Virtru Names Wayne Chung as CTO to Drive Next Phase of Innovation and Growth
Virtru expands executive tech talent with former FBI and BlueVoyant CTOWASHINGTON, May 08, 2025 (GLOBE NEWSWIRE) -- Virtru, a leader in data-centric security, today announced Dr. Wayne Chung has joined the company as Chief Technology Officer (CTO), where he will lead technical strategy and execution, partnering with Will Ackerly, Virtru Co-Founder, Chief Architect, and inventor of the Trusted Data Format (TDF), an open standard for data-centric security that is rapidly being adopted by national defense and intelligence agencies around the world.
Chung's appointment marks a significant milestone for Virtru as it accelerates the deployment of its Data Security Platform in the national security and commercial markets—while simultaneously growing its 6,000+ customer commercial SaaS business.
'I'm honored to join Virtru at such an exciting moment,' said Chung. 'The team's vision for data-centric security across SaaS, defense, and AI is both bold and timely. Our national institutions need the fine-grained security, control, and simplicity that Virtru provides. I look forward to partnering with this team to scale Virtru's impact and drive greater adoption of data-centric security.'
Chung brings an exceptional track record with executive roles across both public and private sectors. At the FBI, he served as CTO, leading cloud migration, cybersecurity modernization, and the development of advanced data analytics, AI and ML capabilities. Chung also previously held the position of Innovator-In-Residence at the NSA's Cybersecurity and Computer Network Operations Mission. He currently serves as a Technical Amicus Curiae to the U.S. Foreign Intelligence Surveillance Courts, and is a Senior Fellow at the Center for National Security and the Law at Georgetown University.
In the private sector, Chung has held CTO roles at BlueVoyant and Clara Analytics, where he scaled cutting-edge data security and AI platforms.
Ackerly will focus on advancing Virtru's technical architecture and research, continuing to lead innovation efforts surrounding the Trusted Data Format (TDF) and pushing the boundaries of what data-centric solutions can achieve in the era of agentic AI.
'As Virtru continues to deploy software at scale across large federal and commercial organizations, Wayne's unique blend of public and private-sector experience is a valuable asset to our team,' said Ackerly. 'His leadership will help Virtru remain ahead of the curve in enabling secure, data-centric collaboration for both government and enterprise customers.'
For more information about Virtru and its Data Security Platform, please visit www.virtru.com.
About Virtru
Virtru empowers organizations to unlock the power of data while maintaining control wherever it's stored and shared. Trusted by over 6,000 global customers, Virtru provides simple, powerful solutions for Zero Trust data-centric security, underpinned by the Trusted Data Format (TDF). Learn more at Virtru.com.
Press Contact
Nick Michael
nick.michael@virtru.com
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/28f2b422-d0c8-4752-aa9a-1474581b2058
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Forbes
13 hours ago
- Forbes
FBI Warning Issued As 2FA Bypass Attacks Surge — Get Prepared
The FBI issues Scattered Spider attack warning. Update, June 29, 2025: This story, originally published on June 28, has been updated with expert comment from cybersecurity professionals regarding the Scattered Spider threat group referenced in the latest FBI 2fa-bypass attack warning. When the Federal Bureau of Investigation issues a cybersecurity alert, you would be well advised to pay attention and take action. Whether that's involving malicious SMS messages, AI-powered phishing attacks, or, as I recently reported, the skyrocketing number of ransomware threats. And ransomware is the subject of this latest, critical, warning from the FBI. This time involving the Scattered Spider threat group which has made headlines after taking responsibility for multiple retail sector attacks including that against Marks & Spencer in the U.K. which is estimated to have cost the high street chain at least $600 million. Now the group is targeting the airline industry, the FBI has warned, both directly and through the entire supply chain. Here's what you need to know. FBI Confirms Scattered Spider Attacks Targeting Transportation A June 26 report from ransomware analysts at Halcyon warned that there were 'indications that Scattered Spider is also now targeting the Food, Manufacturing, and Transportation (particularly Aviation) sectors in the US.' This has now been confirmed by the FBI which provided a statement to me by email that said: 'The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector.' The statement, also posted to X, fomrerly known as Twitter, continued to confirm that the ransomware group is using the same methods during this surge of attacks into new sectors, namely 'social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.' Specifically, Scattered Spider looks to bypass mutli-factor authentication, commonly referred to as MFA or 2FA, by using various methods to get those help desks to 'add unauthorized MFA devices to compromised accounts.' Scattered Spider has been on the FBI radar for a number of years, with a joint cybersecurity advisory alongside the Cybersecurity and Infrastructure Security Agency published in 2023 in response to what it described as 'activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors.' The