The Circle of Zero Trust https://www.cybercyte.com CyberCyte provides a framework of solutions to help organisations on their journey to the new paradigm in Cyber security Wed, 29 Jan 2020 03:01:09 +0000 en-GB hourly 1 https://wordpress.org/?v=5.3.2 https://secureservercdn.net/160.153.137.218/xmt.e22.myftpupload.com/wp-content/uploads/2020/01/favicon.png?time=1585575037 The Circle of Zero Trust https://www.cybercyte.com 32 32 Agentless Threat Visibility & Endpoint Compliance https://www.cybercyte.com/agentless-threat-visibility-endpoint-compliance/?utm_source=rss&utm_medium=rss&utm_campaign=agentless-threat-visibility-endpoint-compliance Fri, 03 Jan 2020 11:33:24 +0000 https://www.cybercyte.com/?p=1433

Utilising DNS protocol for threat discovery, network access control and BYOD Compliance.

With the emergence of trends like Bring Your Own Device (BYOD), increased mobility and cloud technology, securing corporate data is becoming more difficult. Organisations are continuously looking for new technologies to protect their users and information. BYOD is becoming a core framework where the organisation, mobile access and cloud interact.

The Emergence of BYOD
Bring Your Own Device (BYOD) is defined as allowing the employees to use their personal computers, mobile phones, tablet or other devices for work by an organisation.
Between 2019 and 2024, the expected yearly growth is 15% indicating unprecedented growth due to its possible benefits for end-users and organisations.
The reasons for growth are two-sided. Employees experience increased satisfaction, production and innovation, which is vital in today’s competitive landscape. Businesses also experience significant cost savings.
With the emergence of 5G, it is expected that BYOD will be adopted more widely but
bringing other challenges parallel to this growth.

Challenges in BYOD

The business benefits are also bringing new challenges. Security and scalability concerns are seen as the leading areas preventing the broader acceptance of BYOD.

Security Challenges

  • An infected personal device with malware can affect the corporate technology infrastructure and infect other devices once it is connected to the internal network.
  • When corporate information is stored in personal devices protecting the data and enabling accountability is difficult.
  • In the case the devices are stolen, the risk of corporate data compromise is
    significantly higher as centralised security policies cannot be enforced on personal
    devices.
  • When the users are off the premises, it becomes challenging to provide security services.

Scalability Challenges

  • When a personal device malfunctions, is lost or stolen, it can disrupt the business, especially if the device is the primary one.
  • Accounting for different device types, designing the approval processes and auditingfor compliance becomes more complex as the number of devices increase.

NetCyte for Agentless Threat Visibility & Endpoint Compliance

NetCyte is a next-generation NAC solution that provides dynamic and adaptive access
control with unparalleled threat discovery. The system creates a holistic view of IT
infrastructure by enabling 100% accurate discovery, classification and profiling of any device.

The threat discovery component reduces the attack surface and minimises the impact of cyber threats originating from devices in the corporate networks. Threat analysis is performed with or without an agent supporting both corporate and guest devices.

By utilising different methods for detection and blocking the system is deployed in a few days. The system can act as the DNS Server within the organisation to discover and block access enabling organisations to deploy a NAC framework quickly with advanced threat discovery and prevention.

  • Multiple techniques on the network, DNS and application layers are utilised for seamless discovery.
  • By using SNMP or SSH to poll MAC and ARP address tables, a 100% accurate visibility of network topology is created.
  • Device discovery can be made through a lightweight DNS Server, which is very easy to deploy and great enabler for auto-enrolment of the users.
  • The Secure DNS server enables the discovery of malicious activity without any
    topology change based on its AI-based categorisation engine.
  • DNS Server acts as the first line of blocking if the device is unauthorised or creates a malicious activity.
  • If the blocked devices reside on a manageable switch/router/firewall blocking takes place at any level by executing a simple VLAN/ACL change through an SSH
    connection to the network device.
  • Endpoints can be protected even when they are off the premises.

How it Works

The system provides multiple methods for detection and blocking.

