A10 Networks today announced that it will host its inaugural global virtual user conference ‘A10 Transcend’ – giving customers, partners and prospects a forum to share insights into their journey with digital and business transformation during and post COVID-19. The impactful and informative event will take place between November 9-10.

Ehab Halablab, Regional Sales Director – Middle East at A10 Networks says, “Inspire, learn and network are the three pillars of the event. We invite attendees to join the bold thinkers pushing the boundaries of multi-cloud transformation and 5G readiness. The conference is an opportunity to get practical tips and tricks on how to configure and optimize the IT environment.  It is also a great networking platform for IT executives to connect with peers and leaders and raise the bar for their businesses.”

Below is a snapshot of the agenda:

Keynotes: A10’s CEO will share his perspectives for A10’s growth and innovation, along with fireside chats with two celebrity speakers, Scott Kelly and Lindsey Vonn, who will share their inspirational stories of how they have transcended the odds in their respective journeys.

Innovation Panel: A10’s product marketing and product management leaders discuss the current state of network and application security as challenges such as digital transformation, global cyber threats and COVID-19 are permanently changing the IT landscape.

Customer Transformation Spotlight: Customers will share their digital transformation journeys.

A10 Security Research:  Will provide insights into trends around malware and DDoS threat trends.

A10 Core Solutions: Attendees can learn about the latest product updates and capabilities of A10’s core technology – DDoS protection, zero trust SSL/TSL decryption, Polynimbus application services and service provider edge.

DevOps Deep Dive: A10 engineering and partner teams will provide deep dive technical sessions on DevOps

A10 Tips & Tricks: A10 solution architects will deliver a series of tips and tricks covering all aspects of application and networking technologies.

Partner Innovation: Will offer insights into joint solutions from technology and system integrator partners.

For more information about the event including registration, visit https://transcend.a10networks.com/

By Derek Manky, Chief, Security Insights & Global Threat Alliances, FortiGuard Labs &  Aamir Lakhani, Global Security Strategist and Lead Researcher for FortiGuard Labs.

In our increasingly digital world, the threat landscape is rapidly changing and expanding, leaving organizations to wonder how they can keep up with evolving threats—especially as cybercriminals swiftly take advantage of new threat vectors and global events as lures. To provide some insight into the minds of cybercriminals and their various tactics and targets, Derek Manky and Aamir Lakhani of FortiGuard Labs offer their observations from the trenches.

Q: What changes in attack trends has FortiGuard Labs seen in the months since the beginning of the pandemic? 

Derek – April and May were the months where the most COVID lures came about, and of these, email-based threats were by far the most dominant in the threat space. These threats played off of layoff notices sent to employees, false purchasing orders, messages from HR departments, really anything that could exploit the huge shift in the work environment that employees were experiencing. Outside of the workplace, people were being targeted by health authority impersonators for example offering more information about the pandemic. In our trackers, the traditional COVID lures have dropped down quite a bit, going from almost 350 a day to double digits now. Now that things are shifting to a different normal, we’re seeing the old threats kickoff once again, but with a change in general focus. For example, as some organizations begin hiring again, we’re seeing lures that are specifically targeting candidates, particularly with man-in-the-middle attacks. For example, bad actors are injecting themselves into the middle with classic threat attempts such as sending malicious PDFs as resumes.

Q: The attack surface for threat actors is constantly growing, are there any targets that stand out to you as most vulnerable? 

Derek – Cybercriminals are often going to jump on the freshest opportunity they see for the element of surprise but that varies from place to place. The start of Q4 means a lot of people are heading back to work, but also students are heading back to school—both remotely and in-person, or a combination of the two. And that’s been a huge challenge for some institutions that weren’t fully prepared with remote learning capabilities, particularly in K-12 learning where this is all very new to them. They have new platforms and classroom setups, as well as a lot more connections that are happening, so education is a big target right now. 

Aamir – Yes, I certainly agree. Attackers have also shifted their focus to areas where people are becoming more digitally populated. Things like remote learning are still ongoing in places like the U.S., so we’re seeing more service and online attacks aiming to disrupt these organizations. It’s almost the perfect situation for attackers because a lot of schools are set up with a hybrid learning model, where teachers are headed to classrooms while doing remote work and teaching. All attackers have to do is target the internet connections being used in the classrooms, rather than targeting cloud applications or other platforms. By doing this, these bad actors can target more institutions and users much quicker.

Q: What are some of the most popluar attack vectors right now? 

Derek – There are a lot of systems that are now publicly exposed, especially with increased usage of Remote Desktop Protocol (RDP). Attacks like Wannacry, for example, leveraged public RDPs as points of entry and we know that was a big concern. This is something that I think, from a security architectural standpoint, needs to be addressed still. When it comes to remote learning especially, it’s such an easy way for attackers that are trying to hijack these sessions to try to get into these networks. 

