What We Can Do About Ransomware – Today and Tomorrow

No Gravatar

By Alan Zeichick, Principal Analyst, Camden Associates, Published on UpgradeMag.com, May 31, 2016.

Ransomware is a huge problem that’s causing real harm to businesses and individuals. Technology service providers are gearing up to fight these cyberattacks – and that’s coming none too soon.

In March 2016, Methodist Hospital reported that it was operating in an internal state of emergency after a ransomware attack encrypted files on its file servers. The data on those servers was inaccessible to the Kentucky-based hospital’s doctors and administrators unless the hackers received about $1,600 in Bitcoins.

A month earlier, a hospital in Los Angeles paid about $17,000 in ransom money to recover its data after a similar hack attack. According to the CEO of Hollywood Presbyterian Medical Center, Allen Stefanek, “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key.”

As far as we know, no lives have been lost due to ransomware, but the attacks keep coming – and consumers and businesses are often left with no choice but to pay the ransom, usually in untraceable Bitcoins.

The culprit in many of the attacks — but not all of them — is a sophisticated trojan called Locky. First appearing in 2013, Locky is described by Avast as using top-class features, “such as a domain generation algorithm, custom encrypted communication, TOR/BitCoin payment, strong RSA-2048+AES-128 file encryption and can encrypt over 160 different file types, including virtual disks, source codes and databases.” Multiple versions of Locky are on the Internet today, which makes fighting it particularly frustrating. Another virulent ransomware trojan is called CryptoLocker, which works in a similar way.

Ransomware is a type of cyberattack where bad actors gain access to a system, such as a consumer’s desktop or a corporate server. The attack vector might be provided by downloading a piece of malware attached to an email, visiting a corrupted website that runs a script that installs the malware or by opening a document that contains a malicious macro that downloads the malware. In most ransomware attacks, the malware encrypts the user’s data and then demands an untraceable ransom in order to either decrypt the data or provide the user with a key to decrypt it. Because the data is encrypted, even removing the malware from the computer will not restore system functionality; typically, the victim has to restore the entire system from a backup or pay the ransom and hope for the best.

As cyberattacks go, ransomware has proven to be extremely effective at both frustrating users and obtaining ransom money for the attackers.

Beyond the ransom demands, of course, there are other concerns. Once the malware has access to the user or server data… what’s to prevent it from scanning for passwords, bank account information, or other types of sensitive intellectual property? Or deleting files in a way where they can’t be retrieved? Nothing. Nothing at all. And even if you pay the ransom, there’s no guarantee that you’ll get your files back. The only true solution to ransomware is prevention.

RANSOMWARE’S SCOPE AND IMPACT

The U.S. Federal Bureau of Investigation received 2,453 complaints about ransomware cyberattacks in 2015, which the FBI says cost the victims more than $24 million dollars in ransom. Who knows how many people quietly paid and didn’t tell anyone, because of shame, perhaps, or lack of knowledge about who to tell?

One top network security vendor, Wedge Networks, has seen huge growth on the carrier networks that its service monitors. “On those networks”, says CEO James Hamilton, “We saw a 100% increase in the observed number of ransomware attacks detected in 2015 verses 2014, and a 50% increase in mobile ransomware from Q4 2015 to Q1 2016.”

Wedge Networks is an Alberta, Canada-based company with extensive customer deployments across Canada, the United States and Asia Pacific. Mr. Hamilton explains that “Last year, our customers in Canada reported more ransomware attacks (as a percentage) than we observed in the U.S. In APAC, Japan and Taiwan are experiencing a slower increase in ransomware than we’re seeing in Southeast Asia, possibly due to more mature and advanced security practices in those markets.”

Mr. Hamilton continues, “Just last week I was discussing ransomware with a service provider planning to roll out Security-as-a-Service in a major Southeast Asia market and they stated that ransomware has become more widely active in their country over the past 12 months. Previously it was very infrequent, but they are seeing it spread rapidly.”

Jason Steer, EMEA Solutions Architect for Menlo Security, based in Menlo Park, Calif., explained that while consumers can lose important files, especially irreplaceable financial documents and personal photos, ransomware can be devastating for businesses.

“For enterprises, ransomware is a major pain and slows them down from getting on with their key IT-related business functions,” Mr. Steer explains, adding that Menlo Security focuses on malware prevention. “We have met many customers where every local file and central server stored file has been encrypted by ransomware. This impacts every user accessing any central file on the network and for any user impacted it encrypts every local file on their PC as well.”

The impact? “You are dependent on the age of the most recent backup and may not be able to restore every file. The cost of losing that data may be minimal or large depending on the importance of the file.”

Cylance has seen some pretty devastating ransomware damage recently. A cybersecurity firm based in Irvine, Calif., the company is spending a lot of time helping its customers prevent ransomware attacks, as well as helping new victims recover from trojans. Andy Solterbeck, Regional Director APAC for Cylance, explained about Angler, a cyberattack exploit toolkit that hackers can use to customize their own attacks – kind of a do-it-yourself starter kit. The damage from Angler: “It’s currently causing 90,000 infections per day, and bringing in at least $60 million dollars per year.”

There are so many attack vectors, it’s virtually impossible for a consumer – or an IT professional – to keep track of them all. Jayendra Pathak, Chief Architect at NSS Labs, a top tech security analyst firm based in Austin, Tex., says “Adobe Flash is becoming an extremely troublesome vector towards delivering ransomware. Microsoft Word attacks are also on the rise, exploiting human weaknesses in opening email attachments.”

