Recent headlines and mounting evidence suggest that cyberattacks on Critical Infrastructure (CI) systems are increasing as cybercriminals have identified electric utility grids as prime targets for disruption activities. As a result, CI cybersecurity has become a prime concern for governments and citizens alike. The paper focuses on the history of the electric industry, how cybersecurity standards have emerged, what those standards are and how they can be used by other CI sectors to strengthen security and reduce the risk of harmful cyberattacks.

“PKI is a robust technology that provides a secure, scalable and cost-effective method to securely authenticate digital identities on large and complex networks such as those that manage business processes for the wholesale electric market. However, due to the many implementation details involved, if the technology is not executed correctly it can also produce a vulnerable system,” said Kee. “NAESB members have worked together to produce a standard for the Wholesale Energy Sector that is based on best practices, proven management techniques and advanced digital certificate technologies.“

In the wake of increasing attacks, U.S. CIs are stepping up efforts to amplify their cybersecurity and strengthen their defenses. In fact, the white paper notes that in President Obama’s recent Executive Order, the National Institute of Standards and Technology (NIST) was directed to lead the effort to develop a cybersecurity framework that would consist of adopting industry best-practices wherever possible. “As part of NIST’s draft cybersecurity framework of best practices, guidelines and standards, the NAESB standard on PKI stands a good chance of being applied to other CI sectors,” says Lila Kee.

All CIs are managed, controlled and accessible via Internet-connected systems, making them vulnerable to cyberattacks. This white paper details how ISOs in the energy sector have recognized the value of cybersecurity frameworks, have adopted standards developed by NAESB and have demonstrated that standards can be developed using shared expertise from both the public and private sectors – setting a framework for all CI sectors.

“It has become increasingly clear that cybercriminals are targeting the critical infrastructure in an attempt to disrupt our way of life. For this reason, NAESB made it a priority to establish PKI standards in order to fortify our cybersecurity framework,” said Rae McQuade, President of NAESB. “In establishing these standards we hope to provide a strong cybersecurity strategy so that we may best protect the business practices related to the electricity market that are a critical part of the everyday lives of our citizens.”

To read GlobalSign’s white paper visit the page here. 

Bolstered Channel Team
Sophos has recently strengthened its channel team with the appointments of Kendra Krause, Americas channel chief and Karen Delaney, Australia & New Zealand channel chief.

Prior to Sophos, Krause served most recently as Fortinet’s Channel Sales and Operations vice president. She previously served in channel sales and marketing roles at SonicWall, WatchGuard and CDW. Delaney spearheaded channel strategies at IBM, Acer and Dell/SonicWALL. Since joining the company, she has played an integral part in bringing Distribution Central and Connector Systems onboard as Sophos’ first distribution partners in Australia and New Zealand.

Channel Honors
Sophos has received considerable recognition for both its channel team and channel program. Included among this year’s honors:

• CRN UK’s Channel Sales & Marketing Award—The Sophos Partner Program was declared “best in the UK”. This award recognizes and rewards the achievements of those individuals and teams responsible for making the UK IT channel so successful.
• CRN’s 2013 Top Women of the Channel—Several Sophos’ channel leaders were among the honorees: Kendra Krause, vice president of Americas channel sales, Amy Gelpey, senior channel marketing manager, and Regina Vignone, director of sales.
• CRN’s Power 100 Most Powerful Women of the Channel—Kendra Krause was among the elite list of executives recognized for their channel achievements.
• CRN’s 2013 5-Star Partner Rating—The 5-Star Partner Program rating recognizes an elite subset of Partner Program Guide vendors that give solution providers the best partnering elements in their channel programs.
• CDW—Sophos was named Sapphire Partner of the Year for 2012; Sophos was one of CDW’s fastest-growing partners of the year.

Key Channel Recognition for Sophos UTM
The company was also highlighted in the 2013 CRN Annual Report Card (ARC). This prestigious study is considered the definitive benchmark for measuring excellence in the IT Channel community and recognizes the top-rated vendor partners in the industry. Sophos was given the highest honors for product innovation in the Network Security Appliances category for its unified threat management (UTM) solution, Sophos UTM. Winners were announced live at an awards reception on Tuesday, August 20, 2013, at the XChange 2013 event in Washington, D.C.

