Uncategorized

https://www.lorca.co.uk/

Xanadata as been named as one of the eleven UK’s fastest growing cyber security innovators to join the second cohort of the LORCA (London Office for Cyber Security Advancement)  accelerator programme. Selected by industry leaders from a broad range of applicants Xanadata will benefit from a 12 month bespoke programme of world-class support through the £13.5m Government-backed scheme designed to tackle two major security challenges; user-centric security and securing supply chains.

The programme includes one-to-one commercial and technical support from the Delloitte’s Cyber Risk Team, access to academic and engineering support from the Centre for Secure Technologies at Queen’s University Belfast and exposure to a wide range of VC funding sources. read more…

Xanadata is delighted to welcome John Bromhead to its advisory board. With an extensive track record in senior management, technical product marketing and business development roles, mainly focused in the US, John is a perfect fit to help build on momentum in North America. Companies he has represented include Tarari, LSI,  Cavium, Stac, Cordiant, iPivot and Titan IC. He was also President and CEO of 1-fo-All Marketing for 6 years.

Commenting on his appointment John said “Xanadata’s award winning Typhon ATD platform has already one of the strongest value propositions in the burgeoning cyber security space. The unrivalled speed  of analytics together with the innovative  augmented  intelligence techniques it uses, helps security teams to not only understand what threats are present in their networks but the coordination between attacks, in real time.

I am looking forward to working with Richard and the team to help Xanadata rapidly scale up and achieve its deserved potential.”

The Big Data Excellence Awards celebrate the top performers working at the forefront of data, analytics, the Internet of Things and Big Data.

Named in the Outstanding Data Analytics Solution Category for its work with the County Durham and Darlington Federation NHS Trust, Typhon has been recognised for its outstanding performance in the extraction of actionable intelligence from the Trust’s Terabytes of historic security log data.

The project, part of strategic review of CDDFT’s network security controls, policies and procedures provided a detailed base-line status report in just a few hours including evidence of previously undetected instances of compromise that required immediate, decisive action to prevent a potential data breach and operational disruptions.

CDDFT, Security Manager Tony McGivern commented

“One reason we were excited about Xanadata’s product moving forward is we use and leverage information and intelligence outside of one vendor and integrate with thousands of intelligence agents,” he said. “We are very happy with our vendors and have global threat intelligence and coupling that with a neighbouring organisation and going through the Xanadata suite gives us full confidence that we would have picked it up.”

The winners will be announced at an awards dinner in London on 15^th May.

Infosecurity Magazine’s Dan Raywood spoke to Tony McGivern at the County Durham and Darlington Foundation Trust to hear more about how  Xanadata’s Accelerated Treat Detection platform  helped in his recent network security review. Read the full interview

Xanadata has added Computing’s Security Excellence Awards 2017 to its growing list of security industry recognitions. Named among the finalists for this year’s Data Security Product Award this is the third time this year that Xanadata’s Typhon Accelerated Threat Detection platform has been named as finalist for a major industry award. With inclusion in the SC and UKIT Awards listing already announced this latest short listing is adding to the growing reputation of Xanadata as a leader in the  next generation of machine learning based threat analytics technology.

Xanadata’s big data analytics platform has been chosen as the latest technology to be added to the Leading Edge Only (LEO), KPMG Innovation Community. LEO aims to bridge the gap between innovators and major corporates via its Global Innovation Marketplace. This is a dynamic online platform that showcases the latest technologies and products to a diverse array of large enterprises and other organisations seeking innovative solutions

The KPMG Innovation Community’s role is to help raise the profile of the Xanadata’s solution and increase brand awareness, ultimately driving new business opportunities from its global client base.

UCS Seminar provides NHS Trusts with an opportunity to learn how to enhance the effectiveness of their network security controls

6^th September 2017, Oxford, UK.  Unipart Cyber Security (UCS) has announced a special event for NHS IT teams at which there will be an opportunity to learn how several North East Trusts are combining resources to help to enhance the effectiveness of their network security controls. This free event on Friday 29^th September is being held at The Village Hotel, 10 Silver Link North, Newcastle Upon Tyne. NE27 0BY starting at 9:00am and is open to all NHS CISOs and IT managers.