Aamir – Last year, I remember doing a search on Shodan to see how many publicly available RDP ports were indexed and the number then was a little over 2 million. I searched again a few days ago and it was over 4 million worldwide. We’ve definitely seen an increase in public RDP connections out there, which means this is a growing risk. At this point, most RDP connections are on the public network and it’s an easy win for attackers.

Q: What would you recommend defenders do given what we know about the threat landscape in 2020?

Derek – This is where our world of threat intelligence really comes into play. We often say you can only protect against what you can see and I think, in the past, a lot of these attacks were not seen. There was a lot of persistence and stealth in these attacks. Companies didn’t have the proper inspections or management in place for all of their traffic flow, similar to the RDP case. Another key to defending against cybercriminals is getting the right model for securing, segmenting and monitoring business-critical applications. I believe the next 2-3 months in cybersecurity will be quite critical and it’s really the time to set up a strong foundation built on actionable threat intelligence. This is the new normal we’re heading into and it’s important to have a structured security plan.

Aamir – Visibility is a key, especially these days when most traffic is encrypted. If you put in a regular firewall or other devices that are not capable of that filtration at high speed, you may miss critical threats entering your network. You need a setup that is capable of decryption and encryption as well as having the proper policies and inspections in place to sort them. Timely information is also important because you need to know the second the attack has happened and be prepared to address it, rather than finding out months after the attack actually happened. 

Q: With how rapidly the threat landscape has been changing, do you have any predictions on where the cybersecurity conversation will be in the next few months? 

Derek – In the future, I think we will see more discussion around critical areas like healthcare and education, but also around operational technology (OT) as we move into more integrations. The wide adoption of technology to facilitate OT by combining old and new technology will lead to a collision between old, sometimes vulnerable technology with new technology capable of combatting modern threats. The entire ecosystem of OT is becoming a larger attack space that is often challenged with threat visibility, and this needs to be top of mind for these organizations.

By: Jacob Chacko Regional Business Head – Middle East, Saudi & South Africa (MESA) at HPE Aruba

There has never been a greater need to connect students, classrooms, and buildings. Enrolment of students (who are always more tech savvy and more expectant than the year that preceded them) continues to rise, and the benefits of technology – better grades and greater staff well-being – are necessary if schools are to maintain high levels of performance during the challenging time of digital transformation.

What’s key, however, is that cyber security is taken seriously. Not in a way that restrains a school’s ambitions to innovate, but so that technology is controlled and managed with caution to protect the students. This will become increasingly important as schools and universities expand deployment of digital, collaborative and immersive learning environments across new and modernised buildings and campuses.

Here’s a closer look at some of the advances many schools are making today, and the security measures that can, and should, be taking to protect their data and reputation.

The changing face of education

There are exciting times ahead for the education industry. Typically, this sector is one of the last to make extensive change, but thanks to the ambitions of teachers keen to engage better with students, the classroom of yesteryear is starting to transform. In many schools, where once Wi-Fi was limited to a handful of classrooms, now any room can be used as an IT suite. New tech such as eLockers are being trialled as a way of empowering students and encouraging self-paced learning. And, rather than deter the use of personal devices, they are becoming increasingly more embedded in the educational toolset.

And so by enabling a more digital workplace, staff will be freed up to make faster decisions and engage students whose learning styles vary. Already we’re seeing education employees reap the rewards of technology. In Aruba’s recent study of more than 1,000 employees, almost three quarters (74%) said they could accomplish more throughout the day and had the opportunity to develop new skills (74%).

However, as the smarter classroom gradually becomes a reality, so the question of security – and how it is managed – must be addressed.

Keeping security in check as progress is made

Worryingly, just under half (49%) of teachers admit they rarely (if ever) think about cybersecurity, despite 91% acknowledging its importance. In addition, more than three-quarters (76%) believe there is room for improvement in the way connected tech is managed.

This is a challenge for institutions. Schools, colleges and universities alike share the same priority: providing the best possible education to cater to students whose expectations are growing exponentially. To connect with them in a meaningful way requires reliable, optimised, and personalised learning experiences. But an influx of Internet of Things (IoT) devices and a cohort that aren’t all trained in security best practices, puts networks at risk of intrusion. And, more seriously, puts young people at risk of communication from people who may wish to abuse, exploit or bully them.

Tackling this issue requires both accountability and an autonomous approach to security. Ensuring there is ownership over IoT security is imperative, and some institutions have appointed “digital champions” who review technology and share practices that foster innovation.