The days of paying a few hundred dollars as ransom may be over, as cyberattackers target businesses, Mr. Pathak adds. “On top of that, ransomware authors are moving to more targeted campaigns aimed at the enterprise. Asking ransom for hundreds of thousands of dollars is on the near horizon. NSS Labs has tracked thousands of infections primarily coming from drive-by campaigns.” He adds that while ransomware is a problem all over the world, it is more prevalent in areas where online payment systems are extremely common. “The United States and Europe are primarily targeted. Japan, Korea, China, and Singapore’s ransomware infection rates are relatively less in comparison to Europe and the U.S. However, APAC countries must take note of the prevalence of ransomware attacks in the U.S. and Europe. Now is the time to be embracing preventative cybersecurity measures.”

THE INDUSTRY RESPONDS

For consumers, the best way to prevent a ransomware attack is to be proactive. Backup often, and maintain many backups so that recovery can pre-date the infection. Don’t click on email attachments. Use up-to-date anti-virus and anti-malware tools and services. Don’t use old versions of Web browsers that lack current protections. Disable macros in Microsoft Word and Microsoft Excel, and consider uninstalling Adobe Flash. Even then, however, there is no guarantee that systems will be protected against ransomware.

In the enterprise, and on carrier networks, there are larger-scale tools that can be more effective. For example, Menlo Security offers an isolation platform that ensures that malware cannot touch the end user’s laptop, desktop or mobile computer, or infect a corporate server, explains Mr. Steer. It’s ideal for implementation by enterprise IT and security professionals.

“Isolation is a new concept on the block to help organizations become more resilient to attacks. Enabling endpoints to be more secure and robust ensures they get hacked less and the fallout of data and intellectual property loss is reduced,” he says. “Gartner considers isolation as key in the malware prevention capability: It’s what administrators can do to prevent their users running into bad things through no fault of their own.”

Mr. Steer continues, “The Menlo Technology eliminates the possibility of malware reaching user devices via compromised or malicious websites or documents. The user’s web session and all active content (e.g. video, JavaScript or Flash), whether good or bad, is fully executed and contained in the Isolation Platform. Only safe, malware-free rendering information is delivered to the user’s endpoint. No active content – including any potential malware – leaves the platform. So malware has no path to reach an endpoint, and legitimate content needn’t be blocked in the interest of security and all done without changing the enduser’s surfing experience.”

Wedge Networks’ customers are carriers and cloud service providers, who want to detect and block malware – including ransomware – before it ever gets close to the end-customer’s network or devices. Its technology is based in the cloud, and that’s where Mr. Hamilton says security like this belongs.

“One of the biggest breakthroughs is the realization that security needs to evolve from an endpoint and perimeter paradigm to a cloud-based connectivity paradigm in order to close gaps with today’s IT model,” he explains. “The network, the users, and their devices are no longer static. They are dynamic and constantly moving and changing. As a result, the only way to secure the network is to secure the connections for everything connecting to that network. This can only be achieved by moving security to the cloud-layer of the network, which has visibility of everything connecting to the network.”

How does Wedge Networks’ technology protect against ransomware? “Our Wedge Cloud Network Defense was purpose-built to run in the cloud to support virtually unlimited scale, and to support the multi-tenancy operational requirements of service providers that want to offer Security-as-a-Service to their customers,” Mr. Hamilton describes. “Cloud Network Defense dynamically scales up or down cloud-compute resources to support the widely varying security workloads of their customers with efficiency and sustained performance.” In other words – it blocks ransomware trojans and related threats without affecting network performance or application response time.

Cylance’s Mr. Solterbeck explains how his company addresses ransomware: Artificial Intelligence. “We apply the power of Machine Learning and Artificial Intelligence to the problem of malware detection,” so that even if the attack has never been seen before, Cylance’s technology can successfully block it. “CylancePROTECT predicts cyberattacks and blocks them on the endpoint in real-time before they ever execute – and that includes malware like ransomware, memory attacks, unauthorized scripts and privilege escalations that can give hackers complete access to your systems.”

THE PROBLEM WILL GET WORSE

The bad news is that malware, including ransomware, is on the rise. The good news is that the cybersecurity industry is responding with tools and services that can help protect businesses and consumers. Don’t get complacent, however: There will always be malware, and ransomware isn’t going away. “There is no magic fairy dust to solve this problem on the near horizon/in the near future, says NSS Lab’s Mr. Pathak. “The effective solution to combat this threat is keeping applications up to date, not putting implicit trust on anything that is received via email, disabling macros altogether, and keeping backups regularly.”

Have you done your backups? If not… now is the time.

For the original article, please visit Upgrademag.com.

upgrade-logo

Posted in Industry News, Latest Security News, Wedge News | Tagged , , | Leave a comment

Wedge Networks Highlights Security Service Orchestration as Key Enabler of Cyber Security Innovation

No Gravatar

Orchestration from the Cloud that Mitigates Risk for Service Providers and Enterprises Proves to be a Winning Combination in Asia Pacific Region

By APSM, published on May 27, 2016 in Asia Pacific Security, Cyber Resilience, Security Products

Wedge Networks has announced business acceleration in Asia Pacific, fueled in part by leveraging the cloud to mitigate business risk for service providers launching cloud-based cyber security services, and for enterprises adopting new services. Wedge Cloud Network Defense (CND) is now featured in a growing number of Proof of Concept (PoC) deployments of Tier One service providers planning to launch Security-as-a-Service from the cloud, throughout the APAC region.

Rapidly changing cyber threats and the dissolution of the traditional enterprise network make it virtually impossible for small and medium sized businesses to sustain robust cyber security on their own. Security operating at the cloud-layer of the network is essential, but most businesses lack the skilled resources, cloud infrastructure and capital budget to implement this layer of security on their own. Fortunately, new cloud-based Security-as-a-Service initiatives by communications service providers (CSPs) promise to address this market need in a way that minimizes risk and enhances the business case for service providers.