Detection

  • Track ARP & MAC Table from Network Devices: By just using the SNMP protocol, all devices are discovered and classified. Agentless classification without Admin rights is supported.
  • Port Mirroring: Ports which devices are active are mirrored. Through the mirrored port, devices are discovered. On distributed networks, this requires appliances in remote sites.
  • ARP & DHCP Sniffing: In this mode multicast ARP & DHCP packets are tracked through trunk ports. On distributed networks, this requires appliances in remote sites.
  • DNS Query Analysis: The system acts as a DNS Server for the organisation to discover the devices inside the organisation.

Blocking

  • SSH Command Execution for VLAN change or ACL application.
  • SNMP Execution for VLAN change.
  • TCP Reset if port mirroring is used.
  • 802.1x.
  • ARP Redirection.

Architectural Advantages

  • Agentless for Windows, MAC and Linux devices.
  • Better scalability in Windows-based distributed networks.
  • Advanced threat discovery and prevention.
  • Ability to perform network device configuration.
  • Multiple methods for detection and prevention.
  • Ability to identify malicious traffic from guest devices without an agent or inline
    operation.

CyberCyte Advantages

  • Deploy in days across complex campus networks.
  • Support for multiple deployment scenarios.
  • Do not require multiple distributed components.
  • No reliance on agents, traffic interception or port mirroring.
  • Support non-intelligent and unmanageable network devices.
  • Do not require any configuration change or agent on endpoints.
  • Advanced threat discovery with remediation.
]]>
CyberCyte is a Proud Sponsor of ITSPmagazine’s InfoSec Europe Conference Coverage https://www.cybercyte.com/cybercyte-is-a-proud-sponsor-of-itspmagazines-infosec-europe-conference-coverage/?utm_source=rss&utm_medium=rss&utm_campaign=cybercyte-is-a-proud-sponsor-of-itspmagazines-infosec-europe-conference-coverage Fri, 15 Nov 2019 10:58:30 +0000 https://www.cybercyte.com/?p=1897

At CyberCyte, we make it our priority to participate and support industry events and publications that focus on cybersecurity, IoT and biometrics. In this regard, we’re happy to announce that CyberCyte is one of the sponsors for ITSPmagazine’s first coverage of the InfoSec Europe Conference, which is headlined“ Chats on The Clouds to InfoSec Europe 2019 | Skills And The Future Of CyberSecurity”.

Held over two days from 4-6 June in London, Info Security Europe is the leading event for the information technology and cybersecurity industries in Europe. This event will bring business, tech and cyber communities together to discuss how best to protect data, companies and individuals.

In the days leading up to InfoSec, ITSPmagazine connects with a selection of keynote speakers, presenters, panellists and organisers to gain exclusive presentation previews and insights into their topics of expertise.

A highlight in ITSPMagazine’s early coverage is an interview with Kevin Fielder (CISO at Just Eat), conducted by Sean Martin and Marco Ciappelli, on ‘Skills and the Future of CyberSecurity’; sponsored by CyberCyte‬. Kevin and his team are responsible for delivering food to 26 million customers from over 100,000 restaurants across 13 countries. In this interview, Kevin shared his views on the current state of cybersecurity, in addition to insights on what it means to run a cyber-safe operation at Just Eat. Just Eat’s security organisation is responsible for covering everything from culture and awareness to application security, as well as compliance and other front-line security operations.

In the fast-moving tech industry, Kevin’s key goals are to keep the business agile and to successfully compete in the marketplace, all the while ensuring the security of customer data. He states that cybersecurity is a very hot topic for his board members, who are investing in a deeper understanding of data privacy and security.

During InfoSec Europe in London, Kevin will be speaking to conference attendees about the importance of information security skills, the challenges involved in hiring top cybersecurity talent, and how to retain talent within companies.
To listen to the full interview on SoundCloud, click here.

Meet CyberCyte at Info Security Europe

Mark your calendar and be a part of Europe’s leading information and cybersecurity event. We will be exhibiting at stand N124, so come and find us to learn about our built-in unified physical, network and perimeter security solution framework. Discover how CyberCyte is unifying physical, logical and cyber access with The Circle of Zero Trust.
Mark your calendar and be a part of Europe’s leading information and cybersecurity event. We will be exhibiting at stand N124, so come and find us to learn about our built-in unified physical, network and perimeter security solution framework. Discover how CyberCyte is unifying physical, logical and cyber access with The Circle of Zero Trust.