Technology, too, will play its part in managing the cybersecurity risk. Colleges and universities must implement new tools that go beyond traditional cybersecurity measures, such as User and Entity Behavior Analytics (UEBA), which identify patterns in typical user behaviour and flag any anomalies. These kinds of solutions don’t hinder employee creativity, collaboration, or speed as many clunky security systems do. Instead, they provide real-time protection and enable quick responses should a network breach occur.

Enthusiastic pupils are a huge opportunity

It’s important that a focus on security doesn’t take away from the bold ambition demonstrated by the education sector. In many ways, this industry in a totally unique position. Every day, it interacts with an enthusiastic generation that gets more technologically sophisticated each year. In few other sectors is there such a huge cohort of people as adaptable and receptive to new ways of working.

This is where the opportunity lies for teachers, who can challenge the traditional way of teaching. But in order to do so, they cannot be shackled by the fear of cyber risk. Instead, education employees must continue to push themselves to investigate what other innovations can be implemented in order to enhance student learning.

There’s no doubt it can feel overwhelming for many to think about how to make improvements while dealing with a demanding timetable. However, by investing in automation technology that streamlines processes and provides protection, the opportunity of a digital workplace can become a reality. This will drive greater efficiencies, freeing up space in the day to innovate and try new things.

With the right technology in place, and a security strategy that ensures accountability for the management of said technology, there is huge potential for educational institutions to become efficient, productive and inspiring digital workplaces. The enthusiasm for transformation is already there. With the right security strategy, I’ve no doubt the future of education will be bright.

By: Mohammad Jamal Tabbara, Senior Solutions Architect, Infoblox

IT departments are suffering from a chronic lack of cyber skills. The IT industry is the fastest evolving industry out there with a myriad of various different technologies and solutions. A subject matter expert today could be completely out of the loop the next. It’s not enough to be a technically well-rounded IT professional, but must also understand the business needs and objectives. It is very difficult to find talent that can have all of those qualities. If you do find any, make sure you do everything you can to keep them.

There are currently limited skills in the market which can be attributed to the actual lack of manpower. A lot of companies have one or two technical resources that are certified on three or four different technologies. This puts a strain on resources and compromises the level of service.

Engineers are mostly motivated by knowledge and technical development. Hire less number of people but make sure you continuously develop and do everything you can to retain them. You will notice an immediate and positive impact to your business. I think it is important for companies to keep abreast of which emerging technologies are likely to necessitate a future skill set need among their employees and then facilitate training programmes to get their employees the skills they will need down the road.  The biggest barrier to training is time constraints as training programs tend to be quite time consuming. A lot of these training programs also seem to be extremely heavy on content which can lead to information overload. Training programs need to be simplistic and to the point.

It’s true, there isn’t a lot of talent if one looks on the surface. Don’t just judge a book by its cover. Whether it’s a negative or positive judgement for that matter. I often get asked to provide feedback on whether a candidate is ‘good enough’ to hire. If that’s the approach you should stop hiring and change your approach all together. Would you want a ‘good enough’ boss or a ‘good enough’ engineer implementing the solution you’ve just spent several hundred thousand dollars on? Chances are every one of you will say no to all of the above. Qualities such as teamwork, integrity and emotional intelligence are absolutely key when making a hire and they shouldn’t be binary. But the one area that I believe employers should pay very close attention to is the appetite of that individual to learn and to be coached. Finally, when you get someone good, hire them, take time to understand them and invest in them.

Some organizations are mitigating talent shortage by casting the net wider and recruiting talent from markets outside the region. In addition to casting the net wider, there are a number of highly experienced agencies that specialize in IT recruitment that we would advise CIOs to get in touch with. 

We believe that the best talent wants to work for the best companies. While offering an attractive compensation package is important, it is equally important to have a really strong culture – one in which employees are more than just a number and where there is a strong emphasis on having “fun”.

Multi-million dollar investment in new Accenture ServiceNow Business Group will accelerate and expand delivery of mission-critical digital workflow solutions

Accenture (NYSE: ACN) and ServiceNow (NYSE: NOW) have formed a new business group to help private and public sector clients accelerate their digital transformation and better address today’s dynamic operational challenges. The Accenture ServiceNow Business Group represents a significant multi-million dollar investment from both companies over the next five years.

In the COVID-19 era, organizations are under more pressure than ever to innovate faster, reduce costs, enhance productivity, and meet their customers’ needs. The Accenture ServiceNow Business Group will help organizations rapidly evolve organizational processes and unlock the full value of technology investments by adopting digital workflows that deliver modern, personalized customer and employee experiences. This includes empowering employees and customers with self-service and remote work programs that offer increased flexibility, mobility, and choice. By establishing a more modern workplace with platform-driven, technology-enabled workflows, organizations are better positioned to balance business needs, satisfy customer demands, drive employee engagement, deliver productivity expectations, and realize workplace cost optimization.