“Wedge Cloud Network Defense is a software-defined, virtualized, security platform that runs in the cloud,” said James Hamilton, CEO for Wedge Networks. “For Service Providers, the ability to deliver a set of standardized, best-in-class security services to their customers – all software enabled and delivered from their cloud infrastructure – is a winning business case.”

Just last week, StarHub announced Wedge Networks as one of the founding ecosystem partners with the launch of the Cyber Security Centre of Excellence (COE) in Singapore. The StarHub COE serves as a hub for the cyber security ecosystem, bringing together the intelligence and expertise to tackle cyber threats presenting serious risks to enterprises and the economy.

“We believe cloud-based security, and delivering the benefits of Security-as-a-Service to our customers will be crucial as StarHub establishes Singapore’s Cyber Security Center of Excellence,” said Dr. Woo Lip Lim, Vice President of Analytics and Cyber Security, StarHub. “Working with industry leaders like Wedge Networks amplifies our ability to deliver excellence in cybercrime prevention and provide valuable services to our customers.”

Gary Tate, Managing Director for Asia Pacific at Wedge Networks highlights the growing regional importance of Wedge CND as a cloud-based platform to support the scale and appetite for innovation in APAC: “Nearly every major service provider in the region is evaluating or planning to offer cloud-based Security-as-a-Service to their customers. Leveraging cloud infrastructure to deliver security with performance, scale and efficiency, without requiring dedicated hardware, is a huge asset. The cloud-based approach reduces investment risk, which ultimately allows them to accelerate new and dynamic services.”

About Wedge
Wedge Networks is transforming the way security is delivered. Powered by the innovative WedgeOS, Wedge Networks’ Cloud Network Defense is an orchestrated threat management platform designed to enforce security at the cloud-layer of the network to combat the shifting threat landscape associated with cloud, mobility, bring your own device, Internet of Things and consumerization of IT. By applying security policies at the cloud-layer, enterprises and network operators offering security-as-a-service can achieve more effective security, using best-in-class, continuously updated multi-vendor technologies for EverGreen Security, with greater efficiency and scale. Wedge Networks’ CSP Security and the Wedge Platform, has won more than a dozen awards, is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, internet and broadband service providers, and across all industry verticals. Wedge Networks is headquartered in Calgary, Canada and has international offices in Dallas, USA; Beijing, China; and Manama, Bahrain. For further information visit: http://www.wedgenetworks.com/

For the original article, please see AsiaPacificSecurityMagazine.com.

AsiaPacificSecurityMagazine

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , | Leave a comment

Clever Security Offering Making Money For Telco Service Providers

No Gravatar

By Sean Mitchell, Published on ItBrief.co.nz on May 27, 2016.

Let’s face it, the telecommunications industry is very competitive. Most monopolies have been broken up, services are commoditised and most operators are struggling to find key points of differentiation.

It’s difficult to make money out of just the connectivity business these days. The real profits come from the over the top services.

The struggle for these over the top services like cloud and data centre is that they’re also commoditised and it’s difficult to compete with global pure-play providers like Amazon Web Services.

One of the last areas that service providers can differentiate themselves and achieve high margins is in security-as-a-service.

Wedge Networks is a global leader in this specific niche.

They believe antivirus, web and malware security shouldn’t be done on the device, but at the service provider end, with a clean pipe provided to the client.

This can then be charged by the service provider in many different ways, although typically on a per pipe per month basis.

Wedge actually doesn’t develop its own security architecture, instead it develops a clever scalable platform and then plugs in specialist security vendors like McAfee, BitDefender and Kaspersky for the scrubbing tools.

The magic Wedge offers is that its platform is telco grade, can cope with massive volumes of traffic and it easily connects to billing applications, and services can be applied per customer.

There are a number of advantages of this approach for the customer as well. Not only do they not need to license antivirus themselves but not having these security solutions on each device can save serious processing power.

This in turn can allow a large enterprise to sweat the asset a little longer before replacing it.

If you take this Capex saving and multiply it up across large enterprises, this can be a ROI bonanza.

Finally the service provider sales and marketing departments might have a ROI calculation that really is compelling, especially to enterprise customers.

This approach has clearly got the attention of service providers, with Wedge Networks booking more revenue in the last quarter than the prior 18 months. That’s an enviable growth curve for any business.

For the original article, please see ItBrief.co.nz.

itbrief-co-nz

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

StarHub, Partners Invest S$200M to Support Singapore’s Cybersecurity Sector

No Gravatar

As it launches its Cyber Security Centre of Excellence, the local telco also touts its “first-of-its-kind” approach to scan threats before they even enter an organisation’s firewall

By Leong Wai Kit, Published on Channelnewsasia.com, May 18, 2016.

SINGAPORE: Telco StarHub, together with industry partners, will invest S$200 million over the next five years to support a sustainable cybersecurity ecosystem in Singapore.

This amount will help foster industry partnerships and talent development, with the local telco hoping to train at least 300 experts in this field over the same period of time, the company said during the launch of its Cyber Security Centre of Excellence on Wednesday (May 18).

The Centre’s industry partners include Blue Coat, Cyberbit, EY, Fortinet and Wedge Networks, and it is also working with Institutes of Higher Learning such as Nanyang Polytechnic, Republic Polytechnic, Temasek Polytechnic and Singapore University of Technology and Design.

The Centre is also supported by the Singapore Economic Development Board.

“FIRST-OF-ITS-KIND” APPROACH TO ONLINE SECURITY

During the launch of its Centre, StarHub touted a “first-of-its-kind” approach towards fending off online attacks. The Centre taps on the ability of a telco to monitor and deal with threats before they even enter an organisation’s security system, it said.

This is because the Centre can see Internet traffic entering the country and spot anomalies proactively. “We are not aware of any telco in the world that provides cybersecurity services before the firewall,” StarHub CEO Tan Tong Hai said.

