at the workplace;</li><li>tracking the reliability of employees, their political views, beliefs, collecting dirt;</li><li>archiving information in case of accidental deletion or damage to the original;</li><li>protection against accidental or intentional violation of internal standards;</li><li>ensuring compliance with standards in the field of information security and current legislation.</li></ul>\r\n<span style=\"font-weight: bold; \">Why is DLP technology used in IPC?</span>\r\nIPC DLP technology supports monitoring of the following technical channels for confidential information leakage:\r\n<ul><li>corporate email;</li><li>webmail;</li><li>social networks and blogs;</li><li>file-sharing networks;</li><li>forums and other Internet resources, including those made using AJAX technology;</li><li>instant messaging tools (ICQ, Mail.Ru Agent, Skype, AOL AIM, Google Talk, Yahoo Messenger, MSN Messenger, etc.);</li><li>P2P clients;</li><li>peripheral devices (USB, LPT, COM, WiFi, Bluetooth, etc.);</li><li>local and network printers.</li></ul>\r\nDLP technologies in IPC support control, including the following communication protocols:\r\n<ul><li>FTP;</li><li>FTP over HTTP;</li><li>FTPS;</li><li>HTTP;</li><li>HTTPS (SSL);</li><li>NNTP;</li><li>POP3;</li><li>SMTP.</li></ul>\r\n<span style=\"font-weight: bold; \">What information protection facilities does IPC technology include?</span>\r\nIPC technology includes the ability to encrypt information at all key points in the network. The objects of information security are:\r\n<ul><li>Server hard drives;</li><li>SAN;</li><li>NAS;</li><li>Magnetic tapes;</li><li>CD/DVD/Blue-ray discs;</li><li>Personal computers (including laptops);</li><li>External devices.</li></ul>\r\nIPC technologies use various plug-in cryptographic modules, including the most efficient algorithms DES, Triple DES, RC5, RC6, AES, XTS-AES. The most used algorithms in IPC solutions are RC5 and AES, the effectiveness of which can be tested on the project [distributed.net]. They are most effective for solving the problems of encrypting data of large amounts of data on server storages and backups.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IPC_-_Information_Protection_and_Control.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":59,"title":"SCADA - Supervisory Control And Data Acquisition","alias":"scada-supervisory-control-and-data-acquisition","description":"<span style=\"font-weight: bold; \">SCADA</span> stands for <span style=\"font-weight: bold; \">Supervisory Control and Data Acquisition</span>, a term which describes the basic functions of a SCADA system. Companies use SCADA systems to control equipment across their sites and to collect and record data about their operations. SCADA is not a specific technology, but a type of application. Any application that gets operating data about a system in order to control and optimise that system is a SCADA application. That application may be a petrochemical distillation process, a water filtration system, a pipeline compressor, or just about anything else.\r\nSCADA solutions typically come in a combination of software and hardware elements, such as programmable logic controllers (PLCs) and remote terminal units (RTUs). Data acquisition in SCADA starts with PLCs and RTUs, which communicate with plant floor equipment such as factory machinery and sensors. Data gathered from the equipment is then sent to the next level, such as a control room, where operators can supervise the PLC and RTU controls using human-machine interfaces (HMIs). HMIs are an important element of SCADA systems. They are the screens that operators use to communicate with the SCADA system.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">The major components of a SCADA technology include:</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Master Terminal Unit (MTU).</span> It comprises a computer, PLC and a network server that helps MTU to communicate with the RTUs. MTU begins communication, collects and saves data, helps to interface with operators and to communicate data to other systems.</li><li><span style=\"font-weight: bold;\">Remote Terminal Unit (RTU).</span> RTU is used to collect information from these sensors and further sends the data to MTU. RTUs have the storage capacity facility. So, it stores the data and transmits the data when MTU sends the corresponding command.</li><li><span style=\"font-weight: bold;\">Communication Network (defined by its network topology).</span> In general, network means connection. When you tell a SCADA communication network, it is defined as a link between RTU in the field to MTU in the central location. The bidirectional wired or wireless communication channel is used for the networking purpose. Various other communication mediums like fiber optic cables, twisted pair cables, etc. are also used.</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Objectives of Supervisory Control and Data Acquisition system</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Monitor:</span> SCADA control system continuously monitors the physical parameters</li><li><span style=\"font-weight: bold;\">Measure:</span> It measures the parameter for processing</li><li><span style=\"font-weight: bold;\">Data Acquisition:</span> It acquires data from RTU, data loggers, etc</li><li><span style=\"font-weight: bold;\">Data Communication:</span> It helps to communicate and transmit a large amount of data between MTU and RTU units</li><li><span style=\"font-weight: bold;\">Controlling:</span> Online real-time monitoring and controlling of the process</li><li><span style=\"font-weight: bold;\">Automation:</span> It helps for automatic transmission and functionality</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Who Uses SCADA?</h1>\r\nSCADA systems are used by industrial organizations and companies in the public and private sectors to control and maintain efficiency, distribute data for smarter decisions, and communicate system issues to help mitigate downtime. Supervisory control systems work well in many different types of enterprises because they can range from simple configurations to large, complex installations. They are the backbone of many modern industries, including:\r\n<ul><li>Energy</li><li>Food and beverage</li><li>Manufacturing</li><li>Oil and gas</li><li>Power</li><li>Recycling</li><li>Transportation</li><li>Water and waste water</li><li>And many more</li></ul>\r\nVirtually anywhere you look in today's world, there is some type of SCADA monitoring system running behind the scenes: maintaining the refrigeration systems at the local supermarket, ensuring production and safety at a refinery, achieving quality standards at a waste water treatment plant, or even tracking your energy use at home, to give a few examples. Effective SCADA systems can result in significant savings of time and money. Numerous case studies have been published highlighting the benefits and savings of using a modern SCADA software.\r\n<h1 class=\"align-center\">Benefits of using SCADA software</h1>\r\nUsing modern SCADA software provides numerous benefits to businesses, and helps companies make the most of those benefits. Some of these advantages include:\r\n<span style=\"font-weight: bold; \">Easier engineering:</span> An advanced supervisory control application such provides easy-to-locate tools, wizards, graphic templates and other pre-configured elements, so engineers can create automation projects and set parameters quickly, even if they don't have programming experience. In addition, you can also easily maintain and expand existing applications as needed. The ability to automate the engineering process allows users, particularly system integrators and original equipment manufacturers (OEM), to set up complex projects much more efficiently and accurately.\r\n<span style=\"font-weight: bold; \">Improved data management:</span> A high-quality SCADA system makes it easier to collect, manage, access and analyze your operational data. It can enable automatic data recording and provide a central location for data storage. Additionally, it can transfer data to other systems such as MES and ERP as needed. \r\n<span style=\"font-weight: bold; \">Greater visibility:</span> One of the main advantages of using SCADA software is the improvement in visibility into your operations. It provides you with real-time information about your operations and enables you to conveniently view that information via an HMI. SCADA monitoring can also help in generating reports and analyzing data.\r\n<span style=\"font-weight: bold; \">Enhanced efficiency:</span> A SCADA system allows you to streamline processes through automated actions and user-friendly tools. The data that SCADA provides allows you to uncover opportunities for improving the efficiency of the operations, which can be used to make long-term changes to processes or even respond to real-time changes in conditions.\r\n<span style=\"font-weight: bold; \">Increased usability:</span> SCADA systems enable workers to control equipment more quickly, easily and safely through an HMI. Rather than having to control each piece of machinery manually, workers can manage them remotely and often control many pieces of equipment from a single location. Managers, even those who are not currently on the floor, also gain this capability.\r\n<span style=\"font-weight: bold; \">Reduced downtime:</span> A SCADA system can detect faults at an early stage and push instant alerts to the responsible personnel. Powered by predictive analytics, a SCADA system can also inform you of a potential issue of the machinery before it fails and causes larger problems. These features can help improve the overall equipment effectiveness (OEE) and reduce the amount of time and cost on troubleshooting and maintenance.\r\n<span style=\"font-weight: bold;\">Easy integration:</span> Connectivity to existing machine environments is key to removing data silos and maximizing productivity. \r\n<span style=\"font-weight: bold;\">Unified platform:</span>All of your data is also available in one platform, which helps you to get a clear overview of your operations and take full advantage of your data. All users also get real-time updates locally or remotely, ensuring everyone on your team is on the same page.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SCADA__-_Supervisory_Control_And_Data_Acquisition.png"},{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"},{"id":540,"title":"Security Hardware","alias":"security-hardware","description":"Hardware security as a discipline originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity and measures to ensure that the supply chain that built the product is secure, among other things.\r\nA hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.\r\nSome providers in this discipline consider that the key difference between hardware security and software security is that hardware security is implemented using "non-Turing-machine" logic (raw combinatorial logic or simple state machines). One approach, referred to as "hardsec", uses FPGAs to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.\r\nHardware backdoors are backdoors in hardware. Conceptionally related, a hardware Trojan (HT) is a malicious modification of an electronic system, particularly in the context of an integrated circuit.\r\nA physical unclonable function (PUF) is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect, it is the hardware analog of a one-way function. The name "physically unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a function. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high-security requirements.\r\nMany attacks on sensitive data and resources reported by organizations occur from within the organization itself.","materialsDescription":"<span style=\"font-weight: bold;\">What is hardware information security?</span>\r\nHardware means various types of devices (mechanical, electromechanical, electronic, etc.), which solve information protection problems with hardware. They impede access to information, including through its disguise. The hardware includes: noise generators, surge protectors, scanning radios and many other devices that "block" potential channels of information leakage or allow them to be detected. The advantages of technical means are related to their reliability, independence from subjective factors and high resistance to modification. The weaknesses include a lack of flexibility, relatively large volume and mass and high cost. The hardware for information protection includes the most diverse technical structures in terms of operation, device and capabilities, which ensure the suppression of disclosure, protection against leakage and counteraction to unauthorized access to sources of confidential information.\r\n<span style=\"font-weight: bold;\">Where is the hardware used to protect information?</span>\r\nHardware information protection is used to solve the following problems:\r\n<ul><li>conducting special studies of technical means of ensuring production activity for the presence of possible channels of information leakage;</li><li>identification of information leakage channels at various objects and in premises;</li><li>localization of information leakage channels;</li><li>search and detection of industrial espionage tools;</li><li>countering unauthorized access to confidential information sources and other actions.</li></ul>\r\n<span style=\"font-weight: bold;\">What is the classification of information security hardware?</span>\r\nAccording to the functional purpose, the hardware can be classified into detection tools, search tools and detailed measurements and active and passive countermeasures. At the same time, according to their technical capabilities, information protection tools can be general-purpose, designed for use by non-professionals in order to obtain preliminary (general) estimates, and professional complexes that allow for a thorough search, detection and precision measurement of all the characteristics of industrial espionage equipment. As an example of the former, we can consider a group of IP electromagnetic radiation indicators, which have a wide range of received signals and rather low sensitivity. As a second example - a complex for the detection and direction finding of radio bookmarks, designed to automatically detect and locate radio transmitters, radio microphones, telephone bookmarks and network radio transmitters.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Hardware.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"}],"characteristics":[],"concurentProducts":[{"id":5632,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/ICsec_S.A..jpg","logo":true,"scheme":false,"title":"ICsec S.A. Scadvance","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"icsec-sa-scadvance","companyTitle":"ICsec S.A.","companyTypes":["vendor"],"companyId":8545,"companyAlias":"icsec-sa","description":"<p class=\"align-center\"><b>Scadvance takes care of your safety</b></p>\r\nPolish IDS system for SCADA network created in cooperation with recognized national scientific institutions and data centers. Using the latest technological solutions, it allows to detect anomalies and cyber threats in industrial automation networks before they cause irreparable damage. \r\n<b>Hardware & Software </b>\r\nScalable system consisting of probes and monitoring software. A comprehensive solution enables tracking cyber incidents and anomalies appearing in any industrial network. \r\n<b>Artificial Intelligence </b>\r\nA self-learning solution that adapts to the specific network traffic parameters of any OT architecture. The system allows for the introduction of new rules to detect complex cyber threats. \r\n<b>Monitoring </b>\r\nThanks to the use of proprietary algorithms, monitoring and detection of cyber threats in the industrial network takes place in real time. Thanks to the automation of the system, it does not require the intervention of the administrator. \r\n<b>Big Data </b>\r\nScadvance allows you to process large amounts of data. Thanks to the archiving of the entire industrial network traffic, it is possible to inspect incidents occurring in the past for use in computer science. ","shortDescription":"The first Polish IDS system for industrial networks\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":14,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"ICsec S.A. Scadvance","keywords":"","description":"<p class=\"align-center\"><b>Scadvance takes care of your safety</b></p>\r\nPolish IDS system for SCADA network created in cooperation with recognized national scientific institutions and data centers. Using the latest technological solutions, it allows to detect ","og:title":"ICsec S.A. Scadvance","og:description":"<p class=\"align-center\"><b>Scadvance takes care of your safety</b></p>\r\nPolish IDS system for SCADA network created in cooperation with recognized national scientific institutions and data centers. Using the latest technological solutions, it allows to detect ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/ICsec_S.A..jpg"},"eventUrl":"","translationId":5631,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3841,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/palantir.png","logo":true,"scheme":false,"title":"Palantir Foundry","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"palantir-foundry","companyTitle":"Palantir","companyTypes":["supplier","vendor"],"companyId":5993,"companyAlias":"palantir","description":"Palantir Foundry is a platform that reimagines how people use data by removing the barriers between back-end data management and front-end data analysis. Foundry enables users with varying technical ability and deep subject matter expertise to work meaningfully with data. With Foundry, anyone can source, connect, and transform data into any shape they desire, then use it to take action.\r\n<b>Powering Data Transformation</b>\r\n<b><i>Data Security</i></b>\r\n<ul> <li><b>Protect </b>data confidently with automatic propagation from source system to final insight</li> <li><b>Understand </b> how an insight came to be with lineage and versioning of both data and code</li> <li><b>Protect production </b>without disconnecting it from the sandbox environment</li> </ul>\r\n<b><i>Business Ontology</i></b>\r\n<ul> <li><b>Unify </b>the organization by capturing every business concept in a common ontology</li> <li><b>Compound </b>business intelligence by feeding insights back into the ontology</li> <li><b>Improve the quality </b>of ontology data automatically and continuously</li> </ul>\r\n<b><i>Analytical Diversity</i></b>\r\n<ul> <li><b>Empower </b>business analysts with point-and-click environments that unlock complex analytics</li> <li><b>Supercharge </b> advanced analytics for data engineers and data scientists</li> <li><b>Accelerate </b>machine learning and artificial intelligence with quality data and seamless deployment to production</li> </ul>\r\n<b><i>Openness and Extensibility</i></b>\r\n<ul> <li><b>Enhance </b>the value of existing IT investments by centralizing data operations</li> <li><b>Plug in to </b>in-house and third-party solutions through open data formats and open APIs</li> <li><b>Accelerate </b>future projects and reduce their cost with reusable data pipelines and centralized management</li> </ul>\r\n<b>Features:</b>\r\n<b><i>Deliver immediate, compounding business value</i></b>\r\nWith the whole organization collaborating on the same data foundation, the cost of new data projects drops, and the value of the data asset increases over time. Instead of putting success at the end of a five-year roadmap, Palantir Foundry lets organizations achieve critical outcomes from the start.\r\n<b><i>Unite the organization around a common ontology</i></b>\r\nCollaboration takes off when the whole organization is speaking the same language. Palantir Foundry lets organizations translate their entire business into an ontology: a set of building blocks that map business concepts to the data that describes them. With one flexible ontology as a starting point for every user, new questions, analyses, and projects enhance organizational knowledge rather than fragment it.\r\n<b><i>Manage data and business logic in tandem</i></b>\r\nBusiness logic codifies the knowledge that holds an organization together. Palantir Foundry manages business logic in tandem with the data it runs on so that as logic evolves, insights do too. Users can always trace an insight back to the data and logic that feed it.\r\n<b><i>Secure the data once; secure the system in perpetuity</i></b>\r\nPalantir Foundry lets organizations define granular access control policies at the integration stage, then propagates those policies intelligently across the system. Organizations can promote data access confidently with granular data security and transparent data governance.\r\n<b><i>Instill trust in data with continuous improvement</i></b>\r\nIn a living data ecosystem, data integrity is a moving target that requires continuous improvement over time. Palantir Foundry combines automated data quality checks with tools for users to flag issues when they see them, sustaining the integrity of the data asset over the long term.\r\n<b><i>Make operations analytical and analytics operational</i></b>\r\nSuccessful data transformation calls for collaboration across the entire organization. Palantir Foundry blurs the lines between functions so that subject matter experts answer mission-critical questions without learning to code, and data scientists operate at the heart of the business.","shortDescription":"Data integration is the seminal problem of the digital age. For more than a decade, we’ve helped the world’s institutions rise to the challenge","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":17,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Palantir Foundry","keywords":"","description":"Palantir Foundry is a platform that reimagines how people use data by removing the barriers between back-end data management and front-end data analysis. Foundry enables users with varying technical ability and deep subject matter expertise to work meaningfull","og:title":"Palantir Foundry","og:description":"Palantir Foundry is a platform that reimagines how people use data by removing the barriers between back-end data management and front-end data analysis. Foundry enables users with varying technical ability and deep subject matter expertise to work meaningfull","og:image":"https://old.roi4cio.com/fileadmin/user_upload/palantir.png"},"eventUrl":"","translationId":3840,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6145,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/RadarServices.png","logo":true,"scheme":false,"title":"RadarServices Radar Platform","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"radarservices-radar-platform","companyTitle":"RadarServices Smart IT-Security GmbH","companyTypes":["supplier","vendor"],"companyId":6202,"companyAlias":"radarservices-smart-it-security-gmbh","description":"The Radar Platform offers customers next generation technology. The inhouse developed solution is characterized by state-of-the-art intelligence automation being used to comprehensively monitor IT security and perform IT risk assessments. The agnostic platform is able to analyze and evaluate any logs, networks and other kinds of information. \r\n<b>Process </b>\r\n<ol> <li>Risks are detected by means of a multi-level correlation approach, combining different information and events, both in an automated way and through work by experts. Both customer-specific analogies and analogies involving several customers and sectors are applied. </li> <li>This correlation is based on a wide range of events, originating from both IT itself and the environment in which IT systems are operated. For this purpose, intelligent event middleware is used. </li> <li>Risks are presented for different user groups, including those not involved in IT: based on needs and clearly arranged, for critical business processes, IT services, and legal and regulatory requirements. </li> </ol>\r\n<i>The various Detection Modules within the Radar Platform lay the perfect foundation to safeguard your digital activities and footprints. </i>\r\n<b>Your benefits using Radar Platform </b>\r\n<ul> <li>Intelligent and efficient endpoint-to-endpoint solution </li> <li>Extensive knowledge database </li> <li>Turnkey concept to commence operations in a very short space of time </li> <li>Scalable deployment to increase turnover </li> </ul>","shortDescription":"The platform to analyze and assess cyberrisks\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"RadarServices Radar Platform","keywords":"","description":"The Radar Platform offers customers next generation technology. The inhouse developed solution is characterized by state-of-the-art intelligence automation being used to comprehensively monitor IT security and perform IT risk assessments. The agnostic platform","og:title":"RadarServices Radar Platform","og:description":"The Radar Platform offers customers next generation technology. The inhouse developed solution is characterized by state-of-the-art intelligence automation being used to comprehensively monitor IT security and perform IT risk assessments. The agnostic platform","og:image":"https://old.roi4cio.com/fileadmin/user_upload/RadarServices.png"},"eventUrl":"","translationId":6144,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":45,"title":"SIEM - Security Information and Event Management","alias":"siem-security-information-and-event-management","description":"<span style=\"font-weight: bold; \">Security information and event management (SIEM)</span> is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. \r\n The underlying principles of every SIEM system is to aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action. At the most basic level, a SIEM system can be rules-based or employ a statistical correlation engine to establish relationships between event log entries. Advanced SIEM products have evolved to include user and entity behavior analytics (UEBA) and security orchestration and automated response (SOAR). \r\nThe acronyms SEM, SIM and SIEM have sometimes been used interchangeably, but generally refer to the different primary focus of products:\r\n<ul><li><span style=\"font-weight: bold;\">Log management:</span> Focus on simple collection and storage of log messages and audit trails.</li><li><span style=\"font-weight: bold;\">Security information management (SIM):</span> Long-term storage as well as analysis and reporting of log data.</li><li><span style=\"font-weight: bold;\">Security event manager (SEM):</span> Real-time monitoring, correlation of events, notifications and console views.</li><li><span style=\"font-weight: bold;\">Security information event management (SIEM):</span> Combines SIM and SEM and provides real-time analysis of security alerts generated by network hardware and applications.</li><li><span style=\"font-weight: bold;\">Managed Security Service (MSS) or Managed Security Service Provider (MSSP):</span> The most common managed services appear to evolve around connectivity and bandwidth, network monitoring, security, virtualization, and disaster recovery.</li><li><span style=\"font-weight: bold;\">Security as a service (SECaaS):</span> These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection, Penetration testing and security event management, among others.</li></ul>\r\nToday, most of SIEM technology works by deploying multiple collection agents in a hierarchical manner to gather security-related events from end-user devices, servers, network equipment, as well as specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console where security analysts sift through the noise, connecting the dots and prioritizing security incidents.\r\nSome of the most important features to review when evaluating Security Information and Event Management software are:\r\n<ol><li><span style=\"font-weight: bold; \">Integration with other controls:</span> Can the system give commands to other enterprise security controls to prevent or stop attacks in progress?</li><li><span style=\"font-weight: bold; \">Artificial intelligence:</span> Can the system improve its own accuracy by through machine and deep learning?</li><li><span style=\"font-weight: bold; \">Threat intelligence feeds:</span> Can the system support threat intelligence feeds of the organization's choosing or is it mandated to use a particular feed?</li><li><span style=\"font-weight: bold; \">Robust compliance reporting:</span> Does the system include built-in reports for common compliance needs and the provide the organization with the ability to customize or create new compliance reports?</li><li><span style=\"font-weight: bold; \">Forensics capabilities:</span> Can the system capture additional information about security events by recording the headers and contents of packets of interest? </li></ol>\r\n\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> Why is SIEM Important?</h1>\r\nSIEM has become a core security component of modern organizations. The main reason is that every user or tracker leaves behind a virtual trail in a network’s log data. SIEM software is designed to use this log data in order to generate insight into past attacks and events. A SIEM solution not only identifies that an attack has happened, but allows you to see how and why it happened as well.\r\nAs organizations update and upscale to increasingly complex IT infrastructures, SIEM has become even more important in recent years. Contrary to popular belief, firewalls and antivirus packages are not enough to protect a network in its entirety. Zero-day attacks can still penetrate a system’s defenses even with these security measures in place.\r\nSIEM addresses this problem by detecting attack activity and assessing it against past behavior on the network. A security event monitoring has the ability to distinguish between legitimate use and a malicious attack. This helps to increase a system’s incident protection and avoid damage to systems and virtual property.\r\nThe use of SIEM also helps companies to comply with a variety of industry cyber management regulations. Log management is the industry standard method of auditing activity on an IT network. SIEM management provides the best way to meet this regulatory requirement and provide transparency over logs in order to generate clear insights and improvements.\r\n<h1 class=\"align-center\">Evaluation criteria for security information and event management software:</h1>\r\n<ul><li>Threat identification: Raw log form vs. descriptive.</li><li>Threat tracking: Ability to track through the various events, from source to destination.</li><li>Policy enforcement: Ability to enforce defined polices.</li><li>Application analysis: Ability to analyze application at Layer 7 if necessary.</li><li>Business relevance of events: Ability to assign business risk to events and have weighted threat levels.</li><li>Measuring changes and improvements: Ability to track configuration changes to devices.</li><li>Asset-based information: Ability to gather information on devices on the network.</li><li>Anomalous behavior (server): Ability to trend and see changes in how it communicates to others.</li><li>Anomalous behavior (network): Ability to trend and see how communications pass throughout the network.</li><li>Anomalous behavior (application): Ability to trend and see changes in how it communicates to others.</li><li>User monitoring: User activity, logging in, applications usage, etc.</li></ul>\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SIEM.png"},{"id":53,"title":"DaaS - Desktop as a Service","alias":"daas-desktop-as-a-service","description":"<span style=\"font-weight: bold; \">DaaS (Desktop as a service)</span> is a cloud computing offering in which a third party hosts the back end of a virtual desktop infrastructure (VDI) deployment.\r\nWith DaaS services, desktop operating systems run inside virtual machines on servers in a cloud provider's data center. All the necessary support infrastructure, including storage and network resources, also lives in the cloud. As with on-premises VDI, a DaaS providers stream virtual desktops over a network to a customer's endpoint devices, where end users may access them through client software or a web browser.\r\nThough it sounds a lot like VDI, there is a vital difference between DaaS and VDI. VDI refers to when virtual desktops are served through on-premise servers maintained by in-house IT teams. It’s the traditional way to deploy and manage virtual desktops. But since it’s on-premise, VDI technology technology must be maintained, managed, and upgraded in-house whenever necessary.