FBI told me that it is currently actively working with aviation and industry partners 'to address this activity and assist victims,' and urged anyone who thinks their organization may have been targeted to contact their local FBI office. In the meantime, beware of anyone asking for unauthorized 2FA devices to be added to accounts and follow established security processes and procedures to the letter, no matter what the person making the request may say. FBI Warned Of Aviation Attacks, But Insurance Sector Also Now Being Targeted By Scattered Spider Although the latest FBI warning focused on current attack threats targeting the transportation, and specifically aviation, sector and its supply chain, Scattered Spider has also expanded to include the insurance industry in its crosshairs. "Google Threat Intelligence Group is now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity,' John Hultquist, the chief analyst with the Google Threat Intelligence Group, has said, 'we are now seeing incidents in the insurance industry.' Jon Abbott, CEO at ThreatAware, prudently advised that while 'the rising tide of attacks on US insurers' is a serious threat that should not be underestimated, it also represents 'a warning for other industries to stay vigilant.' Although the Scattered Spider group has historically leaned towards targeting one industry sector at a time, there is a danger that, as aviation is now in the spotlight, other organizations take their eye off the remaining peril in front of them. With one common denominator between many attacks being the exploitation of the supply chain, with such compromise enabling lateral movement onto bigger fish, this is evidence that businesses that might not consider themselves in the aviation, insurance or retail sectors are still at risk. Richard Orange, a vice president at Abnormal AI, reiterates what the FBI has said. 'This group relies on social engineering rather than technical exploits,' Orange said, 'and bypasses traditional security controls by manipulating people, such as posing as IT staff or trusted partners.' This can often appear like an isolated incident or breach, but Scattered Spider will move laterally, Orange concluded, 'harvesting credentials to deceive other departments, customers, and partners.'
Forbes
14 hours ago
- Forbes
11 Million Critical Vulnerabilities Exposed — Act Now
New research reveals 11 million critical vulnerabilities are exposed to the public internet. While security vulnerabilities are an integral part of the world of technology, some are more critical than others. The Cybersecurity and Infrastructure Defense Agency, part of the U.S. Department of Homeland Security, has warned time and time again about the dangers of vulnerabilities to organizations. Yet that message does not appear to be getting through if the staggering numbers revealed in a new technology sector risk report are anything to go by: more than 11 million critical vulnerabilities in tech sector environments are currently exposed to the public internet. 11.4 Million Critical Vulnerabilities Are Currently Exposed To The Public Internet Two recent warnings from the Federal Bureau of Investigation should be burned into the psyche of anyone and everyone who has any influence when it comes to the security of technology environments. The first, from earlier in June this year, involved a skyrocketing number of victims of the Play ransomware group. The primary infection vector was reported as being unpatched critical vulnerabilities: CVE-2025-29824, iCVE-2022-41040, CVE-2022-41082, CVE-2020-12812 and CVE-2018-13379 if you want to go and check that your organization isn't open to these specific attacks. The second, a joint advisory with CISA, warning that unsophisticated hackers are a real danger, including those exploiting vulnerabilities that should already have been patched but have not. The 2025 Risk Radar Report from Trust SpiderLabs has now confirmed the real extent of this danger to the technology sector. The researchers revealed that a total of more than 11.4 million critical vulnerabilities are exposed to the public internet within the technology sector. That's a staggering and truly frightening number. 'Services are often publicly exposed for a good reason,' Trust SpiderLabs said, 'that is to allow the public to visit your website, and to receive email from people outside your organization.' However, oftentimes services are exposed by mistake, usually as a result of a configuration error. Combine this with the number of critical vulnerabilities that have yet to be patched by the organizations concerned, and Houston, we have a problem. The report analyzed those vulnerabilities within the CISA Known Exploited Vulnerabilities catalog for 2024 and 2025, and discovered that nine of the top ten were web server vulnerabilities that coincided with the top exposed service in the tech industry. The single KEV vulnerability that was not web-based is BlueKeep, a critical vulnerability in the Remote Desktop Protocol, commonly used by hackers for lateral movement within networks. 'With that service exposed to the public internet,' the report stated, 'it could be used to establish an initial foothold.' If it's not yet clear, here's what you should do: take an inventory of all currently open services running outside the network perimeter and conduct an immediate access audit. 'It's also essential to prioritize patching for any publicly exposed systems,' Trustwave SpiderLabs said, in order to mitigate the risk from unpatched critical vulnerabilities.