“By further strengthening our strategic alliance with ServiceNow, we will enable our clients to more quickly embrace change,” said Julie Sweet, chief executive officer, Accenture. “With a move to the cloud, they can reimagine their operations, reskill their employees, and become more sustainable. Working together with ServiceNow to automate complex processes and create better experiences across industries, we will help organizations deliver greater 360-degree value that benefits all — their customers, people, shareholders, partners, and communities.”

ServiceNow CEO Bill McDermott said: “Leaders in every organization know that their 20^th century technologies are too slow, too siloed, too stuck in the status quo to meet the dynamic digital demands of employees and customers today. Speed, agility, and resilience are what’s needed now. Our ServiceNow and Accenture partnership brings together world-class teams, expertise, and our modern workflow platform to accelerate every organization’s digital transformation. The Accenture ServiceNow Business Group will help every organization become a 21^st century digital business.”

The Accenture ServiceNow Business Group will deliver industry- and domain-specific solutions and services to customers. Together, Accenture and ServiceNow will initially help accelerate digital transformation programs for customers in telecommunications, financial services, government, manufacturing, healthcare, and life sciences. Workflow innovation will focus on employee engagement, customer service and operations, artificial intelligence for IT operations, and security and risk. Additional industry solutions will be developed in the future.

Supported by approximately 8,500 Accenture people skilled in ServiceNow, the new group brings together dedicated professionals from both organizations with expertise in transformational workflow and platform development, marketing, sales, and business development across numerous priority industries. The business group will develop advanced industry and domain-focused solutions designed to deliver tangible, positive outcomes for clients at scale.

For example, Boehringer Ingelheim, a leading, research-driven pharmaceutical company with more than 51,000 employees and an Accenture and ServiceNow customer, uses ServiceNow’s technology and Accenture services to create a seamless, consumer-grade experience for global employees and customers.

“Our work with Accenture and ServiceNow has strategically fueled our innovation power. By optimizing our global employee experience, we’ve made our work processes across business functions faster and more efficient, ultimately driving better patient outcomes,” said Andreas Henrich, corporate vice president of IT Enterprise Data Services at Boehringer Ingelheim. “We’ve reduced complexity across our disparate bespoke systems and, in doing so, have transformed our business for growth.”

Accenture’s use of ServiceNow is a strategic enabler of customer-facing innovation at scale and, as a ServiceNow customer, the company uses ServiceNow workflows for employee engagement, invoice processing, asset management, artificial intelligence for IT operations, and its universal service desk. Accenture recently made the Now Mobile app available to its more than 500,000 people.

As a ServiceNow Global Elite Partner, Accenture is one of ServiceNow’s largest global go-to-market partners and winner of its Global Partner of the Year award in 2020. For more information on the Accenture ServiceNow Business Group, visit:

• https://www.accenture.com/us-en/services/alliances/servicenow?src=SOMS
• https://www.servicenow.com/partners/accenture.html

Comcast Business joins forces with Aruba to provide enterprise employees a secure, reliable, dedicated connection to their corporate networks – without competing for in-home bandwidth

Comcast Business today announced it is joining forces with  Aruba, a Hewlett Packard Enterprise company, for the launch of Comcast Business Teleworker  VPN. The new solution is specifically engineered to help enterprises provide their rapidly expanding remote workforces with the same secure, reliable high-performance connection to their corporate network that they have when physically in their office.

According to a study from Nemertes Research, the COVID-19 pandemic has prompted new ways of working, while triggering companies to be faster, more flexible and agile than ever before. As a result, enterprises – including those that otherwise would not have enabled employees to work from home – are increasingly adopting remote work initiatives, with 70% planning to continue their teleworking strategies. Yet, 30% of organizations struggle with providing the setup, security policies and management of remote connections, thus hindering employee productivity, upping IT workloads and increasing vulnerability to cyberattacks.

“The workplace as we knew it changed quickly, dramatically, and permanently in 2020 – and gone are the days where remote employees can serve as a blind spot for IT departments,” said John Burke, Principal Analyst, Nemertes Research. “Now that the home office is the office, IT must ensure applications and connectivity are secure and performing at the same level as in-office services – without that, there will be major ramifications and increased business risk.”

Setting remote workers up for success

Comcast Business Teleworker VPN offers a centrally managed remote access VPN solution that enables enterprises to provide employees the same access to their corporate network that they enjoy in the office, remotely. When combined with Comcast Business’s Teleworker Broadband solution, Comcast Business Teleworker VPN provides employees a secure, reliable connection to primary business systems, applications and files – all backed by the nation’s largest gig-speed network. This combination provides employees a dedicated, independent internet connection that does not interfere or compete with their athome internet – freeing up home bandwidth for remote learning, entertainment and more.

