Tag Archive for: Creating

Smallstep raises $26 million to focus on creating products critical to infrastructure security

/in


Smallstep announced that it has raised $26 million in total funding including a seed round of $7M led by boldstart ventures with participation from Accel Partners, Bain Capital Ventures and Upside Partnership, and a Series A of $19 million led by StepStone Group with participation from existing investors.

Smallstep funding

The funding will be used to expand Smallstep’s focus on creating products for practical zero trust by investing in their open source community, and accelerating research and development to bring new features and expertise to securing infrastructure.

Founded by Mike Malone, Smallstep focuses on automated certificate management, a critical foundation for DevOps’ teams to establish practical zero trust. The company has spent the past several years building a strong open source community with millions of downloads and hundreds of independent contributions from developers around the world. Smallstep’s mission is to enable companies to secure their entire infrastructure by identifying everything and everyone, issuing credentials, encrypting data and communications, and driving a strong security policy.

“Smallstep is a passionate team making products and tools critical to infrastructure security,” said Hunter Somerville, general partner, StepStone Group. “Our investment in this team and their products was an easy decision to make.”

“Our world is powered by a complex tangle of software and, since the early days of Smallstep, we’ve been focused on the fundamental problem of keeping it all secure,” said Malone, founder and CEO, Smallstep. “Certificates have been quietly providing an identity dialtone to the web for decades, but their utility extends beyond that use case. Certificate management is a Practical Zero Trust technology that every non-trivial system should have. This funding will enable us to bring automated certificate management to everyone. We’re fortunate to have an amazing group of investors who understand the need for this important core infrastructure and I’m excited to partner with them on this mission.”

Smallstep is backed by an experienced team from leading developer-first companies including Sauce Labs, Minted, Kenna Security (

Source…

Russia-Ukraine crisis: Moscow creating 'new normal' to contest sovereignty in Europe, says Nato – Telegraph.co.uk

/in



Russia-Ukraine crisis: Moscow creating ‘new normal’ to contest sovereignty in Europe, says Nato  Telegraph.co.uk

Source…

Creating a centralised cyber security risk register

/in


A centralised cyber security risk register is a document that includes information about an organisation’s threat environment.

It contains information on potential cyber security risks, and usually acts as evidence that an organisation has implemented an ISMS (information security management system).

Risk registers are especially important for organisations implementing ISO 27001, as it’s one of the first thing that auditors review when assessing the company’s compliance posture.

But how do you create a cyber security risk register? We explain everything you need to know in this blog.

How do centralised risk registers work?

A centralised risk register often takes the form of a spreadsheet, although there are dedicated software tools, such as vsRisk, that organisations can use to help complete the process.

However they are produced, they should contain a list of every risk the organisation has identified and their scores according to its risk evaluation process.

The risk register also prioritises risks depending on their scores and documents the status of existing controls to address the risk as well as plans to review or strengthen those controls.

By completing a risk register, organisations are not only meeting their compliance objectives. There are also major benefits to their security and operational efficiency.

For example, they provide central visibility over your complete threat landscape and the way security incidents may affect your business.

They also ensure that risks are assigned to an appropriate member of staff or team, and that these are reviewed whenever there are organisational changes or an employee leaves.

Another benefit is that it helps organisations prepare their risk treatment options, enabling them to invest in appropriate controls to reduce the likelihood of an incident occurring or the damage that it will cause if it does occur.

Developing a cyber security risk register

The cyber security risk register is developed in four stages, following the framework outlined in ISO 27005:

1. Risk identification

Your first task it to determine any risks that can affect the confidentiality, integrity and availability of information you store.

You can find out…

Source…

24-year-old arrested from Saharanpur for creating fake voter IDs by hacking into ECI website, say police | Latest News India

/in


A 24-year-old man from Uttar Pradesh’s Saharanpur has been arrested for allegedly creating hundreds of fake voter IDs by hacking into the Election Commission of India’s website, state officials said on Friday.

The Uttar Pradesh police on Thursday arrested Vipul Saini from Nakur town’s Maccharhedi village in Saharanpur district, news agency PTI reported. He has a Bachelor of Computer Applications (BCA) degree that he completed from the Gangoh village in Saharanpur and his father was a farmer, according to the police.

However, the ECI has said that its database is “absolutely safe and secure,” following the incident. “A data entry operator of one of the AERO (assistant electoral roll officers) offices had illegally shared his user ID and password with a private unauthorised service provider in Saharanpur’s Nakud town to print some voter ID cards. Both these persons have been arrested,” PTI quoted an ECI spokesperson.

Also read | Noida to get 350-acre medical device park, provide employment to 20,000 people: UP govt

Following the initial investigation, the police found that Saini had created more than 10,000 fake voter IDs over a time of three months, at the behest of a person named Armaan Malik from Madhya Pradesh. S Channappa, senior superintendent of police, Saharanpur, said that an amount of 100 to 200 per fake voter ID was paid to him, according to the PTI report. Also, on further examination of the bank account following Saini’s arrest, a sum of 60 lakh was found deposited in it, after which the account was immediately blocked. The police have seized two computers from Saini’s home and are also trying to find the source of the money and more details about Malik.

Meanwhile, Saini had told the police that Malik used to send him the details about each day’s work. Further, the police also said that the authorities in Delhi would now seek the court’s permission to take Saini to the national capital for further investigation about the matter. He would be questioned about possible links with anti-national or terrorist forces, PTI further reported, citing the police.

Former chief minister of UP and leader of the Samajwadi Party (SP) Akhilesh Yadav said that the scam…

Source…