CYBERSECURITY

QuSecure Announces Company Launch With Industry’s First End-to-End Post-Quantum Cybersecurity Solution

QuSecure | May 24, 2022

Quantum Cybersecurity Solution
QuSecure, Inc., an innovator in post-quantum cryptography (PQC), formally launched as the first company to offer an end-to-end, quantum resilient orchestration platform. QuSecure’s solution, QuProtect, is the industry’s first PQC software-based platform uniquely designed to protect encrypted communications and data using a quantum secure channel and standardized PQC algorithms. It addresses present classical attacks and future quantum computing threats for commercial enterprises and government agencies.

QuSecure’s novel approach, as outlined in a separate QuSecure Product Launch press release issued today, had previously enabled the company to secure a triple-oversubscribed seed round from investor groups including Band of Angels, and has garnered significant interest for future funding activities from an A-list of investors. The company is led by CEO Dave Krauthamer, Silicon Valley CEO, CIO, CTO, CRO, CMO; COO Skip Sanzeri, long-time Silicon Valley Executive and author of “The Quantum Design Sprint” who has engineered five successful exits; CTO Greg Bullard, former VP of Engineering and head of Hardware Security at Qualcomm; Pete Ford, Head of Federal Operations, formerly a United States Air Force F-15 fighter pilot with five combat tours and former executive in Raytheon’s Missile and Defense Group; and Chief Product Officer Rebecca Krauthamer, who graduated with a degree in symbolic systems from Stanford, and is a Forbes 30 under 30 and 12 Women Pioneering the World of Quantum Computing honoree, quantum board member at the World Economic Forum, and formerly served as CEO of quantum computing venture studio Quantum Thought.

QuSecure’s mission is to provide enterprises and government organizations with a comprehensive cryptographic orchestration platform that addresses today’s classical and future quantum threats. Our QuProtect solution secures networks from current vulnerabilities using zero trust, next-generation standardized encryption, active monitoring, and attack remediation – all cloud-delivered in software to existing devices, over existing infrastructure. We are creating an exceptionally secure future using a unique and comprehensive approach to cybersecurity that gives organizations a practical encryption solution for resilience to cyberattacks. Early customers tell us that a SaaS end-to-end PQC approach is optimal to address their critical needs for a practical post-quantum cybersecurity solution. QuProtect is the ‘easy button’ for this critical PQC upgrade.”

Krauthamer, QuSecure CEO

While quantum computing is an emerging field, leading experts such as Arthur Herman, senior fellow and director of the Quantum Alliance Initiative at The Hudson Institute, believe that a Cryptographically Relevant Quantum Computer (CRQC), which is a quantum computer that can break current cryptography and will expose the world’s encrypted communications and data, will be available within the next 3-5 years. Additionally, nation-state attackers are currently stealing encrypted data which will be retroactively decrypted once a CRQC is available. This is a style of hacking known as “Steal Now, Decrypt Later” (SNDL), which is especially important to consider in the case of sensitive data – bank account information, electronic health records, national security information, etc. – that needs to remain secret for decades. As a result, on May 4, the White House mandated PQC compliance via the National Security Memorandum “Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems.” Additionally, the bipartisan Endless Frontiers Act would establish a Technology and Innovation Directorate at the National Science Foundation, which would use $100 billion in federal funds over five years to research emerging technologies including quantum computing, and specifically PQC. Organizations will need to follow suit to protect their data and communications from post-quantum cyberthreats.

“National Security, Public Safety and Privacy have all collided in the past several years,” said United States Navy (Retired) Rear Admiral Mike Brown, a senior cybersecurity specialist formerly with the Departments of Defense and Homeland Security. “Quantum security with quantum computing and encryption is foundational to public and private sector efforts to counter nation states, rogue actors, criminals and others. We must counter serious threats with advanced technologies that can be easily deployed and are successful. QuSecure is leading in this field, and I’m thrilled to be part of their advisory team.”

