Latest news with #FireEye
Business Mayor
11-05-2025
- Business
- Business Mayor
How to profit from the rush to protect firms from M&S-style cyber attacks
Words such as 'cyber attack', 'malware' and 'automated phishing' used to sound futuristic. But once a threat stops us from buying Percy Pig sweets and comfy underwear, we know it has struck at the very heart of Middle England – and it is time for investors to sit up and take notice. At the time of writing, M&S still isn't offering online shopping after a huge cyber hack, while the Co-op is struggling with stock issues and a customer-data breach. The hackers have cost these companies dear – Deutsche Bank puts the cost to M&S at £15 million a week – and experts warn many more companies are vulnerable to similar attacks. 'Cyber threats are growing in size and severity,' warns Mike Seidenberg, portfolio manager at Allianz Technology Trust, who says there were more than six billion malware attacks globally in 2023. 'Bad actors have increased their ambition, with critical infrastructure, government departments and crucial industries permanently at risk.' For investors, cyber warfare represents both an opportunity and a threat. On the one hand, poorly prepared companies undergoing a cyber attack will hit their shareholders squarely in the pocket, with M&S stocks down more than 6 per cent in the past week. However, investing in companies in the cyber security sector could allow you to benefit from a trend, with Cabinet minister Pat McFadden stating this week that the Government would 'turbo charge' the cyber security sector. 'Cyber security is not a luxury but an absolute necessity,' he says. If investment in the sector continues, investors may feel the same. As the fall in M&S shares last week has shown, hackers can seriously damage your wealth. A report from security experts Cisco suggests that only 4 per cent of businesses have reached what they call a 'mature' stage of readiness where they can withstand a cyber attack, with 70 per cent of companies either in the 'formative' or the 'beginner' stages of readiness. This suggests that many household names are as vulnerable as M&S and the Co-op. However, Laith Khalaf, head of investment analyst at investment group AJ Bell, says it is difficult to predict where hackers may strike next, which makes it extremely difficult to protect your portfolio. 'Even companies which provide cyber security have found themselves the victims of attacks, such as CrowdStrike and FireEye,' he says. 'Probably the best and simplest tonic is to hold a diversified portfolio so that if a company sees its share price fall because of a cyber attack, it doesn't damage your wealth too badly.' Khalaf adds that the share-price reaction to cyber attacks tends to be short-lived. Many companies have strong cyber security insurance policies, so if you buy firms where you believe the management makes good decisions about risk, chances are they will be protecting themselves. However, it is always an area you could ask about at an annual general meeting if you are concerned or check the firm's risk factors' section of its annual report. With governments and businesses spending more on cyber security, many experts believe now is the time to invest in those securing us all against the hackers. 'Investment capital is pouring into cyber security businesses alongside aerospace and defence firms,' says Jason Hollands, managing director at investment platform BestInvest. The Cisco study also showed that more than nine in ten companies increased their budget for cyber security in the past two years. Many of the biggest players in cyber security are either unlisted or listed in the US, but there are various ways you can invest. For those who prefer to pick individual shares and are untroubled by the volatility that entails, there are some good options. Tiny SysGroup, based in Manchester, is backed by Ken Wotton, manager of Baronsmead Venture Capital Trusts, who says that the business is 'well positioned for sustained growth'. SysGroup supports small and medium-sized businesses with their cyber security. 'It assists in building robust cyber security systems spanning not only the core business but also its supply chains – a critical yet often overlooked area of vulnerability for many groups,' Wotton says. SysGroup shares have been volatile – down 26 per cent in the past six months, up 10 per cent in the past month. At the other end of the scale in the UK, defence giant BAE has a cyber security division – although, as Khalaf at AJ Bell points out, it comprises less than 10 per cent of the business. Lee Wild, head of equity strategy at Interactive Investor, says cybersecurity firm NCC stands out as one of the remaining UK players not to have gone private. It is down 25 per cent this year, but there's always the possibility that it will attract a suitor with a hefty premium at this level. Read More BRP reorganizes Powersports and Marine segments as one business There are also trusts and funds that allow you to take a mixed slice of the cyber security market. Darius McDermott, managing director at FundCalibre, likes the HANetf Future of Defence ETF. This is 43 per cent invested in technology firms, most of which are cyber security specialists. It launched in 2023, at just the right time for cyber security, and has seen its shares rise 46 per cent. Other specialist ETFs in this area include the Legal & General Cyber Security ETF and iShares Digital Security ETF. James Carthew, head of investment companies at QuotedData, recommends Polar Capital Technology, which invests in leading players such as CyberArk Software, Crowdstrike Holdings and Cloudflare. Polar Capital has had a torrid three months – down nearly 17 per cent following President Trump's tariff announcements, but has recovered somewhat in the last month.