\r\nDaaS service on the other hand, is a cloud-based virtual desktop solution that separates virtual desktops from on-premise servers, enabling brands to leverage a third-party hosting provider. It’s like VDI, but in the cloud instead of in the back of the office. \r\nHowever, it’s not necessary to choose one or the other. These two approaches can complement each other. Some users prefer to have a DaaS desktop overlay of their VDI deployment. For example, the Desktop as a Service providers allow the user to modernize legacy applications with zero code refactoring. Not all legacy Windows apps perform well in a DaaS environment, due to latency or hardware requirements. \r\nThe modern workplace requires agility, leading to many companies embracing mobile working and Bring Your Own Device (BYOD) policies against a backdrop of increased concern about security risk, compliance requirements and the ever-present need to reduce overheads. This is why, over a decade after analysts predicted the rise of remote desktop as a service, it is now finally being taken up in volume.\r\nBy adopting Desktop as a Service, companies can address the issues associated with end-user computing while giving their staff more freedom and increasing productivity. The pain associated with managing a multitude of devices, including those not supplied by the company, is eliminated. While remaining compliant, companies can greatly reduce risks. ","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: bold; \">How does desktop as a service work?</span></h1>\r\nDaaS architecture is multi-tenant, and organizations purchase the service through a subscription model -- typically based on the number of virtual desktop instances used per month.\r\nIn the desktop-as-a-service delivery model, the cloud computing provider manages the back-end responsibilities of data storage, backup, security and upgrades. While the provider handles all the back-end infrastructure costs and maintenance, customers usually manage their own virtual desktop images, applications and security, unless those desktop management services are part of the subscription.\r\nTypically, an end user's personal data is copied to and from their virtual desktop during logon and logoff, and access to the desktop is device-, location- and network-independent.\r\n<h1 class=\"align-center\">The benefits of Desktop as a Service</h1>\r\nMany organisations are undergoing digital transformation, and modernising the workplace is often a stream within the wider strategy. In order to manage remote and multi-device workforces using DaaS, you should think about the following seven benefits and how this will change, and hopefully improve, your currently way of working.\r\n<span style=\"font-weight: bold;\">The modern workplace.</span> Digital transformation is redefining what we think about the workplace. At the heart of this evolution is technology and the introduction of digital-first natives into the workplace. Allowing staff to work remotely, through DaaS in cloud and via their own devices is a surefire way to attract and retain the best talent.\r\n<span style=\"font-weight: bold;\">Cost.</span> As with many cloud initiatives, DaaS pricing moves from CAPEX to OPEX, leaving you more cash in the bank to spend on growing your business. Per desktop pricing enables you to know exactly what workforce expansion will cost the IT department, removing unforeseen infrastructure or hardware purchases as this is handled by the provider, who bundle everything in with the price of each desktop.Virtual machines use the compute power of the data centre rather than their local machines, placing less demand on the endpoint. <span style=\"font-weight: bold;\"></span>\r\n<span style=\"font-weight: bold;\">Scalability</span>. Due to the ‘...as a service’ delivery model, DaaS platform enables you to add user workstations fast and easily. This is particularly handy when your organisation utilises contract resource or temporary project teams, as there’s no hardware to procure, meaning you have the flexibility to create a desktop almost instantly and delete it when no longer required. This also puts you in control.\r\n<span style=\"font-weight: bold;\">Control.</span> DaaS helps you manage the risks that naturally come with giving your staff the freedom to work anywhere and on any device. It enables you to control the essentials such as data access and compliance without being overly restrictive. You no longer have to worry about what data is held on a user’s device as the data remains in the data centre at all times. This gives you control over all company assets because access can be revoked with the touch of a button.\r\n<span style=\"font-weight: bold;\">Management.</span> With an increasingly dispersed workforce, rolling out new applications or patching existing software has become more of a logistical problem than a technical one. Trying to coordinate people bringing in physical devices to be patched is a real issue for many companies, something which is eliminated completely with DaaS. You operate on one central image (or a small number of images based on persona), a change is made once, and everyone is on the latest version. It removes the need to standardise builds of end-user compute hardware as DaaS applications will run on almost any device no matter its configuration.\r\n<span style=\"font-weight: bold;\">Security.</span> DaaS moves the security risk from hundreds of end-user devices and put it all into the controlled and managed environment of a data centre. Lost or stolen laptops no longer provide a security risk. No data is on the local machine. As DaaS removes the need to create VPNs to access applications and data held by the company it also removes the problem of users trying to bypass the security in the belief that it will make their life easier. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/DaaS_-_Desktop_as_a_Service.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4354,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/BWise.png","logo":true,"scheme":false,"title":"Governance, Risk Management and Compliance Software Platform","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"governance-risk-management-and-compliance-software-platform","companyTitle":"SAI Global | BWise","companyTypes":["supplier","vendor"],"companyId":6743,"companyAlias":"sai-global-bwise","description":"Key organizational risks can have a dramatic financial and reputational effect on an organization. To ensure compliance and proper risk management, companies need to review enterprise-wide business processes on a regular basis, assess current and potential risks, and design procedures or controls to mitigate those risks. \r\nThis can help prevent related operational losses and fines for regulatory violations, reduce the costs and burden of compliance, and guard against potential reputational damage. \r\nAnd, using one common risk taxonomy and risk language company-wide can help the business units focus on their primary functions and enables Internal Audit to use the same language across all business units while maintaining its inherent independence.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">The BWise GRC Platform</span></p>\r\nThe software platform enables customers to stay in control of all financial and reputational risks.\r\n BWise offers: \r\n<ul><li>Role-based solutions for Risk Management, Internal Control, Internal Audit, Compliance and Policy Management and Information Security.</li><li>Support for the end-to-end workflows of a given role and is seamlessly integrated with the others.</li><li>One integrated system with common risk taxonomy focused on business objectives, with a common language for internal audit, risk, and compliance from which each department can work.</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Take Fact-based Decisions to a New Level with Continuous Monitoring and Continuous Auditing Integrated into the GRC Platform</span></p>\r\nData analytics technologies such as Continuous Monitoring (CM) and Continuous Auditing (CA) enable data from multiple systems and databases to be collected and analyzed automatically.\r\n This reduces the manual work required and increases efficiency, scoping, and accuracy by analyzing full data sets rather than mere samples. \r\n<p class=\"align-center\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">The Benefits of Using the BWise Solution</span></span></p>\r\n<span style=\"font-weight: bold;\">BWISE LOWERS OVERALL COMPLIANCE COSTS</span><br />On average, companies spend approximately five percent of their revenue on risk management and compliance-related processes and systems. \r\nBy standardizing and using improved business processes, you can dramatically reduce these costs including those associated with non-compliance.\r\nWith its experience and technology, the BWise GRC Platform immediately impacts the bottom line.\r\n<span style=\"font-weight: bold;\">BWISE SIMPLIFIES EXTERNAL AUDITS</span>\r\nCompany collaborates actively with all of the major international audit firms. The BWise solution will help improve reporting quality and ensure that the fiscal year-end closing is conducted efficiently and quickly.\r\n<span style=\"font-weight: bold;\">BWISE SUPPORTS AN INTEGRATED APPROACH</span>\r\nBy coordinating organizational strategies and processes, along with the necessary employees, departments, and technology, BWise offers an integrated GRC platform that increases transparency and promotes ethical conduct. \r\n<span style=\"font-weight: bold;\">BWISE REDUCES “IT” COSTS</span>\r\nBWise regularly updates their software and release versions for the benefit of all our clients. Solutions are architected so that they are configurable and guaranteed upgradable. This plus the benefits of risk and reputation management and compliance assurance ultimately provide a lower total cost of ownership.\r\n<span style=\"font-weight: bold;\">BWISE HAS THE EXPERTISE</span>\r\nBWise has been dedicated to providing dependable, proven GRC solutions to companies in all industries for more than 20 years. They employ a broad range of best practice applications that are continually updated, tested and enhanced. In addition, this solutions have been lauded by independent technology analysts and valued by customers worldwide.\r\n<span style=\"font-weight: bold;\">BWISE IS FLEXIBLE AND GLOBAL</span>\r\nDepending on an organization’s specific requirements, the BWise solution can be rolled out internationally, adapted to comply with local regulations, or work in multiple languages. Highly-experienced team can help clients start implementing a GRC initiative now – and provide for more extensive GRC practices in the future by activating additional capabilities in the installed solution.<br /><br /><br /><br />","shortDescription":"Financial and Reputation Risk in Control. Risk Management, Internal Control, Audit, Information Security with State-of-the-Art Governance, Risk Management and Compliance Software ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Governance, Risk Management and Compliance Software Platform","keywords":"","description":"Key organizational risks can have a dramatic financial and reputational effect on an organization. To ensure compliance and proper risk management, companies need to review enterprise-wide business processes on a regular basis, assess current and potential ris","og:title":"Governance, Risk Management and Compliance Software Platform","og:description":"Key organizational risks can have a dramatic financial and reputational effect on an organization. To ensure compliance and proper risk management, companies need to review enterprise-wide business processes on a regular basis, assess current and potential ris","og:image":"https://old.roi4cio.com/fileadmin/user_upload/BWise.png"},"eventUrl":"","translationId":4355,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":174,"title":"System and Network Management Software","alias":"system-and-network-management-software","description":"System and network management software is used to manage all the computing resources for the end-user, small business, workgroup, or enterprise, including systems, applications, and the network infrastructure. This market does not include storage management and other storage software. System and network management software break down into the following categories: event management, workload scheduling and automation, output management, performance management, change and configuration management, problem management, and network management.\r\nCommercial tools for system and network management can provide numerous desirable features (e.g., graphical network maps, scalability to manage hundreds or thousands of servers or networks, automated long-term collection of performance information, OS health and event log monitoring, alert generation).\r\nAnalysts found that the best solution is a combination of commercial technologies, in combination with internally developed tools, across several large enterprises, and learned that you must consider several important factors when you select commercial management tools. First, make sure that the commercial tool meets the bulk of your requirements. (The product probably won’t meet all your needs, which is why you also need in-house tools.) Second, how easily can you roll out the product, and how much training will your team need before you can capitalize on your investment? Analysts recommend that if you can evaluate demonstration software first, do so. If you can wait to purchase management software until you’ve tested it in your lab, ensured that it will integrate with your existing in-house or third-party tools, and successfully rolled it out to your production environment.","materialsDescription":" <span style=\"font-weight: bold;\">What is the difference between a network operating system and a network-management software?</span>\r\nDifference between network operating system and network management software:\r\n<span style=\"font-weight: bold;\">Network operating system</span>\r\n<ul><li>The network operating system is used to controls computer systems and network devices and permits them to communicate with one another.</li><li>The network operating system performs the same functions for the network as operating system software does for a computer...</li></ul>\r\n<span style=\"font-weight: bold;\">Network management software</span>\r\n<ul><li>Network management software is used to monitor, discover, provision and maintain computer networks.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/_System_and_Network_Management_Software.png"},{"id":265,"title":"Application Software","alias":"application-software","description":"Application software (app for short) is software designed to perform a group of coordinated functions, tasks, or activities for the benefit of the user. Examples of an application include a word processor, a spreadsheet, an accounting application, a web browser, an email client,a media player, a file viewer, an aeronautical flight simulator, a console game or a photo editor. The collective noun application software refers to all applications collectively. This contrasts with system software, which is mainly involved with running the computer.\r\nApplications may be bundled with the computer and its system software or published separately, and may be coded as proprietary, open-source or university projects. Apps built for mobile platforms are called mobile apps.\r\nIn information technology, an application (app), application program or software application is a computer program designed to help people perform an activity. An application thus differs from an operating system (which runs a computer), a utility (which performs maintenance or general-purpose chores), and a programming tool (with which computer programs are created). Depending on the activity for which it was designed, an application can manipulate text, numbers, audio, graphics, or a combination of these elements. Some application packages focus on a single task, such as word processing; others, called integrated software include several applications.\r\nUser-written software tailors systems to meet the user's specific needs. User-written software includes spreadsheet templates, word processor macros, scientific simulations, audio, graphics and animation scripts. Even email filters are a kind of user software. Users create this software themselves and often overlook how important it is.\r\nThe delineation between system software such as operating systems and application software is not exact, however, and is occasionally the object of controversy. For example, one of the key questions in the United States v. Microsoft Corp. antitrust trial was whether Microsoft's Internet Explorer web browser was part of its Windows operating system or a separable piece of application software. As another example, the GNU/Linux naming controversy is, in part, due to disagreement about the relationship between the Linux kernel and the operating systems built over this kernel. In some types of embedded systems, the application software and the operating system software may be indistinguishable to the user, as in the case of software used to control a VCR, DVD player or microwave oven. The above definitions may exclude some applications that may exist on some computers in large organizations.","materialsDescription":" <span style=\"font-weight: bold;\">What are the benefits of application software?</span>\r\n<ol><li>Give your representatives a chance to work from anyplace - when you utilize an online model, your laborers can sign on from anyplace on the planet and get the information they have to carry out their occupations.</li><li>No compelling reason to download and introduce any projects – when you introduce programming on a PC there is dependably the danger of inconsistency and harm to the framework. With electronic & web site design services with programming, there are no such dangers, since you never really need to download and introduce anything on your neighborhood PC.</li><li>Utilizations a compensation as you go show – odds are your organization has bunches of programming applications it scarcely utilizes, however despite everything you need to pay for those projects. With electronic applications, you can utilize compensation as you go demonstrate and simply pay for the product you really utilize. What's more, obviously there is a lot of free yet proficient programming accessible too.</li><li>There is nothing to possess and keep up – when you purchase programming, you likewise need to purchase costly upkeep and bolster bundle, yet with programming as an administration, or SaaS, there are no such costs. There is nothing to possess, and you essentially utilize the program as you see fit.</li><li>Adaptability is the capacity to scale up rapidly is fundamental for little new companies. In the event that you arrive a lucrative new contract, you should have the capacity to scale your activities up rapidly to deal with the additional work and scale things down similarly as fast when the task has finished. Electronic programming gives you a chance to do only that.</li></ol>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Application_Software.png"},{"id":722,"title":"Audit","alias":"audit","description":" Audit is a check of the activity of an organization or system for compliance with laws, regulations and rules. The word audit means “listening” in Latin.\r\nAuditing is a very important matter in financial and banking systems. Audits must be honest and incorruptible, so auditors often pay for high salaries so that they do not have the desire of the brothers.\r\nWebsite audit is a comprehensive analysis: checking HTML-code for errors and presence, as well as a number of checked files, such as robots.txt, correct coding, error handling of the 404th, page loading speed and so on.\r\nThe scope of the subject of the audit also happens to be general, banking, insurance, IT (<link https://roi4cio.com/en/categories/category/it-audit/ - external-link-new-window \"Opens internal link in current window\">IT audit</link> and <link https://roi4cio.com/en/categories/category/it-security-audit/ - external-link-new-window \"Opens internal link in current window\">IT security audit</link>) and other activities.","materialsDescription":"<span style=\"font-weight: bold;\">Types of audit:</span>\r\n<span style=\"font-weight: bold;\">Financial and investment audit</span>\r\nFinancial - this is an audit in the classical sense, that is, verification of financial statements and expression of opinion about its reliability. Closely adjacent to it is an investment audit - a conclusion on the targeted and efficient use of investment resources and an audit of professional participants in investment activities (exchanges, investment and construction companies). Also close to the financial audit is adjacent to the audit and inventory activities. Depending on whether an audit of a company's reporting is conducted by an independent auditor or its own employees, it is customary to distinguish between an independent (audit in the classic sense) and an internal audit.\r\n<span style=\"font-weight: bold;\">Industrial Audit</span>\r\nIndustrial audit is a more complex phenomenon, as it includes elements of financial (in terms of forming the cost of products, confirmation of the reasonableness of tariffs for services — for example, housing and communal services) and a purely technical audit.\r\nThe technical audit is understood by independent experts to check the production organization system, the quality control and management system, the technical and technological solutions used, as well as to check the technical condition of machinery, equipment, machinery, buildings and structures, engineering communications, systems and networks, as well as technical and design checks. documentation expressing opinions on the validity of the applied technical / technological solutions, methods of production management and compliance of technical a cic state of engineering complex systems and equipment to the requirements of regulatory acts.\r\nThis also includes a set of measures for auditing the information technology environment of an enterprise — IT audit of systems and services, as well as an understanding of the level of software and hardware support — the level of automation.\r\nInspection activities are closely related to industrial audit - that is, technical supervision activities (production, construction, assembly, commissioning) of technically complex products that have so-called hidden work (work that cannot be seen and accepted for quality in the future - for example, foundation work ) and the activities of independent acceptance of technically complex products (ships, turbines, technological complexes) and confirmation of the achievement of design parameters, as well as acceptance of shipments of goods from evidence supporting their properties, quantity and quality.\r\nThe types of industrial audits are environmental audits (confirmation of loads on the environment), energy audits, audit of operating costs and confirmation of tariffs (used mainly to justify prices for products of natural and other monopolies) and other types of special audits (for example, ESD- audit).\r\n<span style=\"font-weight: bold;\">Staff audit</span>\r\nPersonnel audit is the definition, assessment of the personal potential of employees and the compliance of employees with the corporate culture and values of the company.\r\nIn the course of this audit, the level of compliance of an employee with his position is established, personal qualities are assessed, and a comprehensive description of employees is given.\r\n<span style=\"font-weight: bold;\">PR audit</span>\r\nTasks - to check the implementation of project tasks, to analyze the effectiveness of the expenditure of funds allocated for the project. During the audit, such techniques as counting the number of messages, assessments, types of media, evaluation of materials for several components, statistical processing of motives are used. Along with the methods listed above, sociological surveys and point studies of representatives of the project’s target audience can be applied.\r\n<span style=\"font-weight: bold;\">Environmental audit</span>\r\nEnvironmental audit of an enterprise is a comprehensive and independent assessment of compliance with requirements, including the requirements of existing international standards, regulations and regulations in the field of environmental safety, environmental management and environmental protection, as well as the preparation of relevant recommendations and their documentation for improving the activities of enterprises and organizations in the environmental field.<br /> ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/100_Black_LineIcons_Business_original_vect59.png"},{"id":836,"title":"DRP - Digital Risk Protection","alias":"drp-digital-risk-protection","description":"Digital risks exist on social media and web channels, outside most organization's line of visibility. Organizations struggle to monitor these external, unregulated channels for risks targeting their business, their employees or their customers.\r\nCategories of risk include cyber (insider threat, phishing, malware, data loss), revenue (customer scams, piracy, counterfeit goods) brand (impersonations, slander) and physical (physical threats, natural disasters).\r\nDue to the explosive growth of digital risks, organizations need a flexible, automated approach that can monitor digital channels for organization-specific risks, trigger alerts and remediate malicious posts, profiles, content or apps.\r\nDigital risk protection (DRP) is the process of protecting social media and digital channels from security threats and business risks such as social engineering, external fraud, data loss, insider threat and reputation-based attacks. DRP reduces risks that emerge from digital transformation, protecting against the unwanted exposure of a company’s data, brand, and attack surface and providing actionable insight on threats from the open, deep, and dark web.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a digital risk?</span>\r\nDigital risks can take many forms. Most fundamentally, what makes a risk digital? Digital risk is any risk that plays out in one form or another online, outside of an organization’s IT infrastructure and beyond the security perimeter. This can be a cyber risk, like a phishing link or ransomware via LinkedIn, but can also include traditional risks with a digital component, such as credit card money flipping scams on Instagram.\r\n<span style=\"font-weight: bold;\">What are the features of Digital Risk Protection?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">The features are:</span></span>\r\n<ul><li>Protecting yourself from digital risk by building a watchtower, not a wall. A new Forrester report identifies two objectives for any digital risk protection effort: identifying risks and resolving them.</li><li>Digital risk comes in many forms, like unauthorized data disclosure, threat coordination from cybercriminals, risks inherent in the technology you use and in your third-party associates and even from your own employees.</li><li>The best solutions should automate the collection of data and draw from many sources; should have the capabilities to map, monitor, and mitigate digital risk and should be flexible enough to be applied in multiple use cases — factors that many threat intelligence solutions excel in.</li></ul>\r\n<span style=\"font-weight: bold;\">What elements constitute a digital risk?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Unauthorized Data Disclosure</span></span>\r\nThis includes the theft or leakage of any kind of sensitive data, like the personal financial information of a retail organization’s customers or the source code for a technology company’s proprietary products.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Threat Coordination Activity</span></span>\r\nMarketplaces and criminal forums on the dark web or even just on the open web are potent sources of risk. Here, a vulnerability identified by one group or individual who can’t act on it can reach the hands of someone who can. This includes the distribution of exploits in both targeted and untargeted campaigns.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supply Chain Issues</span></span>\r\nBusiness partners, third-party suppliers, and other vendors who interact directly with your organization but are not necessarily following the same security practices can open the door to increased risk.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Employee Risk</span></span>\r\nEven the most secure and unbreakable lock can still easily be opened if you just have the right key. Through social engineering efforts, identity or access management and manipulation, or malicious insider attacks coming from disgruntled employees, even the most robust cybersecurity program can be quickly subverted.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Technology Risks</span></span>\r\nThis broad category includes all of the risks you must consider across the different technologies your organization might rely on to get your work done, keep it running smoothly, and tell people about it.\r\n<ul><li><span style=\"font-weight: bold;\">Physical Infrastructure:</span> Countless industrial processes are now partly or completely automated, relying on SCADA, DCS, or PLC systems to run smoothly — and opening them up to cyber- attacks (like the STUXNET attack that derailed an entire country’s nuclear program).</li><li><span style=\"font-weight: bold;\">IT Infrastructure:</span> Maybe the most commonsensical source of digital risk, this includes all of the potential vulnerabilities in your software and hardware. The proliferation of the internet of things devices poses a growing and sometimes underappreciated risk here.</li><li><span style=\"font-weight: bold;\">Public-Facing Presence:</span> All of the points where you interact with your customers and other public entities, whether through social media, email campaigns, or other marketing strategies, represent potential sources of risk.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Digital_Risk_Protection.png"},{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4866,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Macmon_nac_smart.png","logo":true,"scheme":false,"title":"Macmon NAC Smart","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"macmon-nac-smart","companyTitle":"macmon secure","companyTypes":["vendor"],"companyId":5271,"companyAlias":"macmon-secure","description":"Until recently, the cost-benefit ratio for purchasing and implementing a Network Access Control (NAC) solution was too high for small and medium-sized businesses. But IT risks are rising in SMBs as well; it’s just that they lack the time, budget and personnel. Macmon NAC smart provides oversight, control and security for your network and is specially designed for small and medium-sized businesses.\r\nIn addition to offering comprehensive network transparency, guest and BYOD management and differentiated policy enforcement, the BSI (German Federal Office for Information Security) certified solution can be up and running quickly and in just a few hours without changes to your infrastructure.\r\n<span style=\"font-weight: bold;\">Your benefits with Macmon NAC Smart:</span>\r\n<ul><li>3 years of network access control in an all-inclusive package</li><li>The full range of features of the macmon Premium Bundle</li><li>Up to 150 or 250 nodes (extension possible)</li><li>Completely set up and ready for operation in max. 4 hours via a remote session</li><li>Choice of a high-quality appliance or a virtual version</li><li>3-year NBD warranty on the appliance</li></ul>\r\n<span style=\"font-weight: bold;\">With Macmon NAC Smart:</span>\r\n<ul><li>All network access points are protected against unauthorized access.</li><li>Unauthorized access to and from IoT devices is prevented.</li><li>Guests are given appropriate access to resources via a guest portal.</li><li>Suspicious changes in the network trigger alarms or other responses.</li><li>Employees can use their private devices easily and in a controlled manner.</li><li>Attackers and foreign devices are not allowed access.</li><li>Infected devices are automatically disconnected from the network.</li><li>External employees receive controlled access to selected resources.</li><li>Administrators see a graphical overview of the network – in real-time.</li><li>All devices can be found and located in the network.</li><li>Endpoints connected to VoIP telephones are precisely controlled.</li><li>IoT devices are detected and smartly operated by the rest of the IT infrastructure.</li><li>Port configuration and network documentation are performed automatically.</li><li>Employees who move automatically receive the same access to their usual resources.</li></ul>","shortDescription":"Macmon NAC Smart - network access control for small and medium-sized businesses.