Using water treatment in Singapore as an analogy to describe cyber defence, Mr Tan added: “Today, we have clean, high-quality water because we have an effective utilities company that ensures that the water at the source is filtered and cleansed even before it is delivered to our taps.

“Applying the water treatment analogy to security means we have a central system that monitors, analyses, and cleanses Internet traffic at the source. In this way, enterprises do not need to invest a lot of resources and efforts on buying and implementing their own security appliances.”

For the original article, please visit Channelnewsasia.com.

channelnewsasia-logo

Posted in Industry News, Latest Security News, Wedge News | Tagged , , | Leave a comment

StarHub to Grow Singapore’s Cyber Security Ecosystem

No Gravatar

Collaborates with industry partners, academia and public-sector organisations to strengthen Singapore’s capabilities in cyber security

Singapore, 18 May 2016 – StarHub today announced plans to grow the local cyber security ecosystem at the launch of its Cyber Security Centre of Excellence (COE). Minister for Trade and Industry (Industry), Mr S Iswaran graced the COE launch as Guest-of-Honour.

The COE established by StarHub, is supported by the Economic Development Board (EDB). It serves as a hub for the cyber security ecosystem, bringing together the best of brains and expertise to tackle cyber threats, which are among other serious risks affecting economies globally today.

Internationally renowned security expert Professor Yitzhak Ben-Israel has been appointed as the Advisor to the COE, and he provides strategic advice and recommendations to the body. Professor Ben-Israel is a member of Singapore’s Research, Innovation and Enterprise Council as well as the International Advisory Panel for Singapore’s National Cybersecurity Research and Development Programme. He also sits on the board of Singapore’s Agency for Science, Technology & Research, and heads the Security Studies programme at Tel Aviv University.

Five industry partners, namely Blue Coat, Cyberbit, EY, Fortinet and Wedge Networks as well as four institutes of higher learning (IHL), including Nanyang Polytechnic (NYP), Republic Polytechnic, Temasek Polytechnic and Singapore University of Technology and Design have joined the COE to-date. Together with StarHub, the partners will undertake various initiatives to strengthen Singapore’s capabilities in cyber security, focusing on talent development, innovation and industry partnerships. Going forward, StarHub plans to rope in more industry and IHL partners to the COE to drive value and results.

To help cyber security professionals enhance their knowledge and career development, StarHub plans to work with leading centres for professional development in cyber security to design and offer relevant training courses. StarHub is also committed to addressing the shortage of cyber security talent in Singapore by training at least 300 specialists on different cyber related capabilities and skill sets over the next five years. It is teaming up with the four IHLs and the Cyber Security Agency of Singapore (CSA) to enhance cyber security training curriculum and programmes, and to collaborate on research and development.

As a first step, StarHub and NYP have jointly established a lab on NYP campus to provide hands-on training for students of Cyber Security & Forensics. These students will subsequently have the opportunity to learn directly from experienced cyber security professionals during their internship placements at StarHub or its industry partners.

The COE’s first commercial initiative is the first-of-its-kind Security Operations Centre at StarHub (named StarHub Security Operations Centre), whereby StarHub’s core infrastructure is integrated with round-the-clock proactive cyber threat detection capabilities. Cyber-attacks come through wired and wireless networks; being a telco, StarHub’s core networks are thus a strategic location to monitor and detect potential malicious data traffic early and perform mitigation. In addition, cyber security solutions to protect industrial control systems and cloud-based cyber security solutions currently being developed, will be ready for the in the second half of the year.

“Cyber security is a top national and commercial security priority for Singapore as our Smart Nation vision takes shape, touching many aspects of our personal and business lives. StarHub is proud to work with top-notch partners to bolster the cyber security sector, which is important for a sustainable digital economy,” said Mr Tan Tong Hai, StarHub Chief Executive Officer. “A telco plays a unique role in this ecosystem, building cyber security capabilities on the telco infrastructure which helps accelerate the development of a new generation of cyber security solutions that can better address market needs.”

“StarHub’s investments in cyber security are closely aligned with our vision for Singapore to be the cyber security hub for innovation and mission critical operations. In particular, StarHub’s initiatives to foster collaboration with leading cyber security companies, catalyse innovation and build deep cyber security talent are critical to build a vibrant cyber security industry in Singapore,” said Ms Thien Kwee Eng, Assistant Managing Director, Singapore Economic Development Board.

Mr David Koh, Chief Executive of CSA, said, “To ensure the holistic development of Singapore’s cyber security landscape, CSA is working closely with major industry partners to build local capabilities as well as develop advanced cyber security capabilities. StarHub’s Centre is built upon the foundation of strong partnerships with global leading industry players for innovations and with local Institutes of Higher Learning for talent development. We applaud StarHub’s efforts to strengthen cyber security capabilities which will allow us to better secure Singapore’s cyber space.”

StarHub and the COE partners will jointly invest S$200 million over the next five years to support a sustainable cyber security ecosystem.

For the original press release, please visit Starhub.com.

StarHub_logo

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

Wedge Networks Named a 2016 Cool Vendor In Communications Service Provider Security Solutions By Gartner

No Gravatar

Leading Analyst Firm Recognizes Innovative, Intriguing and Impactful Companies in the Communication Service Provider Security Market

Calgary, May 4, 2016 — Wedge Networks, the leader in Orchestrated Threat Management, today announced that it has been named a Cool Vendor based on the April 20, 2016, report titled, “Cool Vendors in Communications Service Provider Security Solutions, 2016,” by Deborah Kish, Principal Research Analyst and Akshay Sharma, Research Director in the Carrier Network Infrastructure group at Gartner Inc.