“At Sophos, every year is the year of the partner, but this year in particular has truly demonstrated our ‘channel-first’ commitment—from hosting the largest partner conferences in our history to a game-changing new MSP program, our focus is our channel,” said Mike Valentine, senior vice president, worldwide sales, Sophos. “We offer partners the most complete IT security value proposition—proven and award-winning security solutions that are simple to use, combined with the industry’s most powerful channel program. And with an aggressive roadmap that features an impressive array of offerings, we’re very excited about delivering partners even more value in the coming months to help them grow.”

To learn more about the Sophos Partner Program, please click here or visit http://www.sophos.com/en-us/partners.aspx.

At RSA, Schiappa managed a business unit with annual revenue over $500M, and he had responsibility for engineering, product management, product marketing, an anti-fraud command center, and data center operations. At Sophos he will have full product responsibility for the company’s broad portfolio of end user security offerings, including endpoint, mobile, server protection, and encryption and data protection products.

Kris Hagerman, chief executive officer for Sophos, said, “I’m pleased to welcome Dan to Sophos. He has deep experience in the IT security landscape, and his background, drive and passion make him the perfect fit to accelerate our end user security strategy of delivering world-class on-premise and cloud-managed security solutions to protect our customers across their broad diversity of endpoints. We continue to add some of the brightest minds to Sophos as we look to become the world leader in delivering complete security without complexity for organizations around the world.”

Prior to EMC, Schiappa was at Microsoft, where he held several GM positions, including Windows security, Microsoft Passport/Live ID, and the company’s online display advertising platform. He also led strategy and corporate development for the Entertainment and Devices division.  As head of Microsoft’s security division, Dan led a 400-person product team responsible for developing the security infrastructure for Windows Vista/7 and Windows Server operating systems.  Also during his tenure, he was the key business leader for Microsoft’s BitLocker and Rights Management services.  Prior to Microsoft, Dan was the CEO of Vingage Corporation, a video server startup acquired by L3 Mobilevision, and was an executive at PictureVision, an online digital imaging startup acquired by Kodak.  Dan also held key technical roles at Informix Software and Oracle Corporation.

Schiappa said, “Sophos is poised to lead the charge for a more effective and simpler approach to securing users and data. The cloud will enable IT professionals and our partners to accelerate security deployment and simplify management in an ever changing landscape of malware, targeted attacks, and other security threats. And the continued innovations in end user and data protection will better safeguard enterprises of all sizes, whether they choose cloud or more traditional on-premise management.  It’s an exciting time to be at Sophos, and I’m thrilled to be part of the team.”

Sophos Mobile Control

Protecting millions of mobile devices across tens of thousands of customer accounts, the latest release of Sophos Mobile Control (SMC) features an easy-to-use web-based console—deployed either on-premise or as a Service—to manage, protect and secure data. It delivers effective mobile device management to control the devices that access corporate systems. Using Sophos Mobile Control, IT teams can equally enforce regulatory compliance as well as corporate-mandated policies for complete data and device security without complexity. SMC supports Windows Phone 8, Android, and iOS 7, Apple’s latest mobile operating system.

In a recent research note by IDC, 24% of SMB organizations currently utilize an MDM solution to govern and manage their mobile devices. The study identified Sophos Mobile Control as the most-deployed MDM product among all survey respondents at 25%. In addition, last month, Sophos was named a leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, and recently received a positive review from the 451 Group.

“We’re thrilled by the continued adoption of our MDM solutions. As the IDC report confirms, the market opportunity is huge, and Sophos Mobile Control is already at the head of the pack,” said Dan Schiappa, Senior Vice President and General Manager, Enduser Protection Group, Sophos. “As organizations look to define and refine BYOD policies and comply with regulations and compliance issues, Sophos continues to be a trusted provider for endpoint, network and server protection solutions.”