Forbes
29-04-2025
- Business
- Forbes
SBOMs (as well as HBOMs and CBOMs) as Cybersecurity Facilitators
Cyber security, information privacy and data protection concept on server room background. Software Bills of Materials (SBOMs) are crucial cybersecurity tools because they assist companies in locating, evaluating, and reducing software risks. They allow software updates and vulnerabilities to be tracked over the course of a product's lifecycle. Modern software is created using code fragments and methods from various sources, including open source and commercial solutions. The software components and dependencies of an application are detailed in a tool known as a Software Bill of Materials (SBOM) (NTIA, 2021). An SBOM is essential for managing and understanding the complexities of contemporary software supply chains and can be compared to an ingredient list on a food product label. A software package and its contents are uniquely identified by an SBOM, which is formal, machine-readable metadata that may also contain information on the software package's contents, such as copyrights and license information. The increasing complexity of modern software and its vulnerability to programming errors and hacks give rise to serious security dangers and compatibility issues. Additionally, cyberthreats are continually finding ways of evolving, becoming more complicated, and multiplying due to the use of artificial intelligence and the quick acceleration of development velocity. It becomes more difficult to identify and address security vulnerabilities when we are looking not only at our codebase but also at the 70–80% open-source software that we depend on, as well as third-party software components from other vendors. However, a few tools can assist in handling the data protection work. Recent high-profile events highlight the need for SBOMs in cybersecurity. A programming flaw in the CrowdStrike software, for instance, affected more than 8.5 million Windows computers globally, resulting in billions of dollars' worth of losses. The well-known Linux data compression program XZ Utils was found to contain a backdoor as part of a sophisticated state actor attack around the beginning of 2024. 93% of cloud settings were vulnerable to the zero-day Log4Shell vulnerability in 2021. In the SUNBURST assault, which FireEye discovered in December 2020, harmful code was embedded into SolarWinds' Orion software. According to Allan Friedman, CISA Senior Advisor and Strategist. 'A thriving ecosystem for SBOM tools and solutions will be key to shaping a more transparent software-driven world.' He notes that 'Vulnerabilities in software are a key risk in cybersecurity, with known exploits being a primary path for bad actors to inflict a range of harms. By leveraging SBOMs as key elements of software security, we can mitigate the risk to the software supply chain and respond to new risks faster, and more efficiently. The government-wide push to integrate cybersecurity into products supplied to the government and transfer responsibility for cybersecurity from agencies to vendors and integrators is reflected in this emphasis on SBOMs. By February 2025, almost all new software that the Army purchases or develops will need to have an SBOM. In order to obtain assurances regarding supply-chain security, the Army opted for an SBOM approach rather than self-attestations. This is because SBOMs offer essential information regarding the risks that systems may pose to a network and can assist in organizing an organization to minimize those risks as much as possible. 3D illustration of the text zero trust over black background with padlock shapes in relief. Concept ... More of network security. SBOMs play a significant role in cybersecurity and align with 'Zero-Trust' policies in both the private and public sectors. Dmitry Raidman. Chief Technology Officer and Co-founder of Cybeats, states, 'One significant advantage of a verified SBOM is its application in cybersecurity and risk mitigation for the downstream customers, for example, a power distribution plant, hospital, or water treatment facility. Industry studies indicate that the average codebase contains 70-80%, and in some cases over 90% open-source software components, many of which have at least one vulnerability, and some of them are highly exploitable, like Log4j. Therefore, understanding and continuously monitoring code components and their vulnerabilities is essential.' He points out that companies that collect from vendors SBOMs and invest in solutions to process and