ReportWire

Tag: IT Security

  • AttainIT Technologies Acquires ByteRatio, Inc.

    AttainIT Technologies Acquires ByteRatio, Inc.

    [ad_1]

    Merger strengthens innovative IT solutions offerings to national security agencies


    RESTON, Va., July 29, 2024 (Newswire.com)

    Reston-based AttainIT Technologies has successfully acquired ByteRatio, Inc., headquartered in Leesburg, Va. ByteRatio will now operate as a wholly owned subsidiary of AttainIT Technologies under the leadership of President & CEO Linda Flannery and her esteemed team.

    This strategic acquisition enhances AttainIT’s mission to deliver cutting-edge technology solutions that solve complex missions, preempt threats, and save lives. 

    “We are thrilled to bring ByteRatio’s rich expertise in cybersecurity and software engineering to AttainIT, offering our clients even more robust service and innovative solutions for their most important missions,” said Jim Flannery, CEO of AttainIT Technologies. “Together, we will achieve greater accomplishment and set new standards for our nation’s most vital agencies.”

    AttainIT and ByteRatio will function as separate companies but remain committed to close collaboration across both teams.

    “We look forward to continuing to operate as a ‘people first’ organization and deliver exceptional service to our clients,” added Linda Flannery. “Leveraging ByteRatio and AttainIT’s complementary strengths, we are even better positioned to drive innovation, excellence, and growth across the industry.”

    For more information, please contact:

    pr@attainittech.com

    About AttainIT Technologies

    AttainIT Technologies is a privately held, small business delivering secure technology solutions to national security agencies. Its seasoned team of experts design and implement cutting-edge technology solutions that solve complex mission needs, pre-empt global threats, and save lives. To learn more, visit https://www.attainittech.com.

    About ByteRatio, Inc.

    ByteRatio is a leading-edge IT solutions company specializing in, cybersecurity, software engineering, and cloud-based enterprise technology solutions. Through a “people first” approach, ByteRatio passionately combines technology with creativity to solve its customers’ toughest mission problems. To learn more, visit https://www.byteratio.com.

    Source: Attainit Technologies

    [ad_2]

    Source link

  • CYRIN and the Rochester Institute of Technology (RIT) Create a Level 2 Exercise for a Virtual Cybersecurity Training Environment

    CYRIN and the Rochester Institute of Technology (RIT) Create a Level 2 Exercise for a Virtual Cybersecurity Training Environment

    [ad_1]

    CYRIN and RIT Create an Enterprise-level Exercise in a Virtual Training Environment


    EDEN PRAIRIE, Minn., August 16, 2023 (Newswire.com)

    CYRIN and the Rochester Institute of Technology (RIT) have created a Level 2 Exercise that resides on CYRIN’s virtual cybersecurity training platform. In this exercise, calledConfigure an Enterprise Network,” students must configure the firewalls and routers in accordance with the security policies of the organization. The firewalls and routers must be configured to implement policies related to how traffic to and from the internet and between different subnets is handled.

    CYRIN has three levels of training – Labs, Exercises and Attacks – on its virtual, cloud-based platform. Level 2 Exercises are robust training exercises that challenge the student to work in a virtual environment to demonstrate proficiency with different scenarios with multiple cybersecurity tools that enhance training and mimic real-world scenarios. In this exercise, which looks at an enterprise network, students use pfSense, an open-source firewall and router used by thousands of enterprises and officially supported by Netgate. Students must be familiar with the pfSense console and web interfaces. Those unfamiliar with pfSense are encouraged to complete the CYRIN “Firewall Configuration with pfSense” lab before attempting this exercise.

    This exercise was developed in conjunction with the Rochester Institute of Technology and their Global Cyber Institute. RIT used CYRIN’s patented Exercise Builder tool to create several labs that CYRIN has licensed for use on the CYRIN platform. This exercise is also mapped to NIST NICE Specialty Areas or NIST NICE Work Roles listed below.