You can read the original article here.

The mobile workforce are the super productive bunch. They are the ones pushing the envelop of BYOD. For the mobile workforce, balancing work and life can mean that they check corporate email on a personal device, and browse the Internet using a corporate laptop while traveling.

Many IT professionals would agree that empowering these mobile workers with the tools they need while ensuring security can be a tough balancing act. Here are a few tips to help you secure your mobile workforces without overworking the IT folks.

1. Choose a cloud-based security subscription service that offers secu­rity software and policy updates anywhere without slowing down users.
Let’s face it, when your users are on the road, how often do they use a VPN to connect? If you rely on VPN connection to send security updates or refresh policies, you’ll be constantly behind.

2. Take advantage of security software web filtering capabilities that block malicious and web-borne threats before they reach the computer, as well as enforce proper usage policy.
When your mobile workers are on the road, it is expected that they would connect to the hotel’s Wi-Fi to browse the Internet to check the sports page on their work iPad.

The key is to keep them protected from web-borne threats. Take advantage of endpoint enforced web protection capabilities built-in to the local security agent. This way, you avoid latency and eliminate the need to backhaul traffic using a VPN connection. (We already know that people don’t always connect to the VPN before they browse the Internet!)

3. Select a solution that will protect Windows and Mac com­puters equally with a single policy.
Take a look at an airline lounge and count how many Macbooks are being used. According to our recent survey, 10% of laptop computers on the corporate network are Macs.

Get a security solution that will protect Windows and Mac equally. To reduce IT’s workload, it is also important to ensure that you can manage both with a single policy engine. This way, you will only have to configure policy once and it works automatically on both Windows and Mac OS X.

4. To protect data and ensure compliance, be sure to encrypt data on both Windows and Mac.
We all know encryption is essential for mobile workers, yet 80% of corporate computers are un-encrypted. Many mobile workers refuse to get encryption on their laptops out of concerns of slow speeds and longer boot time.

Select an encryption solution that works on both Windows and Mac, and with high performance that won’t slow down your users.

5. Select a single solution that gives you visibility into all the devices your remote users are using, including Windows or Mac laptops and mo­bile devices.
Mobile users today use an average of three devices to get their work done. Ideally, use a solution with a user-centric view, so when you are trouble shooting for a mobile worker, you can easily see the events, devices used and policy applied to the specific individual.

About Sophos Cloud

Businesses and IT managers have a simple choice – Sophos Cloud. There’s no server to install and the management console is hosted in the cloud. So, you’ll be up and running in just 60 seconds.

1) Windows, Mac and mobile device security in a single, integrated console
2) User-centric pricing, policy and reporting
3) Comprehensive protection without complexity

Try Sophos Cloud for free.

You can read the original article, here.

By offering this service, GlobalSign hopes to encourage the use of SSL in application development and the growth of security best-practices.

Through GlobalSign’s commitment to the open-source community, projects are eligible to receive one free Wildcard SSL Certificate valid for as long as the project meets minimum requirements. Open-source software projects that allow developers and the general public to freely access the source code have become very popular and are looked upon by many as leaders in the industry, representing an important segment of the technology community. Offering SSL Certificates will allow developers to improve the trust and security of their projects, which people around the world rely on. GlobalSign hopes this partnership can also make a difference by setting an example in how SSL is deployed today.

“We are delighted to show our commitment to the open-source community by offering free SSL Certificates to these projects,” said Ryan Hurst, chief technology officer, GMO GlobalSign, Inc. “We believe this effort will not only help the developers and users of open-source projects but also encourage the adoption of industry best-practices in the use of SSL.”

To qualify for a free Wildcard SSL Certificate from GlobalSign, the software project must use a license approved by the Open Source Initiative. GlobalSign will also require that projects maintain secure SSL configurations. Projects can quickly and easily evaluate their SSL strength by using the GlobalSign SSL Configuration Checker, which currently checks for over 30 common problems relating to configuration and provides recommendations on how to fix them, thus making it easy to achieve a secure configuration.
Those in the open-source software community who are interested in obtaining a free Wildcard SSL Certificate from GlobalSign may enroll for it by visiting https://www.globalsign.com/ssl/ssl-open-source/.