Yahoo
15 hours ago
- Yahoo
Rampant cybercriminal group targets US airlines
A notorious cybercriminal group has shifted its attention to the aviation industry, successfully breaching the computer networks of multiple airlines in the United States and Canada this month, according to the FBI and private experts responding to the hacks. The hacking hasn't affected airline safety, but it has top cyber executives at major airlines across the United States on alert because of the hacking suspects: A network of young cybercriminals called 'Scattered Spider' who are known for their aggressive efforts to extort or embarrass their victims. It's a fresh headache for the travel industry as the busy summer travel season kicks into high gear. This is now the third major US business sector in the last two months, after insurance and retail, to face a flurry of cyberattacks tied to the criminal group. The hackers target big companies and their IT contractors, 'which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,' the FBI said Friday night in a statement that named Scattered Spider as the perpetrator of the airline hacks. 'Once inside (a victim's network), Scattered Spider actors steal sensitive data for extortion and often deploy ransomware,' the FBI said. The FBI, the statement continued, 'is actively working with aviation and industry partners to address this activity and assist victims.' Hawaiian Airlines and Canada's WestJet confirmed this week that they were still assessing the fallout from recent cyberattacks, though the airlines did not name the perpetrators. More victims in the aviation industry could come forward, sources briefed on the investigation said. WestJet's issues began two weeks ago, when the airline said it was responding to a 'cybersecurity incident' that was affecting access 'to some services and software systems,' including its app for customers. Both WestJet and Hawaiian Airlines said their operations were unaffected by the hacks. The lack of impact on operations at the airlines is 'likely a sign of good internal network separations or good business continuity and resiliency planning,' said Aakin Patel, the former chief information security officer of Las Vegas' main airport. It is not just the airlines themselves, but other 'segments of the aviation ecosystem' that are seeing increased cyberattacks, according to Jeffey Troy, the president of the Aviation ISAC, an industry group for sharing cyber threats. 'Our members are keenly alert to attacks from financially motivated attackers and collateral impacts emanating out of geo-political tensions around the world,' Troy said in a statement to CNN. The fine margins for error in the airline industry were on display Friday, when a separate IT outage, apparently unrelated to malicious cyber activity, caused delays for some American Airlines passengers. The Scattered Spider hacks have mobilized people across the industry to respond. In-house cybersecurity experts at major airlines have been closely monitoring the situation, sources familiar with the response told CNN, while cybersecurity firms such as Google-owned Mandiant are helping with the recovery and urging airlines to secure their customer service call centers. One of Scattered Spiders' preferred methods of infiltrating corporations is calling up help desks and pretending to be employees or customers. The technique has been highly effective for hackers to gain access to the networks of big companies. 'Airlines rely heavily on call centers for a lot of their support needs,' Patel told CNN, making them 'a likely target for groups like this.' Scattered Spider gained attention in September 2023 when they were linked to a pair of multimillion-dollar hacks on Las Vegas casinos and hotels MGM Resorts and Caesars Entertainment. The hackers tend to pick one sector to target for weeks on end. Earlier this month, they were the suspect in a hack of insurance giant Aflac that potentially stole Social Security numbers, insurance claims and health information. Before that, it was the retail sector: The hackers, according to an internal memo obtained by CNN, targeted Ahold Delhaize USA, which has the same parent company as the Giant and Food Lion grocery chains. 'The actor's core tactics, techniques, and procedures have remained consistent,' Mandiant chief technology officer Charles Carmakal said Friday in a statement, and that it 'is aware of multiple incidents in the airline and transportation sector' that resemble the operations of Scattered Spider.