The report evaluates interesting, new and innovative vendors, products and services in the security market that help carriers and service providers become more competitive, as well as offer new value-added services to their enterprise, government and home customers. In the report, Gartner explains that carriers and service providers (CSPs) “are looking for ways to move from siloed networking appliances toward fluid and dynamic cloud-based security solutions that support end-to-end control, along with dynamic pay-as-you-grow provisioning that can be provided with virtualized and orchestrated security systems.“

“We are honored to be named a Gartner Cool Vendor for 2016,” said James Hamilton, CEO of Wedge Networks. “We believe that the cloud is the center of nearly every network – it’s the last stop for data entering an organization, and the last stop for traffic exiting to the outside world. The cloud is the ideal place to implement security, and that’s why we provide cloud-based security for some of the world’s largest networks. By developing a revolutionary orchestrated threat management platform, Wedge Networks offers elastic scale security that is embedded in our customer’s cloud to protect all network users, with all devices, from all locations.”

The information provided in the Gartner report is of value to all IT professionals who are seeking to protect their networks using cutting edge cloud security, and to all CSPs and managed service providers looking for new value-added services to offer their customers.

Gartner Disclaimer
Gartner does not endorse any vendor product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Wedge
Wedge Networks™ is transforming the way security is delivered. Powered by the innovative WedgeOS™, Wedge Networks’ Cloud Network Defense is an orchestrated threat management platform designed to enforce security at the cloud-layer of the network to combat the shifting threat landscape associated with cloud, mobility, bring your own device, Internet of Things and consumerization of IT. By applying security policies at the cloud-layer, enterprises and network operators offering security-as-a-service can achieve more effective security, using best-in-class, continuously updated multi-vendor technologies for EverGreen Security™, with greater efficiency and scale. Wedge Networks’ CSP Security and the Wedge Platform, has won more than a dozen awards, is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, internet and broadband service providers, and across all industry verticals. Wedge Networks is headquartered in Calgary, Canada and has international offices in Dallas, USA; Beijing, China; and Manama, Bahrain. For further information visit: http://www.wedgenetworks.com/

US & International PR contact:
Hannah Whitrow
Zonic Group PR
hwhitrow@zonicgroup.com
+44 (0)1672 550126

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , | Leave a comment

Cloud As Part Of Technological Evolution

No Gravatar

By Michael David Tan, Published on UpgradeMag.com, April 4, 2016

Wedge Networks started offering cloud-specific offerings in 2014, when it launched Cloud Network Defense, a cloud-based security platform that provides real-time, in-line protection of all devices (physical and virtual) and users connected to the cloud.

“Wedge Networks’ Cloud Network Defense represents the industry’s first Orchestrated Threat Management platform, which was purpose-built and optimized for deployment at the cloud-layer of the network to provide security to the cloud infrastructure and the users of that infrastructure. As an Orchestrated Threat Management platform, Cloud Network Defense is architected using the principles of Software Defined Networking (SDN) and Network Function Virtualization (NFV) to support a more open, agile and scalable security framework to satisfy the dynamic, continuously evolving and rapidly scaling networks of today,” said Frank Wiener, VP of marketing.

The ability to add Cloud Network Defense to a network operator’s existing cloud infrastructure with a subscription-based licensing model positions it as an ideal solution for the delivery of Security-as-a-Service without requiring vertically integrated hardware appliances or upfront volume licensing commitments. This allows customers to select from a variety of conventional enterprise security services, such as secure web and email, data loss prevention, application control and more, as well as entirely new Infrastructure-as-a-Service security services to protect their cloud services. These services will soon be available for self-service subscription through an on-line portal or calling the service provider, which can instantly provision the service.

The latest update to Cloud Network Defense is a threat intelligence engine called WedgeIQ. Launched this year, this Big Data functionality employs a set of unique threat detection and remediation algorithms and a variety of pattern-matching techniques to identify targeted cyber threats against individual enterprises. It enables real-time response to security outbreaks, and presents the results as easy to understand analytics to the enterprise customers. WedgeIQ analytics are available to Security-as-a-Service users, giving them advanced yet easy to use instrumentation to monitor and manage their security.

Today, Wedge’s security platforms are deployed in Fortune 500, government agency, and network operator networks spanning 17 countries and protecting more than 80 million end points. And while Security-as-a-Service for cloud infrastructures was introduced only late last year, Wedge is already “engaged with leading network operators throughout the region to add this offering to their service portfolios. Services are expected to be available from these operators beginning in 2016,” Wiener said.

One of the biggest challenges in cloud adoption is the continuing confusion about the cloud and its benefits. And for Wiener, “the operational and economic benefits of the cloud are undisputed.” However, there are big concerns with the cloud, including: security, and the concern with how to maintain and demonstrate compliance with a wide range of regulations regarding the protection and distribution of information such as personal identification records, health records, finance records and more.

To this end, “Wedge Cloud Network Defense offers powerful new tools to conduct real-time deep inspection of data in-motion to track and enforce policies consistent with Compliance requirements,” Wiener said. “The ability for innovative network and cloud-infrastructure providers to offer these and other Security-as-a-Service offerings, with automated provisioning, will mitigate key concerns and accelerate adoption of Cloud offerings.”

For Wedge, over the last year, an increased number of global vendors offering new cloud-based solutions has driven local Filipino cloud ecosystem frameworks. The key dynamics within the market include expanded adoption, consolidated competition, new disruptors, developer migration, solution expansion, and new technology battlefronts.

“The Philippine government, previously noted for its conservative approach to technology adoption, has recently begun an aggressive push for cloud computing. GovCloud – a private cloud for government agencies and their employees along with basic cloud applications such as GovMail (unified government e-mail system), web hosting and payment gateway applications is one example of an industry improving their cloud-based solutions,” Wiener said.

