Tag Archive for: OFFER

Microsoft to offer free security feature after alleged China hack – Orange County Register

/in


By Andrew Martin | Bloomberg

Under pressure from US cybersecurity officials, Microsoft on Wednesday said it would provide free cloud security logs for all customers in the next few months.

Security logs are critical for detecting and preventing cybersecurity threats, in addition to allowing hacking victims to quickly take action following a breach, according to US officials. Microsoft currently charges for some forms of logging as a premium feature.

Microsoft said its decision was “in response to increasing frequency and evolution of nation-state cyberthreats.” Customers will receive detailed logs of email access and more than 30 other types of log data previously only available to customers paying for a premium service, the company said.

“These logs themselves do not prevent attacks, but they can be useful in digital forensics and incident response,” Vasu Jakkal, Microsoft’s corporate vice president for security, compliance, identity and management said, in a blog post.

The decision comes after suspected Chinese hackers infiltrated cloud-based email systems at about 25 organizations globally, including several US agencies. Commerce Secretary Gina Raimondo was among the US officials whose emails were breached.

A lack of logging complicated the investigation into the so-called SolarWinds attack, which was disclosed in 2020. In that incident, Russia state-sponsored hackers installed malicious code in software update from SolarWinds Corp., among other methods, to infiltrate nine US federal agencies and about 100 companies.

Source…

Microsoft to Offer Some Cybersecurity Tools Free After Suspected China Hack

/in


Microsoft said it plans to offer free some tools that can spot cyberattacks following last week’s disclosure of a major security breach linked to Chinese hackers that was undetectable for some customers.

The decision to open up access to its back-end systems that log activity on the cloud came after Microsoft’s tiered payment system attracted criticism in the wake of an alleged Chinese cyber-espionage campaign, which the company said infiltrated its cloud-based email system and compromised inboxes at about two dozen organizations globally. The federal government, including officials at the State Department and Commerce Secretary Gina Raimondo, was among the victims of the attack, U.S. officials said.

Beginning in September, the technology company will make 31 critically important security logs available free to licensees of the company’s lower-cost cloud services, including the type of email log that was used to identify the China-linked attack, said Vasu Jakkal, a vice president of security at Microsoft. The company will also increase the duration of retention for security logs from 90 to 180 days, Jakkal said.

While logs don’t prevent cyberattacks, companies use them to detect and investigate hacks because the logs keep track of activity on Microsoft’s servers. In the recent China-linked breach, key logging information required to detect the attack was only available to purchasers of Microsoft’s top-tier Microsoft 365 cloud service, known as E5, officials said last week. That left some customers with cheaper plans no way of figuring out whether they had been hacked.

“This is a significant step forward to ensuring that every Microsoft customer has the right visibility to detect other threats that we know are targeting American organizations every day,” said Eric Goldstein, executive assistant director for cybersecurity at the U.S. Cybersecurity and Infrastructure Security Agency.

Jakkal and Goldstein said the effort to identify valuable security logs and provide them free to Microsoft customers had been continuing for…

Source…

Cisco to offer Webex air-gapped cloud system for security, defense work

/in


Building on its WebEx product line, Cisco plans to deliver an air-gapped, cloud-based collaboration system  for companies involved in US national security and defense work, extending the secure offerings the company already provides to industries that require collaboration tools with strong security measures to meet US government requirements.

Beginning in 2024, the new Webex system — Air-Gapped Trusted Cloud — will provide an added layer of security for teams collaborating through the Webex App, Cisco said.

An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection. For example, an air-gapped computer is unable to connect to the internet or any other communications networks so as to have complete security with the information that resides within it.

Currently, the US government has an established approach to security assessment and authorization for cloud products and services for national security and defense. This includes air-gapped cloud deployments, which are isolated from public networks and operated on US soil by local staff with specific security clearances to handle sensitive data.

With the upcoming system for air-gapped cloud deployments, Cisco says that the new Webex tools will meet the security standards required by US agencies involved in national security and defense without compromising user experience.

“We have augmented our Webex collaboration solution with additional government-required security controls and operational capabilities so it can be deployed in a disconnected environment,” said Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco. “This approach allows us to offer the modern experience to the National Security and Defense community.”

Source…

San Diego City College approved to offer a bachelor’s degree

/in


 Students at San Diego City College now have the opportunity to earn a four-year degree for the first time in the school’s 108-year history.

The California Community Colleges Board of Governors approved San Diego City College’s full bachelor’s degree in cyber defense and analysis.

Students at the downtown campus can start applying for the program this fall, with classes expected to begin in August 2024.

The new degree will mean a more affordable education for those who need it most.

“Many of these programs in the upper division courses are at capacity, and students are turned away. This is just something we hope will level the playing field for students that are less advantaged than others,” said David Kennemer, Associate Professor of Computer Information Systems at City College.

The downtown college becomes the second campus in the San Diego Community College District to offer a baccalaureate program.

San Diego Mesa College was among the first community colleges in California to offer a baccalaureate program, after the Board of Governors approved Mesa’s bachelor’s degree in Health Information Management in 2015, as part of a pilot program.

Miramar College administrators have submitted a proposal for a bachelor’s degree program in Public Safety Management.

“This is extremely significant for California, for social justice and equity,” said Kennemer, who has taught in the computer science department for more than seven years. “(It) helps students who would never even have the opportunity to get into a traditional university. Now they do,” Kennemer continued.

The average pay for cyber security analysts in San Diego County reached $111,590 annually as recently as May of 2021, with related jobs offering similar pay.

Those statistics are according to the U.S. Bureau of Labor Statistics.

Source…