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Macmon NAC Smart","keywords":"","description":"Until recently, the cost-benefit ratio for purchasing and implementing a Network Access Control (NAC) solution was too high for small and medium-sized businesses. But IT risks are rising in SMBs as well; it’s just that they lack the time, budget and personnel.","og:title":"Macmon NAC Smart","og:description":"Until recently, the cost-benefit ratio for purchasing and implementing a Network Access Control (NAC) solution was too high for small and medium-sized businesses. But IT risks are rising in SMBs as well; it’s just that they lack the time, budget and personnel.","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Macmon_nac_smart.png"},"eventUrl":"","translationId":4866,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5122,"logo":false,"scheme":false,"title":"BKC — FloodMonitoring","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":0,"alias":"bkc-floodmonitoring","companyTitle":"BANCOMZVJAZOK","companyTypes":["supplier","vendor"],"companyId":7969,"companyAlias":"bankomsvjaz","description":" BKC - FloodMonitoring разработана специалистами Департамента систем технологического мониторинга для предсказания наводнения и своевременного реагирования. Данная сеть направляет информацию с постов в аналитическую систему прогнозирования наводнения.\r\nBKC - FloodMonitoring способна:\r\n<ul><li>Заблаговременно выявлять атмосферные фронты, которые могут сформировать наводнение.</li></ul>\r\n<ul><li>Прогнозировать количество осадков и уровня воды в реках.</li></ul>\r\n<ul><li>Оценивать и анализировать риски наводнения.</li></ul>\r\n<ul><li>Быстро рассчитывать зоны затопления и глубины по данным прогноза гидрометеорологической ситуации.</li></ul>\r\n<ul><li>Получать данные спутникового метеорологического мониторинга.</li></ul>\r\n<ul><li>Моделировать сценарии подтопления и оценивать эффективность гидрологического защиты.</li></ul>\r\n<ul><li>Отслеживать уровень воды в реках и количество осадков на прилегающих территориях.</li></ul>","shortDescription":"BKC — FloodMonitoring: комплексная система прогнозирования паводков для непрерывного сбора и передачи данных с гидрологических постов водоемов и их анализа.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"BKC — FloodMonitoring","keywords":"","description":" BKC - FloodMonitoring разработана специалистами Департамента систем технологического мониторинга для предсказания наводнения и своевременного реагирования. Данная сеть направляет информацию с постов в аналитическую систему прогнозирования наводнения.\r\nBKC - F","og:title":"BKC — FloodMonitoring","og:description":" BKC - FloodMonitoring разработана специалистами Департамента систем технологического мониторинга для предсказания наводнения и своевременного реагирования. Данная сеть направляет информацию с постов в аналитическую систему прогнозирования наводнения.\r\nBKC - F"},"eventUrl":"","translationId":7334,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":59,"title":"SCADA - Supervisory Control And Data Acquisition","alias":"scada-supervisory-control-and-data-acquisition","description":"<span style=\"font-weight: bold; \">SCADA</span> stands for <span style=\"font-weight: bold; \">Supervisory Control and Data Acquisition</span>, a term which describes the basic functions of a SCADA system. Companies use SCADA systems to control equipment across their sites and to collect and record data about their operations. SCADA is not a specific technology, but a type of application. Any application that gets operating data about a system in order to control and optimise that system is a SCADA application. That application may be a petrochemical distillation process, a water filtration system, a pipeline compressor, or just about anything else.\r\nSCADA solutions typically come in a combination of software and hardware elements, such as programmable logic controllers (PLCs) and remote terminal units (RTUs). Data acquisition in SCADA starts with PLCs and RTUs, which communicate with plant floor equipment such as factory machinery and sensors. Data gathered from the equipment is then sent to the next level, such as a control room, where operators can supervise the PLC and RTU controls using human-machine interfaces (HMIs). HMIs are an important element of SCADA systems. They are the screens that operators use to communicate with the SCADA system.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">The major components of a SCADA technology include:</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Master Terminal Unit (MTU).</span> It comprises a computer, PLC and a network server that helps MTU to communicate with the RTUs. MTU begins communication, collects and saves data, helps to interface with operators and to communicate data to other systems.</li><li><span style=\"font-weight: bold;\">Remote Terminal Unit (RTU).</span> RTU is used to collect information from these sensors and further sends the data to MTU. RTUs have the storage capacity facility. So, it stores the data and transmits the data when MTU sends the corresponding command.</li><li><span style=\"font-weight: bold;\">Communication Network (defined by its network topology).</span> In general, network means connection. When you tell a SCADA communication network, it is defined as a link between RTU in the field to MTU in the central location. The bidirectional wired or wireless communication channel is used for the networking purpose. Various other communication mediums like fiber optic cables, twisted pair cables, etc. are also used.</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Objectives of Supervisory Control and Data Acquisition system</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Monitor:</span> SCADA control system continuously monitors the physical parameters</li><li><span style=\"font-weight: bold;\">Measure:</span> It measures the parameter for processing</li><li><span style=\"font-weight: bold;\">Data Acquisition:</span> It acquires data from RTU, data loggers, etc</li><li><span style=\"font-weight: bold;\">Data Communication:</span> It helps to communicate and transmit a large amount of data between MTU and RTU units</li><li><span style=\"font-weight: bold;\">Controlling:</span> Online real-time monitoring and controlling of the process</li><li><span style=\"font-weight: bold;\">Automation:</span> It helps for automatic transmission and functionality</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Who Uses SCADA?</h1>\r\nSCADA systems are used by industrial organizations and companies in the public and private sectors to control and maintain efficiency, distribute data for smarter decisions, and communicate system issues to help mitigate downtime. Supervisory control systems work well in many different types of enterprises because they can range from simple configurations to large, complex installations. They are the backbone of many modern industries, including:\r\n<ul><li>Energy</li><li>Food and beverage</li><li>Manufacturing</li><li>Oil and gas</li><li>Power</li><li>Recycling</li><li>Transportation</li><li>Water and waste water</li><li>And many more</li></ul>\r\nVirtually anywhere you look in today's world, there is some type of SCADA monitoring system running behind the scenes: maintaining the refrigeration systems at the local supermarket, ensuring production and safety at a refinery, achieving quality standards at a waste water treatment plant, or even tracking your energy use at home, to give a few examples. Effective SCADA systems can result in significant savings of time and money. Numerous case studies have been published highlighting the benefits and savings of using a modern SCADA software.\r\n<h1 class=\"align-center\">Benefits of using SCADA software</h1>\r\nUsing modern SCADA software provides numerous benefits to businesses, and helps companies make the most of those benefits. Some of these advantages include:\r\n<span style=\"font-weight: bold; \">Easier engineering:</span> An advanced supervisory control application such provides easy-to-locate tools, wizards, graphic templates and other pre-configured elements, so engineers can create automation projects and set parameters quickly, even if they don't have programming experience. In addition, you can also easily maintain and expand existing applications as needed. The ability to automate the engineering process allows users, particularly system integrators and original equipment manufacturers (OEM), to set up complex projects much more efficiently and accurately.\r\n<span style=\"font-weight: bold; \">Improved data management:</span> A high-quality SCADA system makes it easier to collect, manage, access and analyze your operational data. It can enable automatic data recording and provide a central location for data storage. Additionally, it can transfer data to other systems such as MES and ERP as needed. \r\n<span style=\"font-weight: bold; \">Greater visibility:</span> One of the main advantages of using SCADA software is the improvement in visibility into your operations. It provides you with real-time information about your operations and enables you to conveniently view that information via an HMI. SCADA monitoring can also help in generating reports and analyzing data.\r\n<span style=\"font-weight: bold; \">Enhanced efficiency:</span> A SCADA system allows you to streamline processes through automated actions and user-friendly tools. The data that SCADA provides allows you to uncover opportunities for improving the efficiency of the operations, which can be used to make long-term changes to processes or even respond to real-time changes in conditions.\r\n<span style=\"font-weight: bold; \">Increased usability:</span> SCADA systems enable workers to control equipment more quickly, easily and safely through an HMI. Rather than having to control each piece of machinery manually, workers can manage them remotely and often control many pieces of equipment from a single location. Managers, even those who are not currently on the floor, also gain this capability.\r\n<span style=\"font-weight: bold; \">Reduced downtime:</span> A SCADA system can detect faults at an early stage and push instant alerts to the responsible personnel. Powered by predictive analytics, a SCADA system can also inform you of a potential issue of the machinery before it fails and causes larger problems. These features can help improve the overall equipment effectiveness (OEE) and reduce the amount of time and cost on troubleshooting and maintenance.\r\n<span style=\"font-weight: bold;\">Easy integration:</span> Connectivity to existing machine environments is key to removing data silos and maximizing productivity. \r\n<span style=\"font-weight: bold;\">Unified platform:</span>All of your data is also available in one platform, which helps you to get a clear overview of your operations and take full advantage of your data. All users also get real-time updates locally or remotely, ensuring everyone on your team is on the same page.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SCADA__-_Supervisory_Control_And_Data_Acquisition.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5634,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Kenexis.png","logo":true,"scheme":false,"title":"Kenexis Vertigo","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"kenexis-vertigo","companyTitle":"Kenexis","companyTypes":["vendor"],"companyId":8547,"companyAlias":"kenexis","description":"<b>Vertigo™ SIS Safety Lifecycle</b> software was developed by experienced process safety engineers and is deployed to provide a flexible and effective tool for managing the systems that safeguard process plants. It was specifically designed to manage your SIS in accordance with the industry standard ISA61511/ISA84. It provides users with a facility or enterprise solution for developing conceptual designs, documenting, tracking, proof testing, and maintaining documentation throughout the entire life of the system. \r\n<b>Instrumented Protective Functions (IPFs)</b> can either be entered manually or synchronized from Open PHA™ Premium. After selecting the Sensors, Logic Solvers, and Final Elements using either Kenexis Standard Failure Rate Data or your own data, you can perform SIL Verification Calculations in Vertigo. Vertigo keeps track Safety Requirement Specifications (SRS) and C&E Tables and every protective function, it’s status, events, revisions, testing, and bypass authorization. Status is immediately recognizable through the dashboard.\r\n<b>Features:</b>\r\n<ul> <li>Extensive Equipment Failure Rate Database </li> <li>SIL Verification Calculation Engine </li> <li>Enterprise, Multi-Site, Multi-User Web-Based Platform </li> <li>Safety Requirements Specifications (SRS) Documentation </li> </ul>\r\n<b>Failure Rate Database </b>\r\nVertigo utilizes an extensive database of instrument failure rate data developed over years of experience by Kenexis engineers. This database includes both generic and application specific failure rate data collected from both published industry sources as well as data collected by Kenexis from various client sites worldwide. In addition, vendor specific data is included for most popular makes/models of instruments. Vertigo also allows users to create custom databases specific to their plant or organization. \r\n<b>SIL Verification in Compliance with ISA TR84.00.02 </b>\r\nSIL Verification calculations can be performed in Vertigo using a simple, easy to use interface. All calculations performed by the Vertigo calculation engine have been extensively validated and are in conformance with the recommended practice of ISA TR84.00.02 Safety Instrumented Functions (SIF) – Safety Integrity Level (SIL) Evaluation Techniques. Arbor™ provides a process safety engineer designed fault-tree analysis tool for complex evaluations. \r\n<b>Robust SRS Data Structure</b>\r\nAllows users to quickly develop SRS documentation with intuitive data structure. Simplifies the process of creating SRS by avoiding duplicate entries while providing outputs in a variety of formats which are specific to the needs of the document user. Requirements are collected at the individual instrument level at the SIF level and at the overall system/project level. In addition to the written requirements of the system, Vertigo also automatically creates a compact and efficient functional logic representation of your system through cause and effect diagrams. ","shortDescription":"It provides users with a facility or enterprise solution for developing conceptual designs, documenting, tracking, proof testing, and maintaining documentation throughout the entire life of the system","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":6,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Kenexis Vertigo","keywords":"","description":"<b>Vertigo™ SIS Safety Lifecycle</b> software was developed by experienced process safety engineers and is deployed to provide a flexible and effective tool for managing the systems that safeguard process plants. It was specifically designed to manage your SIS","og:title":"Kenexis Vertigo","og:description":"<b>Vertigo™ SIS Safety Lifecycle</b> software was developed by experienced process safety engineers and is deployed to provide a flexible and effective tool for managing the systems that safeguard process plants. It was specifically designed to manage your SIS","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Kenexis.png"},"eventUrl":"","translationId":5633,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3843,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/pluribus_one.png","logo":true,"scheme":false,"title":"Pluribus One Attack Prophecy","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"pluribus-one-attack-prophecy","companyTitle":"Pluribus One","companyTypes":["supplier","vendor"],"companyId":5994,"companyAlias":"pluribus-one","description":"<b>Attack Prophecy®</b> is the most advanced system for the detection and protection against web attacks. It automatically learns the legitimate (normal) traffic profile by observing its live traces and works in three steps.\r\n<ul> <li>Learn the profile of legitimate traffic</li> <li>Detect anomalous events to highlight computer attacks</li> <li>Protect web services according to the detected anomalies</li> </ul>\r\n<b><i>Forget </i></b>the Web applications vulnerabilities\r\nTraditional Firewalls and Intrusion Detection Systems can do nothing in terms of protecting Web Applications during operations, as they inspect the traffic at a level which is actually not that of the application. Similarly, standard Web Application firewalls based on pre-configured sets of signatures can offer very poor protection, since they can eventually detect standard vulnerabilities (such as for instance those of a standard Content Management System installation) but not those present in custom application.\r\n<b><i>Forget </i>the rules</b>\r\nUsing its Machine Learning Engine, Attack Prophecy® is able to reconstruct autonomously the logic behind the monitored Web Services. This is what makes Attack Prophecy® different from other Web Application firewalls. There is not any pre-configured set of rules, which may be eventually effective only in protecting applications distributed on a large scale (such as, for instance, standard CMS installations). The protection model of Attack Prophecy® is built around the monitored services, which can be then effectively protected even against attack exploiting ad-hoc and non-public vulnerabilities.\r\n<b><i>Forget </i>the vulnerabilities of AI-based technologies</b>\r\nLeveraging the Pluribus One leading research on Security of Machine Learning, Attack Prophecy® features an improved AI-based detection engine with increased capabilities of:\r\n<ul> <li>Detecting attacks against the monitored Web Services: this offers enhanced protection and coverage against a broader range of attacks; ad-hoc detection algorithms can be also defined, upon request, to meet specific needs.</li> <li>Ensuring the safety of the learning and detection process: this makes Attack Prophecy® more resilient against attacks who attempt to evade the detection mechanism.</li> <li>Explaining the operators, in presence of anomalies, reasons why an alert has been raised: this increases the accountability of the solution.</li> </ul>\r\n<b>What detects?</b>\r\n<ul> <li>Attacks in the OWASP Top 10 </li> <li>Injection attacks </li> <li>Cross-Site Scripting (XSS) </li> <li>Sensitive Data Exposure </li> <li>Phishing </li> <li>Zero-day attacks </li> </ul>\r\n ","shortDescription":"Rewriting the rules of protection\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":3,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Pluribus One Attack Prophecy","keywords":"","description":"<b>Attack Prophecy®</b> is the most advanced system for the detection and protection against web attacks. It automatically learns the legitimate (normal) traffic profile by observing its live traces and works in three steps.\r\n<ul> <li>Learn the profile of legi","og:title":"Pluribus One Attack Prophecy","og:description":"<b>Attack Prophecy®</b> is the most advanced system for the detection and protection against web attacks. It automatically learns the legitimate (normal) traffic profile by observing its live traces and works in three steps.\r\n<ul> <li>Learn the profile of legi","og:image":"https://old.roi4cio.com/fileadmin/user_upload/pluribus_one.png"},"eventUrl":"","translationId":3842,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4611,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/presidio_logo.png","logo":true,"scheme":false,"title":"Presidio Data Center Solution Sets","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"presidio-data-center-solution-sets","companyTitle":"Presidio Inc.","companyTypes":["supplier","vendor"],"companyId":7004,"companyAlias":"presidio-inc","description":"Presidio data center solution sets provide a highly efficient, cost-effective alternative to the traditional data center infrastructure design and implementation process. Solution sets are available for traditional or hyperconverged environments, and integrate the latest technologies from Presidio’s industry-leading partners in customizable offerings that can be implemented quickly, with minimal risk and predictable costs. \r\nAs a leading North American IT solutions provider, Presidio offers digital infrastructure, cloud, and security solutions that help customers capture the value of digitally transforming their businesses and operations. \r\nPresidio delivers this technology expertise through a full life cycle of professional, managed, and ongoing support services, including strategy, consulting, design, and implementation.Presidio has deep experience in all the technologies included in Presidio Data Center Solution Sets, and can easily customize and configure the solutions on-site or stage them at a Presidio facility. \r\nOnly the latest complementary technologies—including Intel® Xeon® Processor Scalable family and Intel® SSDs—are integrated in each solution set to reduce risk for our customers and accelerate time to value.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Innovative financing options</span></p>\r\nIn addition to installing and con guring the solution sets, Presidio offers utility and consumption models with innovative financing options for both infrastructure refreshes and green eld deployments.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">BUNDLING THE BEST TECHNOLOGIES</span></p>\r\nPresidio Data Center Solution Sets integrate proven technologies from industry-leading partners with which Presidio has attained deep and broad training, certi cation, and expertise.\r\n<ul><li>Cisco Gold Partner</li><li>Intel Platinum Partner</li><li>Nutanix Elite Reseller Partner</li><li>APC Elite Data Center Partner</li><li>Dell EMC Titanium Partner</li><li>VMware Premier Partner</li></ul>\r\nPresidio provides flexible financing for capital and operating expenses, so businesses can have one predictable monthly bill and avoid the complexity of entering into separate financing agreements with each technology provider. The financing options include Capacity on Demand, where additional capacity can be staged and readied for use to support rapid growth.\r\n<p class=\"align-center\">POWERED BY INTEL</p>\r\nPresidio Data Center Solution Sets feature the Intel® Xeon® Processor Scalable family, the new foundation for secure, agile, multi-cloud data centers. The new processors, which represent the biggest data center platform advancement this decade from Intel, are architected for exceptional workload-optimized performance and hardware-enhanced security.To ensure the best data center storage possible, the solution sets integrate the latest Intel® SSDs, such as the Intel® Optane™ SSD DC P4800X series—the world’s most responsive data center SSD, with innovative Intel® Optane™ technology.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Innovative solutions configured to meet business demands</span></p>\r\nPresidio Data Center Solution Sets are available for both traditional and hyperconverged environments. Company leverages experience across our 1,600 engineers to identify complementary product offerings and con gure them to bring additional value to the customer. Each solution set is highly con gurable to meet speci c business requirements and deliver the optimal combination of performance, price, and reliability.<br /><br />","shortDescription":"PRESIDIO DATA CENTER SOLUTION SETS FEATURE PROVEN TECHNOLOGIES AND INNOVATIVE FINANCING OPPORTUNITIES FROM AN EXPERT PROVIDER.\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Presidio Data Center Solution Sets","keywords":"","description":"Presidio data center solution sets provide a highly efficient, cost-effective alternative to the traditional data center infrastructure design and implementation process. Solution sets are available for traditional or hyperconverged environments, and integrate","og:title":"Presidio Data Center Solution Sets","og:description":"Presidio data center solution sets provide a highly efficient, cost-effective alternative to the traditional data center infrastructure design and implementation process. Solution sets are available for traditional or hyperconverged environments, and integrate","og:image":"https://old.roi4cio.com/fileadmin/user_upload/presidio_logo.png"},"eventUrl":"","translationId":4612,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":4,"title":"Data center","alias":"data-center","description":" A data center (or datacenter) is a facility composed of networked computers and storage that businesses or other organizations use to organize, process, store and disseminate large amounts of data. A business typically relies heavily upon the applications, services and data contained within a data center, making it a focal point and critical asset for everyday operations.\r\nData centers are not a single thing, but rather, a conglomeration of elements. At a minimum, data centers serve as the principal repositories for all manner of IT equipment, including servers, storage subsystems, networking switches, routers and firewalls, as well as the cabling and physical racks used to organize and interconnect the IT equipment. A data center must also contain an adequate infrastructure, such as power distribution and supplemental power subsystems, including electrical switching; uninterruptable power supplies; backup generators and so on; ventilation and data center cooling systems, such as computer room air conditioners; and adequate provisioning for network carrier (telco) connectivity. All of this demands a physical facility with physical security and sufficient physical space to house the entire collection of infrastructure and equipment.","materialsDescription":" <span style=\"font-weight: bold;\">What are the requirements for modern data centers?</span>\r\nModernization and data center transformation enhances performance and energy efficiency.\r\nInformation security is also a concern, and for this reason a data center has to offer a secure environment which minimizes the chances of a security breach. A data center must therefore keep high standards for assuring the integrity and functionality of its hosted computer environment.\r\nIndustry research company International Data Corporation (IDC) puts the average age of a data center at nine years old. Gartner, another research company, says data centers older than seven years are obsolete. The growth in data (163 zettabytes by 2025) is one factor driving the need for data centers to modernize.\r\nFocus on modernization is not new: Concern about obsolete equipment was decried in 2007, and in 2011 Uptime Institute was concerned about the age of the equipment therein. By 2018 concern had shifted once again, this time to the age of the staff: "data center staff are aging faster than the equipment."\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Meeting standards for data centers</span></span>\r\nThe Telecommunications Industry Association's Telecommunications Infrastructure Standard for Data Centers specifies the minimum requirements for telecommunications infrastructure of data centers and computer rooms including single tenant enterprise data centers and multi-tenant Internet hosting data centers. The topology proposed in this document is intended to be applicable to any size data center.\r\nTelcordia GR-3160, NEBS Requirements for Telecommunications Data Center Equipment and Spaces, provides guidelines for data center spaces within telecommunications networks, and environmental requirements for the equipment intended for installation in those spaces. These criteria were developed jointly by Telcordia and industry representatives. They may be applied to data center spaces housing data processing or Information Technology (IT) equipment. The equipment may be used to:\r\n<ul><li>Operate and manage a carrier's telecommunication network</li><li>Provide data center based applications directly to the carrier's customers</li><li>Provide hosted applications for a third party to provide services to their customers</li><li>Provide a combination of these and similar data center applications</li></ul>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Data center transformation</span></span>\r\nData center transformation takes a step-by-step approach through integrated projects carried out over time. This differs from a traditional method of data center upgrades that takes a serial and siloed approach. The typical projects within a data center transformation initiative include standardization/consolidation, virtualization, automation and security.\r\n<ul><li>Standardization/consolidation: Reducing the number of data centers and avoiding server sprawl (both physical and virtual) often includes replacing aging data center equipment, and is aided by standardization.</li><li>Virtualization: Lowers capital and operational expenses, reduce energy consumption. Virtualized desktops can be hosted in data centers and rented out on a subscription basis. Investment bank Lazard Capital Markets estimated in 2008 that 48 percent of enterprise operations will be virtualized by 2012. Gartner views virtualization as a catalyst for modernization.</li><li>Automating: Automating tasks such as provisioning, configuration, patching, release management and compliance is needed, not just when facing fewer skilled IT workers.</li><li>Securing: Protection of virtual systems is integrated with existing security of physical infrastructures.</li></ul>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Machine room</span></span>\r\nThe term "Machine Room" is at times used to refer to the large room within a Data Center where the actual Central Processing Unit is located; this may be separate from where high-speed printers are located. Air conditioning is most important in the machine room.\r\nAside from air-conditioning, there must be monitoring equipment, one type of which is to detect water prior to flood-level situations. One company, for several decades, has had share-of-mind: Water Alert. The company, as of 2018, has 2 competing manufacturers (Invetex, Hydro-Temp) and 3 competing distributors (Longden,Northeast Flooring, Slayton). ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_center.png"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"},{"id":34,"title":"ITSM - IT Service Management","alias":"itsm-it-service-management","description":"<span style=\"font-weight: bold; \">IT service management (ITSM)</span> is the process of designing, delivering, managing, and improving the IT services an organization provides to its end users. ITSM is focused on aligning IT processes and services with business objectives to help an organization grow.\r\nITSM positions IT services as the key means of delivering and obtaining value, where an internal or external IT service provider works with business customers, at the same time taking responsibility for the associated costs and risks. ITSM works across the whole lifecycle of a service, from the original strategy, through design, transition and into live operation.\r\nTo ensure sustainable quality of IT services, ITSM establishes a set of practices, or processes, constituting a service management system. There are industrial, national and international standards for IT service management solutions, setting up requirements and good practices for the management system. \r\nITSM system is based on a set of principles, such as focusing on value and continual improvement. It is not just a set of processes – it is a cultural mindset to ensure that the desired outcome for the business is achieved. \r\n<span style=\"font-weight: bold; \">ITIL (IT Infrastructure Library)</span> is a framework of best practices and recommendations for managing an organization's IT operations and services. IT service management processes, when built based on the ITIL framework, pave the way for better IT service operations management and improved business. To summarize, ITIL is a set of guidelines for effective IT service management best practices. ITIL has evolved beyond the delivery of services to providing end-to-end value delivery. The focus is now on the co-creation of value through service relationships. \r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">ITSM processes typically include five stages, all based on the ITIL framework:</span></p>\r\n<span style=\"font-weight: bold; \">ITSM strategy.</span> This stage forms the foundation or the framework of an organization's ITSM process building. It involves defining the services that the organization will offer, strategically planning processes, and recognizing and developing the required assets to keep processes moving. \r\n<span style=\"font-weight: bold; \">Service design.</span> This stage's main aim is planning and designing the IT services the organization offers to meet business demands. It involves creating and designing new services as well as assessing current services and making relevant improvements.\r\n<span style=\"font-weight: bold; \">Service transition.