QuSecure, with focus on adoption, easy upgrade, and modern cyber-protection practices, architected QuProtect as a more resilient PQC platform that works anytime, anywhere and on any device. The company provides an end-to-end quantum security as a service (QSaaS) architecture that addresses the digital ecosystem’s most vulnerable aspects, uniquely combining zero-trust, next-generation post-quantum-cryptography, quantum-strength keys, high availability, easy deployment, and active defense into a comprehensive and interoperable cybersecurity suite. The comprehensive approach is designed around the entire data lifecycle as data is stored, communicated, and used.

In addition to its expert team of founders and employees, QuSecure has collected an all-star quantum and cryptography advisory team. Advisors (partial list) include Rene Haas, CEO of Arm Ltd., a Fortune 500 leader in designing, securing and managing all areas of AI-enhanced connected compute; United States Navy (Retired) Rear Admiral Mike Brown, a senior cybersecurity specialist formerly with the Departments of Defense and Homeland Security; Paul Touw, formerly Chief Strategist for the US Department of State and founder of Ariba Networks (now SAP Ariba); Dr. Sarah McCarthy, Postdoctoral Researcher at the University of Waterloo and specialist in post-quantum cryptography; Laura Thomas, former CIA Chief of Base with more than 17 years in various national security and leadership roles and currently VP of Corporate Strategy at ColdQuanta, a quantum computing and sensing company; John Cosgriff, CEO at UnitedHealthOne, part of UnitedHealth Group, the world’s largest healthcare company; Louie Gasparini, former CTO & VP of Product Management at RSA; and Moshe Ben Simon, VP of Products at Fortinet.

“The security community is facing a crucial time where cutting-edge research needs to be accelerated to the stage of product deployment,” added Dr. McCarthy. “With its diverse team of experts, determination and resources, QuSecure is well-equipped for this challenge.”

About QuSecure
QuSecure is an innovator in post-quantum cybersecurity with a mission to protect enterprise and government data from quantum and classical cybersecurity threats. Its patent-pending, quantum-safe solutions provide an easy transition path to quantum resiliency across any organization. The company’s QuProtect solution is the industry’s first PQC software-based platform uniquely designed to protect encrypted communications and data with quantum-resilience using a quantum secure channel. QuSecure has current customer deployments in banking/finance, healthcare, space/satellite, IT/data enterprises, datacenters and various Department of Defense agencies. QuSecure is investor backed and has offices in Silicon Valley. 

QuSecure and QuProtect are registered trademarks of QuSecure in the United States and other countries. All other company and product names are either trademarks or registered trademarks of their respective companies.

Spotlight

As a global market leader in collaboration tools and solutions, Polycom has enabled thousands of Government organizations to achieve the efficiency and productivity benefits of collaboration in Unified Communications environments. With integrated video, voice, data and Web-based conferencing, Polycom open architecture, standards-based solutions are easy to deploy, intuitive to use, and simple to manage.