monitor the vulnerability lifecycle management of their assets will be better prepared to deal with cybersecurity challenges in the future and ensure the safety, security, and resilience of their critical systems and infrastructure. SBOMs can help businesses track vulnerabilities in real time and maintain an accurate software inventory. Continuous security requires ongoing Vulnerability Lifecycle Monitoring. In order to detect and address known vulnerabilities and not just rely on security advisories published by vendors, where it is to the vendor's discretion what vulnerability to disclose, an SBOM can offer transparency into the precise software versions being used and allow complete understanding of the threat landscape. Additionally, it facilitates the management and quantification of commercial software licenses. Organizations can compare SBOM data with databases like NIST NVD and CISA KEV to find and prioritize affected systems when new CVEs are found and also record their findings if the vulnerability doesn't pose a risk in their operations and environment. To help evaluate SBOM component information against different threat signatures and patterns, the National Security Agency (NSA) supports the use of AI/ML engines and related "data lakes." A crucial component of efficient SBOM management is vulnerability tracking and analysis, which entails delivering daily updates from the National Vulnerability Database (NVD) and additional vulnerability data sources. SBOMs are crucial for Incident Response and Threat Intelligence. They help security teams quickly identify compromised components in apps and determine available mitigation options and vendor updates during a cyber incident. A major cause of breaches is vulnerabilities based on the Verizon 2025 DBIR Report. There is a 34% increase in attackers exploiting vulnerabilities to gain initial access and cause security breaches, compared to 2024. The bling spot of awareness and a patching strategy is a significant factor affecting these numbers. Risk-Based Patch Management suggests that not every vulnerability needs immediate fixing. Teams can prioritize threats by combining SBOMs with Vulnerability Threat Intelligence (VTI), particularly if there's a known exploit for mitigating vulnerability. Compliance and regulation concept. Enforcement of laws, regulations, and standards, requirements, ... More internal policies and procedures. Minimize legal and financial risks, protect corporate reputation. GRC, SBOMs assist in ensuring compliance and regulatory readiness throughout the procurement lifecycle and can help to avoid buying non maintained and non-secure product. Organizations are required to demonstrate that they monitor and manage risk throughout their software supply chain lifecycle in accordance with new government regulations regarding safe software development. SBOMs provide documentation for compliance with FDA, NIST, PCI DSS, PCI SSF, EU CRA, RED, ETSI EN 303 645, BSI TR-03183, EO 14028, as well as the upcoming US DoD procurement requirements. A "software bill of materials" (SBOM) has become a crucial component of software security and software supply chain risk management, according to CISA. As businesses rely more on third-party components and complex systems, software supply chain security has become a top responsibility. Vulnerability management must be implemented throughout the software lifecycle, from design to deployment and operations, to handle the entire range of security threats. This all-encompassing strategy, sometimes referred to as "shifting left and even more important shifting right, guarantees that vulnerabilities are consistently recognized, evaluated, and reduced. In 2019, the medical technology sector launched a proof of concept to assess SBOMs' ability to manage operational and cyber risks in medical devices. Device makers (MDM) and healthcare (HDO) providers demonstrated the feasibility of SBOMs by producing, exchanging, and applying data to improve security procedures. In 2025, with a growing digital risk landscape, all industries must utilize SBOMs to help enable better cybersecurity and transparency into software based products they build and the ones they consume. It does not end with software. As teams embed AI models and language pipelines across their products, an Artificial Intelligence Software Bill of Materials (AI SBOM) becomes essential. An AI SBOM lists every model file, training dataset, agent, and external inference service, giving product security teams the same clear inventory they expect