</span> Once the designs for IT services and their processes have been finalized, it's important to build them and test them out to ensure that processes flow. IT teams need to ensure that the designs don't disrupt services in any way, especially when existing IT service processes are upgraded or redesigned. This calls for change management, evaluation, and risk management. \r\n<span style=\"font-weight: bold; \">Service operation. </span>This phase involves implementing the tried and tested new or modified designs in a live environment. While in this stage, the processes have already been tested and the issues fixed, but new processes are bound to have hiccups—especially when customers start using the services. \r\n<span style=\"font-weight: bold;\">Continual service improvement (CSI).</span> Implementing IT processes successfully shouldn't be the final stage in any organization. There's always room for improvement and new development based on issues that pop up, customer needs and demands, and user feedback.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Benefits of efficient ITSM processes</h1>\r\nIrrespective of the size of business, every organization is involved in IT service management in some way. ITSM ensures that incidents, service requests, problems, changes, and IT assets—in addition to other aspects of IT services—are managed in a streamlined way.\r\nIT teams in your organization can employ various workflows and best practices in ITSM, as outlined in ITIL. Effective IT service management can have positive effects on an IT organization's overall function.\r\nHere are the 10 key benefits of ITSM:\r\n<ul><li> Lower costs for IT operations</li><li> Higher returns on IT investments</li><li> Minimal service outages</li><li> Ability to establish well-defined, repeatable, and manageable IT processes</li><li> Efficient analysis of IT problems to reduce repeat incidents</li><li> Improved efficiency of IT help desk teams</li><li> Well-defined roles and responsibilities</li><li> Clear expectations on service levels and service availability</li><li> Risk-free implementation of IT changes</li><li> Better transparency into IT processes and services</li></ul>\r\n<h1 class=\"align-center\">How to choose an ITSM tool?</h1>\r\nWith a competent IT service management goal in mind, it's important to invest in a service desk solution that caters to your business needs. It goes without saying, with more than 150 service desk tools to choose from, selecting the right one is easier said than done. Here are a few things to keep in mind when choosing an ITSM products:\r\n<span style=\"font-weight: bold; \">Identify key processes and their dependencies. </span>Based on business goals, decide which key ITSM processes need to be implemented and chart out the integrations that need to be established to achieve those goals. \r\n<span style=\"font-weight: bold; \">Consult with ITSM experts.</span> Participate in business expos, webinars, demos, etc., and educate yourself about the various options that are available in the market. Reports from expert analysts such as Gartner and Forrester are particularly useful as they include reviews of almost every solution, ranked based on multiple criteria.\r\n<span style=\"font-weight: bold; \">Choose a deployment option.</span> Every business has a different IT infrastructure model. Selecting an on-premises or software as a service (SaaS IT service management) tool depends on whether your business prefers to host its applications and data on its own servers or use a public or private cloud.\r\n<span style=\"font-weight: bold; \">Plan ahead for the future.</span> Although it's important to consider the "needs" primarily, you shouldn't rule out the secondary or luxury capabilities. If the ITSM tool doesn't have the potential to adapt to your needs as your organization grows, it can pull you back from progressing. Draw a clear picture of where your business is headed and choose an service ITSM that is flexible and technology-driven.\r\n<span style=\"font-weight: bold;\">Don't stop with the capabilities of the ITSM tool.</span> It might be tempting to assess an ITSM tool based on its capabilities and features but it's important to evaluate the vendor of the tool. A good IT support team, and a vendor that is endorsed for their customer-vendor relationship can take your IT services far. Check Gartner's magic quadrant and other analyst reports, along with product and support reviews to ensure that the said tool provides good customer support.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_ITSM.png"},{"id":293,"title":"System Software","alias":"system-software","description":" System software is a type of computer program that is designed to run a computer’s hardware and application programs. If we think of the computer system as a layered model, the system software is the interface between the hardware and user applications. The operating system (OS) is the best-known example of system software. The OS manages all the other programs on a computer.\r\nOther examples of system software include:\r\n<ul><li>The BIOS (basic input/output system) gets the computer system started after you turn it on and manages the data flow between the operating system and attached devices such as the hard disk, video adapter, keyboard, mouse and printer.</li><li>The boot program loads the operating system into the computer's main memory or random access memory (RAM).</li><li>An assembler takes basic computer instructions and converts them into a pattern of bits that the computer's processor can use to perform its basic operations.</li><li>A device driver controls a particular type of device that is attached to your computers, such as a keyboard or a mouse. The driver program converts the more general input/output instructions of the operating system to messages that the device type can understand.</li></ul>\r\nAdditionally, system software can also include system utilities, such as the disk defragmenter and System Restore, and development tools, such as compilers and debuggers.\r\nSystem software and application programs are the two main types of computer software. Unlike system software, an application program (often just called an application or app) performs a particular function for the user. Examples include browsers, email clients, word processors, and spreadsheets.","materialsDescription":" \r\n<span style=\"font-weight: bold; \">What is system software?</span>\r\nSystem software is software designed to provide a platform for other software. Examples of system software include operating systems like macOS, GNU/Linux and Microsoft Windows, computational science software, game engines, industrial automation, and software as a service applications.\r\nIn contrast to system software, software that allows users to do user-oriented tasks such as create text documents, play games, listen to music, or browse the web are collectively referred to as application software.\r\nIn the early days of computing most application software was custom-written by computer users to fit their specific hardware and requirements. In contrast, system software was usually supplied by the manufacturer of the computer hardware and was intended to be used by most or all users of that system.\r\nThe line where the distinction should be drawn is not always clear. Many operating systems bundle[jargon] application software. Such software is not considered system software when it can be uninstalled usually without affecting the functioning of other software. Exceptions could be e.g. web browsers such as Internet Explorer where Microsoft argued in court that it was system software that could not be uninstalled. Later examples are Chrome OS and Firefox OS where the browser functions as the only user interface and the only way to run programs (and other web browsers can not be installed in their place), then they can well be argued to be (part of) the operating system and hence system software.\r\nAnother borderline example is cloud-based software. This software provides services to a software client (usually a web browser or a JavaScript application running in the web browser), not to the user directly, and is therefore systems software. It is also developed using system programming methodologies and systems programming languages. Yet from the perspective of functionality there is little difference between a word processing application and word processing web application.\r\n<span style=\"font-weight: bold; \">Operating systems or system control program</span>\r\nThe operating system (prominent examples being Microsoft Windows, macOS, Linux, and z/OS), allows the parts of a computer to work together by performing tasks like transferring data between memory and disks or rendering output onto a display device. It provides a platform (hardware abstraction layer) to run high-level system software and application software.\r\nA kernel is the core part of the operating system that defines an API for applications programs (including some system software) and an interface to device drivers.\r\nDevice drivers, including also computer BIOS and device firmware, provide basic functionality to operate and control the hardware connected to or built into the computer.\r\nA user interface "allows users to interact with a computer." Either a command-line interface (CLI) or, since the 1980s a graphical user interface (GUI). Since this is the part of the operating system the user directly interacts with, it may be considered an application and therefore not system software.\r\n<span style=\"font-weight: bold;\">Utility software or system support programs</span>\r\nFor historical reasons, some organizations use the term systems programmer to describe a job function which is more accurately termed systems administrator. Software tools these employees use are then called system software. This so-called Utility software helps to analyze, configure, optimize and maintain the computer, such as virus protection. In some publications, the term system software also includes software development tools (like a compiler, linker or debugger).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_System_and_Network_Management_Software.png"},{"id":836,"title":"DRP - Digital Risk Protection","alias":"drp-digital-risk-protection","description":"Digital risks exist on social media and web channels, outside most organization's line of visibility. Organizations struggle to monitor these external, unregulated channels for risks targeting their business, their employees or their customers.\r\nCategories of risk include cyber (insider threat, phishing, malware, data loss), revenue (customer scams, piracy, counterfeit goods) brand (impersonations, slander) and physical (physical threats, natural disasters).\r\nDue to the explosive growth of digital risks, organizations need a flexible, automated approach that can monitor digital channels for organization-specific risks, trigger alerts and remediate malicious posts, profiles, content or apps.\r\nDigital risk protection (DRP) is the process of protecting social media and digital channels from security threats and business risks such as social engineering, external fraud, data loss, insider threat and reputation-based attacks. DRP reduces risks that emerge from digital transformation, protecting against the unwanted exposure of a company’s data, brand, and attack surface and providing actionable insight on threats from the open, deep, and dark web.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a digital risk?</span>\r\nDigital risks can take many forms. Most fundamentally, what makes a risk digital? Digital risk is any risk that plays out in one form or another online, outside of an organization’s IT infrastructure and beyond the security perimeter. This can be a cyber risk, like a phishing link or ransomware via LinkedIn, but can also include traditional risks with a digital component, such as credit card money flipping scams on Instagram.\r\n<span style=\"font-weight: bold;\">What are the features of Digital Risk Protection?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">The features are:</span></span>\r\n<ul><li>Protecting yourself from digital risk by building a watchtower, not a wall. A new Forrester report identifies two objectives for any digital risk protection effort: identifying risks and resolving them.</li><li>Digital risk comes in many forms, like unauthorized data disclosure, threat coordination from cybercriminals, risks inherent in the technology you use and in your third-party associates and even from your own employees.</li><li>The best solutions should automate the collection of data and draw from many sources; should have the capabilities to map, monitor, and mitigate digital risk and should be flexible enough to be applied in multiple use cases — factors that many threat intelligence solutions excel in.</li></ul>\r\n<span style=\"font-weight: bold;\">What elements constitute a digital risk?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Unauthorized Data Disclosure</span></span>\r\nThis includes the theft or leakage of any kind of sensitive data, like the personal financial information of a retail organization’s customers or the source code for a technology company’s proprietary products.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Threat Coordination Activity</span></span>\r\nMarketplaces and criminal forums on the dark web or even just on the open web are potent sources of risk. Here, a vulnerability identified by one group or individual who can’t act on it can reach the hands of someone who can. This includes the distribution of exploits in both targeted and untargeted campaigns.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supply Chain Issues</span></span>\r\nBusiness partners, third-party suppliers, and other vendors who interact directly with your organization but are not necessarily following the same security practices can open the door to increased risk.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Employee Risk</span></span>\r\nEven the most secure and unbreakable lock can still easily be opened if you just have the right key. Through social engineering efforts, identity or access management and manipulation, or malicious insider attacks coming from disgruntled employees, even the most robust cybersecurity program can be quickly subverted.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Technology Risks</span></span>\r\nThis broad category includes all of the risks you must consider across the different technologies your organization might rely on to get your work done, keep it running smoothly, and tell people about it.\r\n<ul><li><span style=\"font-weight: bold;\">Physical Infrastructure:</span> Countless industrial processes are now partly or completely automated, relying on SCADA, DCS, or PLC systems to run smoothly — and opening them up to cyber- attacks (like the STUXNET attack that derailed an entire country’s nuclear program).</li><li><span style=\"font-weight: bold;\">IT Infrastructure:</span> Maybe the most commonsensical source of digital risk, this includes all of the potential vulnerabilities in your software and hardware. The proliferation of the internet of things devices poses a growing and sometimes underappreciated risk here.</li><li><span style=\"font-weight: bold;\">Public-Facing Presence:</span> All of the points where you interact with your customers and other public entities, whether through social media, email campaigns, or other marketing strategies, represent potential sources of risk.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Digital_Risk_Protection.png"},{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4867,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/mb_connect_line.png","logo":true,"scheme":false,"title":"MB Connect Line mbNET.rokey","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"mb-connect-line-mbnetrokey","companyTitle":"MB Connect Line","companyTypes":["supplier","vendor"],"companyId":5272,"companyAlias":"mb-connect-line","description":"Giving local staff the possibility to allow or disallow remote access is a recommendation of cybersecurity agencies such as the German BSI, the French ANSSI or the European ENISA. By offering a 2-level access control mbNET.rokey complies with recommended practices for secure remote services.\r\n<ul><li>On-board 2-level remote access key</li><li>On-board hardware secure element</li><li>Upgradable to full IoT-Gateway capabilities (see mbEDGE)</li><li>Internet connection via Ethernet, WAN interface or modem</li><li>Firewall with IP filter, Simple-NAT, 1:1 NAT and port forwarding</li><li>4 digital inputs, 2 digital outputs</li><li>SD card slot for expanding the data memory</li><li>Extended temperature range (-40°C bis +75°C)</li><li>Multi-colored LEDs for clear state-signaling</li><li>USBoverIP-capable</li></ul>\r\nmbNET.rokey with serial interface\r\n<ul><li>4x LAN</li><li>1x WAN</li><li>1x RS 232/485</li></ul>\r\nmbNET.rokey with MPI/Profibus interface\r\n<ul><li>4x LAN</li><li>1x WAN</li><li>1x MPI/PROFIBUS</li></ul>\r\nmbNET.rokey with LAN and WAN\r\n<ul><li>4x LAN</li><li>1x WAN</li></ul>","shortDescription":"mbNET.rokey - secure remote access with key switch.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":17,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"MB Connect Line mbNET.rokey","keywords":"","description":"Giving local staff the possibility to allow or disallow remote access is a recommendation of cybersecurity agencies such as the German BSI, the French ANSSI or the European ENISA. By offering a 2-level access control mbNET.rokey complies with recommended pract","og:title":"MB Connect Line mbNET.rokey","og:description":"Giving local staff the possibility to allow or disallow remote access is a recommendation of cybersecurity agencies such as the German BSI, the French ANSSI or the European ENISA. By offering a 2-level access control mbNET.rokey complies with recommended pract","og:image":"https://old.roi4cio.com/fileadmin/user_upload/mb_connect_line.png"},"eventUrl":"","translationId":4868,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":178,"title":"IoT - Internet of Things","alias":"iot-internet-of-things","description":"The Internet of things (IoT) is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, Internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the Internet, and they can be remotely monitored and controlled.\r\nThe definition of the Internet of things has evolved due to the convergence of multiple technologies, real-time analytics, machine learning, commodity sensors, and embedded systems. Traditional fields of embedded systems, wireless sensor networks, control systems, automation (including home and building automation). and others all contribute to enabling the Internet of things. In the consumer market, IoT technology is most synonymous with products pertaining to the concept of the "smart home", covering devices and appliances (such as lighting fixtures, thermostats, home security systems and cameras, and other home appliances) that support one or more common ecosystems, and can be controlled via devices associated with that ecosystem, such as smartphones and smart speakers.\r\nThe IoT concept has faced prominent criticism, especially in regards to privacy and security concerns related to these devices and their intention of pervasive presence.","materialsDescription":"<span style=\"font-weight: bold;\">What is the Internet of Things (IoT)?</span>\r\nThe Internet of things refers to the network of things (physical objects) that can be connected to the Internet to collect and share data without human-to-human or human-to-computer interaction.\r\n<span style=\"font-weight: bold;\">Why is it called the Internet of Things?</span>\r\nThe term Internet of things was coined by Kevin Ashton in 1999. Stemming from Kevin Ashton’s experience with RFID, the term Internet of things originally described the concept of tagging every object in a person’s life with machine-readable codes. This would allow computers to easily manage and inventory all of these things.\r\nThe term IoT today has evolved to a much broader prospect. It now encompasses ubiquitous connectivity, devices, sensors, analytics, machine learning, and many other technologies.\r\n<span style=\"font-weight: bold;\">What is an IoT solution?</span>\r\nAn IoT solution is a combination of devices or other data sources, outfitted with sensors and Internet connected hardware to securely report information back to an IoT platform. This information is often a physical metric which can help users answer a question or solve a specific problem.\r\n<span style=\"font-weight: bold;\">What is an IoT Proof of Concept (PoC)?</span>\r\nThe purpose of a PoC is to experiment with a solution in your environment, collect data, and evaluate performance from a set timeline on a set budget. A PoC is a low-risk way to introduce IoT to an organization.\r\n<span style=\"font-weight: bold;\">What is an IoT cloud platform?</span>\r\nAn IoT platform provides users with one or more of these key elements — visualization tools, data security features, a workflow engine and a custom user interface to utilize the information collected from devices and other data sources in the field. These platforms are based in the cloud and can be accessed from anywhere.\r\n<span style=\"font-weight: bold;\">What is industrial equipment monitoring?</span>\r\nIndustrial equipment monitoring uses a network of connected sensors - either native to a piece of equipment or retrofitted - to inform owners/operators of a machine’s output, component conditions, need for service or impending failure. Industrial equipment monitoring is an IoT solution which can utilize an IoT platform to unify disparate data and enable decision-makers to respond to real-time data.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IoT_-_Internet_of_Things.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5123,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Mobilnyi_terminal_VRT800.PNG","logo":true,"scheme":false,"title":"Мобильный терминал ВРТ800","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":0,"alias":"mobilnyi-terminal-vrt800","companyTitle":"BANCOMZVJAZOK","companyTypes":["supplier","vendor"],"companyId":7969,"companyAlias":"bankomsvjaz","description":" Мобильный терминал К.BPT800 — мобильное решение для регистрации и контроля лиц, пересекающих контрольно-пропускные пункты. Обеспечивает качественную и быструю фиксацию биометрических данных.<br /><br /><span style=\"font-weight: bold;\">Функции</span><br />\r\n<ul><li>Автоматическое считывание с машиносчитываемой зоны (MRZ) и чипов электронных документов (RFID)</li></ul>\r\n<ul><li>Распознавание текстовых и биометрических данных (ICAO Document 9303)</li></ul>\r\n<ul><li>Сканирование отпечатков пальцев (FBI)</li></ul>\r\n<ul><li>Проверка соответствия и достоверности документов по базам данных</li></ul>\r\n<ul><li>Поддержка возможности ввода данных вручную</li></ul>\r\n<ul><li>Опредедение и фиксация координат GPS</li></ul>\r\n<ul><li>Время непрерывной работы - 8 часов</li></ul>\r\n<ul><li>Передача данных посредством GSM, GPRS, Wi-Fi</li></ul>\r\n<ul><li>Голосовые вызовы через GSM сеть</li></ul>\r\n<br /><span style=\"font-weight: bold;\">ОБЛАСТИ ПРИМЕНЕНИЯ</span>\r\nПограничный контроль в пунктах пропуска для:\r\n<ul><li>Воздушного</li></ul>\r\n<ul><li>Морского, речного</li></ul>\r\n<ul><li>Железнодорожного</li></ul>\r\n<ul><li>Автомобильного</li></ul>\r\n<ul><li>Пешеходного сообщения</li></ul>\r\nПравоохранительные органы<br />Банки<br />Отели<br />Медицинские учреждения<br />Государственные учреждения","shortDescription":"Мобильный терминал ВРТ800 предназначен для автоматизации регистрации и контроля лиц, которые пересекают контрольно-пропускные пункты. ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":5,"sellingCount":11,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Мобильный терминал ВРТ800","keywords":"","description":" Мобильный терминал К.BPT800 — мобильное решение для регистрации и контроля лиц, пересекающих контрольно-пропускные пункты. Обеспечивает качественную и быструю фиксацию биометрических данных.<br /><br /><span style=\"font-weight: bold;\">Функции</span><br />\r\n<u","og:title":"Мобильный терминал ВРТ800","og:description":" Мобильный терминал К.BPT800 — мобильное решение для регистрации и контроля лиц, пересекающих контрольно-пропускные пункты. Обеспечивает качественную и быструю фиксацию биометрических данных.<br /><br /><span style=\"font-weight: bold;\">Функции</span><br />\r\n<u","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Mobilnyi_terminal_VRT800.PNG"},"eventUrl":"","translationId":7335,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":44,"title":"IAM - Identity and Access Management","alias":"iam-identity-and-access-management","description":"<span style=\"font-weight: bold; \">Identity management</span> (IdM), also known as <span style=\"font-weight: bold; \">identity and access management</span> (IAM or IdAM), is a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources. IdM systems fall under the overarching umbrellas of IT security and Data Management.\r\nWith an IAM framework in place, information technology (IT) managers can control user access to critical information within their organizations. Identity and access management software offers role-based access control, which lets system administrators regulate access to systems or networks based on the roles of individual users within the enterprise. In this context, access is the ability of an individual user to perform a specific task, such as view, create or modify a file. Roles are defined according to job competency, authority and responsibility within the enterprise.\r\nSystems used for identity and access management include single sign-on systems, multi-factor authentication and privileged access management (PAM). These technologies also provide the ability to securely store identity and profile data as well as data governance functions to ensure that only data that is necessary and relevant is shared. IAM systems can be deployed on premises, provided by a third-party vendor through a cloud-based subscription model or deployed in a hybrid cloud.\r\n<span style=\"font-weight: bold; \">Basic components of IAM.</span> On a fundamental level, IAM encompasses the following components:\r\n<ul><li>How individuals are identified in a system.</li><li>How roles are identified in a system and how they are assigned to individuals.</li><li>Adding, removing and updating individuals and their roles in a system.</li><li>Assigning levels of access to individuals or groups of individuals.</li><li>Protecting the sensitive data within the system and securing the system itself.</li></ul>\r\nAccess identity management system should consist of all the necessary controls and tools to capture and record user login information, manage the enterprise database of user identities and orchestrate the assignment and removal of access privileges. That means that systems used for IAM should provide a centralized directory service with oversight as well as visibility into all aspects of the company user base.\r\nTechnologies for identity access and management should simplify the user provisioning and account setup process. User access management software should reduce the time it takes to complete these processes with a controlled workflow that decreases errors as well as the potential for abuse while allowing automated account fulfillment. An identity and access management system should also allow administrators to instantly view and change access rights.\r\nIAM systems should be used to provide flexibility to establish groups with specific privileges for specific roles so that access rights based on employee job functions can be uniformly assigned. Identity access management software should also provide request and approval processes for modifying privileges because employees with the same title and job location may need customized, or slightly different, access.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between identity and access management?</span></h1>\r\nAfter authentication, there needs to be an access control decision. The decision is based on the information available about the user. The difference between identity management and access management is thus:\r\n<ul><li>Identity Management is about managing the attributes related to the user.</li><li>Access Management is about evaluating the attributes based on policies and making Yes/No decisions.</li></ul>\r\nThere are three types of Access Control Systems: \r\n<ul><li>Discretionary Access Control (DAC)</li><li>Mandatory Access Control (MAC)</li><li>Role-Based Access Control (RBAC)</li></ul>\r\n<h1 class=\"align-center\">What are the main benefits of identity management?</h1>\r\nIdentity access and management are useful in many ways: it ensures regulatory compliance, enables cost savings, and simplifies the lives of your customers by enhancing their experience. These are the main benefits of having an IAM solution:\r\n<ul><li><span style=\"font-weight: bold; \">Easily accessible anywhere</span></li></ul>\r\nNowadays, people need their identities all the time to use services and resources. In that sense, they require access to any platform without limits using their IDs, thus eliminating barriers for customers to enter the platform anytime, anywhere.\r\n<ul><li><span style=\"font-weight: bold; \">It encourages the connection between the different parts</span></li></ul>\r\nThe digital transformation that is taking place among more and more organizations forces the need for people, applications and devices to stay connected to each other. And, as expected, all of these processes bring with them some security threats.\r\nHowever, IAM software is a solution that guarantees correct administration with the best identity providers, such as Salesforce, Twitter and Google. Authentication and security are two of the strengths of Identity and Access Management, as well as being extendable and ready for future advances. \r\n<ul><li><span style=\"font-weight: bold; \">It improves productivity</span></li></ul>\r\nIdentity software automates the entry of new personnel and facilitates access to all components of the system with which the company operates. This allows reducing times in the delivery of access so that they begin to produce immediately. For this reason, business agility is also increased by using the advantages that technology makes available to meet the demands of today’s world. \r\n<ul><li><span style=\"font-weight: bold; \">It optimizes user experience</span></li></ul>\r\nRemembering so many usernames and passwords to access social networks, banks and other services on the Internet becomes a challenge for people. Thanks to user identity management system, people can get an identity that provides access to different systems. Single sign-on (SSO) allows customers and partners to access different internal and external applications with the same access method. That way the user experience will not be affected.\r\n<ul><li><span style=\"font-weight: bold; \">Secure your brand at all levels</span></li></ul>\r\nThere will be no risk of security breach, regardless of whether a connection is made from multiple identity providers. Identity management software and access management software enables strong authentication to keep your business and brand secure. Detailed verification of all identities entering the system is performed, in addition to allowing various licenses to limit access levels. At the same time, it monitors through analysis, fraud detection and alert functions that indicate a possible real risk. In short, enterprise identity management system is a reliable tool that employs technology to support digital transformation. A software that provides agility, security and satisfaction to the company’s customers. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_IAM.png"},{"id":47,"title":"Access Control Systems","alias":"access-control-systems","description":"Access control is a security technique that regulates who or what can view or use resources in a computing environment. It is a fundamental concept in security that minimizes risk to the business or organization.\r\nThere are two types of access control: physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access control limits connections to computer networks, system files and data.\r\nTo secure a facility, organizations use electronic access control systems that rely on user credentials, access card readers, auditing and reports to track employee access to restricted business locations and proprietary areas, such as data centers. Some of these systems incorporate access control panels to restrict entry to rooms and buildings as well as alarms and lockdown capabilities to prevent unauthorized access or operations.\r\nAccess control systems perform identification authentication and authorization of users and entities by evaluating required login credentials that can include passwords, personal identification numbers (PINs), biometric scans, security tokens or other authentication factors. Multifactor authentication, which requires two or more authentication factors, is often an important part of layered defense to protect access control systems.