Other News
CYBERSECURITY

Keeper Security Announces FedRAMP Authorization

Keeper Security | August 25, 2022

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets, and connections, today announced that the company has obtained FedRAMP Authorization at the Moderate Impact Level for its Keeper Security Government Cloud (KSGC). The KSGC password management and security solution has successfully completed the rigorous FedRAMP accreditation process. This highly sought-after and difficult to attain designation sets KSGC apart from its competitors as the best in class zero-trust and zero-knowledge security solution for government agencies to protect their passwords, data, and secrets. KSGC is hosted in AWS GovCloud (US), designed to host sensitive data, regulated workloads, and address the most stringent U.S. government security and compliance requirements. To receive FedRAMP Authorization, organizations must implement controls from 17 different control families that originate from National Institute of Standards and Technology Special Publication 800-53. This alone can take organizations months or years, depending on the complexity of the system. Authorization can only be pursued by an organization through partnering with a federal agency or the Joint Authorization Board (JAB). Additionally, the system must be evaluated and assessed by an authorized independent third-party auditor prior to submitting for final review and authorization by the FedRAMP Program Management Office. "Keeper is proud to bring its password management and cybersecurity platform to FedRAMP Authorized status," said Darren Guccione, CEO and Co-Founder of Keeper Security. "This authorization demonstrates Keeper's longstanding -- and, some would say, fanatical -- commitment to the highest standards of internal security controls and encryption. Keeper is prepared to help federal agencies protect their digital assets against ransomware, data breaches and other password-related cyberattacks." "As a FedRAMP Authorized password management and security solution, KSGC will enable Carahsoft and our reseller partners to help federal agencies better secure their sensitive information and protect against password related breaches, Keeper's zero-knowledge, zero-trust architecture solves compliance and regulatory enforcement requirements, providing a trusted, reliable solution that meets government needs." -Steve Jacyna, who leads the Keeper Security team at Carahsoft. Today's attackers are advanced at using any breached username and password combination to run through analytics and bots to find any use or similar use combination. By leveraging password managers, a constant health check can be maintained for password diversification and security, said Jean-Paul Bergeaux, Federal Chief Technology Officer of GuidePoint Security. Enterprises cannot assume users are doing this and KSGC provides a way for government security teams to maintain password security while also significantly improving user experience throughout their work life. The FedRAMP Authorized KSGC follows a White House Executive Order mandating zero-trust architecture and strong encryption, along with a draft memorandum by the Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) mandating all federal agencies adopt a zero-trust security architecture by 2024. The memorandum specifically calls out password security requirements that KSGC facilitates, including strong password policies, the removal of a deprecated requirement to require special characters and regular password rotation, and the ability to compare user passwords against weak and breached data. Keeper provides government agencies with a human-centric cybersecurity solution that promotes adoption of password best practices, like the use of MFA, by employees and contractors. Keeper also promotes secure collaboration with encrypted record sharing that allows system administrators to regulate privileged access to files, as well as masking credentials. Keeper's zero-knowledge system architecture provides the highest levels of security and privacy. Encryption and decryption of data always occurs locally on the user's device, and only the encrypted ciphertext is stored in KSGC. About Keeper Security: Keeper Security, Inc. ("Keeper") is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity security-related cyber attacks while gaining visibility and control. Keeper is the leading provider of zero-trust and zero-knowledge security cloud services trusted by millions of people and thousands of organizations for password and secrets management, privileged access, secure remote infrastructure access and encrypted messaging. Keeper's products are the highest-rated in the industry across G2, Trustpilot, PCMag and U.S. News & World Report. For the last several years, Keeper has received several InfoSec Awards from Cyber Defense Magazine for its cyber security enterprise software. Keeper is SOC 2 and ISO 27001 certified, and FIPS 140-2 validated, and Keeper is the only FedRAMP Authorized enterprise password management solution. Keeper is backed by Insight Partners, a leading venture capital and private equity firm with $90b AUM. About Carahsoft: Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Federal, State and Local Government and Education and Healthcare. As the Master Government Aggregator® for its vendor and reseller partners, Carahsoft delivers solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and Engagement, and more. About GuidePoint Security: GuidePoint Security provides cybersecurity solutions and services that help organizations make better decisions. GuidePoint Security's holistic approach enables organizations to identify threats, optimize resources, and integrate solutions that mitigate risk.

Read More

EMERGING TECHNOLOGY,CYBERSECURITY

GovPilot Moves to Microsoft Cloud, Enhances Cybersecurity for Local Government Customers