Comcast Business Teleworker VPN is powered by Aruba ESP, an enterprise-class, cloud-native platform which is centrally managed by Aruba Central’s single cloud console. When combined with Comcast’s Managed VPN Aggregator service at a business location, enterprises can securely connect home-based devices, including laptops, desktops, VoIP phones, printers and more to the corporate network, enabling them to:

• Reduce the burden on IT with simple, centralized cloud management and optimization that
• detects and dynamically resolves network issues
• 24/7 support provided by Comcast supplements an organization’s IT teams
• Maintain security with policy-based access control and traffic segmentation which can mirror the security settings in effect at the applicable business location
• Enable a hybrid work environment by maintaining a consistent experience between home and office locations

“Though the number of people working partially or fully remote has been on the rise for years now, the pandemic has truly sent this trend into hyperdrive,” said Christian Nascimento, Vice President of Product Management, Comcast Business. “Comcast Business Teleworker VPN enables enterprises to reimagine the work from home experience for both employer and employee alike, all while maintaining the security, performance and management they enjoy in-office. This new solution is just one more example of how we are helping businesses be more agile in response to the changing needs of today’s rapidly evolving workforce.”

“Work-from-home solutions require enterprise-class security and performance, with consumer-class ease of use,” said Michael Dickman, Senior Vice President of Product Management at Aruba, a Hewlett Packard Enterprise company. “Aruba ESP delivers on both fronts with secure policy-driven access to the full spectrum of corporate services, in a form factor perfect for home that is simple to use with plug-and-play installation. The new Comcast Business Teleworker VPN offering is a fantastic solution for organizations as they help their remote workers be efficient, creative and productive when connecting to corporate services from any location at any time.”

To learn more about Comcast Business Teleworker VPN and other remote work solutions, please visit:

https://business.comcast.com/enterprise/products-services/managed-services/managed-connectivity

By Derek Manky, Derek Manky, Chief, Security Insights & Global Threat Alliances, FortiGuard Labs

It may feel too simplistic to be talking about cyber hygiene with CISOs. But in my years as a threat researcher, and now running a global team of threat researchers, data analysts, and forensics experts, I can say authoritatively that the lack of consistent cyber hygiene is the largest and most persistent threat inside most organizations. And the risk continues to grow as organizations continue to grow their networks and expand their attack surfaces without a holistic security architecture or management system in place.

The concept of cyber hygiene is a deceptively simple one: It involves a series of practices and precautions that, when repeated regularly, keep us safe and our devices working as they should. But that’s easier said than done with distributed networks, IoT everywhere, the adoption of multi-cloud infrastructures, and a growing reliance on SaaS application usage. Add the convergence of IT and OT, and the number of aging devices that cannot be taken offline because they monitor or manage critical systems 24×7, and the risks are greater, and the table stakes are higher, than ever before.

Keeping Remote Workers Safe

One of the most critical places on which to focus cyber hygiene efforts is remote workers. The rapid growth in a mobile workforce and their reliance on personal devices and home networks is just the latest example of the challenges that IT teams face. Unfortunately, enforcing cyber hygiene for remote workers seems to be low on the list for overworked IT teams – somewhere below keeping the business up and running and ensuring access to business applications and essential resources. 

Of course, the challenge is that employees working from home are using unsecured personal devices, from laptops to smartphones to tablets, to stay connected during the workday. And these devices, attached to weaker and far more vulnerable home networks, have created the perfect platform from which cyber criminals can launch attacks on enterprise data. 

Over the past several months, cybercriminals have combined social engineering tactics that exploit fears about the Covid-19 pandemic with older exploits targeting unpatched vulnerabilities found in devices deployed in many home networks. They have also modified their strategies, switching from email-based attacks, which many remote users have been trained to avoid, to new browser-based attack vectors. And once the corporate network has been breached, cybercriminals are delivering new, more malicious strains of ransomware and other malware.

Adapting to the Post-Pandemic Threat Landscape

While 2020 is currently on track to break the record for the number of vulnerabilities identified and published in a single year, these vulnerabilities also have the lowest rate of exploitation ever observed in the 20-year history of the CVE (Common Vulnerabilities and Exposures) list. Instead, vulnerabilities from 2018 have claimed the highest exploitation prevalence (65%). And more than 25% of firms have reported attempts to exploit CVEs from 2005. At the same time, exploits targeting consumer-grade routers and IoT devices have been among FortiGuard Labs’ top IPS detections according to our research. While some of these target newer vulnerabilities, a staggering volume have targeted exploits first discovered in 2014. 

The critical lesson is this: Do not assume that older vulnerabilities, including those more than 15 years old, cannot cause problems.  