\r\nThese security controls work by identifying an individual or entity, verifying that the person or application is who or what it claims to be, and authorizing the access level and set of actions associated with the username or IP address. Directory services and protocols, including the Local Directory Access Protocol (LDAP) and the Security Assertion Markup Language (SAML), provide access controls for authenticating and authorizing users and entities and enabling them to connect to computer resources, such as distributed applications and web servers.\r\nOrganizations use different access control models depending on their compliance requirements and the security levels of information technology they are trying to protect.\r\nThe goal of access control is to minimize the risk of unauthorized access to physical and logical systems. Access control is a fundamental component of security compliance programs that ensures security technology and access control policies are in place to protect confidential information, such as customer data. Most organizations have infrastructure and procedures that limit access to networks, computer systems, applications, files and sensitive data, such as personally identifiable information and intellectual property.\r\nAccess control systems are complex and can be challenging to manage in dynamic IT environments that involve on-premises systems and cloud services. After some high-profile breaches, technology vendors have shifted away from single sign-on systems to unified access management, which offers access controls for on-premises and cloud environments.\r\nAccess control is a process that is integrated into an organization's IT environment. It can involve identity and access management systems. These systems provide access control software, a user database, and management tools for access control policies, auditing and enforcement.\r\nWhen a user is added to an access management system, system administrators use an automated provisioning system to set up permissions based on access control frameworks, job responsibilities and workflows.\r\nThe best practice of "least privilege" restricts access to only resources that an employee requires to perform their immediate job functions.\r\nA common security issue is failure to revoke credentials and access to systems and data when an individual moves into a different job internally or leaves the company.","materialsDescription":"<span style=\"font-weight: bold;\">What is an ACS?</span>\r\nInterpretation of the abbreviation "ACS" - access control system. Includes hardware and software.\r\n<span style=\"font-weight: bold;\">How does ACS work?</span>\r\nThe system allows only people and cars that it “recognizes” into the territory to be able to identify.\r\nFor access we use contact and contactless keys, cards, fingerprints, secret code. Doorphones unlock the locks manually - when you click the "Open" button.\r\nThe intellectual access control system generates daily reports for each employee. Upon arrival at work, the staff opens the door with personal cards or puts the cards to the reader at the reception. We fix the time of breaks and the end of the working day.\r\n<span style=\"font-weight: bold;\">What are the types of access control?</span>\r\nAccess control systems are divided into autonomous and networked:\r\n<span style=\"font-style: italic;\">Autonomous access control systems</span> are not connected to the computer. Suitable for small offices, cafes, shops, hotels. Autonomous systems are used on sites with 1–2 inputs.\r\n<span style=\"font-style: italic;\">Network access control systems</span> are connected to a computer. Such systems serve complex objects: business centers, manufacturing, research institutes, hospitals, etc.\r\n<span style=\"font-weight: bold;\">What is the access control system?</span>\r\nMain components:\r\n1. Blocking devices. Electromagnetic and electromechanical locks, barriers, gates, etc.\r\n2. Identifiers:\r\n<ul><li>Touch Memory contact keys - standard intercom keys;</li><li>Touch Memory Access Keys;</li><li>RFID contactless keys;</li><li>Biometric sensor - fingerprint access;</li><li>Keyboard for entering code.</li></ul>\r\n3. Readers. Card readers, scanners, etc.\r\n4. Controllers. Unlock the blocking device automatically or manually. Manual input is used in intercoms.\r\n<span style=\"font-weight: bold;\">Is it possible to combine an access control system with a security alarm?</span>\r\nThe unified access control system + security alarm system responds to an attempt to illegally pass through the access control point: open the door, unlock the turnstile. The alarm signal instantly arrives on the control panel of the security company, mobile phone manager or another responsible person.\r\n<span style=\"font-weight: bold;\">Why combine access control with video surveillance?</span>\r\nWhen integrating with video surveillance, you get video recordings of all passes through access control points. Information from the cameras is transmitted to the monitors of the security in real time - the situation at the facility is easy to control.\r\n<span style=\"font-weight: bold;\">Why do you need ACS maintenance?</span>\r\nMaintenance prolongs the life of the system. The equipment is inspected once a month, if necessary, fix minor problems and replace components. You save on capital repairs at the expense of preventive.<br /> ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Access_Control_Systems.png"},{"id":540,"title":"Security Hardware","alias":"security-hardware","description":"Hardware security as a discipline originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity and measures to ensure that the supply chain that built the product is secure, among other things.\r\nA hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.\r\nSome providers in this discipline consider that the key difference between hardware security and software security is that hardware security is implemented using "non-Turing-machine" logic (raw combinatorial logic or simple state machines). One approach, referred to as "hardsec", uses FPGAs to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.\r\nHardware backdoors are backdoors in hardware. Conceptionally related, a hardware Trojan (HT) is a malicious modification of an electronic system, particularly in the context of an integrated circuit.\r\nA physical unclonable function (PUF) is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect, it is the hardware analog of a one-way function. The name "physically unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a function. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high-security requirements.\r\nMany attacks on sensitive data and resources reported by organizations occur from within the organization itself.","materialsDescription":"<span style=\"font-weight: bold;\">What is hardware information security?</span>\r\nHardware means various types of devices (mechanical, electromechanical, electronic, etc.), which solve information protection problems with hardware. They impede access to information, including through its disguise. The hardware includes: noise generators, surge protectors, scanning radios and many other devices that "block" potential channels of information leakage or allow them to be detected. The advantages of technical means are related to their reliability, independence from subjective factors and high resistance to modification. The weaknesses include a lack of flexibility, relatively large volume and mass and high cost. The hardware for information protection includes the most diverse technical structures in terms of operation, device and capabilities, which ensure the suppression of disclosure, protection against leakage and counteraction to unauthorized access to sources of confidential information.\r\n<span style=\"font-weight: bold;\">Where is the hardware used to protect information?</span>\r\nHardware information protection is used to solve the following problems:\r\n<ul><li>conducting special studies of technical means of ensuring production activity for the presence of possible channels of information leakage;</li><li>identification of information leakage channels at various objects and in premises;</li><li>localization of information leakage channels;</li><li>search and detection of industrial espionage tools;</li><li>countering unauthorized access to confidential information sources and other actions.</li></ul>\r\n<span style=\"font-weight: bold;\">What is the classification of information security hardware?</span>\r\nAccording to the functional purpose, the hardware can be classified into detection tools, search tools and detailed measurements and active and passive countermeasures. At the same time, according to their technical capabilities, information protection tools can be general-purpose, designed for use by non-professionals in order to obtain preliminary (general) estimates, and professional complexes that allow for a thorough search, detection and precision measurement of all the characteristics of industrial espionage equipment. As an example of the former, we can consider a group of IP electromagnetic radiation indicators, which have a wide range of received signals and rather low sensitivity. As a second example - a complex for the detection and direction finding of radio bookmarks, designed to automatically detect and locate radio transmitters, radio microphones, telephone bookmarks and network radio transmitters.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Hardware.png"},{"id":560,"title":"IPC - Information Protection and Control - Appliance","alias":"ipc-information-protection-and-control-appliance","description":" Information Protection and Control (IPC) is a technology for protecting confidential information from internal threats. IPC class hardware solutions are designed to protect information from internal threats, prevent various types of information leaks, corporate espionage, and business intelligence. The term IPC combines two main technologies: encryption of storage media at all points of the network and control of technical channels of information leakage using Data Loss Prevention (DLP) technologies. Network, application and data access control is a possible third technology in IPC class systems. IPC includes solutions of the Data Loss Prevention (DLP) class, a system for encrypting corporate information and controlling access to it. The term IPC was one of the first to use IDC analyst Brian Burke in his report, Information Protection and Control Survey: Data Loss Prevention and Encryption Trends.\r\nIPC technology is a logical continuation of DLP technology and allows you to protect data not only from leaks through technical channels, that is, insiders, but also from unauthorized user access to the network, information, applications, and in cases where the direct storage medium falls into the hands of third parties. This allows you to prevent leaks in those cases when an insider or a person who does not have legal access to data gain access to the direct carrier of information.\r\nThe main objective of IPC systems is to prevent the transfer of confidential information outside the corporate information system. Such a transfer (leak) may be intentional or unintentional. Practice shows that most of the leaks (more than 75%) do not occur due to malicious intent, but because of errors, carelessness, carelessness, and negligence of employees - it is much easier to detect such cases. The rest is connected with the malicious intent of operators and users of enterprise information systems, in particular, industrial espionage and competitive intelligence. Obviously, malicious insiders, as a rule, try to trick IPC analyzers and other control systems.","materialsDescription":" <span style=\"font-weight: bold;\">What is Information Protection and Control (IPC)?</span>\r\nIPC (English Information Protection and Control) is a generic name for technology to protect confidential information from internal threats.\r\nIPC apparel solutions are designed to prevent various types of information leaks, corporate espionage, and business intelligence. IPC combines two main technologies: media encryption and control of technical channels of information leakage (Data Loss Prevention - DLP). Also, the functionality of IPC systems may include systems of protection against unauthorized access (unauthorized access).\r\n<span style=\"font-weight: bold;\">What are the objectives of IPC class systems?</span>\r\n<ul><li>preventing the transfer of confidential information beyond the corporate information system;</li><li>prevention of outside transmission of not only confidential but also other undesirable information (offensive expressions, spam, eroticism, excessive amounts of data, etc.);</li><li>preventing the transmission of unwanted information not only from inside to outside but also from outside to inside the organization’s information system;</li><li>preventing employees from using the Internet and network resources for personal purposes;</li><li>spam protection;</li><li>virus protection;</li><li>optimization of channel loading, reduction of inappropriate traffic;</li><li>accounting of working hours and presence at the workplace;</li><li>tracking the reliability of employees, their political views, beliefs, collecting dirt;</li><li>archiving information in case of accidental deletion or damage to the original;</li><li>protection against accidental or intentional violation of internal standards;</li><li>ensuring compliance with standards in the field of information security and current legislation.</li></ul>\r\n<span style=\"font-weight: bold;\">Why is DLP technology used in IPC?</span>\r\nIPC DLP technology supports monitoring of the following technical channels for confidential information leakage:\r\n<ul><li>corporate email;</li><li>webmail;</li><li>social networks and blogs;</li><li>file-sharing networks;</li><li>forums and other Internet resources, including those made using AJAX technology;</li><li>instant messaging tools (ICQ, Mail.Ru Agent, Skype, AOL AIM, Google Talk, Yahoo Messenger, MSN Messenger, etc.);</li><li>P2P clients;</li><li>peripheral devices (USB, LPT, COM, WiFi, Bluetooth, etc.);</li><li>local and network printers.</li></ul>\r\nDLP technologies in IPC support control, including the following communication protocols:\r\n<ul><li>FTP;</li><li>FTP over HTTP;</li><li>FTPS;</li><li>HTTP;</li><li>HTTPS (SSL);</li><li>NNTP;</li><li>POP3;</li><li>SMTP.</li></ul>\r\n<span style=\"font-weight: bold;\">What information protection facilities does IPC technology include?</span>\r\nIPC technology includes the ability to encrypt information at all key points in the network. The objects of information security are:\r\n<ul><li>Server hard drives;</li><li>SAN;</li><li>NAS;</li><li>Magnetic tapes;</li><li>CD/DVD/Blue-ray discs;</li><li>Personal computers (including laptops);</li><li>External devices.</li></ul>\r\nIPC technologies use various plug-in cryptographic modules, including the most efficient algorithms DES, Triple DES, RC5, RC6, AES, XTS-AES. The most used algorithms in IPC solutions are RC5 and AES, the effectiveness of which can be tested on the project [distributed.net]. They are most effective for solving the problems of encrypting data of large amounts of data on server storages and backups.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_IPC_Information_Protection_and_Control_Appliance.png"},{"id":750,"title":"Biometric Identification","alias":"biometric-identification","description":"<p itemprop=\"headline\">Biometric systems use people’s intrinsic physical characteristics to verify their identification. The characteristics that can be used by biometric systems include fingerprints, facial identification systems, voice recognition systems and in new developments – the analysis of DNA. Biometric security systems are applied wherever there is a need for personal identification where control of access to material objects or information is required.</p>\r\n<p itemprop=\"headline\" class=\"align-center\"><span style=\"font-weight: bold; \">Types of biometric identification</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">DNA Matching.</span> The identification of an individual using the analysis of segments from DNA.</li><li><span style=\"font-weight: bold; \">Ear.</span> The identification of an individual using the shape of the ear.</li><li><span style=\"font-weight: bold; \">Eyes - Iris Recognition.</span> The use of the features found in the iris to identify an individual.</li><li><span style=\"font-weight: bold; \">Eyes - Retina Recognition.</span> The use of patterns of veins in the back of the eye to accomplish recognition.</li><li><span style=\"font-weight: bold; \">Face Recognition. </span>The analysis of facial features or patterns for the authentication or recognition of an individuals identity. Most face recognition systems either use eigenfaces or local feature analysis.</li><li><span style=\"font-weight: bold; \">Fingerprint Recognition.</span> The use of the ridges and valleys (minutiae) found on the surface tips of a human finger to identify an individual.</li><li><span style=\"font-weight: bold; \">Finger Geometry Recognition.</span> The use of 3D geometry of the finger to determine identity.</li><li><span style=\"font-weight: bold; \">Gait.</span> The use of an individuals walking style or gait to determine identity.</li><li><span style=\"font-weight: bold; \">Odour. </span>The use of an individuals odor to determine identity.</li><li><span style=\"font-weight: bold; \">Hand Geometry Recognition. </span>The use of the geometric features of the hand such as the lengths of fingers and the width of the hand to identify an individual.</li><li><span style=\"font-weight: bold; \">Typing Recognition. </span>The use of the unique characteristics of a persons typing for establishing identity.</li><li><span style=\"font-weight: bold; \">Hand Vein Recognition. </span>Vein recognition is a type of biometrics that can be used to identify individuals based on the vein patterns in the human finger or palm.</li><li><span style=\"font-weight: bold; \">Voice - Speaker Identification. </span>Identification is the task of determining an unknown speaker’s identity. Speaker identification is a 1:N (many) match where the voice is compared against N templates. Speaker identification systems can also be implemented covertly without the user’s knowledge to identify talkers in a discussion, alert automated systems of speaker changes, check if a user is already enrolled in a system, etc.</li><li><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">Voice - Speaker Verification/Authentication.</span>The use of the voice as a method of determining the identity of a speaker for access control. If the speaker claims to be of a certain identity and the voice is used to verify this claim. Speaker verification is a 1:1 match where one speaker’s voice is matched to one template (also called a “voice print” or “voice model”). Speaker verification is usually employed as a “gatekeeper” in order to provide access to a secure system (e.g.: telephone banking). These systems operate with the user’s knowledge and typically require their cooperation.</span></li><li> <span style=\"font-weight: bold; \">Signature Recognition.</span> The authentication of an individual by the analysis of handwriting style, in particular the signature. There are two key types of digital handwritten signature authentication, Static and Dynamic. Static is most often a visual comparison between one scanned signature and another scanned signature, or a scanned signature against an ink signature. Technology is available to check two scanned signatures using advances algorithms. Dynamic is becoming more popular as ceremony data is captured along with the X,Y,T and P Coordinates of the signor from the signing device. This data can be utilised in a court of law using digital forensic examination tools, and to create a biometric template from which dynamic signatures can be authenticated either at time of signing or post signing, and as triggers in workflow processes.</li></ul>\r\n<br /><br />","materialsDescription":"<h1 class=\"align-center\"> Biometric Identification or Biometric Authentication?<span style=\"font-weight: bold; \"><br /></span></h1>\r\n<span style=\"font-weight: bold; \">Biometric identification</span> answers the question “who are you” and can be applied to both physical and digital scenarios. It is an established solution that is being used in many applications including law enforcement, defense, and border control.\r\nBiometric identification system usually applies to a situation where an organization needs to identify a person. The organization captures a biometric from that individual and then searches a biometric id system repository in an attempt to correctly identify the person. The biometric repository could be managed by a law enforcement agency, such as the Integrated Automated Fingerprint System (IAFIS) run by the FBI in the USA, or be part of a national identity system like India’s UIDAI system.\r\n<span style=\"font-weight: bold; \">Biometric authentication </span>asks the question “can you prove who you are” and is predominantly related to proof of identity in digital scenarios. A <span style=\"font-size:10pt; font-family:Arial; font-style:normal; \">biometric identity verification</span>system will challenge someone to prove their identity and the person has to respond in order to allow them access to a system or service.\r\nBiometric authentication involves use of a factor that is something a person is – a biometric identifier from a person can include a fingerprint, their voice, face, or even their behavior. This biometric is indexed against other identifiers, such as a user id or employee number, with the identifier being matched against a single stored biometric template – one-to-one match.\r\n<h1 class=\"align-center\">Where is biometric identification technology used?</h1>\r\nHistorically, applications using have been predominantly initiated by authorities for military access control, criminal or civil identification under a tightly regulated legal and technical framework. \r\nToday, sectors, including banking, retail, and mobile commerce, are demonstrating a real appetite for the benefits of biometric identity systems.<br />Most importantly, awareness and acceptance have been boosted in the past seven years, as millions of smartphone users are unlocking their phones with a fingerprint or a face. The most typical use cases of biometric technologies are:\r\n<ul><li>Law enforcement and public security (criminal/suspect identification)</li><li>Military (enemy/ally identification)</li><li>Border, travel, and migration control (traveler/migrant/passenger identification)</li><li>Civil identification (citizen/resident/voter identification)</li><li>Healthcare and subsidies (patient/beneficiary/healthcare professional identification)</li><li>Physical and logical access (owner/user/employee/contractor/partner identification)</li><li>Commercial applications (consumer/customer identification)</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Biometric_Identification.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6147,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Randori.jpg","logo":true,"scheme":false,"title":"Randori Recon","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"randori-recon","companyTitle":"Randori","companyTypes":["vendor"],"companyId":8873,"companyAlias":"randori","description":"<p class=\"align-center\"><b>Gain An Attacker’s Perspective </b></p>\r\nIn order to know where attackers will strike, you first need to know how they view your attack surface. With business changes, cloud migration, shadow IT, and M&A, your perimeter is constantly changing. Often escaping vulnerability scans and yearly assessments, these changes represent windows of opportunities for attackers looking to bypass your defenses. Discover them with Randori Recon. Just like real threat actors, Randori continuously profiles your external attack surface, looking for unexpected changes. Customers use this view to uncover blind spots, misconfigurations, and process failures they otherwise would have missed. This continuous view is built using a black box approach. No installation or setup is required. \r\n<ul> <li>Discover Your Unknowns. View your perimeter like an attacker to expose misconfigurations and process failures. No installation required. </li> <li>Prioritize Your Findings. Find your top targets—where an attacker will strike first. Patent-pending Target Temptation model built on hacker logic. </li> <li>Reduce Your Attack Surface. Stay a step ahead of shadow IT and new business projects. Alerts inform you of new risk as it appears. </li> </ul>","shortDescription":"Security Begins With Knowing What to Protect \r\n\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Randori Recon","keywords":"","description":"<p class=\"align-center\"><b>Gain An Attacker’s Perspective </b></p>\r\nIn order to know where attackers will strike, you first need to know how they view your attack surface. With business changes, cloud migration, shadow IT, and M&A, your perimeter is constantly","og:title":"Randori Recon","og:description":"<p class=\"align-center\"><b>Gain An Attacker’s Perspective </b></p>\r\nIn order to know where attackers will strike, you first need to know how they view your attack surface. With business changes, cloud migration, shadow IT, and M&A, your perimeter is constantly","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Randori.jpg"},"eventUrl":"","translationId":6146,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":465,"title":"UEBA - User and Entity Behavior Analytics","alias":"ueba-user-and-entity-behavior-analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4356,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/change_tracker.png","logo":true,"scheme":false,"title":"Change Tracker Gen7 R2","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"change-tracker-gen7-r2","companyTitle":"New Net Technologies LLC","companyTypes":["supplier","vendor"],"companyId":6751,"companyAlias":"new-net-technologies-llc","description":"<p class=\"align-center\"><span style=\"font-weight: bold; \">IT SECURITY & COMPLIANCE - PROBLEM SOLVED!</span></p>\r\nNNT’s Change Tracker™ Gen7 R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. \r\nCompletely redesigned with both security and IT operations in mind, Change Tracker™ Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments.\r\nGen7 R2 integrates with leading Service desks and Change Management solutions to reconcile the changes that are actually occurring within your environment with those that were expected and part of an approved Request for Change. \r\nSecurity and IT Service Management (ITSM) have traditionally observed and managed change in two very different ways. By linking the changes approved and expected within the ITSM world with those that are actually happening from a security perspective, SecureOps™ is delivered and underpins effective, ongoing security and operational availability.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Change Tracker Features And Benefits</span></p>\r\n<span style=\"font-weight: bold; \">Automates CIS Controls</span>\r\nSpot cyber threats, identify any suspicious changes and adjust the secure baseline for all of your systems in real-time with NNT Change Tracker™ Gen7R2. Approve changes to the authorized baseline with a simple point and click.\r\n<span style=\"font-weight: bold; \">Breach Prevention</span>\r\nEnsure all IT assets are secure and breach free at all times by leveraging state of the art, recommended security and configuration hardening settings along with real-time system vulnerability and configuration drift management.\r\n<span style=\"font-weight: bold; \">Breach Detection</span>\r\nChange Tracker™ Gen7 R2 identifies suspicious activity using highly sophisticated contextual change control underpinned by threat intelligence to spot breach activity while reducing change noise.\r\n<span style=\"font-weight: bold; \">Real-Time Contextual File Integrity Monitoring</span>\r\nChange Tracker™ intelligently analyzes all changes in real-time leveraging the world’s largest repository of independently verified whitelisted files combined with intelligent and automated planned change rules to significantly reduce change noise and deliver a true FIM solution.\r\n<span style=\"font-weight: bold; \">System Hardening & Vulnerability Management</span>\r\nMinimize your attack surface with continuous and real-time clear configuration guidance and remediation based on CIS and other industry standard benchmarks for system hardening and vulnerability mitigation guidance.\r\n<span style=\"font-weight: bold; \">Continuous Compliance Monitoring Across all Industries</span>\r\nNNT provides comprehensive tailored or pre-built reports to provide vital evidence to security staff, management and auditors of the ongoing and improving state of your organizations secure and compliant posture.\r\n<p class=\"align-center\"><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">New Features and Functionality</span></span></p>\r\n<ul><li>All new Dashboard, fully customizable with choice of widgets and multiple tabs for alternative Dashboard layouts</li></ul>\r\n\r\n<ul><li>‘Single-Page Application’ design gives a contemporary, super-responsive Change Tracker experience</li></ul>\r\n\r\n<ul><li>New universal Query/Report controls, consistently available, enables reports to be built ‘off the page’</li></ul>\r\n\r\n<ul><li>New Reports Center – build and schedule any reports, with graphically-rich content, including all new Executive Report showing overall security of your estate</li></ul>\r\n\r\n<ul><li>‘Expert Event Analysis’ sections for reports, with events automatically pre-analyzed to show ‘noisiest’ devices, paths, registry settings and any other monitored configuration attributes to aid decision making in your Change Control Program</li></ul>\r\n\r\n<ul><li>Report production now performance optimized, even large volume event reports are generated on a streamed basis to minimize impact on Hub server resources</li></ul>\r\n\r\n<ul><li>Report properties can be tailored – include a hyperlinked Table of Contents, Event Details table and Query Parameters, together with as many/few event attributes as required</li></ul>\r\n\r\n<ul><li>New Group & Device/Date & Time filter and selection control panel, selections persist for any page accessed, panel can be hidden when not in use to give a ‘full screen’ display of the Dashboard</li></ul>\r\n\r\n<ul><li>User-defined auto-refresh settings for all pages</li></ul>\r\n\r\n<ul><li>New componentized Planned Changes, allowing easy re-use of schedules and/or rulesets, driven by a new Planned</li></ul>\r\n\r\n<ul><li>New ‘FAST list’ planned change rule option, ensures only file changes you select as permitted, allows a user-defined list of approved file changes to be operated – like a personal FAST Cloud!</li></ul>\r\n\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Operating at a forensic level within the IT infrastructure, Change Tracker™ works across all popular platforms such as:</span></p>\r\n<ul><li>Windows, all versions including Server 2019, 2016 and Windows 10, XP, 2003/R2, Windows 7, Windows 8/8.1, 2008R2, 2012/R2 (Core and GUI)</li><li>Linux, all versions, including Ubuntu, SUSE, CentOS, RedHat, Oracle, FreeBSD and Apple MAC OS</li><li>Unix, all versions including Solaris, HPUX, AIX, Tandem Non-Stop</li><li>VMWare, all versions including ESXi</li><li>Database Systems, including Oracle, SQL Server, DB2, PostgreSQL, My SQL</li><li>Network Devices and Appliances, all types and manufacturers, including routers, switches and firewalls, from Cisco, Nortel, Juniper, Fortinet and Checkpoint</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","shortDescription":"The only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Change Tracker Gen7 R2","keywords":"","description":"<p class=\"align-center\"><span style=\"font-weight: bold; \">IT SECURITY & COMPLIANCE - PROBLEM SOLVED!</span></p>\r\nNNT’s Change Tracker™ Gen7 R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ","og:title":"Change Tracker Gen7 R2","og:description":"<p class=\"align-center\"><span style=\"font-weight: bold; \">IT SECURITY & COMPLIANCE - PROBLEM SOLVED!</span></p>\r\nNNT’s Change Tracker™ Gen7 R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/change_tracker.png"},"eventUrl":"","translationId":4358,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":467,"title":"Network Forensics","alias":"network-forensics","description":" Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.\r\nNetwork forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.