    Specialty Areas:

    Work Roles:

    CYRIN is designed for the seasoned cybersecurity professional or the student new to the field. Inexpensive and tailored for a 24/7 schedule, CYRIN labs, exercises and attack scenarios allow for training in a virtual cloud-based environment 365 days a year. CYRIN is also an excellent way for entrepreneurs, small businesses, and others to test their software products. Nearly any operating system that runs on the Intel/AMD x86 or x86_64 architecture can be uploaded to CYRIN as an OVA file or installed directly within CYRIN using the Exercise Builder. To learn more about our labs and content, visit the CYRIN catalog page.

    The Team

    ATC-NY, based in Ithaca, NY, is the Cybersecurity division of Architecture Technology Corporation, and is responsible for CYRIN development. They work with numerous commercial, educational and government agencies, including the Department of Defense, who helped support the effort to develop CYRIN.

    About Architecture Technology Corporation

    Architecture Technology Corporation (ATCorp) is headquartered in Eden Prairie, MN. ATCorp specializes in advanced research and software-intensive solutions for complex problems in Information Security, Cybersecurity, Enterprise-Scale Network Computing, AI, and Machine Learning. To read more about their products and services, visit ATCorp at https://www.atcorp.com.  

    Source: CYRIN

    [ad_2]

    Source link

  • CYRIN Now Offers Certification

    CYRIN Now Offers Certification

    [ad_1]


    EDEN PRAIRIE, Minn., May 23, 2023 (Newswire.com)

    CYRIN, a virtual cybersecurity training platform from Architecture Technology Corporation, now has certification available on three courses taught by world-renowned cyber expert Kevin Cardwell. 

    CYRIN’s Fundamentals of Cybersecurity Series takes you from beginning to advanced cyber defense techniques over the course of three, 40-hour, self-paced courses. Each course includes over a dozen interactive labs and activities.

    CYRIN Certification is available for each course in this series. 

    Courses start with Cyber Security Skills Foundation and move to Essential Defense Tactics – a solid core program that enhances and advances your skills gained in the Foundation course. Certification finishes with Advanced Defense, where you learn advanced methods of defense that bring you closer to establishing security best practices and methodologies that can be applied in any environment.

    Full courses include videos, background materials, quizzes, and multiple interactive CYRIN labs to enhance your learning experience. Courses are self-paced and taught by Kevin Cardwell. The CYRIN platform allows you to pause and come back to the course at any time within your subscription period.

     WHAT DO I GET WHEN I AM CERTIFIED?

    • A digital badge that can be exported to Badgr for use on LinkedIn and other sites.
    • A printable certificate of successful completion, including the number of CPEs earned.
    • A badge icon you can include in your e-mail signature, resume, and social media pages.

    HOW DO I EARN A CYRIN CERTIFICATION?

    • Complete all the prerequisites for the certification course.
    • Successfully complete the certification course; successful completion requires a passing score in all labs and quizzes that are part of the course.

    WHY CYRIN CERTIFICATION?

    CYRIN certifications validate your skills, enhance your credentials, and increase your marketability. These courses allow you to expand or refresh your cybersecurity skills or begin a new career in cybersecurity. 

    CYRIN provides a number of benefits

    CYRIN improves upon existing cyber range systems with four central innovations:

    (1) It provides a fully interactive, independent online exercise interface for each student.

    (2) It’s always available and accessible from anywhere with no special software required.

    (3) It’s able to monitor student progress against learning objectives within practical exercises and

    (4)  It’s virtual “hands-on” training, so students learn by doing. It resides in the cloud and requires no physical classroom, which saves time and money.

    For more information, visit CYRINtry a free lab, sign up for a demonstration, or call  (800) 850-2170.

    The Team

    ATC-NY, based in Ithaca, NY, is the Cybersecurity division of Architecture Technology Corporation, and is responsible for CYRIN development. They work with numerous commercial, educational and government agencies, including the Department of Defense, who helped support the effort to develop CYRIN.

    About Architecture Technology Corporation

    Architecture Technology Corporation (ATCorp) is headquartered in Eden Prairie, MN. ATCorp specializes in advanced research and software-intensive solutions for complex problems in Information Security, Cybersecurity, Enterprise-Scale Network Computing, AI, and Machine Learning. To read more about their products and services, visit ATCorp at https://www.atcorp.com.