Click here to see the original article.

“While many security experts are aware of the high level trends, few have recognized their significance,” said James Lyne, global head of security research at Sophos. “If 2013 has taught us anything, it is that traditional security controls are struggling. These new behaviors are forcing the industry to adapt and change, and widely held best practices must be reconsidered.”

The threat report highlights new security concerns ranging from stealthy malware tools that offer dynamic camouflage and provide attackers with long-term persistent access to users’ data, to the proliferation of connected devices that represent new and often ill-protected targets. Many new “Internet of Things” devices are becoming commonplace in our homes and everyday infrastructure, offering shadier cybercriminals the potential to impact our daily lives, rather than just the traditional theft of financial information.

“These trends are set to continue in 2014 as threats become even smarter, shadier and stealthier,” said Lyne.

In 2014 Sophos predicts greater focus from cybercriminals on high quality and convincing phishing and social engineering to compensate for harder-to-exploit operating systems like Windows 8.1; embedded devices (such as POS systems, medical systems and new “smart” infrastructure) will open old wounds as security mistakes eliminated in the modern PC environment are carelessly re-implemented; attacks on corporate and personal data in the cloud will continue to grow as providers struggle to refine the security strategy in this new computing platform; and malware for mobile is set to become as sophisticated as its PC relatives.

“It is clear in 2014 we need to be watching not just the evolution of existing attacks, but be prepared for dangerous new threats emerging that we haven’t previously dealt with,” said Gerhard Eschelbeck, CTO at Sophos. “As the industry adapts and enhances protection mechanisms to cover new devices and threats, this is increasingly becoming an issue for every member of society, not just for government and business.”

A full copy of the Security Threat Report 2014 containing more information and statistics on cybercrime in 2013, as well as top tips and predictions on emerging trends, can be downloaded here.

You can read the original article here.

Important: This article may continue to be updated with further advice. We therefore recommend you check back here regularly for new information.

Applies to the following Sophos product(s) and version(s)

• Sophos UTM
• Sophos Anti-Virus for VMware vShield

For information relating the vulnerability to other Sophos products see:

Is SafeGuard Enterprise affected by the recently identified OpenSSL leak in versions 1.0.1 to 1.0.1f (cve-2014-160)?
Is Sophos Mobile Control affected by the recently identified OpenSSL leak in versions 1.0.1 to 1.0.1f (cve-2014-160)?

What is the vulnerability?

The official CVE is tracked here and mentions versions of Open SSL used in some Sophos products (see below).

The vulnerability described uses a TLS heartbeat read overrun which could be used to reveal chunks of sensitive data from system memory of any system worldwide running the affected versions of OpenSSL – but only exposed services are immediately affected, as the bug allows to be read from the processes own memory.

For more information read our naked security blog article on the issue: Anatomy of a data leakage bug – the OpenSSL “heartbleed” buffer overflow

What versions of Open SSL are affected?

1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1.

What products are affected and how is the vulnerability fixed?

The table below lists all the affected Sophos products. Important: Though other products may use SSL these are not affected and no action is required.

If you use one or more of the products mentioned below use the table to guide you on what is required. 

Important: There are three primary requirements to patch the OpenSSL vulnerability, protect yourself from any future exploit attempts and to mitigate any security vulnerabilities if your certs have already been compromised

• Apply the OpenSSL Patch
• Regenerate all SSL certs
• Change all passwords

Where do I get the Patch and instructions to Renegerate all SSL Certs?

The currently available patches for UTM are listed in article Heartbleed: Recommended steps for UTM. We will add details on other patches as soon as possible. Check back HERE for updates.

We began producing antivirus and encryption products nearly 30 years ago. Today our products help secure the networks used by 100 million people in 150 countries and 100,000 businesses. Our products allow you to secure every end point of your network, from laptops to virtual desktops and servers, to web and email traffic and mobile devices.