]]>
Biometrics: Taking Authentication Beyond Passwords to Provide Robust Access Controls https://www.cybercyte.com/biometrics-taking-authentication-beyond-passwords-to-provide-robust-access-controls/?utm_source=rss&utm_medium=rss&utm_campaign=biometrics-taking-authentication-beyond-passwords-to-provide-robust-access-controls Tue, 10 Sep 2019 10:50:11 +0000 https://www.cybercyte.com/?p=1890

ABSTRACT

This is the second of a three-part blog series that presents an overview of our cloud-based, integrated access control, threat mitigation, and security management platform. In our first blog, we examined the importance of the Circle of Zero Trust and what makes the CyberCyte platform unique in helping organisations protect their digital assets. In this blog, we present how biometrics provides several advantages over password-based access systems while also making end-user password administration much easier.

Biometrics: Taking Authentication Beyond Passwords to Provide Robust Access Controls

Biometrics holds the key for information security teams looking to bolster their security measures. In comparison to password-based authentication, biometrics offers much greater identification validation and access control capabilities to ensure networks, systems, devices, applications and databases are accessed only by legitimate, authorised uses.

By identifying the unique characteristics of individual people, biometrics thus offers organisations a great way to expand their solution sets, ensuring authorised users can access their business resources through approved mobile devices, desktops, applications, and virtual private networks.

In addition to the security benefits of making end-user credentials impossible to steal or share, biometrics makes things a lot easier for IT from an operational perspective while reducing the cost of technical support as there’s no need to reset forgotten passwords to re-authorize end-users.

The State of Biometrics in Business Operations

Specific unique characteristics that biometrics can verify include facial recognition, retina scans, and finger/palm prints. These characteristics are unique to each individual and distinguish each person from everyone else.

Many end users have already grown accustomed to biometrics, such as using facial recognition to unlock their mobile devices and fingerprint scanners to facilitate store purchases and bank transactions. In the healthcare space, biometrics can be used in hospitals to monitor patients while governing access control, identification, and patient record storage.

Biometrics is also in use at some airports, which use palm prints and retina scans to allow passengers to bypass the initial ticket and identification check-in stations. There’s also use of biometrics in law enforcement, such as border security control environments and police stations where potential suspects can be properly identified.

In the business world, biometrics is also gaining momentum. Gartner predicts that by 2021, 70% of organisations using biometric authentication for workforce access will implement it via smartphone apps, regardless of the endpoint device being used. In 2018, that figure was fewer than 5%.

The Role of Biometrics in Information Security

Biometrics can play a key role in information security as the technology mitigates access-related risks far better than password-based systems. The data cannot be copied and is spyware proof. Biometrics also cannot be shared with other users, and it can’t be stolen—as is the case with passwords. It’s literally impossible for unauthorised users to use the biometric data of another user.

In addition, biometrics data cannot be forgotten by end users. And verification occurs much faster than it does with passwords. Both of these attributes make end-users very happy.

When managing a biometrics solution, the data must be accurately collected. It should also be securely stored and transmitted to ensure systems recognize authorised end users. Encryption and other security measures must also be used to protect biometrics databases so cybercriminals cannot gain access. These security measures are critical; end users can change passwords if compromised, but they can’t change their biometrics should that data be stolen.

Biometrics in Action

Many organisations across the globe have successfully deployed biometrics solutions. The Social Security Institution in Turkey uses biometric authentication to prevent health abuse and irregularities in data. More than one hundred million Turkish citizens have been authenticated, and the system operates at 99.999% uptime. It’s one of the largest biometric authentication systems in the

The Power of Connecting Biometrics to the Larger Access Control Program

The BioCyte biometrics solution from CyberCyte provides palm scan, finger-print and facial recognition. The solution can enable identity tokenization by storing end-user biometric information on access cards rather than servers running in their data centre for protecting biometric data.

When integrated with other access control processes, including traditional Network Access Control (NAC) systems, a centralised security platform from CyberCyte ensures only legitimate and non-compromised users, devices and apps can access the things they are supposed to—at the right time and from the right location according to an organization’s appropriate use and information security policies. Together, BioCyte and NetCyte offer a powerful combination for protecting digital assets.