    Source: ATCorp

    [ad_2]

    Source link

  • Earthling Security Enables Finvi to Achieve FedRAMP P-ATO

    Earthling Security Enables Finvi to Achieve FedRAMP P-ATO

    [ad_1]

    Press Release


    Feb 28, 2023


    RESTON, Va., February 28, 2023 (Newswire.com)

    Earthling Security, LLC is proud to announce that, by partnering with the Finvi (Formerly Ontario Systems) team and providing them with a managed FedRAMP service offering in Amazon Web Services, Finvi has achieved FedRAMP Moderate Provisional-Authority Operate (P-ATO) from the Department of Treasury for Ontario Cloud Federal (OCF). 

    Finvi’s Ontario Federal Cloud (OFC) is one of the few cloud products selected by the Department of Treasury for an Authority to Operate. The Department of Treasury and the FedRAMP Program Management Office has recognized Finvi as critical to managing and innovating receivables and collections technology in conjunction with the federal government. Enabling clients to achieve FedRAMP authorization is in keeping with Earthling Security’s commitment to provide Cloud Service Providers and federal contractors with the ability to do business through our ready-made compliant environments. 

    “After releasing our innovative FedRAMP-as-a-Service™, now with an automated governance portal and Infrastructure-as-Code offering, we have seen nothing but success for our clients. Earthling Security is now able to get an application to ATO in a much tighter time frame with better results and more efficient security. This benefits everyone from the contractor or SaaS platform to the agency sponsoring them,” said Yusuf Ahmed, Earthling Security’s CEO. 

    About Finvi 

    Finvi (www.finvi.com) is the leading provider of financial expert services for all phases of the building lifecycle. Finvi is a premier provider of enterprise technologies that streamline and accelerate revenue recovery for clients across healthcare, government, accounts receivable management, and financial institutions.

    Source: Earthling Security

    [ad_2]

    Source link

  • How to Outsource Product Development

    How to Outsource Product Development

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    According to Statista, around 74% of businesses outsource IT services, and 87% have stated their desire to maintain or increase their IT spending.

    The trend of working with remote development teams, which companies often use to outsource their product development, is prospering and will continue to do so in the future.

    Let’s discuss the significance of outsourcing your enterprise product development, compare it with an in-house team and discuss the considerations to understand the outsourcing model.

    How does outsourced product development help?

    When companies opt to outsource their product development, they’re looking for opportunities for various tech solutions and speeding up development at a lesser cost.

    Moreover, companies get access to modern tools and tech stacks, new resources, and top talent, optimize their IT processes, reduce costs, and make reliable forecasting regarding their short- and long-term IT objectives.

    Related: 3 Strategies to Optimize Innovative Product Development

    Outsourced product development vs. an in-house team

    In-house

    In-house teams are created from the ground up. You’ll fill the positions based on the talent and expertise needed for product development. Building an in-house team is comparable to hiring permanent employees for your business. You’ll shortlist candidates, conduct interviews, and onboard them through typical on-prem proceedings.

    The benefits of hiring an in-house team are that they’re in direct communication with the team, offer immediate support and, most importantly, are aligned with the company’s goals and vision.

    On the downside, in-house teams:

    • Are costly prospects with high turnover rates
    • They lack versatile expertise and problem-solving depth
    • Are not easily scalable for team upskilling

    Outsourcing

    Outsourced teams offer many benefits for businesses by providing a vast talent pool and no technology limitations, allowing businesses to exercise more control over budgeting and acquire better expertise.

    The only cons are the communication barrier and trust issues in the team. Moreover, legal issues regarding the hiring process, regulatory compliance issues, information exchange before and after the project completion, cultural intricacies and time-zone differences can cause a problem.

    The following are four things to consider when outsourcing product development.

    1. Analyze your problems and requirements

    Start by analyzing your problems, requests and requirements.

    Without a clear understanding of your requirements, you gain nothing from the contractor’s team.

    Create a to-do list of items and activities you need to be done, state your budget, and set approximate deadlines for all the milestones, for example, UI/UX design delivery, development, app testing, etc.