All devices —managed easily through the cloud. What’s more, securing these devices is made possible through products that fit your precise needs. We ensure your network’s security by providing the one thing no one else can: Simplicity – arching the following three important IT security sections:

Network Protection

Who Needs This
Sophos UTM helps you consolidate your security without compromising its effectiveness. It’s security made simple, protecting your users everywhere while making security easier to deploy and manage.

What’s Protected

• All computers, mobile devices and servers on a network
• Branch offices and remote users connected with VPN
• Email and web servers and even Wi-Fi users

Products

• Unified Threat Management – The ultimate network security package.
• Secure VPN – Turn any location into a secure location.
• Secure Web Gateway – Complete web protection everywhere.
• Web Application Firewall – Uncommon protection from common threats.
• Next-Generation Firewall – This is where network threats go to die.
• Secure Wi-Fi – Super secure, super Wi-Fi.
• Secure Email Gateway – Simple protection for a complex problem.

Enduser Protection

Who Needs This
Our endpoint protection will keep data in and malware out—all within your antivirus budget. And we protect your mobile devices and servers.

What’s Protected

• All computers, mobile devices, and servers on a network.
• Encryption for devices and file shares.
• Mobile devices and laptops on the go.

Products

• Enduser Protection Suites – The all-in-one security suite.
• Mobile Control – Countless devices, one solution.
• Endpoint Antivirus – Essential protection for laptops & desktops.
• SafeGuard Encryption – Encryption everywhere.

Server Protection

Who Needs This
Our antivirus protection delivers more effective, faster protection across your network of physical or virtual servers.

What’s Protected

• Broad platform support for Windows, UNIX and Linux servers.
• Small memory footprint won’t slow you down. Our antivirus agent has low performance impact, and is optimized for virtualization.
• HIPS protection for Windows is easy to deploy and manage.

Products

• Server Security – Pro-server. Anti-virus.
• Network Storage Antivirus – High-tech security for high-tech storage.
• PureMessage – Good news for you. Bad news for spam.

Increased migration to virtual servers and the ever-growing threat of attack on critical data are presenting new challenges to IT professionals, as they look to maintain high performance and density of servers, without compromising on security. Sophos Server Protection addresses these challenges by integrating agentless antivirus for vShield and full antivirus clients for Windows, Linux, Mac and UNIX into one centrally managed product.

“Servers need the best protection against malware, but managing that protection while maintaining server performance across a diverse environment has inevitably increased complexity and demands on time,” said John Shaw, vice president of product management, Sophos. “We’ve delivered on what matters – server performance and security. Sophos Server Protection provides a single, easy to use management console to assign policies, view alerts and generate reports across platforms. Even licensing, often the bane of IT professionals, is straightforward: one server, one license, any platform.”

Standalone and virtual systems use fewer resources with Sophos Server Protection than with conventional antivirus products. Agentless scanning via vShield Endpoint prevents scan and update storms, automatically protecting every Windows virtual machine on the host through a centralized virtual security appliance. Systems without vShield benefit from a full featured client optimized for performance. Advanced features, including HIPS, application control, and device control, are also included for select platforms.

Sophos Server Protection supports a broad range of server and virtualization platforms, including Windows, Linux, UNIX, Mac, Hyper-V, vSphere/ESX/ESXi and XenServer. It provides proven protection against known and unknown threats, supported by real-time communication with SophosLabs. The Windows client offers additional layers of security, including HIPS, application control and patch assessment.

“Sophos Server Protection is server security made simple, because at Sophos we believe good security shouldn’t have to require the undivided attention of the IT team to make it work. Sophos Server Protection secures your business’s critical assets, without sacrificing performance or adding unnecessary complexity,” concluded Shaw.

Sophos Server Protection will be showcased at VMworld, which takes place in San Francisco between August 25 and 29. Sophos is a VMware Elite Technology Alliance Partner.

Υou can read the original article here.

The firmware can be downloaded now from our Downloads page.