For Wiener, “the explosive growth of wirelessly connected monitoring and control devices is ushering in an era of increased productivity and effectiveness, and creating gaps in conventional security and compliance enforcement systems for many enterprises including schools, government bodies and health organizations.”

Wedge also recently launched a family of new Security-as-a-Service packages, to provide needed security and compliance enforcement services for the expanding Internet of Things in enterprise networks globally. The new packages are available immediately for implementation using Wedge Cloud Network Defense that can also be deployed by Enterprises within their own data center cloud. Packages are available to address diverse needs of different vertical markets, such as healthcare which is subject to Health Information Privacy and Protection Act (HIPPA) compliance obligations, to manufacturing which is far less regulated but increasingly dependent on the cloud and the IoT.

“Wedge Cloud Network Defense represents a revolutionary new approach to implementing and orchestrating security at the cloud-layer of the network. It combines industry leading security performance in real-time, in-line with the data flowing to and from the cloud to protect all users and all devices, with imperceptible latency. The result is a safe and secure, yet high-performance cloud experience for the end users,” Wiener said. “The open, agile and massively scalable attributes of Cloud Network Defense empowers service providers with an unprecedented ability to evolve and scale security as dynamically as the infrastructure and cloud-services they are offering… The result is the ability for service providers to offer Security-as-a-Service which becomes an integrated subscription option with the cloud-service, or as a more general cloud-layer of enterprise security to provide more advanced and uniform security enforcement across the extended enterprise.”

For the original article, please visit Upgrademag.com.

upgrade-logo

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

5G & IoT Dominate MWC16

No Gravatar

By Paul Barker, Published in Connections+ on March 22, 2016

Excerpt:

“Barcelona, Spain – The 2016 edition of Mobile World Congress showcased many technological advances, but the two that clearly stood out from the rest were 5G and the Internet of Things.

In the exhibit halls, during keynote speeches and at press conferences, both topics were front and centre and dominated discussion.

Speaking on Sunday night prior to the start of the four-day conference, Nokia CEO Rajeev Suri predicted that necessity will force the industry to implement the updated mobile network faster than expected and it will happen.

“All too often, we see opportunities turn into money traps, but 5G is different,” he said. “The industrial Internet can bring massive efficiencies to companies everywhere, but they cannot rely on the existing networks.”

“5G must happen fast because important IoT use cases demand it. If we know that (it) can help save lives, improve our environment and make our lives better, we need to move faster, not slower.”

As for the show itself, which attracted a record 100,000+ attendees, Sylvain Cornay, service assurance marketing manager with Quebec City-based EXFO, a manufacturer of test and service assurance instruments for fixed and mobile telecom networks, discussed its merits on the second day. “The real value is in the people that come to the show,” he said. “Everybody is here – all the major players and operators from across the world come each year, which makes for a special atmosphere and quite a buzz.

“There are some really interesting concepts coming out of the IoT industry, but it’s still relatively early days. The challenge around M2M communication is very different to the type of communication the industry is used to. We use a lot of bandwidth with things like video, but M2M is different. It could be a signal once a day or week, or once every second. So how does the network handle the peaks that will come from billions of connected devices?

“5G is clearly on the way, but ultimately it’s not going to make it without NFV (network functions virtualization) and SDN (software-defined networks. It’s really that simple.”

Greg Collins, founder and chief analyst for Exact Ventures, a Burlingame, Calif.-based market intelligence firm that tracks the networking, telecommunications and wireless sectors, said a lot of people are excited about the direction all three areas are heading.

“IoT is a big topic and for the first time I have been noticing a lot more health devices and people understanding how to digitize their traditional bricks and mortar types of businesses.

“As for all of this talk about 5G, when I first heard about it I was skeptical thinking, ‘Oh my God, does the industry really need a radio upgrade. What does this do to the business model of the carriers? Do they want the capital-intensity of such an initiative, which will be a burden for many of them.

“But 5G is different. It represents the intersection of a lot of things. It’s going to force carriers to transform what they do as well as their business models. What they need to do now is hash out the details.”

Meanwhile, according to Ericsson CEO Hans Vestberg, no industry will be able to avoid the digital disruption coming their way this year. He said that three fundamental ICT forces -– broadband, mobility and cloud – are rapidly reshaping value chains, digitalizing business models and creating possibilities that were previously unimaginable.

“Along with our industry and our customers, Ericsson is on a transformation journey,” said Vestberg. “Today, 66% of our business comes from software and services; just years ago, the majority was hardware. The majority of our principal competitors are ICT players, rather than telecommunications businesses.”

He added that 5G, IoT and cloud are the ICT industry’s hottest topics

According to Ericsson, the IoT is quickly becoming a reality and its impact on both industry and society will be profound. The company forecasts that the number of IoT connected devices globally will more than triple from under 5 billion today to 15 billion by 2021. A recent IDC study predicts that global IoT spending will reach US$1.3 trillion by 2019 and the McKinsey Global Institute concludes that IoT will have a potential annual economic impact of up to US$11 trillion by 2025.

Prior to the show, the chair of oneM2M Technical Plenary warned that vendors rushing to be the first to release IoT gadgets and ecosystems need to urgently increase collaboration and treat the IoT race as a marathon, rather than a sprint.

Dr. Omar Elloumi, a member of the Nokia corporate CTO group, said the full potential of IoT could only be realized if service providers and vendors alike look at it as a customer-centric opportunity while remaining focused on the bigger picture.

Without this, said Elloumi, IoT growth will be stunted and the market will become heavily fragmented, leading to security issues and vendor lock-in.

“According to the 2015 McKinsey report ‘Unlocking the potential of the Internet of Things’, interoperability will unlock 40% of IoT revenue – that alone shows just how damaging launching products could be without carefully considering interoperability,” he said.

