fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

White House Wants US Govt to Use a Zero Trust Security Model

White House Wants US Govt to Use a Zero Trust Security Model

A newly released Federal strategy wants the US government to adopt a “zero trust” security model within the next two years to defend against current threats and boost cybersecurity defenses across federal agencies.

The strategy was released today by the White House’s Office of Management and Budget (OMB), which supervises the implementation of the President’s vision across the US Executive Branch.

Today’s announcement follows the release of an initial strategy draft in September 2021, which was prompted by the President’s Executive Order (EO) 14028.

The executive order initiated a government-wide effort to migrate toward zero trust and modernize the nation’s defenses against cyberattacks.

Also Read: PDPA For Companies: Compliance Guide For Singapore Business

“This memorandum sets forth a Federal zero trust architecture (ZTA) strategy, requiring agencies to meet specific cybersecurity standards and objectives by the end of Fiscal Year (FY) 2024 in order to reinforce the Government’s defenses against increasingly sophisticated and persistent threat campaigns,” said Shalanda D. Young, OMB’s Acting Director. (PDF)

“Those campaigns target Federal technology infrastructure, threatening public safety and privacy, damaging the American economy, and weakening trust in Government.”

Key elements of the new zero trust strategy include improved phishing defense through strong multifactor authentication, consolidation of agency identity systems, encrypting traffic and treating internal networks as untrusted, and strengthening application security to protect data better.

OMB’s new federal zero trust strategy foresees a Federal Government where:

  • Federal staff have enterprise-managed accounts, allowing them to access everything they need to do their job while remaining reliably protected from even targeted, sophisticated phishing attacks.
  • The devices that Federal staff use to do their jobs are consistently tracked and monitored, and the security posture of those devices is taken into account when granting access to internal resources.
  • Agency systems are isolated from each other, and the network traffic flowing between and within them is reliably encrypted.
  • Enterprise applications are tested internally and externally, and can be made available to staff securely over the internet.
  • Federal security teams and data teams work together to develop data categories and security rules to automatically detect and ultimately block unauthorized access to sensitive information

The government migration to zero trust security principles comes after cybersecurity companies pushed the zero-trust network model for years.

This continuous push for modern security principles culminated with the NSA and Microsoft recommending this security approach in February 2021 for large enterprises and critical networks (National Security Systems, Department of Defense, Defense Industrial Base).

Also Read: 10 Government Data Leaks In Singapore: Prevent Cybersecurity

Zero trust is a security approach where local devices and connections are never trusted and verification is needed at every step because defenders assume that intruders already have access to the network.

This security model was created by Forrester Research’s John Kindervag in 2010, with Google implementing some of its concepts in 2009 in an internal project (now known as BeyondCorp) after some of its intellectual property was stolen during Operation Aurora.

“In the face of increasingly sophisticated cyber threats, the Administration is taking decisive action to bolster the Federal Government’s cyber defenses,” Young added.

“This zero trust strategy is about ensuring the Federal Government leads by example, and it marks another key milestone in our efforts to repel attacks from those who would do the United States harm.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us