UCS, part of the Unipart Group of manufacturing and logistics companies, is a leading IT security consultancy. The company works with large enterprises and public-sector organisations providing a range of specialist services designed to protect corporate data and IT systems and to maintain compliance with the latest security regulations.

The event will focus on the work that UCS has been doing with the County Durham and Darlington Foundation Trust (CDDFT) as part of a strategic review of its security controls, policies and procedures. As well as carrying out an in-depth analysis of the effectiveness of the CDDFT’s security infrastructure, the project has resulted in closer cooperation with neighbouring Trusts and the deployment of a shared threat detection platform that monitors and analyses all security sensor log files generated from each of the consortium members’ networks.

Based on custom silicon with compute power equivalent to a 2000 Hadoop cluster the technology, developed by UK big-data analytics start up, Xanadata, analyses log data against thousands of known threat signatures in parallel, extracting actionable intelligence on the overall security status of the network at a rate of up to 8TB per hour.

 As well as identifying undetected incidences of compromise, including data breaches and ATP attacks that may have been missed by existing network sensors and controls, using advanced machine learning techniques the system can also detect evidence of previously unknown, zero-day, attacks before they are added to the global threat lists.

By extending the service to include data from neighbouring Trusts it gives the individual network managers a wider perspective on the overall threat landscape and access to actionable intelligence in virtually real time, helping to ensure security controls are fully maintained in line with the latest threat information and to prevent a repeat of a Wannacry type attack spreading across the entire NHS infrastructure.

Attendees at the event will hear from CDDFT’s IT manager, Tony McGivern and UCS’s CISO, Paul Heffernan and also have any opportunity to see a demonstration of the technology from Xanadata’s founder and CEO, Richard Benson.

Anyone wishing to attend should contact Johnty Mongan by email at johnty.mongan@unipart.com or by calling +44(0)1865 384750.

The 2017 UKIT Industry Awards’  shortlist has been announced with Xandata’s Typhon technology listed as a finalist in the Security Innovation category. The awards focus on the contribution of individuals, projects, organisations and technologies that have excelled in the use, development and deployment of IT in the past 12 months.

We are in a very busy sector and up against stiff competition from some of the established leaders in the security analytics and forensics world, so to make the shortlist is itself a huge honour. Next step is a face to face presentation with the judging panel to select the ultimate winner. Quite a task but we are quietly confident that we can win them over with our unparalleled processing speed, breadth of threat detection and our unique augmented intelligence data visualisation capability.

Following our success in the SC Awards earlier in the summer this is great validation for the Xanadata technology and a recognition of our growing reputation as an effective threat detection solution for complex network environments.

We will keep you posted –  look out for us on the winners’ podium on the 18^th November

GDPR why should I care?

The General Data Protection Regulation (GDPR) is a regulation that intends to strengthen and unify data protection for individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The primary objectives of the GDPR are to give citizens back control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. GDPR applies from 25 May 2018, it does not require any enabling legislation to be passed by national governments.

The bit to worry about, GDPR establishes a tiered approach to penalties for breaching the regulations. It enables fines for some infringements of up to 4% of annual worldwide turnover and EUR20 million (e.g. breach of requirements relating to international transfers or the basic principles for processing, such as conditions for consent). Other specified infringements would attract a fine of up to the higher of 2% of annual worldwide turnover and EUR10 million.

So does it impact on me?

Expanded territorial reach – The GDPR applies to those inside the EU but catches data controllers and processors outside the EU whose processing activities relate to the offering of goods or services (even if its for free) to, or monitoring the behaviour (within the EU) of, EU data subjects. Many will need to appoint a representative in the EU.