    Related: What Not to Do When Outsourcing

    2. Select the suitable cooperation model

    The most popular cooperation models are the fixed price and time and material models. Each has its characteristics and requirements; select the one that best fits your project.

    – Fixed price model

    As the name suggests, the fixed price model works through the fixed budget, timelines, and scope of work and is mainly preferred for small projects with highly limited functionality. Furthermore, the model doesn’t allow for catering to additional changes and iterations, is expensive, and there is a probability of possible tradeoffs concerning product quality.

    – Time & material model

    The time and material model is a flexible counterpart that infuses nicely with the agile principles. Unlike the fixed model, the T&M model allows teams to start development quickly. The flexible developer hourly rate allows teams to manage tasks and set deadlines and budgets. The agile approach benefits teams in determining the result or progress at each development stage.

    3. Select an agency or freelancer

    Deciding whether you need an agency or a freelancer isn’t as simple as people often think—if it’s a small project, hire a freelancer; if it’s a large, complex project, hire an agency. In my experience, there is always more to the story in most cases. You need to clarify you need specialists for which particular processes. Business owners often struggle with the prospect of how and from where to land the right contractor for their outsourced product development.

    Here are some of the best sources to find a reliable contractor:

    Social channels. Use social channels like LinkedIn to hunt full-fledged development companies or freelancers for your next project. Check out their social posts, read reviews from previous customers, see team ratings, and more to check their business credibility and trustworthiness.

    Business review websites. See platforms like Clutch, Trustpilot, GoodFirms, etc., to inspect agencies and freelancers and review their ratings, customer reviews, and other metrics to understand better their credibility and what their clients say about them.

    4. Create a design and software specification document

    Write a design and software specification document that describes your product (at least an MVP), how it will perform, and how you want the end users to interact with it.

    Despite being a laborious job, it is one of the essential things you’ll do in product design and development.

    The design and software document will contain the following elements—a comprehensive project overview, problem statement, project goals, target audience, functional requirements, intended features, aesthetic details, non-functional parts, suggestions and restrictions, and questions.

    Mistakes to avoid when outsourcing development

    1. Selecting a misfit contractor

    Business owners often mistake hiring the first contractor or agency they come across in their search. Hence, they hire a contractor whose location, experience, expertise and skills aren’t suited for their particular project. Take your time when organizing your search and starting the hiring process. The more detailed your analysis is, the better the chances for you to hire the right company and a responsible partner.

    2. Not familiar with the cost of your product development

    One of the most common mistakes businesses make is not examining the cost of outsourcing product development. The estimate might look reasonable on paper, but several underlying essentials might not have been included in the quote. Request the development agency to create and send a complete quote. Ask the right questions from the development team alongside the timelines that should help you analyze the actual project cost.

    3. Lack of a strategic action plan

    Having a sound strategic action plan is crucial when outsourcing your project. The inability to clearly outline your requirements and state deadlines of your deliverables isn’t something you want to experience.

    Ask yourself the following questions:

    • What are your project’s core goals?
    • When do you expect to complete your product development?
    • What are the developers’ working hours?
    • How many remote developers do you want to work with you?
    • Is your hired team experienced enough to cater to your custom project?

    Related: 3 Mistakes (Nearly) Every Tech Startup Makes — and How to Avoid Them

    Final thoughts

    No matter your requirements and project specifications, there are always pros and cons of working with an in-house team and outsourcing your product development. However, take your time to weigh the considerations by analyzing your problem and requirements, selecting a suitable cooperation model, choosing an agency or freelancer, and creating a design and software requirement document. Last, avoid mistakes when outsourcing product development, including selecting a misfit contractor, inadequate cost estimation, and lack of a strategic action plan.

    [ad_2]

    Asim Rais Siddiqui

    Source link

  • Phishing Attacks Rose 61% in 2022, New Study Finds

    Phishing Attacks Rose 61% in 2022, New Study Finds

    [ad_1]

    Interisle’s annual study finds the cybercrime technique expanding to more brands and surging in the cryptocurrency field.

    Press Release


    Jul 26, 2022


    NEW YORK, July 26, 2022 (Newswire.com)

    The cybercrime commonly called “phishing” soared 61% in the past year to more than 1 million attacks and continues to pose a significant threat to most Internet users, according to an annual study from Interisle Consulting Group, specialists in business and technology strategy and authors of a long-running series of reports on phishing activity.