]]>
Circle of Zero Trust https://www.cybercyte.com/circle-of-zero-trust/?utm_source=rss&utm_medium=rss&utm_campaign=circle-of-zero-trust Mon, 03 Jun 2019 12:09:22 +0000 https://www.cybercyte.com/?p=1460

In this blog, we examine the importance of the Circle of Zero Trust and what makes the CyberCyte platform unique in helping enterprises protect their digital assets. We also introduce you to the CyberCyte leadership team and how they have formed partnerships with Managed Security Service Providers so that organisations can easily tap into a comprehensive cybersecurity solution that requires no internal resources for implementation and support and can be deployed in minutes.

Agentless Threat Detection and Contextually-Driven Access Control Delivered Through an Integrated Security Platform

When it comes to cybersecurity, here at CyberCyte we believe it’s all about building the Circle of Zero Trust; a circle that allows you to know that access to both the Internet and the internal network by your end-users via their endpoint devices and apps are doing so in a secure, legitimate manner. The Circle of Zero Trust tops all that off by giving you complete visibility into what’s taking place across your network infrastructure, so you don’t have to rely on trust – you can visually confirm that this is true.
Our concept of the Circle of Zero Trust first emerged in 2004, when CyberCyte’s founder, Necati Ertugrul, launched a cyber security company intending to develop an integrated platform for enterprises to manage their cyber security infrastructure centrally. While built to scale to the largest of enterprises, by also partnering with a select network of Managed Security Services Provider (MSSP), our solutions enable customers of any size to create a cybersecurity framework that integrates these trusted components:

  • Identity Assurance—makes sure end users are who they claim to be, through physical biometric authentication.
  • Secure Internet Access—ensures only legitimate end users with the proper credentials are allowed through.
  • Device Management—checks for endpoints that don’t conform to security policies and denies them network access.

Additionally, we are the first and only company to provide a built-in, agentless security solution that integrates physical, network, and perimeter security in a single framework. Our unified platform enables businesses to leverage a solution that automatically manages their security posture and proactively discover cyber threats before they impact the IT infrastructure.

The CyberCyte Difference

The CyberCyte platform of security solutions is unique in that it offers agent-less cyber threat analysis and discovery—no components are required to run on customer networks and endpoints. The integrated platform provides complete visibility into threats and automatically delivers comprehensive security capabilities:

  • Threat Discovery—DNS threat analytics integrated with network threat scanning discover malicious activity before impact occurs.
  • Biometrics and Network Access Control—identity assurance and physical access tracking enable customers to recognize identity thefts and block access automatically.
  • 100% Visibility and Zero Trust—every connected device is scanned for threats, and access is blocked if non-compliance is detected.
  • Compliance Facilitation—Continuous threat discovery and identity management enable easier fulfillment of compliance targets.

With these capabilities, CyberCyte enables businesses to defend against threats including targeted and mass-scale phishing and malware attacks while giving the security operations team the ability to discover all assets accessing their networks – both legitimately and nefariously. And, with the solution running in the cloud supported by CyberCyte’s trusted managed security services partners, customers do not require any internal implementation and support resources. The technology deploys within minutes and begins to immediately protect the organization.

]]>
Integrating Network Access Control Into Centralised Security Platform https://www.cybercyte.com/integrating-nac-into-centralised-security-platform/?utm_source=rss&utm_medium=rss&utm_campaign=integrating-nac-into-centralised-security-platform Mon, 18 Jun 2018 07:17:00 +0000 https://www.cybercyte.com/?p=1525

By Integrating NAC Into Centralised Security Platform, Organisations Increase Their Security Posture

It’s perhaps the #1 mission of every security team: define and control access to resources on the network and make sure only authorised users and devices can gain access to digital assets.

While Network Access Control (NAC) is a key tool in achieving this objective, NAC isn’t just about letting the right users onto the network and keeping the bad ones out. It’s also about granting access for traditional endpoints and mobile devices to assets behind the firewall (on-premises resources) that end users are entitled to. NAC solutions must also control access outside the firewall—to the Internet and in cloud-based services.

