EMERGING TECHNOLOGY
Iridium Communications | October 13, 2022
Iridium Communications Inc. (Nasdaq: IRDM) announced today that Iridium partners MetOcean Telematics, NAL Research, and Trace Systems are now Iridium Certus® service providers for U.S. government customers, joining Satcom Direct, in this capacity. These unique, long-term deals will allow these companies to provide Iridium's secure global satellite broadband and midband connectivity for mobile voice and data services to the U.S. government through a dedicated gateway.
By leveraging the inherent advantages of the Iridium® network, including truly global, on-the-move L-band connectivity, MetOcean Telematics, NAL Research, and Trace Systems are now able to deliver enhanced capabilities that meet Communications Security (ComSec) requirements for the Department of Defense (DoD) and warfighter. These capabilities include global and resilient voice, data and 1080 HD live-action video over satcom across all domains (land, maritime and air) on the move. The service also serves as the "ACE in PACE" – alternate, contingent or emergency communications link, supports early entry communications packages and command and control for autonomous or uncrewed systems and data backhaul.
Whether in high-risk combat zones or during inclement weather events, the Iridium network provides uncompromising satellite communications that keeps users connected when it's needed most. Iridium Certus™ terminals enable U.S. government users to securely connect remote assets to respective command and control centers in the U.S. in a cost-effective and secure manner, from anywhere in the world.
"Iridium Certus continues to provide mission-critical broadband and midband capabilities to the modern warfighter and we're excited to add new service providers to expand the distribution of these offerings, With the addition of Iridium Certus for the government, these partners will play a critical role in supporting DoD personnel as they utilize this value-added service."
-Scott Scheimreif, Executive Vice President of Government Programs, Iridium.
Unique in the satellite industry, Iridium Certus is the only broadband service that provides highly reliable, truly global, weather-resilient connectivity for on-the-move internet and high-quality voice access. Iridium Certus terminals are low-profile, compared to the competition, and capable of maintaining broadband connectivity in fast-paced, unpredictable environments on land, at sea, in the air — and can do it without landing in or passing through non-U.S. territories.
Iridium Communications Inc:
Iridium® is the only mobile voice and data satellite communications network that spans the entire globe. Iridium enables connections between people, organizations and assets to and from anywhere, in real time. Together with its ecosystem of partner companies, Iridium delivers an innovative and rich portfolio of reliable solutions for markets that require truly global communications. In 2019, the company completed a generational upgrade of its satellite network and launched its new specialty broadband service, Iridium Certus®. Iridium Communications Inc. is headquartered in McLean, Va., U.S.A., and its common stock trades on the Nasdaq Global Select Market under the ticker symbol IRDM.
Read More
CYBERSECURITY
MeriTalk | May 06, 2022
Ninety-one percent of Federal cybersecurity decision-makers say the 2021 Executive Order (EO) on Improving the Nation’s Cybersecurity has made U.S. data and critical infrastructure safer, but just 28 percent say significantly safer, according to Impact Assessment: Cyber EO Year One, a new study from MeriTalk, a public-private partnership focused on improving the outcomes of government information technology (IT).
The report explores perspectives on progress against Cyber EO goals, identifies what successful agencies do differently, and finds the fault lines where agency cyber leaders say they need more help to succeed. Most Federal cyber decision-makers (78 percent) agree the steps outlined in the Cyber EO are necessary to protect our nation. Implementing software supply chain security and migrating to a zero-trust architecture are the two most important factors for national cybersecurity, the research highlights.
And, while just 15 percent have seen tangible improvements because of EO efforts to date, a significant portion expects to see an impact within the next year.
Federal cyber leaders confirm initial progress in areas including vulnerability detection, software supply chain security, vulnerability response, and investigative and remediation capabilities. Just over half confirm IT management and staff are placing increased priority on cybersecurity, and just over half are collecting more cyber data than in the past. But, across the board, progress against EO goals is still in the early stages. Fewer than half rate their agencies’ progress against key EO goals as “excellent.” For example, 36 percent rate progress toward creating a formal strategy as excellent; 34 percent rate progress toward investing in endpoint detection and response (EDR) as excellent; and, 33 percent rate progress migrating to secure cloud solutions, as excellent.
When asked about the importance of zero trust, 82 percent agree that allocating staff and budget resources to zero trust is vital to national security and almost all, 96 percent, agree the Federal zero trust strategy is somewhat or very helpful. Despite the high priority, just 30 percent of Federal cyber decision-makers rate their zero trust progress as “excellent” and many, 67 percent, say the EO’s three-year window for implementing a zero trust architecture is not realistic.
Zero Trust is the gold standard for cybersecurity, so we're encouraged to see the EO is prioritizing that approach. In addition, cloud-native endpoint detection and response capabilities can significantly strengthen the cybersecurity posture for the federal government, especially when integrated with other security capabilities including identity security, threat intelligence, and managed threat hunting. These concepts have become cybersecurity best practices for the private sector’s most technologically advanced businesses, and we encourage the public sector to continue to embrace these technologies and strategies.”