GovPilot | September 08, 2022

GovPilot, a provider of modern cloud-based government management software specifically designed for municipal and county governments has successfully migrated its platform to Azure, Microsoft’s cloud platform. The migration affords GovPilot and its local government customers with significant benefits including access to the latest Microsoft cloud technology and security which is already trusted by the Department of Defense, the Intelligence community, and 95% of Fortune 500 companies. GovPilot’s Azure adoption comes at a time when local governments are increasingly the target of coordinated cyber attacks and malicious ransomware code which have disrupted operations and services, jeopardized data, and caused significant financial damage to local governments across the country. According to the FBI, local governments accounted for the second-highest victimized group in 2021, trailing only the academic sector as ransomware gangs’ favorite target. “Local governments in the U.S. have often operated with a mix of paper-based processes, spreadsheets, single-use software, and older on-site server based systems. Not only is this inefficient but it is expensive to maintain and presents a significant cyber risk for local government administrators and their constituents, As a unified cloud-based government management platform, GovPilot aims to be the operating system for local government. This implementation provides our customers with best-in-class availability, reliability, and cyber resilience. GovPilot’s mission is to empower local governments to better serve their constituents and operate efficiently. Our implementation of Microsoft’s Azure Cloud is a major part of living up to and delivering on that mission.” -Michael Bonner Founder and CEO,GovPilot. With the Azure migration, GovPilot and its customers will realize significant benefits including: Enhanced Security: The GovPilot platform is secured with the latest Microsoft technology. Data Protection: All data is encrypted, and backed-up in multiple locations. Scalability & Performance: Azure provides limitless room to grow, all while preserving performance. Business Continuity: GovPilot enables users to access the platform 24/7 from anywhere. Azure allows for rapid restoration of services in the event of natural disaster or other catastrophe. “By implementing the Microsoft Azure Cloud - trusted by 95% of Fortune 500 companies and U.S government agencies - GovPilot has made a serious commitment to security. Given the current threat environment, our customers and prospective customers in local government will benefit enormously from the technology provided by Azure.” -Robin Smith, GovPilot’s Chief Operating Officer. About GovPilot: GovPilot - named a GovTech 100 company for five consecutive years - is the leader in digital transformation for local governments. GovPilot's cloud-based platform was built with the sole purpose of enabling local governments to operate at their full potential by standardizing, digitizing, and unifying more than 100 operational and constituent service processes on one operating system.

Read More

EMERGING TECHNOLOGY,CYBERSECURITY

U.S. Government Agencies’ IT Networks May Be Unprepared for Return to Office

Riverbed | August 24, 2022

More than half the federal government IT employees responding to a recent survey say they are worried their IT systems will struggle to deliver good user experiences as more agency employees return to working in offices instead of remotely, according to a new survey released today by Riverbed® and Swish. Among survey respondents who are concerned with end-user experience in a hybrid work environment, 52% of those are concerned that their legacy IT architectures and on-premises network infrastructure will struggle with the increased usage of collaboration tools such as Teams and Zoom as workers return to the office, and 44% are concerned that the end user experience on-site won’t be as good as at home. These concerns arise as the concept of “government from anywhere,” whether in an on-site or hybrid capacity, is becoming widely accepted. Of those surveyed, 47% expect hybrid work environments (teleworking 2-4 days a week) to continue for the long-term, while only 30% expect that a majority of employees will return to the office fulltime in the next six months. The survey of IT employees across the U.S. federal government, from both civilian and defense agencies, was conducted by research firm Market Connections. Survey respondents also reported that they rely on reactive, manual methods to quantify problems with user, infrastructure, and application experiences. While 100 percent of respondents agree that it is at least somewhat important to measure end user experience and productivity capability, 87% claim their agency is still reactively responding to help desk tickets and 51% rely upon user phone calls as a primary means of quantifying issues. “These survey findings point to the importance of utilizing proactive monitoring tools that provide complete network visibility to improve the user experience and network performance across an agency’s entire IT environment, As agencies balance their various work environments and collaboration tools, they should seek to implement an observability platform that multiple teams can use to proactively identify and contextually analyze user issues and leverage automation to solve them quickly.” -Craig McCullough, Senior Vice President of Public Sector for Riverbed. According to the survey, most agencies surveyed (59%) aren’t effectively measuring the impact of change in their IT environment, and are not examining business transaction productivity in terms of labor cost, latency impact, or rate of success. Issues of user experience and productivity and IT network performance can be successfully addressed by utilizing a single-platform, proactive, monitoring tool that provides end-to-end network visibility. With full visibility, IT and agency leaders can quickly identify, mitigate and resolve issues across a variety of endpoints through one integrated system. “This is significant because without a single performance platform, agencies don’t have consolidated incident-centric end-to-end context, root cause analysis, or automated response, Unified observability should be at the forefront of agency thinking and we and our partners, like Riverbed, are working to support this mentality shift which will ultimately benefit the government for years to come.” -Monty Deel, Chief Executive Officer for Swish. About Swish: Swish is a provider of technology solutions and engineering services to the U.S. Federal Government with a focus on high-quality outcomes for customers. Experienced and certified engineers research and evaluate the most innovative technologies on the market and then develop full life cycle solution offerings to ensure that customers realize maximum operational value. Since 2006, Swish has delivered high-performance solutions and services to the Federal Government market ensuring that customer’s digital service capabilities, performance and security exceed expectations and requirements. Swish is a Service-Disabled, Veteran-Owned and HUBZone certified Small Business. About Riverbed: Riverbed is the only company with the collective richness of telemetry from network to app to end user, that illuminates and then accelerates every interaction, so organizations can deliver a seamless digital experience and drive enterprise performance. Riverbed offers two industry-leading portfolios: Alluvio by Riverbed, a differentiated Unified Observability portfolio that unifies data, insights, and actions across IT, so customers can deliver seamless, secure digital experiences; and Riverbed Acceleration, providing fast, agile, secure acceleration of any app, over any network, to users anywhere. Together with our thousands of partners, and market-leading customers globally – including 95% of the FORTUNE 100 –, we empower every click, every digital experience.