Yes, businesses want users accessing the resources they need to do their jobs. But businesses also don’t want users tapping into websites and applications that open the door for cybercriminals to infiltrate the internal network.

The State of Network Access Control in Business Operations

When combined with authenticated identity and biometrics, NAC solutions can address the challenges noted above. NAC deployed properly can also ensure only legitimate and non-compromised users and devices and apps can access the things they are supposed to access—at the right time and from the right location.

Gartner defines Network Access Control (NAC) as the technologies that enable organisations to implement policies for controlling access to corporate infrastructures, by user-oriented devices, operational technology (OT) devices, and Internet of Things (IoT) devices. Policies may be based on authentication, endpoint configuration (posture) or users’ roles/identities. NAC can also implement post-connect policies based on integration with other security products. For example, NAC could enforce a policy to contain the endpoint based on an alert from a SIEM – or to enforce a policy to require a second factor authentication via biometrics for high-value or high-risk transactions when the situation calls for it (such as a questionable time of day or geo-location).

NAC solutions that deliver these capabilities are often part of the security strategy at large enterprises; the key is having the right collection of technologies and processes in place to define and enforce your business-ready policies.

For many small and medium-size enterprises (SMEs), NAC technologies and expertise are often beyond the reach of their IT budgets. That’s where managed security service providers (MSSPs) come in—with their ability to deploy and manage NAC solutions cost-effectively on behalf of SME customers.

The key for both segments large and small is to go beyond traditional NAC capabilities by utilizing a platform that integrates NAC with other security measures, such as biometrics for identity authentication and second factor authentication. At CyberCyte, we refer to this approach as building the Circle of Zero Trust.

With our CyberCyte security platform, the Circle of Zero Trust allows MSSPs and organisations of all sizes to move beyond blind trust to a state of knowing that internal network and Internet access by end users will be both legitimate and safe. Organisations can also ensure that all end users, devices and apps that attempt to connect to their networks are authorised. The Circle tops all that off by giving you complete visibility into what’s taking place across your network infrastructure, so you don’t have to rely on trust – you can visually confirm that this is true.

The Role of Access Control in Information Security

NAC solutions play a critical role in information security by mitigating risks such as weak passwords, open router ports, network traffic that impedes network performance, or device and network activity that is malicious in nature. With a leading NAC solution, organisations can deliver several key capabilities to their customers:

  • Discover weak passwords, changed passwords, account lockouts and password breach attempts on any device.
  • Track network-access audit data.
  • Detect port scans, hubs, stacked devices, event log deletion, and group membership changes.
  • Conduct asset inventory and threat discovery
  • Run process analysis to discover traffic flow.
  • Check for bandwidth consumption and unauthorised attempted remote connections.

NetCyte from CyberCyte provides all of these capabilities with no agent installation and does not require an appliance to run on-premises within customer networks. Rather, it is deployed and managed through the cloud as a service. The solution can integrate with any network device supporting a remote connection without any dependencies—and offers unprecedented scalability along with different methods for discovery and blocking.

As an example, organisations leveraging the CyberCyte platform can discover if any IT infrastructure processes have created a listening port, which can be a backdoor for a cyber attack. The technology also analyzes operating system drivers, installed services, start-up objects, and scheduled tasks—each of which can provide crucial signs to informed technical capabilities to identify if there are any risky components running or activities taking place.

When NetCyte—with its contextual network access control capabilities—is combined with biometrics on the CyberCyte platform, organisations also gain much greater visibility and control over which end users and which devices can access digital assets. Policies can also be set to control the time and location from which assets can be accessed.

Network Access Control in Action

An international bank preferred NetCyte after years of trying other competing products. The bank had more than 750+ branches and 3 main office locations. The bank wanted an agentless NAC platform that did not depend on network devices nor the use of 802.1X. The bank’s distributed topology meant that an appliance deployed to the remote branches was also not acceptable. Due to inaccurate classifications in agentless mode and lack of support in customizing network commands, the competing products failed in branch deployments. NetCyte enabled higher accuracy, better response time, and accurate classification in remote branch deployment; NetCyte become the preferred solution and continues to deliver value throughout the bank’s growing infrastructure.

]]>