“The time required to create globally harmonized standards can create frustration for many of us, but this is nothing compared to the frustration consumers and industries will experience if their newly installed IoT system requires multiple controls for multiple devices and actually complicates their lifestyle or operations rather than simplifying them.”

Security is another major obstacle that detailed and well-documented specifications can overcome, he added, with security functions covering identification, authentication, authorization, security association, sensitive data handling and administration.

“The IoT is still a nascent market,” Elloumi said. “The ability to spin up a new solution can be quite daunting; there is a lot of effort involved in integrating a complete solution especially if you have to deal with legacy systems; this is the case for smart cities in particular.

“Standards-based solutions give you an eco-system of multiple solution providers which is the only way to ensure multi-vendor interoperability and supplier choice and, therefore, deliver on the actual promise of IoT.”

Formed in 2012, oneM2M is the global standards initiative that covers requirements, architecture, API specifications, security solutions and interoperability for Machine-to-Machine and IoT technologies.

On the 5G front, one week before the conference, Ottawa-based Mitel announced it was investing in a new initiative focused on advanced 5G cloud connectivity. The new unit will be headed by Pardeep Kohli, former CEO of Mavenir, a software-based telecommunications networking provider, which Mitel purchased last year.

“Wireless connectivity is now an essential aspect of everyday life, but we’ve only just scratched the surface of the economic and social impact it will have in the future as mobile technology continues to advance,” Kohli said. “Mitel’s 5G platform is focused on building that future.”

There was no shortage of other news at MWC 2016. Highlights included the following:

Wedge Networks launching IoT security platform: Calgary-based Wedge Networks launched a new line of new Security-as-a-Service packages it said provides “urgently needed” security and compliance enforcement services for IoT in enterprise networks. The new packages are available immediately for implementation using Wedge Cloud Network Defense (CND), which can be deployed by enterprises with their own data centre cloud, and by communications service providers (CSPs) to offer Security-as-as-Service to their business customers.

“The explosive growth of wirelessly connected monitoring and control devices is ushering in an era of increased productivity and effectiveness, and creating gaps in conventional security and compliance enforcement systems for many enterprises,” the company said in a release.

Wedge CND’s IoT Security and Compliance Enforcement packages provide IoT optimized security and compliance services with enforcement at the cloud layer to consistently apply policies to all network connected devices, both physical and virtual.

Packages are available to address different vertical markets, such as healthcare which is subject to compliance obligations and manufacturing which is far less regulated but increasingly dependent on the IoT, it added.

“IoT, compliance, and Security-as-a-Service are all hot topics at Mobile World Congress and the networking industry at large”, said Alan Zeichick, principal analyst of Camden Associates.

“IoT innovation continues to push new boundaries here at Mobile World Congress, 2016”, said Dr. Hongwen Zhang, chief technical officer and co-founder of Wedge Networks. “Establishing plans to address the unique security and compliance challenges for the IoT is becoming a critical concern for many businesses.”

The security platform can provide advanced network security applications such as Web filtering, anti-malware, anti-spam, data loss prevention, mobile security, application control and server security, application filtering.”

For the full article, please visit connectionsplus.ca.

connectionspluslogo

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , | 1 Comment

Wedge Networks Wins Multiple 2016 Info Security PG’s Global Excellence Awards® Including Gold for Internet of Things (IOT) Security

No Gravatar

San Francisco, 2 March 2016 – Wedge Networks, the leader in Cloud Security and orchestrated threat management today announced Info Security Products Guide, the industry’s leading information security research and advisory guide, has named Wedge Networks’ Cloud Network Defense™ a winner in the following 3 2016 Global Excellence Awards® award categories: Gold for Wedge Cloud Network Defense™ with WedgeIQ in the Category of Internet of Things (IOT) Security, Bronze for Most Innovative Security Product and Bronze for Cloud Security Product of the Year.

The security industry celebrated its 12th Annual 2016 Global Excellence Awards in San Francisco by honouring excellence in every facet of the industry including products, people behind the successes and best companies. More than 50 judges from a broad spectrum of industry voices from around the world participated and their average scores determined the 2016 Global Excellence Awards Finalists and Winners. Winners were announced during the awards dinner and presentation on February 29, 2016 in San Francisco attended by the finalists, judges and industry peers.

“We are very honoured to be recognized by the Info Security Products team in 3 categories and to win the Gold Award for Internet of Things (IOT) Security. This is a great achievement for Wedge Networks who has won Gold for its third year running, and for Cloud Network Defense™, which was launched in December 2014” said Dr. Hongwen Zhang, CTO and Co-founder of Wedge Networks.

He continued: “Establishing plans to address the unique security and compliance challenges for the IoT is becoming a critical concern for many businesses, and this was a hot topic at Mobile World Congress last week. We have responded to the challenges businesses face for IoT by further enhancing our offering. On 23rd February we announced a family of new Security-as-a-Service packages, to provide urgently needed Security and Compliance enforcement services for the rapidly expanding Internet of Things (IoT) in Enterprise networks globally.”

About Info Security Products Guide
Info Security Products Guide plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow’s technology today, best deployment scenarios, people and technologies shaping info security and market research reports that facilitate in making the most pertinent security decisions. The Info Security Products Guide Global Excellence Awards recognize and honor excellence in all areas of information security. To learn more, visit www.infosecurityproductsguide.com and stay secured.

Wedge Cloud Network Defense™ (CND) Security-as-a-Service
Wedge Networks has developed a revolutionary cloud-based, network security platform called Wedge Cloud Network Defense™ (CND). This industry leading security platform can be implemented in a virtualized cloud compute environment to provide advanced network security applications such as web filtering, anti-malware, anti-spam, data loss prevention, mobile security, application control, server security, application filtering and more, with unrivaled scale, performance, and service agility. CND’s sustained performance over scale, multi-tenancy support, and the software-based licensing model of the platform have proven to be an ideal combination for service providers seeking to offer innovative new security services, while minimizing capital investments and business risk.