\r\nTwo systems are commonly used to collect network data; a brute force "catch it as you can" and a more intelligent "stop look listen" method.\r\nNetwork forensics is a comparatively new field of forensic science. The growing popularity of the Internet in homes means that computing has become network-centric and data is now available outside of disk-based digital evidence. Network forensics can be performed as a standalone investigation or alongside a computer forensics analysis (where it is often used to reveal links between digital devices or reconstruct how a crime was committed).\r\nMarcus Ranum is credited with defining Network forensics as "the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents".\r\nCompared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable. Investigators often only have material to examine if packet filters, firewalls, and intrusion detection systems were set up to anticipate breaches of security.\r\nSystems used to collect network data for forensics use usually come in two forms:\r\n<ul><li>"Catch-it-as-you-can" – This is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage.</li><li>"Stop, look and listen" – This is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Why is network forensics important?</span>\r\nNetwork forensics is important because so many common attacks entail some type of misuse of network resources.\r\n<span style=\"font-weight: bold;\">What are the different ways in which the network can be attacked?</span>\r\nAttacks typically target availability confidentiality and integrity. Loss of any one of these items constitutes a security breach.\r\n<span style=\"font-weight: bold;\">Where is the best place to search for information?</span>\r\nInformation can be found by either doing a live analysis of the network, analyzing IDS information, or examining logs that can be found in routers and servers.\r\n<span style=\"font-weight: bold;\">How does a forensic analyst know how deeply to look for information?</span>\r\nSome amount of information can be derived from looking at the skill level of the attacker. Attackers with little skill are much less likely to use advanced hiding techniques.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Forensics.png"},{"id":489,"title":"Network Security Policy Management","alias":"network-security-policy-management","description":" <span style=\"font-weight: bold; \">Network security policy management </span>streamlines security policy design and enforcement. It applies rules and best practices to manage firewalls and other devices more effectively, efficiently, and consistently. Administrators need network security management solutions to get a high level of visibility into network behavior, automate device configuration, enforce global policies, view firewall traffic, generate reports, and provide a single management interface for physical and virtual systems.\r\nSecurity policies govern the integrity and safety of the network. They provide rules for accessing the network, connecting to the Internet, adding or modifying devices or services, and more. However, rules are only effective when they are implemented. Network security management policy helps organizations stay compliant and secure by ensuring that their policies are simplified, consistent, and enforced. It helps reduce manual tasks and human errors by simplifying administration with security policy and workflow tools through a centralized management interface.\r\nNetwork security management can reduce risk across the network and protect data by leveraging the information on threats, network vulnerabilities and their criticality, evaluating potential options to block an attack, and providing intelligence for decision support. Policy administration is improved by unifying common policy tasks within a single interface, automating policy change workflow, including compliance audits and the management of multiple firewall vendors. This simplified and automated security policy management enables IT teams to save time, avoid manual errors, and reduce risk. \r\nThere are the whole network security policy management market with different tools and solutions available. Businesses use them to automate administrative tasks, which can improve accuracy and save time. The solutions can make management processes less tedious and time consuming, and can free up personnel for higher-value projects. These solutions also help IT teams avoid misconfigurations that can cause vulnerabilities in their networks. And if problems arise, network security policy management solutions can ease troubleshooting and remediation. ","materialsDescription":"<h1 class=\"align-center\">Benefits of network security policy management</h1>\r\n<span style=\"font-weight: bold;\">Streamline security policy design and enforcement</span>\r\nA network security policy management solution can help organizations achieve:\r\n<ul><li><span style=\"font-weight: bold;\">Better security.</span> Network security policy management streamlines security policy design and enforcement.</li><li><span style=\"font-weight: bold;\">Ease of use.</span> Network security policy management tools orchestrate policy design and implementation.</li><li><span style=\"font-weight: bold;\">Consistency. </span>Solutions provide templates, model policies, and configurations.</li><li><span style=\"font-weight: bold;\">Time savings.</span> Deployments are faster, and automation helps empower staff to focus on other business priorities.</li><li><span style=\"font-weight: bold;\">Lower costs.</span> Cloud-based solutions scale to thousands of devices, requiring fewer resources and allowing for centralized management.</li></ul>\r\n<span style=\"font-weight: bold;\">Apply best practices to meet challenges in firewall management</span>\r\nOver time, firewalls collect more and more configuration rules and objects. Network security policy management solutions can help combat this bloat and improve security by addressing:\r\n<ul><li><span style=\"font-weight: bold;\">Object auditing.</span> Administrators need to merge and reduce duplicate objects, determine which unused objects should be deleted, and identify inconsistent objects. Network security policy management tools help them achieve a cleaner, more consistent configuration that is less of a nuisance to manage and less vulnerable to attacks.</li><li><span style=\"font-weight: bold;\">Policy inconsistencies.</span> The network security policy management tools locate unused or shadow policies and assist IT to fix possible problems.</li><li><span style=\"font-weight: bold;\">Version control and upgrades.</span> Network security policy management solutions ease these transitions with filters that simplify and automate processes and ensure high availability.</li></ul>\r\n<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Security_Policy_Management.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":836,"title":"DRP - Digital Risk Protection","alias":"drp-digital-risk-protection","description":"Digital risks exist on social media and web channels, outside most organization's line of visibility. Organizations struggle to monitor these external, unregulated channels for risks targeting their business, their employees or their customers.\r\nCategories of risk include cyber (insider threat, phishing, malware, data loss), revenue (customer scams, piracy, counterfeit goods) brand (impersonations, slander) and physical (physical threats, natural disasters).\r\nDue to the explosive growth of digital risks, organizations need a flexible, automated approach that can monitor digital channels for organization-specific risks, trigger alerts and remediate malicious posts, profiles, content or apps.\r\nDigital risk protection (DRP) is the process of protecting social media and digital channels from security threats and business risks such as social engineering, external fraud, data loss, insider threat and reputation-based attacks. DRP reduces risks that emerge from digital transformation, protecting against the unwanted exposure of a company’s data, brand, and attack surface and providing actionable insight on threats from the open, deep, and dark web.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a digital risk?</span>\r\nDigital risks can take many forms. Most fundamentally, what makes a risk digital? Digital risk is any risk that plays out in one form or another online, outside of an organization’s IT infrastructure and beyond the security perimeter. This can be a cyber risk, like a phishing link or ransomware via LinkedIn, but can also include traditional risks with a digital component, such as credit card money flipping scams on Instagram.\r\n<span style=\"font-weight: bold;\">What are the features of Digital Risk Protection?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">The features are:</span></span>\r\n<ul><li>Protecting yourself from digital risk by building a watchtower, not a wall. A new Forrester report identifies two objectives for any digital risk protection effort: identifying risks and resolving them.</li><li>Digital risk comes in many forms, like unauthorized data disclosure, threat coordination from cybercriminals, risks inherent in the technology you use and in your third-party associates and even from your own employees.</li><li>The best solutions should automate the collection of data and draw from many sources; should have the capabilities to map, monitor, and mitigate digital risk and should be flexible enough to be applied in multiple use cases — factors that many threat intelligence solutions excel in.</li></ul>\r\n<span style=\"font-weight: bold;\">What elements constitute a digital risk?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Unauthorized Data Disclosure</span></span>\r\nThis includes the theft or leakage of any kind of sensitive data, like the personal financial information of a retail organization’s customers or the source code for a technology company’s proprietary products.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Threat Coordination Activity</span></span>\r\nMarketplaces and criminal forums on the dark web or even just on the open web are potent sources of risk. Here, a vulnerability identified by one group or individual who can’t act on it can reach the hands of someone who can. This includes the distribution of exploits in both targeted and untargeted campaigns.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supply Chain Issues</span></span>\r\nBusiness partners, third-party suppliers, and other vendors who interact directly with your organization but are not necessarily following the same security practices can open the door to increased risk.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Employee Risk</span></span>\r\nEven the most secure and unbreakable lock can still easily be opened if you just have the right key. Through social engineering efforts, identity or access management and manipulation, or malicious insider attacks coming from disgruntled employees, even the most robust cybersecurity program can be quickly subverted.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Technology Risks</span></span>\r\nThis broad category includes all of the risks you must consider across the different technologies your organization might rely on to get your work done, keep it running smoothly, and tell people about it.\r\n<ul><li><span style=\"font-weight: bold;\">Physical Infrastructure:</span> Countless industrial processes are now partly or completely automated, relying on SCADA, DCS, or PLC systems to run smoothly — and opening them up to cyber- attacks (like the STUXNET attack that derailed an entire country’s nuclear program).</li><li><span style=\"font-weight: bold;\">IT Infrastructure:</span> Maybe the most commonsensical source of digital risk, this includes all of the potential vulnerabilities in your software and hardware. The proliferation of the internet of things devices poses a growing and sometimes underappreciated risk here.</li><li><span style=\"font-weight: bold;\">Public-Facing Presence:</span> All of the points where you interact with your customers and other public entities, whether through social media, email campaigns, or other marketing strategies, represent potential sources of risk.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Digital_Risk_Protection.png"},{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5636,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/lanner_lec-3034.jpg","logo":true,"scheme":false,"title":"Lanner Electronics LEC-3034","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"lanner-electronics-lec-3034","companyTitle":"Lanner Electronics","companyTypes":["supplier","vendor"],"companyId":5268,"companyAlias":"lanner-electronics","description":"<b>Lanner LEC-3034 Series</b> is a wireless rugged fanless edge gateway featuring dual-core Intel® Atom E3825 (codenamed BayTrail), optional 4G-LTE Mobile Connectivity, DDR3L SO-DIMM memory up to 8GB, 1 x SATA connector with 2.5” drive bay, mSATA mini socket, VGA display, wide operating temperature, DIN Rail/Wall-mounting options and a variety of isolated protection serial COM/LAN configurations for various industrial IoT needs. \r\n<b>Features:</b>\r\n<ul> <li>Fanless and compact design </li> <li>Onboard Intel® Atom™ E3825 CPU </li> <li>Optional 4G-LTE Mobile Connectivity </li> <li>Multiple Isolated RS-232/422/485 ports </li> <li>4x or 2x 1.5KV Magnetic Isolated GbE LAN ports, 2x USB ports </li> <li>Wide operating temperature: -40 ~ 70ºC </li> <li>DIN rail or wall mount </li> <li>VGA output </li> <li>1x or 3 x USB 2.0 type A + 1 x USB 3.0 Type A </li> </ul>","shortDescription":"Wireless Rugged Edge Gateway with Intel® Atom E3825 Processor\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":8,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Lanner Electronics LEC-3034","keywords":"","description":"<b>Lanner LEC-3034 Series</b> is a wireless rugged fanless edge gateway featuring dual-core Intel® Atom E3825 (codenamed BayTrail), optional 4G-LTE Mobile Connectivity, DDR3L SO-DIMM memory up to 8GB, 1 x SATA connector with 2.5” drive bay, mSATA mini socket, ","og:title":"Lanner Electronics LEC-3034","og:description":"<b>Lanner LEC-3034 Series</b> is a wireless rugged fanless edge gateway featuring dual-core Intel® Atom E3825 (codenamed BayTrail), optional 4G-LTE Mobile Connectivity, DDR3L SO-DIMM memory up to 8GB, 1 x SATA connector with 2.5” drive bay, mSATA mini socket, ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/lanner_lec-3034.jpg"},"eventUrl":"","translationId":5635,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":59,"title":"SCADA - Supervisory Control And Data Acquisition","alias":"scada-supervisory-control-and-data-acquisition","description":"<span style=\"font-weight: bold; \">SCADA</span> stands for <span style=\"font-weight: bold; \">Supervisory Control and Data Acquisition</span>, a term which describes the basic functions of a SCADA system. Companies use SCADA systems to control equipment across their sites and to collect and record data about their operations. SCADA is not a specific technology, but a type of application. Any application that gets operating data about a system in order to control and optimise that system is a SCADA application. That application may be a petrochemical distillation process, a water filtration system, a pipeline compressor, or just about anything else.\r\nSCADA solutions typically come in a combination of software and hardware elements, such as programmable logic controllers (PLCs) and remote terminal units (RTUs). Data acquisition in SCADA starts with PLCs and RTUs, which communicate with plant floor equipment such as factory machinery and sensors. Data gathered from the equipment is then sent to the next level, such as a control room, where operators can supervise the PLC and RTU controls using human-machine interfaces (HMIs). HMIs are an important element of SCADA systems. They are the screens that operators use to communicate with the SCADA system.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">The major components of a SCADA technology include:</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Master Terminal Unit (MTU).</span> It comprises a computer, PLC and a network server that helps MTU to communicate with the RTUs. MTU begins communication, collects and saves data, helps to interface with operators and to communicate data to other systems.</li><li><span style=\"font-weight: bold;\">Remote Terminal Unit (RTU).</span> RTU is used to collect information from these sensors and further sends the data to MTU. RTUs have the storage capacity facility. So, it stores the data and transmits the data when MTU sends the corresponding command.</li><li><span style=\"font-weight: bold;\">Communication Network (defined by its network topology).</span> In general, network means connection. When you tell a SCADA communication network, it is defined as a link between RTU in the field to MTU in the central location. The bidirectional wired or wireless communication channel is used for the networking purpose. Various other communication mediums like fiber optic cables, twisted pair cables, etc. are also used.</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Objectives of Supervisory Control and Data Acquisition system</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Monitor:</span> SCADA control system continuously monitors the physical parameters</li><li><span style=\"font-weight: bold;\">Measure:</span> It measures the parameter for processing</li><li><span style=\"font-weight: bold;\">Data Acquisition:</span> It acquires data from RTU, data loggers, etc</li><li><span style=\"font-weight: bold;\">Data Communication:</span> It helps to communicate and transmit a large amount of data between MTU and RTU units</li><li><span style=\"font-weight: bold;\">Controlling:</span> Online real-time monitoring and controlling of the process</li><li><span style=\"font-weight: bold;\">Automation:</span> It helps for automatic transmission and functionality</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Who Uses SCADA?</h1>\r\nSCADA systems are used by industrial organizations and companies in the public and private sectors to control and maintain efficiency, distribute data for smarter decisions, and communicate system issues to help mitigate downtime. Supervisory control systems work well in many different types of enterprises because they can range from simple configurations to large, complex installations. They are the backbone of many modern industries, including:\r\n<ul><li>Energy</li><li>Food and beverage</li><li>Manufacturing</li><li>Oil and gas</li><li>Power</li><li>Recycling</li><li>Transportation</li><li>Water and waste water</li><li>And many more</li></ul>\r\nVirtually anywhere you look in today's world, there is some type of SCADA monitoring system running behind the scenes: maintaining the refrigeration systems at the local supermarket, ensuring production and safety at a refinery, achieving quality standards at a waste water treatment plant, or even tracking your energy use at home, to give a few examples. Effective SCADA systems can result in significant savings of time and money. Numerous case studies have been published highlighting the benefits and savings of using a modern SCADA software.\r\n<h1 class=\"align-center\">Benefits of using SCADA software</h1>\r\nUsing modern SCADA software provides numerous benefits to businesses, and helps companies make the most of those benefits. Some of these advantages include:\r\n<span style=\"font-weight: bold; \">Easier engineering:</span> An advanced supervisory control application such provides easy-to-locate tools, wizards, graphic templates and other pre-configured elements, so engineers can create automation projects and set parameters quickly, even if they don't have programming experience. In addition, you can also easily maintain and expand existing applications as needed. The ability to automate the engineering process allows users, particularly system integrators and original equipment manufacturers (OEM), to set up complex projects much more efficiently and accurately.\r\n<span style=\"font-weight: bold; \">Improved data management:</span> A high-quality SCADA system makes it easier to collect, manage, access and analyze your operational data. It can enable automatic data recording and provide a central location for data storage. Additionally, it can transfer data to other systems such as MES and ERP as needed. \r\n<span style=\"font-weight: bold; \">Greater visibility:</span> One of the main advantages of using SCADA software is the improvement in visibility into your operations. It provides you with real-time information about your operations and enables you to conveniently view that information via an HMI. SCADA monitoring can also help in generating reports and analyzing data.\r\n<span style=\"font-weight: bold; \">Enhanced efficiency:</span> A SCADA system allows you to streamline processes through automated actions and user-friendly tools. The data that SCADA provides allows you to uncover opportunities for improving the efficiency of the operations, which can be used to make long-term changes to processes or even respond to real-time changes in conditions.\r\n<span style=\"font-weight: bold; \">Increased usability:</span> SCADA systems enable workers to control equipment more quickly, easily and safely through an HMI. Rather than having to control each piece of machinery manually, workers can manage them remotely and often control many pieces of equipment from a single location. Managers, even those who are not currently on the floor, also gain this capability.\r\n<span style=\"font-weight: bold; \">Reduced downtime:</span> A SCADA system can detect faults at an early stage and push instant alerts to the responsible personnel. Powered by predictive analytics, a SCADA system can also inform you of a potential issue of the machinery before it fails and causes larger problems. These features can help improve the overall equipment effectiveness (OEE) and reduce the amount of time and cost on troubleshooting and maintenance.\r\n<span style=\"font-weight: bold;\">Easy integration:</span> Connectivity to existing machine environments is key to removing data silos and maximizing productivity. \r\n<span style=\"font-weight: bold;\">Unified platform:</span>All of your data is also available in one platform, which helps you to get a clear overview of your operations and take full advantage of your data. All users also get real-time updates locally or remotely, ensuring everyone on your team is on the same page.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SCADA__-_Supervisory_Control_And_Data_Acquisition.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6916,"logoURL":"https://old.roi4cio.com/fileadmin/content/app-icon-base-android.png","logo":true,"scheme":false,"title":"Integrated MLM Software","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"integrated-mlm-software","companyTitle":"Codexoro Technologies LLP","companyTypes":["vendor"],"companyId":10593,"companyAlias":"codexoro-technologies-llp","description":"<p><strong>Integrated MLM Software</strong> is a premier solution for network marketing, delivering the world's first MLM Super App and software. Our platform is designed to empower network marketers with a comprehensive suite of tools and features, ensuring seamless business operations and exponential growth.</p>\r\n<h3>Key Features:</h3>\r\n<ul>\r\n<li>E-commerce Integration</li>\r\n<li>MLM Systems</li>\r\n<li>Customer Relationship Management (CRM)</li>\r\n<li>Customer Support</li>\r\n<li>Promotional Tools</li>\r\n<li>Real-time Tracking</li>\r\n<li>Advanced Analytics</li>\r\n</ul>\r\n<h3>Comprehensive MLM Plan Support:</h3>\r\n<p>We provide software solutions for all MLM plans, including:</p>\r\n<ul>\r\n<li>Binary MLM Software</li>\r\n<li>Matrix MLM Software</li>\r\n<li>Unilevel MLM Software</li>\r\n<li>Hybrid MLM Software</li>\r\n<li>Generation MLM Software</li>\r\n<li>Board MLM Software</li>\r\n<li>Stairstep MLM Software</li>\r\n</ul>","shortDescription":"Integrated MLM Software offers the world's first MLM Super App and software with e-commerce, MLM systems, CRM, customer support, promotional tools, real-time tracking, and advanced analytics.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Integrated MLM Software","keywords":"","description":"<p><strong>Integrated MLM Software</strong> is a premier solution for network marketing, delivering the world's first MLM Super App and software. Our platform is designed to empower network marketers with a comprehensive suite of tools and features, ensuring s","og:title":"Integrated MLM Software","og:description":"<p><strong>Integrated MLM Software</strong> is a premier solution for network marketing, delivering the world's first MLM Super App and software. Our platform is designed to empower network marketers with a comprehensive suite of tools and features, ensuring s","og:image":"https://old.roi4cio.com/fileadmin/content/app-icon-base-android.png"},"eventUrl":"","translationId":6916,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":532,"title":"Software","alias":"software","description":" Computer software, or simply software, is a collection of data or computer instructions that tell the computer how to work. This is in contrast to physical hardware, from which the system is built and actually performs the work. In computer science and software engineering, computer software is all information processed by computer systems, programs, and data. Computer software includes computer programs, libraries and related non-executable data, such as online documentation or digital media. Computer hardware and software require each other and neither can be realistically used on its own.\r\nAt the lowest programming level, executable code consists of machine language instructions supported by an individual processor — typically a central processing unit (CPU) or a graphics processing unit (GPU). A machine language consists of groups of binary values signifying processor instructions that change the state of the computer from its preceding state. For example, an instruction may change the value stored in a particular storage location in the computer—an effect that is not directly observable to the user. An instruction may also invoke one of many input or output operations, for example displaying some text on a computer screen; causing state changes that should be visible to the user. The processor executes the instructions in the order they are provided, unless it is instructed to "jump" to a different instruction, or is interrupted by the operating system. As of 2015, most personal computers, smartphone devices, and servers have processors with multiple execution units or multiple processors performing computation together, and computing has become a much more concurrent activity than in the past.\r\nThe majority of software is written in high-level programming languages. They are easier and more efficient for programmers because they are closer to natural languages than machine languages. High-level languages are translated into machine language using a compiler or an interpreter or a combination of the two. Software may also be written in a low-level assembly language, which has strong correspondence to the computer's machine language instructions and is translated into machine language using an assembler.","materialsDescription":" <span style=\"font-weight: bold; \">What is software?</span>\r\nSometimes abbreviated as SW and S/W, software is a collection of instructions that enable the user to interact with a computer, its hardware, or perform tasks. Without software, most computers would be useless. For example, without your Internet browser software, you could not surf the Internet or read this page. Without an operating system, the browser could not run on your computer. The picture shows a Microsoft Excel box, an example of a spreadsheet software program.\r\n<span style=\"font-weight: bold; \">How do you get software?</span>\r\nSoftware can be purchased at a retail computer store or online and come in a box containing all the disks (floppy diskette, CD, DVD, or Blu-ray), manuals, warranty, and other documentation.\r\nSoftware can also be downloaded to a computer over the Internet. Once downloaded, setup files are run to start the installation process on your computer.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Free software</span></span>\r\nThere are also a lot of free software programs available that are separated into different categories.\r\n<ul><li>Shareware or trial software is software that gives you a few days to try the software before you have to buy the program. After the trial time expires, you'll be asked to enter a code or register the product before you can continue to use it.</li><li>Freeware is completely free software that never requires payment, as long as it is not modified.</li><li>Open-source software is similar to freeware. Not only is the program given away free, but the source code used to make the program is also, allowing anyone to modify the program or view how it was created.</li></ul>\r\n<span style=\"font-weight: bold; \">How do you use computer software?</span>\r\nOnce the software is installed on the computer hard drive, the program can be used anytime by finding the program on the computer. On a Windows computer, a program icon is added to the Start menu or Start screen, depending on your version of Windows.\r\n<span style=\"font-weight: bold;\">How to maintain software?</span>\r\nAfter the software is installed on your computer, it may need to be updated to fix any found errors. Updating a program can be done using software patches. Once updates are installed, any problems that may have been experienced in the program will no longer occur.\r\n<span style=\"font-weight: bold;\">How is software created and how does it work?</span>\r\nA computer programmer (or several computer programmers) writes the instructions using a programming language, defining how the software should operate on structured data. The program may then be interpreted or compiled into machine code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3845,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/pradeo.png","logo":true,"scheme":false,"title":"Pradeo Security Systems Mobile Threat Defense","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"pradeo-security-systems-mobile-threat-defense","companyTitle":"Pradeo","companyTypes":["supplier","vendor"],"companyId":5308,"companyAlias":"pradeo-security-systems","description":"<b>Pradeo</b> developed an advanced Artificial Intelligence process delivering the most accurate threat detection technology of the market. Through the years, the Pradeo intelligence center has collected billions of mobile security data, implemented thousands of security rules and detected millions of severe mobile threats and billions of leaky behaviors.\r\n<b>APPLICATION SECURITY </b>\r\nMost mobile threats do not have viral signatures. In order to detect and prevent zero-day attacks, Pradeo’s mobile application scanning capability accurately identifies all mobile applications behaviors and vulnerabilities. Then, it contextualizes information to avoid false-positive alerts and only blocks applications that represent a real threat.\r\n<b>Key Features:</b>\r\n<ul> <li>Unknown, known and advanced threats detection</li> <li>Static and dynamic analysis</li> <li>Zero false positive</li> <li>Automatic blocking of applications</li> <li>Vulnerabilities detection </li> <li>Remediation of risky behaviors </li> </ul>\r\n<b>NETWORK SECURITY </b>\r\nAs the amount of public hotspots keeps increasing and people tend to connect to several ones a day, Pradeo Security screens in real-time network configuration and parameters. As a result, it prevents network-related attacks such as Man-In-The-Middle. \r\n<b>Key Features:</b>\r\n<ul> <li>Man In the Middle detection </li> <li>Network access control </li> <li>SSL certificates check </li> <li>Secure browser </li> </ul>\r\n<b>DEVICE SECURITY </b>\r\nA device that is jailbroken, rooted, running on an outdated operating system, etc. is vulnerable to device-related attacks and thus, represents a security flaw in the mobile chain. Pradeo Security monitors device integrity by inspecting all its potentially defective aspects. \r\n<b>Key Features:</b>\r\n<ul> <li>OS vulnerabilities detection </li> <li>Root / jailbreak exploitation detection </li> <li>Identification of system takeover </li> <li>Abnormal battery consumption detection </li> </ul>","shortDescription":"Pradeo protects organizations’ mobile devices, applications and data","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":15,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Pradeo Security Systems Mobile Threat Defense","keywords":"","description":"<b>Pradeo</b> developed an advanced Artificial Intelligence process delivering the most accurate threat detection technology of the market. Through the years, the Pradeo intelligence center has collected billions of mobile security data, implemented thousands ","og:title":"Pradeo Security Systems Mobile Threat Defense","og:description":"<b>Pradeo</b> developed an advanced Artificial Intelligence process delivering the most accurate threat detection technology of the market. Through the years, the Pradeo intelligence center has collected billions of mobile security data, implemented thousands ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/pradeo.png"},"eventUrl":"","translationId":3844,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Deception_Techniques_and_Honeypots.png"},{"id":375,"title":"Mobile Enterprise Security","alias":"mobile-enterprise-security","description":" Because mobile devices are easily lost or stolen, data on those devices is vulnerable. Enterprise mobility management is a set of systems intended to prevent unauthorized access to enterprise applications and/or corporate data on mobile devices. These can include password protection, encryption and/or remote wipe technology, which allows an administrator to delete all data from a misplaced device. With many systems, security policies can be centrally managed and enforced. Such device management systems are programmed to support and cooperate with the application programming interfaces (APIs) from various device makers to increase security compliance.