What these trends show is that cybercriminals are extremely agile. Within days of seeing that companies were switching workers to remote status, the dark web was filled with phishing exploits targeting novice workers. Within weeks, threat sensors saw a dramatic drop off in threats targeting corporate resources and a corresponding spike in new attacks targeting consumer-grade routers, personal devices, gaming systems, and other devices connected to home networks. Cybercriminals are clearly more than willing to put in the work to find vulnerabilities that still exist within home networks that can then be used to enter the corporate network. 

Of course, many of these attacks are based on the same bad tricks these criminals have relied upon for years simply because they work. With this in mind, organizations must do two things. First, act swiftly to inform employees about cyber hygiene practices. And second, prepare them and their defenses to repel traditional threats like phishing scams and ransomware attacks, as well as new browser-based web attacks, especially as they continue to work remotely. Hosting video conferences to spread cybersecurity awareness across all arms of the business, sending out regular email updates, and urging employees to keep an eye out for unusual or suspicious emails and webpages are just a few examples of the initial steps to take.  

Top 10 Cyber Hygiene Tips to Employ Right Now

Thankfully, despite the continued prevalence of ransomware and the spike in HTML/phishing attacks, there are a number of simple steps organizations and their employees can take to build a stronger barrier against threats. Some of these steps are as simple as creating stronger passwords and performing regular software and application updates. Others may require the addition of newer, more advanced endpoint security software.

It’s also important to note that certain types of business resources are at particularly high-risk for attacks in the current climate. These include financial systems, customer support systems, and research and development resources. Extra measures and precautions may need to be taken beyond the steps outlined below to protect these sensitive, high-priority assets. 

Ensure all employees receive substantial training, both when hired and periodically throughout their tenure, on how to spot and report suspicious cyber activity, maintain cyber hygiene, and now, on how to secure their personal devices and home networks. By educating individuals, especially remote workers, on how to maintain cyber distance, stay wary of suspicious requests, and implement basic security tools and protocols, CISOs can build a baseline of defense at the most vulnerable edge of their network that can help keep critical digital resources secure. This can involve online learning and workshops with experts.

Run background checks before designating power users or granting privileged access to sensitive digital resources. By taking this extra step, organizations can make informed decisions that will inherently mitigate the risks associated with insider threats. 

Keep all servers, workstations, smartphones, and other devices used by employees up to date by applying frequent security updates. Ideally, this process should be automated, and enough time allowed for updates to be vetted in a testing environment. Proximity controls, such as cloud-based access controls and secure web gateways, can help secure those remote devices that cannot be updated or patched.

Install anti-malware software to stop a large majority of attacks, including phishing scams and attempts to exploit known vulnerabilities. Try to invest in tools that offer sandboxing functionality (whether as part of an installed security package or as a cloud-based service) to detect Zero-Day and other unknown threats. New Endpoint Detection and Response (EDR) tools should be on every CISO’s shopping list as they are not only very effective at not only repelling malware but can also identify and disable malware that manages to bypass perimeter controls before they can execute their payloads.

Ensure an incident response/recovery plan is in place, including a hotline through which employees can promptly report a suspected breach, even when they are working from home. This way, in the event of an attack, downtime will be minimized, and employees will already be familiar with critical next steps. 

Use secure access points, whether physical or cloud-based, and create a secured and segmented network for employees to utilize when connecting remotely. VPNs allow organizations to extend the private network across public Wi-Fi using an encrypted virtual point-to-point connection; this both enables and maintains secure remote access to corporate resources. And a zero trust network access strategy that includes NAC and network segmentation should also be in place.

Implement a strong access management policy, requiring multi-factor authentication when possible and maintaining strict standards for password creation. Employees should not be allowed to reuse passwords across networks or applications, whether corporate or personal, and should be encouraged to set complex passwords with various numbers and special characters. Consider providing password management software so they can keep track of passwords.

Encrypt data in motion, in use, and at rest. However, VPN and other encrypted tunnels can also be used to securely inject malware and exfiltrate data. Which means that organizations need to invest in technologies that can inspect encrypted data at business speeds as well as monitor data access, file transfers, and other significant activity. 

For security solutions to be as agile as the networks they need to protect (and the cybercriminals they need to defend against), they need actionable updates to keep pace with the shifting threat landscape. This means that even the fastest and most adaptable security solutions are only as effective as the threat intelligence infrastructure and researchers that support them.

Keeping up with the speed and volume of attacks can scale well beyond the limitations of human security analysts. As a result, machine learning and AI-driven security operations are no longer optional. They enable organizations to see and protect data and applications across thousands or millions of users, systems, devices, and critical applications—even across different network environments, such as multi-cloud, and the full range of network edges, including LAN, WAN, data center, cloud, and remote worker edges.