About Wedge
Wedge Networks™ is transforming the way security is delivered. Powered by the innovative WedgeOS™, Wedge Networks’ Cloud Network Defense is an orchestrated threat management platform designed to combat the shifting threat landscape associated with cloud, mobility, bring your own device, Internet of Things and consumerization of IT. By applying security policies at the cloud-layer, enterprises and network operators offering security-as-a-service can achieve more effective security, using best-in-class, continuously updated multi-vendor technologies for EverGreen Security™, with greater efficiency and scale. The award winning Wedge Platform is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, internet and broadband service providers, and across all industry verticals. Wedge Networks is headquartered in Calgary, Canada and has international offices in Dallas, USA; Beijing, China; and Manama, Bahrain. For further information visit: http://www.wedgenetworks.com/

Contact:
Hannah Whitrow
Zonic Group PR
hwhitrow@zonicgroup.com
+44 (0)7760 806 070

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

Wedge Networks Enriches Industry Leading Asymmetric Web Filtering Solution With Value-Added Services For Internet Compliance

No Gravatar

Disruptive Solution Enables Internet Service Providers to Achieve Compliance and Offer Value-Added Services While Reducing Solution Footprint by a Factor of 10

SAN FRANCISCO Feb. 29, 2016 — From the RSA 2016 show in San Francisco, California, Wedge Networks, the leader in orchestrated threat management, today extended its solution offering to enable value-added services in conjunction with its market leading Web filtering solution. Web Filtering for Internet compliance can be implemented with Wedge Cloud Network Defense (CND), using an Asymmetric filtering technique that compared to traditional techniques requires as little as ten percent of the footprint to achieve compliance.

“Internet traffic continues to grow at a rapid pace, with some of our customers’ reporting that traffic levels across their networks are doubling every twelve to eighteen months”, said James Hamilton, recently appointed CEO of Wedge Networks, Inc. “Wedge CND enables them to achieve regulatory compliance, and offer their customers the choice of a more customized internet experience, while reducing the solution footprint, complexity and cost.”

Conventional proxy-based Web filtering systems require both the outbound Universal Resource Locator (URL) web page request, which accounts for typically ten to fifteen percent of HTTP/HTTPS traffic, and the inbound web page reply, which accounts for the remaining eighty-five to ninety percent of traffic. Wedge CND’s Asymmetric Web filtering technique scans only the outbound URL requests and blocks requests for unapproved URLs and categories of URLs, to enforce compliance requirement before the request reaches the internet. This approach has a corresponding reduction in the scale of Web filtering equipment that must be procured, installed, powered, cooled, routinely updated, and otherwise maintained for dramatic capital and operational expense reductions. The reduction in equipment and operational complexity positions Wedge CND’s Asymmetric Web Filtering system as the platform of choice for Internet Compliance applications.

Wedge CND’s latest system release introduces support for multi-services policies, enabling service providers to offer personalized, value-added Web filtering and security services to meet the diverse needs of government agencies, enterprises, schools and residential consumers. Wedge CND’s industry leading support for multi-services with multi-tenancy allows network operators to extend Web filtering administrative domains to their internal and end-user ISP customers, so they may self select and modify criteria from an available selection of value-added security services.

The Wedge Cloud Network Defense™ (CND)
Wedge Networks has developed a revolutionary cloud-based, network security platform called Wedge Cloud Network Defense™ (CND). This industry leading security platform can be implemented in a virtualized or a cloud compute environment to provide advanced network security applications such as web filtering, anti-malware, anti-spam, data loss prevention, mobile security, application control, server security, application filtering and more, with unrivaled scale, performance, and service agility. Applications such as Web Filtering and others can also be supported with Wedge CND’s security mediation system called WedgeOS™. This system can alternatively be packaged as a more conventional security appliance, or a virtual instance, with the Web Filtering application and Wedge’s patented Deep Inspection engines, providing superior web filtering accuracy with imperceptible latency.

Media briefing opportunity: Wedge Networks will be at RSA from 29 February – 4 March and will be available for briefings at the Ontario Government booth, number N4329 North Expo. Wedge Networks CEO James Hamilton who is widely recognized as one of the cybersecurity industry’s most respected and influential leaders will be presenting at the AGC conference Information Security and Broader Security Conference on February 29th from 9:15-9:30am at the Westin, St. Francis – Union Square, San Francisco. To arrange a briefing with Wedge Networks please contact: ejefferies@zonicgroup.com

About Wedge
Wedge Networks™ is transforming the way security is delivered. Powered by the innovative WedgeOS™, Wedge Networks’ Cloud Network Defense is an orchestrated threat management platform designed to combat the shifting threat landscape associated with cloud, mobility, bring your own device, Internet of Things and consumerization of IT. By applying security policies at the cloud-layer, enterprises and network operators offering security-as-a-service can achieve more effective security, using best-in-class, continuously updated multi-vendor technologies for EverGreen Security™, with greater efficiency and scale. The award winning Wedge Platform is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, internet and broadband service providers, and across all industry verticals. Wedge Networks is headquartered in Calgary, Canada and has international offices in Dallas, USA; Beijing, China; and Manama, Bahrain. For further information visit: http://www.wedgenetworks.com/

Media Contacts:

USA & International PR contact:
Emma Jefferies
Zonic Group PR
ejefferies@zonicgroup.com
+44 (0)1672 550 130
+44 (0)7804 903 026

Posted in Industry News, Latest Security News, Wedge News | Tagged , , | Leave a comment