\r\nThe data transfer between mobile device and the enterprise should always be encrypted, for example through a VPN tunnel or over HTTPS.\r\nMobile devices in companies with "bring your own device" (BYOD) policies are often used both personally and professionally. In these cases, corporate IT has less control over whether malware is on the device and what damage may be caused to corporate data. Apart from careful user behavior - data storage on the mobile device should be limited and centrally organized.","materialsDescription":" <span style=\"font-weight: bold;\">What is mobile security?</span>\r\nMobile security refers to the set of technologies and practices that aim to protect mobile devices against operating system vulnerabilities, network and app attacks, or mobile malware. Technologies such as enterprise mobility management (EMM) solutions manage compliance policies and issues relating to device privilege or loss.\r\n<span style=\"font-weight: bold;\">What are mobile security threats?</span>\r\nMobile security threats are vulnerabilities or attacks that attempt to compromise your phone's operating system, internet connection, Wi-Fi and Bluetooth connections, or apps. Smartphones possess very different behaviors and capabilities compared to PCs or laptops and need to be equipped to detect attacks specific to mobile devices. Mobile devices contain unique functions and behaviors making traditional IT security solutions ineffective for securing mobile devices. One of the primary differences in how mobile devices are different from PCs and laptops is administration privileges. There are several administrators for a PC or laptop making it simple for corporate IT to install security software and monitor computers for problems. On mobile devices, the administration is handled by the device owner. The device owner is the only one that can install apps or allow other management profiles on the device. This means the burden of securing the mobile device and its data falls entirely on the user--who may not have the time or expertise to provide proper mobile device security.\r\n<span style=\"font-weight: bold;\">Why is mobile security important?</span>\r\nMobile security is very important since our mobile device is now our primary computing device. On average, users spend more than 5 hours each day on a mobile device conducting company and personal business. The shift in device usage habits has also moved the prime target for hackers from PCs to our mobile devices. Since mobile devices are now a prime target, we need to secure them and arm them with threat detection and malware protection just like PCs. Smartphones are able to circumvent traditional security controls, and typically represent a massive blind spot for IT and security teams. Hackers know this, which no doubt contributed to the number of smartphone attacks recorded between January and July 2016. The number of attacks nearly doubled compared to the last six months of 2015. During that same time period, smartphones accounted for 78% of all mobile network infections.\r\n<span style=\"font-weight: bold;\">Which mobile security is best for enterprises?</span>\r\nThere are a number of mobile security solutions available on the market, but identifying which mobile security is best for enterprises entails using specific criteria. As is often the case, solutions designed for consumers and end-users may not be as robust, full-featured, reliable and scalable as solutions designed specifically for the enterprise. In particular, mobile security solutions that are suitable for enterprise use should include scalability, autonomous functionality, machine learning, on-device operation, and protection from zero-day threats. Enterprises also need to consider flexible deployment models to take advantage of existing infrastructure or cloud computing environments.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Mobile_Enterprise_Security.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":824,"title":"ATP - Advanced Threat Protection","alias":"atp-advanced-threat-protection","description":" Advanced threat protection (ATP) refers to a category of security solutions that defend against sophisticated malware or hacking-based attacks targeting sensitive data. Advanced threat protection solutions can be available as software or as managed services. ATP solutions can differ in approaches and components, but most include some combination of endpoint agents, network devices, email gateways, malware protection systems, and a centralized management console to correlate alerts and manage defenses.\r\nThe primary benefit offered by advanced threat protection software is the ability to prevent, detect, and respond to new and sophisticated attacks that are designed to circumvent traditional security solutions such as antivirus, firewalls, and IPS/IDS. Attacks continue to become increasingly targeted, stealthy, and persistent, and ATP solutions take a proactive approach to security by identifying and eliminating advanced threats before data is compromised.\r\nAdvanced threat protection services build on this benefit by providing access to a global community of security professionals dedicated to monitoring, tracking, and sharing information about emerging and identified threats. ATP service providers typically have access to global threat information sharing networks, augmenting their own threat intelligence and analysis with information from third parties. When a new, advanced threat is detected, ATP service providers can update their defenses to ensure protection keeps up. This global community effort plays a substantial role in maintaining the security of enterprises around the world.\r\nEnterprises that implement advanced threat protection are better able to detect threats early and more quickly formulate a response to minimize damage and recover should an attack occur. A good security provider will focus on the lifecycle of an attack and manage threats in real-time. ATP providers notify the enterprise of attacks that have occurred, the severity of the attack, and the response that was initiated to stop the threat in its tracks or minimize data loss. Whether managed in-house or provided as a service, advanced threat protection solutions secure critical data and systems, no matter where the attack originates or how major the attack or potential attack is perceived.","materialsDescription":" <span style=\"font-weight: bold;\">How Advanced Threat Protection Works?</span>\r\nThere are three primary goals of advanced threat protection: early detection (detecting potential threats before they have the opportunity to access critical data or breach systems), adequate protection (the ability to defend against detected threats swiftly), and response (the ability to mitigate threats and respond to security incidents). To achieve these goals, advanced threat protection services and solutions must offer several components and functions for comprehensive ATP:\r\n<ul><li><span style=\"font-weight: bold;\">Real-time visibility</span> – Without continuous monitoring and real-time visibility, threats are often detected too late. When damage is already done, response can be tremendously costly in terms of both resource utilization and reputation damage.</li><li><span style=\"font-weight: bold;\">Context</span> – For true security effectiveness, threat alerts must contain context to allow security teams to effectively prioritize threats and organize response.</li><li><span style=\"font-weight: bold;\">Data awareness</span> – It’s impossible to determine threats truly capable of causing harm without first having a deep understanding of enterprise data, its sensitivity, value, and other factors that contribute to the formulation of an appropriate response.</li></ul>\r\nWhen a threat is detected, further analysis may be required. Security services offering ATP typically handle threat analysis, enabling enterprises to conduct business as usual while continuous monitoring, threat analysis, and response occurs behind the scenes. Threats are typically prioritized by potential damage and the classification or sensitivity of the data at risk. Advanced threat protection should address three key areas:\r\n<ul><li>Halting attacks in progress or mitigating threats before they breach systems</li><li>Disrupting activity in progress or countering actions that have already occurred as a result of a breach</li><li>Interrupting the lifecycle of the attack to ensure that the threat is unable to progress or proceed</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-ATP.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4613,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Prevalent_Inc..png","logo":true,"scheme":false,"title":"Prevalent Third-Party Risk Management Platform","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"prevalent-third-party-risk-management-platform","companyTitle":"Prevalent","companyTypes":["supplier","vendor"],"companyId":7005,"companyAlias":"prevalent","description":"With cyber attacks originating from third parties on the rise, and privacy concerns driving new regulations, it’s critical to ensure that your suppliers can securely manage sensitive systems and data. However, manually collecting, maintaining and analyzing risk status is inefficient, error-prone and costly. \r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Simplify,Automate,Scale.</span></p>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">The only purpose-built, unified platform for third-party risk management </span></p>\r\nDelivered in the simplicity of the cloud, the Prevalent Third-Party Risk Management platform combines automated, standardized vendor assessments with continuous threat monitoring, assessment workflow, and remediation management across the entire vendor life cycle. \r\nThe solution is backed by expert advisory, consulting and managed services to help you optimize and mature your vendor risk management program.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Assess</span></p>\r\n<ul><li>Measure compliance with data security and privacy requirements via automated assessment, review, analysis, remediation and reporting.</li><li>Leverage 50+ templates or build custom surveys</li><li>Automate the end-to-end assessment process and alleviate tedious manual labor</li><li>Assess vendor compliance with ISO 27001, NIST, GDPR, CoBiT 5, SSAE 18, SIG, SIG Lite, SOX, NYDFS, and other regulations and frameworks</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Monitor</span></p>\r\n<ul><li>Gain an outside-in view of risk with continuous cyber and business monitoring, notification of critical issues, and remediation guidance.</li><li>Combine vulnerability scanning with external threat intelligence to uncover IP threats, phishing events, and data breaches</li><li>Identify operational, financial, legal, and brand risks with OSINT business intelligence</li><li>Integrate outside-in scoring with inside-out assessment for a complete view of risk</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Share</span></p>\r\n<ul><li>Access shared libraries of pre-submitted, standardized assessments to quickly check risk scores and augment 1:1 assessment activities.</li><li>Prevalent Exchange: cross-industry vendor data</li><li>Legal Vendor Network™:the industry standard used by 50%+ of top U.S. law firms</li><li>Healthcare Vendor Network™:exclusive partner to H-ISAC Shared Services</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Key Benefits</span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Visibility<br /></span></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Gain a 360-degree view </span></span></p>\r\n<p class=\"align-left\">Identify IT and business exposures with inside-out assessment and outside-in monitoring, eliminating coverage gaps and informing risk-based decision making.</p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Efficiency<br /></span></span></p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Streamline TPRM & reduce costs</span></span></p>\r\n<p class=\"align-left\">Speed assessments and remediation with bi-directional workflow, document/evidence and task management. Equip vendors with dashboards for managing and addressing risks.</p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale<br /></span></span></p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Expand and mature your program</span></span></p>\r\n<p class=\"align-left\">Prevalent’s Risk Operations Center (ROC) and Professional Services teams will partner with you to rapidly implement, scale and customize your end-to-end TPRM program.</p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reporting<br /></span></span></p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Tailor risk insights & trends</span></span></p>\r\n<p class=\"align-left\">Generate detailed vendor risk registers, compliance mapping reports, remediation guidance and executive overviews. Review full audit trails and drill down to specific controls and risks</p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Remediation<br /></span></span></p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Utilize actionable guidance</span></span></p>\r\n<p class=\"align-left\">Categorize vendors by risk level and importance to the business. Share remediation recommendations and implement fixes, with full audit trails for all communications</p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Compliance<br /></span></span></p>\r\n<p class=\"align-left\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Address assessment and monitoring requirements</span></span></p>\r\n<p class=\"align-left\">Comply with GDPR, HIPAA, NIST SP 800 & CSF, ISO 27001/ 27002/27018, EBA Guidelines, FCA FG 16/5, FFIEC IT Exam Handbook, NY DFS 23 NYCRR 500, OCC Bulletins and more<br /><br /></p>","shortDescription":"Prevalent simplifies and speeds compliance and risk reduction with a unified, automated Third-Party Risk Management (TPRM) platform\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":5,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Prevalent Third-Party Risk Management Platform","keywords":"","description":"With cyber attacks originating from third parties on the rise, and privacy concerns driving new regulations, it’s critical to ensure that your suppliers can securely manage sensitive systems and data. However, manually collecting, maintaining and analyzing ris","og:title":"Prevalent Third-Party Risk Management Platform","og:description":"With cyber attacks originating from third parties on the rise, and privacy concerns driving new regulations, it’s critical to ensure that your suppliers can securely manage sensitive systems and data. However, manually collecting, maintaining and analyzing ris","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Prevalent_Inc..png"},"eventUrl":"","translationId":4614,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"},{"id":34,"title":"ITSM - IT Service Management","alias":"itsm-it-service-management","description":"<span style=\"font-weight: bold; \">IT service management (ITSM)</span> is the process of designing, delivering, managing, and improving the IT services an organization provides to its end users. ITSM is focused on aligning IT processes and services with business objectives to help an organization grow.\r\nITSM positions IT services as the key means of delivering and obtaining value, where an internal or external IT service provider works with business customers, at the same time taking responsibility for the associated costs and risks. ITSM works across the whole lifecycle of a service, from the original strategy, through design, transition and into live operation.\r\nTo ensure sustainable quality of IT services, ITSM establishes a set of practices, or processes, constituting a service management system. There are industrial, national and international standards for IT service management solutions, setting up requirements and good practices for the management system. \r\nITSM system is based on a set of principles, such as focusing on value and continual improvement. It is not just a set of processes – it is a cultural mindset to ensure that the desired outcome for the business is achieved. \r\n<span style=\"font-weight: bold; \">ITIL (IT Infrastructure Library)</span> is a framework of best practices and recommendations for managing an organization's IT operations and services. IT service management processes, when built based on the ITIL framework, pave the way for better IT service operations management and improved business. To summarize, ITIL is a set of guidelines for effective IT service management best practices. ITIL has evolved beyond the delivery of services to providing end-to-end value delivery. The focus is now on the co-creation of value through service relationships. \r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">ITSM processes typically include five stages, all based on the ITIL framework:</span></p>\r\n<span style=\"font-weight: bold; \">ITSM strategy.</span> This stage forms the foundation or the framework of an organization's ITSM process building. It involves defining the services that the organization will offer, strategically planning processes, and recognizing and developing the required assets to keep processes moving. \r\n<span style=\"font-weight: bold; \">Service design.</span> This stage's main aim is planning and designing the IT services the organization offers to meet business demands. It involves creating and designing new services as well as assessing current services and making relevant improvements.\r\n<span style=\"font-weight: bold; \">Service transition.</span> Once the designs for IT services and their processes have been finalized, it's important to build them and test them out to ensure that processes flow. IT teams need to ensure that the designs don't disrupt services in any way, especially when existing IT service processes are upgraded or redesigned. This calls for change management, evaluation, and risk management. \r\n<span style=\"font-weight: bold; \">Service operation. </span>This phase involves implementing the tried and tested new or modified designs in a live environment. While in this stage, the processes have already been tested and the issues fixed, but new processes are bound to have hiccups—especially when customers start using the services. \r\n<span style=\"font-weight: bold;\">Continual service improvement (CSI).</span> Implementing IT processes successfully shouldn't be the final stage in any organization. There's always room for improvement and new development based on issues that pop up, customer needs and demands, and user feedback.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Benefits of efficient ITSM processes</h1>\r\nIrrespective of the size of business, every organization is involved in IT service management in some way. ITSM ensures that incidents, service requests, problems, changes, and IT assets—in addition to other aspects of IT services—are managed in a streamlined way.\r\nIT teams in your organization can employ various workflows and best practices in ITSM, as outlined in ITIL. Effective IT service management can have positive effects on an IT organization's overall function.\r\nHere are the 10 key benefits of ITSM:\r\n<ul><li> Lower costs for IT operations</li><li> Higher returns on IT investments</li><li> Minimal service outages</li><li> Ability to establish well-defined, repeatable, and manageable IT processes</li><li> Efficient analysis of IT problems to reduce repeat incidents</li><li> Improved efficiency of IT help desk teams</li><li> Well-defined roles and responsibilities</li><li> Clear expectations on service levels and service availability</li><li> Risk-free implementation of IT changes</li><li> Better transparency into IT processes and services</li></ul>\r\n<h1 class=\"align-center\">How to choose an ITSM tool?</h1>\r\nWith a competent IT service management goal in mind, it's important to invest in a service desk solution that caters to your business needs. It goes without saying, with more than 150 service desk tools to choose from, selecting the right one is easier said than done. Here are a few things to keep in mind when choosing an ITSM products:\r\n<span style=\"font-weight: bold; \">Identify key processes and their dependencies. </span>Based on business goals, decide which key ITSM processes need to be implemented and chart out the integrations that need to be established to achieve those goals. \r\n<span style=\"font-weight: bold; \">Consult with ITSM experts.</span> Participate in business expos, webinars, demos, etc., and educate yourself about the various options that are available in the market. Reports from expert analysts such as Gartner and Forrester are particularly useful as they include reviews of almost every solution, ranked based on multiple criteria.\r\n<span style=\"font-weight: bold; \">Choose a deployment option.</span> Every business has a different IT infrastructure model. Selecting an on-premises or software as a service (SaaS IT service management) tool depends on whether your business prefers to host its applications and data on its own servers or use a public or private cloud.\r\n<span style=\"font-weight: bold; \">Plan ahead for the future.</span> Although it's important to consider the "needs" primarily, you shouldn't rule out the secondary or luxury capabilities. If the ITSM tool doesn't have the potential to adapt to your needs as your organization grows, it can pull you back from progressing. Draw a clear picture of where your business is headed and choose an service ITSM that is flexible and technology-driven.\r\n<span style=\"font-weight: bold;\">Don't stop with the capabilities of the ITSM tool.</span> It might be tempting to assess an ITSM tool based on its capabilities and features but it's important to evaluate the vendor of the tool. A good IT support team, and a vendor that is endorsed for their customer-vendor relationship can take your IT services far. Check Gartner's magic quadrant and other analyst reports, along with product and support reviews to ensure that the said tool provides good customer support.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_ITSM.png"},{"id":50,"title":"IPC - Information Protection and Control","alias":"ipc-information-protection-and-control","description":"Information Protection and Control (IPC) is a technology for protecting confidential information from internal threats. IPC solutions are designed to protect information from internal threats, prevent various types of information leaks, corporate espionage, and business intelligence. The term IPC combines two main technologies: encryption of storage media at all points of the network and control of technical channels of information leakage using Data Loss Prevention (DLP) technologies. Network, application and data access control is a possible third technology in IPC class systems. IPC includes solutions of the Data Loss Prevention (DLP) class, a system for encrypting corporate information and controlling access to it. The term IPC was one of the first to use IDC analyst Brian Burke in his report, Information Protection and Control Survey: Data Loss Prevention and Encryption Trends.\r\nIPC technology is a logical continuation of DLP technology and allows you to protect data not only from leaks through technical channels, that is, insiders, but also from unauthorized user access to the network, information, applications, and in cases where the direct storage medium falls into the hands of third parties. This allows you to prevent leaks in those cases when an insider or a person who does not have legal access to data gain access to the direct carrier of information. For example, removing a hard drive from a personal computer, an insider will not be able to read the information on it. This allows you to prevent the compromise of confidential data even in the event of loss, theft or seizure (for example, when organizing operational events by special services specialists, unscrupulous competitors or raiders).\r\nThe main objective of IPC systems is to prevent the transfer of confidential information outside the corporate information system. Such a transfer (leak) may be intentional or unintentional. Practice shows that most of the leaks (more than 75%) do not occur due to malicious intent, but because of errors, carelessness, carelessness, and negligence of employees - it is much easier to detect such cases. The rest is connected with the malicious intent of operators and users of enterprise information systems, in particular, industrial espionage and competitive intelligence. Obviously, malicious insiders, as a rule, try to trick IPC analyzers and other control systems.","materialsDescription":"<span style=\"font-weight: bold; \">What is Information Protection and Control (IPC)?</span>\r\nIPC (English Information Protection and Control) is a generic name for technology to protect confidential information from internal threats.\r\nIPC solutions are designed to prevent various types of information leaks, corporate espionage, and business intelligence. IPC combines two main technologies: media encryption and control of technical channels of information leakage (Data Loss Prevention - DLP). Also, the functionality of IPC systems may include systems of protection against unauthorized access (unauthorized access).\r\n<span style=\"font-weight: bold; \">What are the objectives of IPC class systems?</span>\r\n<ul><li>preventing the transfer of confidential information beyond the corporate information system;</li><li>prevention of outside transmission of not only confidential but also other undesirable information (offensive expressions, spam, eroticism, excessive amounts of data, etc.);</li><li>preventing the transmission of unwanted information not only from inside to outside but also from outside to inside the organization’s information system;</li><li>preventing employees from using the Internet and network resources for personal purposes;</li><li>spam protection;</li><li>virus protection;</li><li>optimization of channel loading, reduction of inappropriate traffic;</li><li>accounting of working hours and presence at the workplace;</li><li>tracking the reliability of employees, their political views, beliefs, collecting dirt;</li><li>archiving information in case of accidental deletion or damage to the original;</li><li>protection against accidental or intentional violation of internal standards;</li><li>ensuring compliance with standards in the field of information security and current legislation.</li></ul>\r\n<span style=\"font-weight: bold; \">Why is DLP technology used in IPC?</span>\r\nIPC DLP technology supports monitoring of the following technical channels for confidential information leakage:\r\n<ul><li>corporate email;</li><li>webmail;</li><li>social networks and blogs;</li><li>file-sharing networks;</li><li>forums and other Internet resources, including those made using AJAX technology;</li><li>instant messaging tools (ICQ, Mail.Ru Agent, Skype, AOL AIM, Google Talk, Yahoo Messenger, MSN Messenger, etc.);</li><li>P2P clients;</li><li>peripheral devices (USB, LPT, COM, WiFi, Bluetooth, etc.);</li><li>local and network printers.</li></ul>\r\nDLP technologies in IPC support control, including the following communication protocols:\r\n<ul><li>FTP;</li><li>FTP over HTTP;</li><li>FTPS;</li><li>HTTP;</li><li>HTTPS (SSL);</li><li>NNTP;</li><li>POP3;</li><li>SMTP.</li></ul>\r\n<span style=\"font-weight: bold; \">What information protection facilities does IPC technology include?</span>\r\nIPC technology includes the ability to encrypt information at all key points in the network. The objects of information security are:\r\n<ul><li>Server hard drives;</li><li>SAN;</li><li>NAS;</li><li>Magnetic tapes;</li><li>CD/DVD/Blue-ray discs;</li><li>Personal computers (including laptops);</li><li>External devices.</li></ul>\r\nIPC technologies use various plug-in cryptographic modules, including the most efficient algorithms DES, Triple DES, RC5, RC6, AES, XTS-AES. The most used algorithms in IPC solutions are RC5 and AES, the effectiveness of which can be tested on the project [distributed.net]. They are most effective for solving the problems of encrypting data of large amounts of data on server storages and backups.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IPC_-_Information_Protection_and_Control.png"},{"id":79,"title":"VM - Vulnerability management","alias":"vm-vulnerability-management","description":"Vulnerability management is the "cyclical practice of identifying, classifying, prioritizing, remediating and mitigating" software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be confused with a Vulnerability assessment.\r\nVulnerability management is an ongoing process that includes proactive asset discovery, continuous monitoring, mitigation, remediation and defense tactics to protect your organization's modern IT attack surface from Cyber Exposure.\r\nVulnerabilities can be discovered with a vulnerability scanner, which analyzes a computer system in search of known vulnerabilities, such as open ports, insecure software configurations, and susceptibility to malware infections. They may also be identified by consulting public sources, such as NVD, or subscribing to a commercial vulnerability alerting services. Unknown vulnerabilities, such as a zero-day, may be found with fuzz testing, which can identify certain kinds of vulnerabilities, such as a buffer overflow with relevant test cases. Such analysis can be facilitated by test automation. In addition, antivirus software capable of heuristic analysis may discover undocumented malware if it finds software behaving suspiciously (such as attempting to overwrite a system file).\r\nCorrecting vulnerabilities may variously involve the installation of a patch, a change in network security policy, reconfiguration of software, or educating users about social engineering.\r\nNetwork vulnerabilities represent security gaps that could be abused by attackers to damage network assets, trigger a denial of service, and/or steal potentially sensitive information. Attackers are constantly looking for new vulnerabilities to exploit — and taking advantage of old vulnerabilities that may have gone unpatched.\r\nHaving a vulnerability management framework in place that regularly checks for new vulnerabilities is crucial for preventing cybersecurity breaches. Without a vulnerability testing and patch management system, old security gaps may be left on the network for extended periods of time. This gives attackers more of an opportunity to exploit vulnerabilities and carry out their attacks.\r\nOne statistic that highlights how crucial vulnerability management was featured in an Infosecurity Magazine article. According to survey data cited in the article, of the organizations that “suffered a breach, almost 60% were due to an unpatched vulnerability.” In other words, nearly 60% of the data breaches suffered by survey respondents could have been easily prevented simply by having a vulnerability management plan that would apply critical patches before attackers leveraged the vulnerability.","materialsDescription":" <span style=\"font-weight: bold;\">What is vulnerability management?</span>\r\nVulnerability management is a pro-active approach to managing network security by reducing the likelihood that flaws in code or design compromise the security of an endpoint or network.\r\n<span style=\"font-weight: bold;\">What processes does vulnerability management include?