Read More

CYBERSECURITY

Cybrary Partners With Carahsoft to Provide Cybersecurity Skill Development to Government Agencies and Customers

Carahsoft | September 28, 2022

Cybrary, the leading training platform for cybersecurity professionals, today announced a partnership with Carahsoft Technology Corp, the Trusted Government IT Solutions Provider.® Under the agreement, Carahsoft will serve as Cybrary's Public Sector distributor, making the company's accessible, affordable, and enhanced cybersecurity training and skills development platform available to the Public Sector through Carahsoft's reseller partners, NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), OMNIA Partners, National Association of State Procurement Officials (NASPO), ValuePoint, and National Cooperative Purchasing Alliance (NCPA) contracts. "We're thrilled to partner with Carahsoft and their reseller partners to provide the Public Sector with streamlined access to Cybrary's platform, Delivering timely threat-informed cybersecurity training to the masses is our ultimate goal. Through this partnership, we will simultaneously enable the cybersecurity community to grow professionally and defend our country from the latest threats." -Kevin Hanes CEO Cybrary. With cyberattacks targeting Government agencies on the rise, and the White House recently noting the lack of qualified individuals to defend against them, there is a huge need for more accessible and digestible skills-based training for cybersecurity. The Cybrary and Carahsoft partnership will help simplify procurement for much-needed training for security teams and individuals throughout Federal, State, Local, and Education sectors. "This partnership provides Government customers with the invaluable opportunity to develop and build their cybersecurity talent pipelines and equip the workforce to recognize, respond, and anticipate threats and defend our nation, We look forward to working with Cybrary and our reseller partners to close the persistent cybersecurity skills gap." -Alex Whitworth, Sales Director who leads the Cybrary Team at Carahsoft. About Cybrary: Cybrary is the industry-leading training platform that provides the right training at the right time to fully equip cybersecurity professionals at every stage in their careers. Cybrary offers threat-informed training and certification preparation to help industry professionals build the skills and knowledge to confidently mitigate the threats their organizations face and bridge the persistent cybersecurity skills gap. Cybrary enables more than 3 million learners, from service providers and government agencies to Fortune 1000 organizations and individuals alike, to be armed and ready to respond in the fight against constantly-evolving cybersecurity threats. About Carahsoft: Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles.

Read More

Spotlight

As a global market leader in collaboration tools and solutions, Polycom has enabled thousands of Government organizations to achieve the efficiency and productivity benefits of collaboration in Unified Communications environments. With integrated video, voice, data and Web-based conferencing, Polycom open architecture, standards-based solutions are easy to deploy, intuitive to use, and simple to manage.

Resources