Drew Bagley, vice president and counsel for Privacy and Cyber Policy, CrowdStrike
“Getting to zero trust is not easy. The detail provided in the multi-step guidance from OMB provides a path, but there is no single box you can buy to meet the varied needs of the five zero trust pillars,” says Stephen Kovac, Chief Compliance Officer and Head of Global Government Affairs, Zscaler. “You need multiple solutions from varying vendors that work together with seamless integration to achieve true zero trust – it is a team sport. OMB has done a good job in helping to define those rules, with rule one being to keep users off the network. If they can’t reach you, they can’t breach you.”
Funding is another roadblock. Just 14 percent report they have all funding needed to meet Cyber EO requirements. One-third say they have half, or less than half, of the funding needed.
“The sea change is the focus on comprehensive cyber resiliency,” says Nicole Burdette, principal, MeriTalk. “The EO provided direction, and Federal cyber leaders are now doing the hard work. But progress requires sustained funding and resource commitment. The research shows the gaps.”
“The U.S. federal government is taking important steps to improve the nation’s cybersecurity posture,” said Dave Levy, Vice President of U.S. Government, Nonprofit, and Healthcare at Amazon Web Services (AWS). “In the Cyber EO, the White House directs federal agencies to adopt security best practices, implement zero trust architectures, and accelerate migration to secure cloud services. Organizations of all sizes should consider similar principles and practices to enhance their cybersecurity and protect employees and sensitive data against cyberattack.”
What are the leaders doing differently? Cyber EO champions (leaders who give their agency’s EO progress an A) are predictably more likely than their peers to say they have all the funding they need. They are also more likely to have their chief information officer (CIO) leading their zero-trust implementation (67 percent to 28 percent).
When asked for perspectives on what’s needed to achieve cyber progress, the research identified the Federal wish list:
Workforce training and expertise
Stronger executive buy-in
Detailed direction from agency IT leadership
Centers of Excellence (COEs) in the government to lend expertise
Three-fourths of Federal cyber decision-makers also say the EO should have been more authoritative with private-sector directives.
The Impact Assessment: Cyber EO Year One report is based on an online survey of more than 150 Federal cybersecurity decision-makers familiar with their agencies’ cybersecurity initiatives, including zero trust strategies, in March 2022 and is underwritten by Amazon Web Services (AWS), CrowdStrike, and Zscaler. The report has a margin of error of ±7.7 percent at a 95 percent confidence level.
About MeriTalk
The voice of tomorrow’s government today, MeriTalk is a public-private partnership focused on improving the outcomes of government IT. Our award-winning editorial team and world-class events and research staff produces unmatched news, analysis, and insight. The goal: a more efficient, responsive, and citizen-centric government. MeriTalk connects with an audience of 160,000 Federal community contacts.
Read More
CYBERSECURITY
Acalvio Technologies | April 21, 2022
Acalvio Technologies, the leader in cyber deception, announced that the FedRamp Ready ShadowPlex platform has been added to the Department of Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL).
ShadowPlex enables government organizations to execute the three key aspects of adversarial engagement with operational efficiency:
Detection: Rapidly detect adversary presence both on-premises and in cloud infrastructure
Disruption: Derail and delay attacks
Intelligence: Easily gather granular forensics of tactics, techniques, and procedures
ShadowPlex leverages novel AI capabilities for both ease of use, by making deception autonomous, and effectiveness, by blending and customizing deception for every subnet and endpoint. Because it doesn’t require agents on production systems, ShadowPlex is low-risk to deploy but also produces high fidelity alerts. The solution was named a finalist in the RSAC Innovation Sandbox.
The CISA Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program provides cybersecurity tools, integration services, and dashboards to participating agencies to help them improve their respective security postures by delivering better visibility and awareness of their networks and defending against cyber adversaries.
US Federal Agencies are under increased cyber threats, including state-sponsored cyber-attacks. Advanced Deception Technology is best suited to defeat these attacks. National Security Agency (NSA) article (The Next Wave, 2021) shows that about 78 percent of the attackers are detected by deception technology within 20 minutes of breaching the network. CISA, in the 2022 – 2026 Strategic Technology Roadmap, has specifically recommended deploying deception technologies within the next two years by all Federal and critical infrastructure (CI) stakeholders for Network Security management.
Acalvio ShadowPlex provides a powerful new capability to detect and respond to advanced threats, even zero-day attacks. The addition of ShadowPlex to CDM APL makes it easier for Federal agencies to procure and deploy modern deception technology to combat sophisticated adversaries.”
Ram Varadarajan, co-founder and CEO of Acalvio Technologies
The inclusion in CDM APL adds to the FedRamp Ready status, SOC 2, and NIST 800-171 compliances achieved by Acalvio Technologies.
About Acalvio Technologies
Acalvio is the global leader in Active Defense solutions to combat cyberattacks. Its breakthrough Autonomous Deception technology is based on over 25 issued patents in Distributed Deception and advanced AI, to enable deployment of Active Defense that is effective, easy to use, and enterprise scale. Acalvio’s Autonomous Deception reduces attacker dwell time through early detection of advanced threats and increases Security Operations Center efficiency by utilizing sophisticated investigation and active threat-hunting capabilities. The Silicon Valley-based company’s solution serves Fortune 500 enterprises, U.S. government agencies, and marquee MSSPs.
Read More