</span>\r\nVulnerability management processes include:\r\n<ul><li><span style=\"font-style: italic;\">Checking for vulnerabilities:</span> This process should include regular network scanning, firewall logging, penetration testing or use of an automated tool like a vulnerability scanner.</li><li><span style=\"font-style: italic;\">Identifying vulnerabilities:</span> This involves analyzing network scans and pen test results, firewall logs or vulnerability scan results to find anomalies that suggest a malware attack or other malicious event has taken advantage of a security vulnerability, or could possibly do so.</li><li><span style=\"font-style: italic;\">Verifying vulnerabilities:</span> This process includes ascertaining whether the identified vulnerabilities could actually be exploited on servers, applications, networks or other systems. This also includes classifying the severity of a vulnerability and the level of risk it presents to the organization.</li><li><span style=\"font-style: italic;\">Mitigating vulnerabilities:</span> This is the process of figuring out how to prevent vulnerabilities from being exploited before a patch is available, or in the event that there is no patch. It can involve taking the affected part of the system off-line (if it's non-critical), or various other workarounds.</li><li><span style=\"font-style: italic;\">Patching vulnerabilities:</span> This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VM_-_Vulnerability_management1.png"},{"id":467,"title":"Network Forensics","alias":"network-forensics","description":" Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.\r\nNetwork forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.\r\nTwo systems are commonly used to collect network data; a brute force "catch it as you can" and a more intelligent "stop look listen" method.\r\nNetwork forensics is a comparatively new field of forensic science. The growing popularity of the Internet in homes means that computing has become network-centric and data is now available outside of disk-based digital evidence. Network forensics can be performed as a standalone investigation or alongside a computer forensics analysis (where it is often used to reveal links between digital devices or reconstruct how a crime was committed).\r\nMarcus Ranum is credited with defining Network forensics as "the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents".\r\nCompared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable. Investigators often only have material to examine if packet filters, firewalls, and intrusion detection systems were set up to anticipate breaches of security.\r\nSystems used to collect network data for forensics use usually come in two forms:\r\n<ul><li>"Catch-it-as-you-can" – This is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage.</li><li>"Stop, look and listen" – This is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Why is network forensics important?</span>\r\nNetwork forensics is important because so many common attacks entail some type of misuse of network resources.\r\n<span style=\"font-weight: bold;\">What are the different ways in which the network can be attacked?</span>\r\nAttacks typically target availability confidentiality and integrity. Loss of any one of these items constitutes a security breach.\r\n<span style=\"font-weight: bold;\">Where is the best place to search for information?</span>\r\nInformation can be found by either doing a live analysis of the network, analyzing IDS information, or examining logs that can be found in routers and servers.\r\n<span style=\"font-weight: bold;\">How does a forensic analyst know how deeply to look for information?</span>\r\nSome amount of information can be derived from looking at the skill level of the attacker. Attackers with little skill are much less likely to use advanced hiding techniques.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Forensics.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":836,"title":"DRP - Digital Risk Protection","alias":"drp-digital-risk-protection","description":"Digital risks exist on social media and web channels, outside most organization's line of visibility. Organizations struggle to monitor these external, unregulated channels for risks targeting their business, their employees or their customers.\r\nCategories of risk include cyber (insider threat, phishing, malware, data loss), revenue (customer scams, piracy, counterfeit goods) brand (impersonations, slander) and physical (physical threats, natural disasters).\r\nDue to the explosive growth of digital risks, organizations need a flexible, automated approach that can monitor digital channels for organization-specific risks, trigger alerts and remediate malicious posts, profiles, content or apps.\r\nDigital risk protection (DRP) is the process of protecting social media and digital channels from security threats and business risks such as social engineering, external fraud, data loss, insider threat and reputation-based attacks. DRP reduces risks that emerge from digital transformation, protecting against the unwanted exposure of a company’s data, brand, and attack surface and providing actionable insight on threats from the open, deep, and dark web.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a digital risk?</span>\r\nDigital risks can take many forms. Most fundamentally, what makes a risk digital? Digital risk is any risk that plays out in one form or another online, outside of an organization’s IT infrastructure and beyond the security perimeter. This can be a cyber risk, like a phishing link or ransomware via LinkedIn, but can also include traditional risks with a digital component, such as credit card money flipping scams on Instagram.\r\n<span style=\"font-weight: bold;\">What are the features of Digital Risk Protection?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">The features are:</span></span>\r\n<ul><li>Protecting yourself from digital risk by building a watchtower, not a wall. A new Forrester report identifies two objectives for any digital risk protection effort: identifying risks and resolving them.</li><li>Digital risk comes in many forms, like unauthorized data disclosure, threat coordination from cybercriminals, risks inherent in the technology you use and in your third-party associates and even from your own employees.</li><li>The best solutions should automate the collection of data and draw from many sources; should have the capabilities to map, monitor, and mitigate digital risk and should be flexible enough to be applied in multiple use cases — factors that many threat intelligence solutions excel in.</li></ul>\r\n<span style=\"font-weight: bold;\">What elements constitute a digital risk?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Unauthorized Data Disclosure</span></span>\r\nThis includes the theft or leakage of any kind of sensitive data, like the personal financial information of a retail organization’s customers or the source code for a technology company’s proprietary products.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Threat Coordination Activity</span></span>\r\nMarketplaces and criminal forums on the dark web or even just on the open web are potent sources of risk. Here, a vulnerability identified by one group or individual who can’t act on it can reach the hands of someone who can. This includes the distribution of exploits in both targeted and untargeted campaigns.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supply Chain Issues</span></span>\r\nBusiness partners, third-party suppliers, and other vendors who interact directly with your organization but are not necessarily following the same security practices can open the door to increased risk.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Employee Risk</span></span>\r\nEven the most secure and unbreakable lock can still easily be opened if you just have the right key. Through social engineering efforts, identity or access management and manipulation, or malicious insider attacks coming from disgruntled employees, even the most robust cybersecurity program can be quickly subverted.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Technology Risks</span></span>\r\nThis broad category includes all of the risks you must consider across the different technologies your organization might rely on to get your work done, keep it running smoothly, and tell people about it.\r\n<ul><li><span style=\"font-weight: bold;\">Physical Infrastructure:</span> Countless industrial processes are now partly or completely automated, relying on SCADA, DCS, or PLC systems to run smoothly — and opening them up to cyber- attacks (like the STUXNET attack that derailed an entire country’s nuclear program).</li><li><span style=\"font-weight: bold;\">IT Infrastructure:</span> Maybe the most commonsensical source of digital risk, this includes all of the potential vulnerabilities in your software and hardware. The proliferation of the internet of things devices poses a growing and sometimes underappreciated risk here.</li><li><span style=\"font-weight: bold;\">Public-Facing Presence:</span> All of the points where you interact with your customers and other public entities, whether through social media, email campaigns, or other marketing strategies, represent potential sources of risk.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Digital_Risk_Protection.png"},{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4869,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/fortiphyd_logic.png","logo":true,"scheme":false,"title":"Fortiphyd Logic ControlWatch+LogicGuard","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"fortiphyd-logic-controlwatch-logicguard","companyTitle":"Fortiphyd Logic","companyTypes":["supplier","vendor"],"companyId":5681,"companyAlias":"fortiphyd-logic","description":"<span style=\"font-weight: bold;\">ControlWatch</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Key Benefits</span></span>\r\nControlWatch sits passively on a span port and captures all traffic traversing the network. ControlWatch uses deep packet inspection to extract information buried within packets. State-of-the-art machine learning techniques detect anomalous behavior on networks. Coupled with a comprehensive signature database, ControlWatch provides robust protection to industrial networks and components.\r\nControlWatch also contains a hybrid signature-and anomaly-detection engine, as well as a vast array of ICS protocol parsers enabling monitoring of most networks.\r\n\r\n<span style=\"font-weight: bold;\">LogicGuard</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Key Benefits</span></span>\r\nLogicGuard uses patent-pending technology to monitor the controller logic for anomalous behavior and immediately alerts if the slightest change of controller logic occurs.\r\nLogicGuard detects changes made over the network and via the serial port of controllers, protecting against remote and insider attacks and benign incorrect program changes.","shortDescription":"ControlWatch+LogicGuard provides all of the key features of each product. Each component is used by the other to improve the accuracy and precision of alerts.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortiphyd Logic ControlWatch+LogicGuard","keywords":"","description":"<span style=\"font-weight: bold;\">ControlWatch</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Key Benefits</span></span>\r\nControlWatch sits passively on a span port and captures all traffic traversing the network. ControlWatch uses d","og:title":"Fortiphyd Logic ControlWatch+LogicGuard","og:description":"<span style=\"font-weight: bold;\">ControlWatch</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Key Benefits</span></span>\r\nControlWatch sits passively on a span port and captures all traffic traversing the network. ControlWatch uses d","og:image":"https://old.roi4cio.com/fileadmin/user_upload/fortiphyd_logic.png"},"eventUrl":"","translationId":4870,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5126,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Strabis_Logo.png","logo":true,"scheme":false,"title":"Strabis WEB","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":0,"alias":"strabis-web","companyTitle":"Strabis","companyTypes":["supplier","vendor"],"companyId":8198,"companyAlias":"strabis","description":""Strabis WEB" is an information and telecommunication system (software) designed to accumulate and systematize structured and textual information in a combined database, and to solve an information retrieval and analytical problems.","shortDescription":"StrabisWeb is a software for security, compliance, risk management and competitive intelligence specialists.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":17,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Strabis WEB","keywords":"","description":""Strabis WEB" is an information and telecommunication system (software) designed to accumulate and systematize structured and textual information in a combined database, and to solve an information retrieval and analytical problems.","og:title":"Strabis WEB","og:description":""Strabis WEB" is an information and telecommunication system (software) designed to accumulate and systematize structured and textual information in a combined database, and to solve an information retrieval and analytical problems.","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Strabis_Logo.png"},"eventUrl":"","translationId":5127,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":479,"title":"System Infrastructure Software","alias":"system-infrastructure-software","description":" System infrastructure software is a type of enterprise software or program designed to increase the IT performance of any organization. It provides various solutions to enterprises such as workforce support, business transactions, and internal services & processes. This software is used by various industry verticals to operate business functions efficiently and smoothly.\r\nAdvancements in cloud technologies and virtualization are expected to boost the market. Further, the rise in demand for automation and integrated approach in the business process is also anticipated to fuel the market. However, high implementation costs and the absence of a standardized framework are expected to hinder the growth of the market. Moreover, the adoption of bringing your own device (BYOD) is a major opportunity for key players in the system infrastructure software market.\r\nThe system infrastructure software market is segmented on the basis of type, application, industry vertical, and geography. Based on the type, the market is divided into system & network management software, security software, storage software, and system software. By application, the market is classified into building management systems, cloud integration, data center infrastructure management, integrated communication, network integration, and others. By industry vertical, the market is categorized into banking, financial services and insurance (BFSI), telecommunications & IT, transportation & logistics, oil & gas, manufacturing, retail, and others. By geography, it is analyzed across North America, Europe, Asia-Pacific, and LAMEA.<br /><br />","materialsDescription":" <span style=\"font-weight: bold;\">System Infrastructure Software Market Key Segments:</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">By Type</span></span>\r\n<ul><li>System & Network Management Software</li><li>Security Software</li><li>Storage Software</li><li>System Software</li></ul>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">By Application</span></span>\r\n<ul><li>Building Management System</li><li>Cloud Integration</li><li>Data Center Infrastructure Management</li><li>Integrated Communication</li><li>Network Integration</li><li>Others</li></ul>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">By Industry Vertical</span></span>\r\n<ul><li>Banking, Financial Services and Insurance (BFSI)</li><li>Telecommunications & IT</li><li>Transportation & Logistics</li><li>Oil & Gas</li><li>Manufacturing</li><li>Retail</li><li>Others </li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_System_Infrastructure_Software.png"},{"id":532,"title":"Software","alias":"software","description":" Computer software, or simply software, is a collection of data or computer instructions that tell the computer how to work. This is in contrast to physical hardware, from which the system is built and actually performs the work. In computer science and software engineering, computer software is all information processed by computer systems, programs, and data. Computer software includes computer programs, libraries and related non-executable data, such as online documentation or digital media. Computer hardware and software require each other and neither can be realistically used on its own.\r\nAt the lowest programming level, executable code consists of machine language instructions supported by an individual processor — typically a central processing unit (CPU) or a graphics processing unit (GPU). A machine language consists of groups of binary values signifying processor instructions that change the state of the computer from its preceding state. For example, an instruction may change the value stored in a particular storage location in the computer—an effect that is not directly observable to the user. An instruction may also invoke one of many input or output operations, for example displaying some text on a computer screen; causing state changes that should be visible to the user. The processor executes the instructions in the order they are provided, unless it is instructed to "jump" to a different instruction, or is interrupted by the operating system. As of 2015, most personal computers, smartphone devices, and servers have processors with multiple execution units or multiple processors performing computation together, and computing has become a much more concurrent activity than in the past.\r\nThe majority of software is written in high-level programming languages. They are easier and more efficient for programmers because they are closer to natural languages than machine languages. High-level languages are translated into machine language using a compiler or an interpreter or a combination of the two. Software may also be written in a low-level assembly language, which has strong correspondence to the computer's machine language instructions and is translated into machine language using an assembler.","materialsDescription":" <span style=\"font-weight: bold; \">What is software?</span>\r\nSometimes abbreviated as SW and S/W, software is a collection of instructions that enable the user to interact with a computer, its hardware, or perform tasks. Without software, most computers would be useless. For example, without your Internet browser software, you could not surf the Internet or read this page. Without an operating system, the browser could not run on your computer. The picture shows a Microsoft Excel box, an example of a spreadsheet software program.\r\n<span style=\"font-weight: bold; \">How do you get software?</span>\r\nSoftware can be purchased at a retail computer store or online and come in a box containing all the disks (floppy diskette, CD, DVD, or Blu-ray), manuals, warranty, and other documentation.\r\nSoftware can also be downloaded to a computer over the Internet. Once downloaded, setup files are run to start the installation process on your computer.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Free software</span></span>\r\nThere are also a lot of free software programs available that are separated into different categories.\r\n<ul><li>Shareware or trial software is software that gives you a few days to try the software before you have to buy the program. After the trial time expires, you'll be asked to enter a code or register the product before you can continue to use it.</li><li>Freeware is completely free software that never requires payment, as long as it is not modified.</li><li>Open-source software is similar to freeware. Not only is the program given away free, but the source code used to make the program is also, allowing anyone to modify the program or view how it was created.</li></ul>\r\n<span style=\"font-weight: bold; \">How do you use computer software?</span>\r\nOnce the software is installed on the computer hard drive, the program can be used anytime by finding the program on the computer. On a Windows computer, a program icon is added to the Start menu or Start screen, depending on your version of Windows.\r\n<span style=\"font-weight: bold;\">How to maintain software?</span>\r\nAfter the software is installed on your computer, it may need to be updated to fix any found errors. Updating a program can be done using software patches. Once updates are installed, any problems that may have been experienced in the program will no longer occur.\r\n<span style=\"font-weight: bold;\">How is software created and how does it work?</span>\r\nA computer programmer (or several computer programmers) writes the instructions using a programming language, defining how the software should operate on structured data. The program may then be interpreted or compiled into machine code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3847,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/WT-500_1.JPG","logo":true,"scheme":false,"title":"Waterfall Unidirectional CloudConnect","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":0,"alias":"waterfall-unidirectional-cloudconnect","companyTitle":"Waterfall Security Solutions","companyTypes":["supplier","vendor"],"companyId":5242,"companyAlias":"waterfall-security-solutions","description":"The Industrial Internet of Things (IIoT) promises revolutionary improvements in the efficiencies of industrial operations, manufacturing platforms, transportation systems, and utilities. However, these benefits require the massive deployment of connected devices that gather and communicate data, thereby increasing cyber-security attack surfaces dramatically, and opening paths for attackers to enter industrial networks\r\nThe answer for all of your IIoT cybersecurity needs is the Unidirectional CloudConnect. The CloudConnect acts as an Industrial IoT gateway, collecting data from industrial sources such as historians, industrial control systems, OPC serves and industrial devices then coverting that data into a unified, cloud-friendly format, such as GE WebSockets, Azure IoT and SOAP Web Services. The CloudConnect then transmits the unified data securely out of the site and publishes into the industrial cloud. Unidirectional Gateway technology embedded in the CloudConnect ensures seamless connectivity with both industrial and cloud systems, and provides absolute protection from cloud-based threats.\r\nWaterfall’s Unidirectional CloudConnect offers the highest level of IIoT cyber security, enabling data flow from industrial networks, directly into Internet-based and other cloud solutions, while preventing remote attacks from penetrating critical industrial networks.<br /><br /><span style=\"font-weight: bold;\">MAIN FEATURES</span>\r\nINDUSTRIAL CONNECTIVITY<br />Enables IT and outsourced SIEM, SOC, NOC & security monitoring solutions\r\nSAFE OT/CLOUD INTEGRATION<br />Physically prevents Cloud/Internetbased attacks from infecting the protected network\r\nSEAMLESS INTEROPERABILITY<br />Supports 100+ industrial protocols & applications; from legacy systems to cloud-based platforms\r\nINDUSTRIAL CLOUD<br />Enables big-data, cross-site, and crossapplication analysis and correlations<br /><br />The Unidirectional Cloud-Connect is a secure cloud gateway containing unidirectional technology consisting of both hardware and software components. The gateway hardware can transmit information from a control system network to an external network, but is physically incapable of propagating any cyber attack at all back into the protected network.","shortDescription":"The Unidirectional Cloud-Connect is a secure cloud gateway containing unidirectional technology consisting of both hardware and software components.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":3,"sellingCount":6,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Waterfall Unidirectional CloudConnect","keywords":"","description":"The Industrial Internet of Things (IIoT) promises revolutionary improvements in the efficiencies of industrial operations, manufacturing platforms, transportation systems, and utilities. However, these benefits require the massive deployment of connected devic","og:title":"Waterfall Unidirectional CloudConnect","og:description":"The Industrial Internet of Things (IIoT) promises revolutionary improvements in the efficiencies of industrial operations, manufacturing platforms, transportation systems, and utilities. However, these benefits require the massive deployment of connected devic","og:image":"https://old.roi4cio.com/fileadmin/user_upload/WT-500_1.JPG"},"eventUrl":"","translationId":3848,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":461,"title":"Data Diode","alias":"data-diode","description":"A unidirectional network (also referred to as a unidirectional gateway or data diode) is a network appliance or device that allows data to travel in only one direction. Data diodes can be found most commonly in high-security environments, such as defense, where they serve as connections between two or more networks of differing security classifications. Given the rise of Industrial IoT and Digitization, this technology can now be found at the industrial control level for such facilities as nuclear power plants, power generation and safety-critical systems like railway networks.<br />After years of development, the use of data diodes has increased, creating two variations:\r\n<ul><li>Data Diode: more often used to refer to the simple hardware version that physically enforces data to flow in only one direction.</li><li>Unidirectional Gateway: Used to describe a more sophisticated device that typically has a computer on both its critical and open side. Unidirectional gateways are a combination of hardware and software. The hardware (data diode) permits data to flow from one network to another but is physically unable to send any information at all back into the source network. The software replicates databases and emulates protocol servers and devices, enabling compatibility with existing network protocols, allowing organizations to gain their benefits without changes to their existing systems.</li></ul>\r\nOnce only commonly found in high-security military environments, unidirectional gateways are now becoming widely spread in sectors like Oil & Gas, water/wastewater, airplanes (between flight control units and in-flight entertainment systems), manufacturing and cloud connectivity for Industrial IoT primarily as a result of new regulations, increased demand and big industrial powerhouses. These industries/sectors and betting on this technology, which has had the effect of lowering the technology's core cost.","materialsDescription":"<span style=\"font-weight: bold;\">What Is Data Diode Technology & How Does It Work?</span>\r\nToday's business environment is increasingly digital and more vulnerable than ever to a cyber attack. Because of this, various network security technologies have been developed to protect organizational data and infrastructures. One of the most effective of these modern technologies is the data diode. Although it is one of the most effective network security tools available, you may not have heard of this technology and know little of what it does. Below, you'll find a description of what data diode technology is and how it works.\r\n<span style=\"font-weight: bold;\">What Is Data Diode Technology?</span>\r\nA data diode is a communication device that enables the safe, one-way transfer of data between segmented networks. Intelligent data diode design maintains physical and electrical separation of source and destination networks, establishing a non-routable, completely closed one-way data transfer protocol between networks. Intelligent data diodes effectively eliminate external points of entry to the sending system, preventing intruders and contagious elements from infiltrating the network. Securing all of a network’s data outflow with data diodes makes it impossible for an insecure or hostile network to pass along malware, access your system, or accidentally make harmful changes.\r\nData diodes allow companies to send process data in real time to information management systems for use in financial, customer service, and management decisions — without compromising the security of your network. This protects valuable information and network infrastructure from theft, destruction, tampering, and human error, mitigating the potential loss of thousands of dollars and countless hours of work.\r\n<span style=\"font-weight: bold;\">How Does Data Diode Technology Work?</span>\r\nA "diode" is an electronic component that only allows current to flow in one direction. Similarly, data diode technology lets information flow safely in only one direction, from secure areas to less secure systems, without permitting reverse access. A data diode also creates a physical barrier or “air gap” between the two points. This one-way connection prevents data leakage, eliminates the threat of malware, and fully protects the process control network. Moreover, a single data diode can handle data transfers from multiple servers or devices simultaneously, without bottlenecking.\r\n<span style=\"font-weight: bold;\">Where is it used?</span>\r\nIt’s typically used to guarantee information security or protection of critical digital systems, such as industrial control systems, from cyber attacks. While the use of these devices is common in high-security environments such as defense, where they serve as connections between two or more networks of differing security classifications, the technology is also being used to enforce one-way communications outbound from critical digital systems to untrusted networks connected to the Internet.\r\nThe physical nature of unidirectional networks only allows data to pass from one side of a network connection to another, and not the other way around. This can be from the "low side" or untrusted network to the "high side" or trusted network or vice versa. In the first case, data in the high side network is kept confidential and users retain access to data from the low side. Such functionality can be attractive if sensitive data is stored on a network which requires connectivity with the Internet: the high side can receive Internet data from the low side, but no data on the high side is accessible to Internet-based intrusion. In the second case, a safety-critical physical system can be made accessible for online monitoring, yet be insulated from all Internet-based attacks that might seek to cause physical damage. In both cases, the connection remains unidirectional even if both the low and the high network are compromised, as the security guarantees are physical in nature.\r\nThere are two general models for using unidirectional network connections. In the classical model, the purpose of the data diode is to prevent the export of classified data from a secure machine while allowing the import of data from an insecure machine. In the alternative model, the diode is used to allow export of data from a protected machine while preventing attacks on that machine.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Diode.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":["Aging IT infrastructure","No IT security guidelines","Unauthorized access to corporate IT systems and data","Risk or Leaks of confidential information","Risk of attacks by hackers","Risk of lost access to data and IT systems"],"materials":[],"useCases":[{"id":310,"title":"Radiflow Incorporates Dynamic Vulnerability Assessment Scoring into its Industrial Threat Detection Solution","description":" Radiflow, a leading provider of industrial cybersecurity solutions for industrial automation networks, announced that the company has added dynamic vulnerability assessment scoring capabilities in the new release of its iSID industrial threat detection solution.<br /><br />The current practices for risk assessments and security remediations employed by industrial enterprises and critical infrastructure operators generally rely on manual evaluations and follow unstructured processes. These processes are often time consuming and are not sufficiently responsive to changes in the threat and vulnerability landscape.<br />Read more: https://radiflow.com/news/radiflow-incorporates-dynamic-vulnerability-assessment-scoring-into-its-industrial-threat-detection-solution/","imageURL":"https://old.roi4cio.com/fileadmin/user_upload/radiflow.png"}],"best_practices":[],"values":["Ensure Security and Business Continuity"],"implementations":[],"presenterCodeLng":"","productImplementations":[]}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}