    Phishing attacks lure victims, typically via email or text message, to a fraudulent website that appears to be run by a trusted entity, often a bank or retailer. The site is designed to persuade a victim to provide sensitive information like a bank account number.

    For its study, entitled Phishing Landscape 2022: An Annual Study of the Scope and Distribution of Phishing, Interisle assembled and analyzed a deep and reliable dataset by collecting more than three million phishing reports from 1 May 2021 through 30 April 2022 from four respected threat intelligence providers: the AntiPhishing Working Group (APWG), OpenPhish, PhishTank, and Spamhaus, and examined data from 2020 for a longer-term examination of certain issues. The report also includes Interisle’s recommendations on measures to stop the practice.

    Interisle’s study has drawn praise from experts on the topic. “This thoroughly researched report is essential reading for anyone concerned about the growing threat of online phishing,” said John Levine, president of the Coalition Against Unsolicited Commercial Email (CAUCE). “It has detailed analyses and advice on what and where the threats are, and how we can and must deal with them.”

    Interisle’s study found the 3 million reports represented 1,122,579 unique phishing attacks during that time frame, with 853,987 domain names reported for phishing, a 72% increase over the previous year’s study.

    One notable finding: Phishing attempts related to cryptocurrency increased 257% year to year. Nearly 80% of the generic top-level domains (gTLD) reported for phishing were maliciously registered, and crypto wallets were the most targeted brands.

    “Cryptocurrency phishing has skyrocketed, especially attacks involving wallets and exchanges,” said Interisle partner and co-author Dave Piscitello. “Phishers are applying attack techniques that they’ve used against other financials to virtual currencies with great effect.”

    In other findings:  

    • The number of monthly attacks has doubled in two years, from about 40,000 in May 2020 to more than 100,000 in April 2022.
       
    • Phishers targeted over 2,000 businesses and organizations during the 1 May 2021 to 30 April 2022 period. The majority of phishing attacks targeted just 10 brands.
       
    • A small number of registrars dominate malicious domain registration in some TLDs (top-level domains). In four TLDs, more than 80% of the malicious domains were registered through just one registrar.
       
    • Phishing attacks are disproportionately concentrated in new gTLDs. While the new TLDs’ market share decreased during the yearly reporting period, phishing among the new TLDs has increased.
       
    • Phishers deliberately registered 69% of all domains—and 92% of new gTLD domains—on which phishing occurred.
       
    • Phishers have begun targeting more brands, including Amazon, Apple, Meta (Facebook, WhatsApp) and Microsoft (Outlook).

    Interisle’s report also includes observations and recommendations to counter phishing attempts, including: 

    • The naming, addressing, and hosting ecosystem exploited by phishers (and cyberattackers generally) is encumbered by vertically isolated (“siloed”) policy and mitigation regimes.
       
    • Registries and registrars should identify, “lock”, and suspend domains reported for phishing, and hosting and cloud service providers should remove phishing content or shut down accounts where phishing occurs, and all parties should be more responsive to abuse complaints, especially for cybercrimes such as phishing, and they must begin to do so in a more coordinated and determined manner.
       
    • Changes to or introduction of policy or regulation may be necessary to effectively mitigate phishing. Obliging operators to validate the identity of users and customers, coupled with agreement on a common definition of lawful access that acknowledges the role that the private sector plays in combating cybercrime, could reduce both the incidence of phishing and the difficulty of responding to it.

    For more about Interisle, please visit: https://www.interisle.net.

    About Interisle
    Interisle’s principal consultants are experienced practitioners with extensive track records in industry and academia and world-class expertise in business and technology strategy, Internet technologies and governance, financial industry applications, and software design. Every Interisle client benefits from the direct hands-on management of this core team, augmented by the specialized expertise of an extensive network of associates—a coherent, team approach with the low overhead of a lean, virtual organization.

    Contact Information
    Dave Piscitello
    dave@interisle.net

    Source: Interisle Consulting Group

    [ad_2]

    Source link