The UK’s Information Commissioners Office have produced a checklist that highlights 12 steps you can take now to prepare for GDPR (https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf). It makes the following points:

1. Awareness -You should make sure that decision makers and key people in your organisation are aware that the law is changing to the GDPR. They need to appreciate the impact this is likely to have.
2. Information you hold -You should document what personal data you hold, where it came from and who you share it with. You may need to organise an information audit.
3. Communicating privacy information – You should review your current privacy notices and put a plan in place for making any necessary changes in time for GDPR implementation.
4. Individuals’ rights – You should check your procedures to ensure they cover all the rights individuals have, including how you would delete personal data or provide data electronically and in a commonly used format.
5. Subject access requests – You should update your procedures and plan how you will handle requests within the new timescales and provide any additional information.
6. Legal basis for processing personal data – You should look at the various types of data processing you carry out, identify your legal basis for carrying it out and document it.
7. Consent – You should review how you are seeking, obtaining and recording consent and whether you need to make any changes.
8. Children – You should start thinking now about putting systems in place to verify individuals’ ages and to gather parental or guardian consent for the data processing activity
9. Data breaches – You should make sure you have the right procedures in place to detect, report and investigate a personal data breach.
10. Data Protection by Design and Data Protection Impact Assessments – You should familiarise yourself now with the guidance the ICO has produced on Privacy Impact Assessments and work out how and when to implement them in your organisation.
11. Data Protection Officers – You should designate a Data Protection Officer, if required, or someone to take responsibility for data protection compliance and assess where this role will sit within your organisation’s structure and governance arrangements.
12. International – If your organisation operates internationally, you should determine which data protection supervisory authority you come under.

In summary – act now don’t wait until 25 May 2018!

Xanadata is a data analytics company, specialising in building systems that analyse data at extreme throughputs addressing markets such as cyber security, e-discovery and BI analytics. It develops and builds custom hardware and software to allow organisations to rapidly identify vulnerabilities, threats and risks caused by systems connecting to the Internet. Contact us to learn how our products and services can help you to solve how you can comply with the GDPR regulations, making sure you have the right procedures in place to detect, report and investigate a personal data breach.

It was interesting to hear a recent presentation on the result of Verizon’s 10 years of research in to cyber breach reporting. Chris Novak of Verizon’s RISK team recently presented on “the real costs of a security breach”. He described how they had identified how 9 out of 10 breaches fit in to 9 basic patterns.

• Point of Sale (PoS) intrusions
• Payment card skimmers
• Web-App attacks
• Crimeware
• Cyber espionage
• DoS attacks
• Insider misuse Physical theft and loss
• Miscellaneous errors

He stated that the top impacts to a business are the legal and investigations costs post a breach, due to the impact of liability determinations. Regulated investigations are the most expensive. So it still stands that the cost of prevention greatly outweighs the cost of managing a breach. He spoke about their efforts to view the costs and the fact that they had to follow the tail, the impact, for years after the breach. Consideration was given to the cost of everything from the technical investigation, the requirement for legal counsel to customer care and external communications. He interestingly spoke about when Verizon go in to a company to assist post breach to speak about the long term remediation, messaging and introduction of future controls, many of the original staff involved had left the company for one reason or another. This is an unexpected impact of the negative way in which the staff involved are tainted following the incident.

It was also interesting to hear their assessment, from real world cases, of how quickly a threat actor took to compromise a victim, “the time to compromise is almost always days or less”. Comparing that in to how quickly the victim identifies the attack, he stated only 15-20% of companies identified the intrusion in “days or less”. The norm was months and up to 7 to 8 months in a lot of cases. It proves the need for proactive capabilities and preventative activity.

Verizon’s Data Breach Investigation Report is a great source of what is happening with online criminality and associated victims.
(http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/)

Xanadata is a data analytics company, specialising in building systems that analyse data at extreme throughputs addressing markets such as cyber security, e-discovery and BI analytics. It develops and builds custom hardware and software to allow organisations to rapidly identify vulnerabilities, threats and risks caused by systems connecting to the Internet.