Final Thoughts on Good Cyber Hygiene

In the wake of COVID-19, CISOs have been faced with a seemingly impossible task: Keep enterprise networks secure while employees continue to work from home, perhaps indefinitely. And they have needed to do so on a limited budget, fewer resources, and a team of security professionals that’s already stretched thin. The solution? Enact an organization-wide cyber hygiene protocol, building the remote network security infrastructure from the ground up. 

By focusing on training, awareness, and education, employees will be better able to perform basic security tasks such as updating devices, identifying suspicious behaviors, and practicing good cyber hygiene across teams. After that, it is essential that organizations invest in the right systems and solutions – from VPNs to anti-malware software and encryption technologies – that enable clear visibility and granular control across the entire threat landscape. Complexity is the enemy of security, so the best response to an increasingly complicated and highly dynamic digital world is to get back to the basics. And that starts with cyber hygiene.

Huawei Consumer Business Group (BG) bolstered its product line-up with the advanced HUAWEI Mate 40 Series, the latest revolutionary flagship smartphones that empower users to leap further ahead. Showcasing the pinnacle of Huawei technology, the new Series reinforces Huawei’s dedication to innovation and its unrelenting determination to create the best Mate ever.

 

The HUAWEI Mate 40 Series has the Mate Series DNA at its core. Over the last eight years, there have been 10 outstanding generations of Mate Series devices and now the latest flagship smartphones take Mate to new heights with the best technology in the industry. From powerful performance to unique user interactions, everything about the HUAWEI Mate 40 Series has been fine-tuned to provide the most exciting smartphone experience possible. HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+ incorporate the world’s first 5 nanometer 5G SoC, Ultra Vision Cine Camera system and the iconic Space Ring Design, as well as a smarter, more attentive digital experience.

 

Richard Yu, Executive Director and CEO of Huawei Consumer BG said: “Each year the HUAWEI Mate Series brings the most exciting technology together into one stunning package. This is what defines the Mate Series DNA and is all made possible by our dedication to innovation. In these unprecedented times, we remain committed to creating a better future, with innovative technology that delivers a positive and meaningful impact on the lives of consumers. In the future, we will continue working closely with our partners to bring the Seamless AI Life experience to consumers all around the world.”

 

Pre-orders for the HUAWEI Mate 40 series will begin in UAE in November.

 

Leap further ahead with the iconic Space Ring Design

Marrying iconic design with innovative technology, HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+ are informed by the design principle that form manifests function. The uncompromised design of the HUAWEI 88° Horizon Display creates an immersive viewing experience in a compact package, while the silky curve also means the devices are comfortable to hold. The handsets also offer IP 68 dust and water resistance, a choice of both virtual and physical volume controls and enhanced mistouch prevention algorithms.  

 

Objects of sheer beauty, the HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+ devices carry a small front camera cut-out, which is packed full of technology, with 3D Face Unlock, an Ultra Vision Selfie Camera and Smart Gesture Control.

 

Turn the devices over and you will see that the HUAWEI Mate 40 Series adopts the Space Ring Design, an evolution of the HUAWEI Mate Series’ iconic circular and symmetrical design. HUAWEI Mate 40 and HUAWEI Mate 40 Pro are available in Black and White, as well as an enchanting Mystic Silver, a finish with a colour-shifting effect that evokes the mysteries of the unseen. There are also two vegan leather variants, Yellow and Green. Meanwhile, HUAWEI Mate 40 Pro+ features an exquisite nano-tech ceramic back panel available in two iconic colours: Ceramic White and Ceramic Black.

 

 

Leap further ahead with Kirin 9000 setting a new standard for performance

Powering the best Mate ever, the Kirin 9000 Series is fully equipped for 5G, capable of handling intensive computations and multi-tasking operations with ease. Embedded in HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+, the Kirin 9000 is the most sophisticated 5nm 5G SoC available, delivering vastly improved performance and power efficiency over its predecessor. For the first time ever, the flagship 5G SoC has more than 15.3 billion transistors, making it the densest and most full-featured 5G SoC to date. The powerful CPU features a three-level power efficiency architecture with cores running at clock frequencies of up to 3.13GHz. Also integrated into the SoC is a 24-core Mali-G78 GPU, as well as an innovative NPU featuring two big cores and one tiny core, taking on-device AI to a new level.

 

The 24-core Mali-G78 GPU in HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+ is the most powerful GPU ever seen on a Huawei device. This delivers advanced graphics performance and is complemented by an amazing audio visual experience for immersive gaming. The 90Hz display works together with 240Hz touch sampling rate for greater responsiveness and now provides haptic feedback to correspond with the visual experience. This entertainment set-up is completed with dual stereo speakers to create experiences with super bass stereo.

 

The HUAWEI Mate 40 Series is also equipped with the battery technology that is needed to keep up with the demands of 5G, supporting the fastest iteration of HUAWEI SuperCharge.