from a traditional SBOM, down to the last line of code. Dmitry Raidman explains that an AI SBOM provides 'an X ray view of the intelligent functionality,' allowing teams to know exactly what is running in production, how it was trained, and what they are receiving from vendors or delivering to customers. A Hardware Bill of Materials (HBOM) performs the same role for physical components. It maps every chip, board, sensor, and firmware version so security and procurement teams can detect counterfeit parts and unvetted substitutions before they reach production. A long-planned pager hardware supply chain attack reported in Lebanon underscored why HBOM transparency and validation matter; altered pagers were covertly introduced and later exploited, showing how a single tampered device can become a beachhead for wider compromise when hardware provenance is unclear. A Cryptography Bill of Materials, CBOM, catalogs every algorithm, protocol, library, and certificate in your products, giving security teams a clear map of where cryptography lives. With quantum safe standards such as CRYSTALS Dilithium on the horizon, you must know exactly where RSA 2048-bit or ECC P-256 still protect data so you can schedule timely upgrades to post quantum cryptography. Dmitry Raidman sums it up: 'A CBOM is your migration roadmap. When quantum capable attackers will be on the horizon you cannot replace vulnerable ciphers, you do not even know you have.' SBOMs, HBOMs, and CBOMs will be crucial for risk management in our digital environment in the future. Even though the 'BOM' adoption cycle is still in its early phases, more transparency and accountability about hardware security, software security, and optimization will benefit both the public and private sectors.
National Post
29-04-2025
- Business
- National Post
KnowBe4 Appoints Bryan Palma as President and CEO
Article content TAMPA BAY, Fla. — KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, announced that cybersecurity industry veteran Bryan Palma has been appointed president and chief executive officer of KnowBe4, effective May 5. KnowBe4's founder and current chief executive officer Stu Sjouwerman has transitioned to the role of executive chairman. Article content Palma is a highly regarded technology executive with over twenty-five years of experience and a proven track record of scaling global technology enterprises by driving profitable growth, improving customer experience, and delivering operational agility. Most recently, he was the chief executive officer of Trellix, a multi-billion dollar cybersecurity market leader formed through the merger of FireEye and McAfee Enterprise. Prior to joining Trellix, he guided some of the world's leading organizations through pivotal technology and business transformations including Cisco, Boeing, EDS, PepsiCo, and the US Secret Service. Palma earned a masters of business administration from Duke University's Fuqua School of Business, masters of education from the University of Maryland, and bachelor of arts from the University of Richmond. Palma serves on the President's National Security Telecommunications Advisory Committee and the CloudBees board of directors. Article content 'KnowBe4 is an incredibly important company in the cybersecurity ecosystem and at the forefront of human risk management and artificial intelligence,' said Palma. 'I am humbled to join the company at such an important moment and accelerate the leadership position established by Stu and the team. I am looking forward to serving our global customers and proudly calling myself a Knowster.' Article content Executive chairman, Stu Sjouwerman founded KnowBe4 over fifteen years ago and over the last two decades has led the company through multiple rounds of venture capital funding, executed key strategic acquisitions, successfully led a public offering, and grew KnowBe4 to serve over 70,000 customers. Article content Sjouwerman said, 'As Founder of KnowBe4, I am grateful to contribute to the creation of a new market category focused on managing human risk and confidently leave KnowBe4 in the capable hands of Bryan.' As executive chairman, Sjouwerman will help guide KnowBe4's artificial intelligence innovation and work closely with Palma on the transition. Article content KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven 'best-of-suite' platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization's biggest asset. Article content Article content Article content Article content Contacts Article content Article content Article content
