Rapid7: Access to Free Open Source Cybersecurity Tools
Rapid7 maintains and supports numerous open-source and community-sourced cybersecurity projects to help bring powerful security to all. These free tools give people access to the capabilities and information they need to defend themselves, regardless of their location or background. Rapid7 believes that it is only through wide access to tools and data that we can move the security industry forward.
“I think the number one key to our success is the diversity of our contributors. We have contributors from all over the world, from lots of different backgrounds, many of whom are not professional software engineers. They’re hackers. They’re hobbyists. They’re tinkerers. They’re QA people. They’re IT people. They’re doc writers. And so that just in and of itself has been really, really, really helpful for us.”
Google works with the Biden Administration to make open source software more secure
On January 13, 2022, Google joined with other technology industry leaders at the White House Open Source Software Security Summit to help inform the Biden Administration on ways to strengthen cybersecurity. Open source software code is available to the public, and free for anyone to use, modify, or inspect. Because it is freely available, open source software is used for everything from corporate innovation to national security systems and international projects. However, despite its importance, the security of these systems is only maintained on an ad-hoc volunteer basis.
Google utilized this meeting with the Biden Administration to advocate for the creation of an organization to act as a marketplace for open source maintenance; matching volunteers from companies with the critical projects that need the most support.
You can read more about Google’s open source work here.
Fortinet is changing cybersecurity to meet the demands of the modern work environment
When the workforce largely transitioned to the work-from-home model, the number of network access points rose astronomically. Network security was strained in many company networks while they became open to a host of new security challenges due to the access from home offices and public networks. To address these challenges, Fortinet developed a new long-term strategy for the workforce by blending security and connectivity through services and such as software-defined wide-area networking, secure access service edge, zero trust access, and zero trust network to protect networks no matter where employees are accessing them from.
But the biggest change Fortinet has proposed is changing to organizational structure and culture to achieve a convergence of security and infrastructure by removing organizational silos so security can be seamlessly deployed across every network edge.
Forward-thinking business leaders are investing in new converged technologies. Advanced solutions that blend connectivity and security into a single solution—like software-defined wide-area networking (SD-WAN), secure access service edge (SASE), zero trust access (ZTA), and zero trust network access (ZTNA)—protect hybrid networks by extending enterprise-grade network connectivity and security functions to the home office.
This is essential for ensuring a temporary WFH policy becomes a long-term strategy for running a digital business. Making the right investments requires thinking about security and networking as a converged solution, a security-defined network approach, rather than as discrete elements.
Competitors Sharing Information to Protect Networks
Looking for new ways to keep internet users and data safe, leading cybersecurity companies formed the Cyber Threat Alliance to make it easier for otherwise fierce competitors to share threat intelligence information with each other to help keep everyone safer from attacks.
Palo Alto Networks and Fortinet were founding members of CTA in 2014 and those companies were soon joined by other large cyber companies, including Cisco and McAfee. The nonprofit organization has grown to 34 private sector members as well as partnerships with other cyber nonprofits and public sector industry groups seeking to improve the security of networks around the globe.
Member companies share actionable threat intelligence data in a timely manner so other companies can prevent, identify and disrupt attacks. CTA is actively growing around the globe and building diverse partnerships with information sharing and computer emergency responses teams across all sectors.
Organizations like CTA are incredibly important for helping protect US networks and consumers. Timely threat intelligence sharing can help keep the entire online ecosystem safer from ever-changing attacks from nation-states or cybercriminals.
The technology industry believes the online world should be a secure place for everyone.
Strong, responsive online security is critical to ensuring that consumers, industries and governments have trust and confidence in placing information online and conducting business. Technology companies are working cooperatively to ensure threat intelligence is shared promptly within the public and private sectors to minimize disruptions, thwart cyber attackers and protect consumers, businesses and organizations. The industry is innovating and producing new technologies—including machine learning and AI-powered systems—to more quickly identify, stop and defend U.S. networks and infrastructure to minimize the disruption of cyberattacks.
Good policy means expanding federal cybersecurity investments to ensure secure and resilient networks will protect critical national infrastructure such as the electrical grid and water supply, and the government’s own technology infrastructure. It means creating an environment that supports regular threat intelligence and information sharing practices within the private sector and with federal agencies as appropriate as well as encouraging strong federal leadership to oversee streamlined government efforts to improve cybersecurity and supply chain resilience.