 

Leap further ahead with an all-round imaging system engineered to make photography simple

The camera system on the HUAWEI Mate 40 Series has been co-engineered with Leica to provide the best camera solution possible and sees breakthrough upgrades to the ultra-wide angle lens, powerful high-definition main camera, impressive telephoto camera and more. With the Dual Cine Cameras and Dual Ultra Wide Cameras on HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+, users can capture amazing wide angle videos and images from both the front-and rear-facing cameras.

 

When it comes to cinematic videography, the HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+ are unparalleled. The Dual Cine Cameras feature a 3:2 cinema-style shooting ratio sensor. Capturing high quality footage is easier than ever with Steady Shot, while the XD Fusion HDR Video ensures balanced exposure, even when users are capturing with extreme lighting contrast. Other evolutions include Tracking Shot, while Story Creator allows for true cinematic effects. Background music, filters and effects can also be added with ease. Not neglecting audio, HUAWEI Mate 40 Series features Audio Focus, Audio Zoom, and dual stereo speakers.

 

The Ultra Wide Cine Camera now offers an even wider field of view, as well as richer detail, improved low light performance and distortion correction algorithms, allowing users to capture beautiful expansive landscapes, while the Super Sensing Wide Camera provides true high definition shots. Image quality has been further enhanced with Full Pixel Octa PD AutoFocus. Improved distortion correction targets the face, body and limbs, making the ultra-wide angle lens useful in more scenarios than ever. HUAWEI Mate 40 Pro features a Periscope Telephoto Camera to support 10x hybrid zoom and 50x digital zoom, and HUAWEI Mate 40 Pro+ takes it further with a dual-telephoto camera system that enables 20x hybrid zoom and 100x digital zoom.

 

The Ultra Vision Selfie Camera on the HUAWEI Mate 40 Series take selfies and videos to new heights with support for 4K capture and the option to shoot in one of three available fields of view, ranging from up close and personal to ultra-wide. Slow-Motion Selfie adds even more versatility to the front camera by letting users add dramatic flair when documenting their fast-paced actions.

 

Leap further ahead with an all new user experience

HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+ are set to revolutionise how consumers integrate smartphones into their lives with new user-centric features including Smart Gesture Control, which allows total hands-free control of your device. Simply hover your hand over the device to wake it up or navigate your phone by swiping left, right, up and down. There is also an air press gesture for call answering.

 

A device that is always there for you, the all new dynamic Eyes on Display on HUAWEI Mate 40 Pro and HUAWEI Mate 40 Pro+ can be activated at a glance, with fully customisable interactive displays hosting all the information you need from your phone. The ring of incoming calls can be reduced by making eye contact with your phone.

 

Improved MeeTime functionality is a gateway to a better connected, more intelligent life. When combined with the power of Huawei’s 1+8+N ecosystem, Multi-screen Collaboration offers an intuitive way for users to operate multiple devices at once, running several apps simultaneously, combining smartphone and PC to deliver unique experiences.

 

When it comes to privacy and security, the EMUI 11 operating system has always featured comprehensive security solutions to protect Huawei device users. The Trusted Execution Environment operating system is CC EAL5+ certified, which is the highest certification level for commercialised security microkernel. EMUI 11 also comes with new privacy features. When transferring images, users can easily purge sensitive personal data such as location, time and device details from the file before it is sent.

 

HUAWEI Mate 40 Series comes equipped with the innovative Huawei Mobile Services (HMS), bringing users a smarter, richer, more convenient and secure smartphone experience. During the launch, Huawei also unveiled new apps available for global Huawei users, including Petal Search, a search engine with support for multiple types of searches; Petal Maps, a map app that utilises the HUAWEI Mate 40 Series’ gesture control feature; and HUAWEI Docs, a unified word document service. These apps come together to lead the way towards a better digital life for the 700 million Huawei device users worldwide.

Today we headed to Anker Innovations to check out Anker’s new PowerPort III Nano charger that is optimized to fast-charge the new iPhone 12 and comes in a cute size that fits in your pocket.

It is the smallest wall charger capable of charging the new iPhones up to 3 times faster than a stock charger. The charger, dubbed the Anker Powerport III Nano is the slimmest and lightest in the new line of portable chargers from Anker.

Small, yet mighty
The most attractive thing about the PowerPort III Nano is its size, with a body measuring the same as a 5W stock smartphone charger PowerPort III Nano is small enough to comfortably fit in your front pocket. It features one single USB-C port capable of dispensing up to 20W of power using the Power Delivery standard. The USB-C port features Anker proprietary PowerIQ 3.0 technology, which has been updated and optimized to be fully compatible with the iPhone 12’s fast-charging protocol. This allows the Nano to charge the new iPhone 12 up to 50% in 30 minutes.