The Crisis of Convergence: OT/ICS Cybersecurity 2023, which is available for free download, “details diverse intensifying challenges, including growth in attacks via Ransomware-as-a-Service (RaaS) models, exploitation of supply chain vulnerabilities and prevalence of state-sponsored hackers and other politically motivated actors in the wake of geopolitical issues,” according to the company announcement.

TXOne Networks surveyed 405 key information technology (IT) and operational technology (OT) security decision-makers from across multiple global markets and sectors including automotive, pharmaceuticals and biotechnology, chemical, general manufacturing, oil and gas and transportation in September 2023.

The Crisis of Convergence: OT/ICS Cybersecurity 2023 “distills the survey findings, alongside extensive TXOne Networks threat research from 545 cybersecurity incidents around the world in 2023,” according to the company announcement.

“The threat landscape has intensified significantly in the industrial manufacturing and critical infrastructure sectors, leading to destructive events, economic losses, and potential risks to human safety,” reads the TXOne Networks report, which was produced in collaboration with Frost & Sullivan.

“Organizations emphasize the protection of critical OT assets as a top priority, with data security being a key investment area within their OT security budget allocations,” the report says. “Organizations are also seeking to invest in strengthening the resilience of their technological infrastructure and are turning to innovative approaches like Cyber-Physical Systems Detection and Response (CPSDR), which integrates OT expertise across various domains.

“This enhances OT security posture and resilience against evolving threats, enabling organizations to better protect their operations and ensure resilience in the face of a constantly changing threat environment,” according to the report.

More About the TXOne Networks Cybersecurity Report

The Crisis of Convergence: OT/ICS Cybersecurity 2023 explores a range of topics relevant to contemporary OT/ICS cybersecurity:

• Ransomware threats
• OT system maintenance and Information Technology (IT) integration concerns
• Nation-state cyberattacks and implications
• Dedicated teams for OT and Industrial Control System (ICS) security management
• OT/ICS cybersecurity investment
• New regulations and standards propelling OT/ICS defense
• Supply-chain Integrity

“The Crisis of Convergence: OT/ICS Cybersecurity 2023 is the result of a thorough research and technical analysis that is aimed at delivering up-to-date insights into the global threat landscape and the tactics that malicious actors employ to launch attacks,” says Terence Liu, chief executive officer (CEO) of TXOne Networks, in the announcement.

“The findings are clear,” he says. “Organizations must move well beyond regulatory compliance in their OT/ICS cybersecurity strategies if they are to successfully adapt for the constantly evolving threat.

“Safeguarding the availability, reliability and security of revenue-generating operations will depend on new governance structures, enhanced team and technical capabilities, integration of advanced threat detection and response into cybersecurity frameworks and risk management across the supply chain,” says Liu.

Another version of this article originally appeared on our sister-site Security Sales & Integration on February 16, 2024. It has since been updated for My TechDecisions’ audience.

The post Rising Ransomware, Supply Chain Disruptions & Geopolitical Issues Complicate Cybersecurity appeared first on My TechDecisions.

Virtual Production in Action

Per a statement, InfoComm attendees will get a first-hand look at how virtual production works at The Unreal Ride, a virtual production experience presented by Vū, Unilumin, and MRMC (booth 6081). The teams have collaborated to debut an entirely new Unreal Ride. The experience features a Jeep where two participants can ride through newly created virtual worlds specifically designed for InfoComm 2023. Attendees will also experience a blend of the physical and virtual worlds through a combination of the latest innovations in virtual production technology. These include advanced LED panels, a motion-controlled camera, camera tracking and virtual environments created with Unreal Engine and lighting optimized for virtual production.

“We’re really looking forward to this virtual production experience Vū, Unilumin and MRMC are bringing to InfoComm 2023,” says Rochelle Richardson, CEM, senior vice president of expositions and events, AVIXA, producer of InfoComm. “The InfoComm audience is not only going to see the magic of virtual production — they’re also going to get to participate!”

Deep Dive into Emerging Trends

On Tuesday, June 13, InfoComm will present “Emerging Trends,” an annual review of the industry’s latest technology advancements. The half-day program, led by Pete Coman of PTS Consulting, will allow attendees to discover how technologies such as AR, VR, NDI, Dante AV, wireless collaboration solutions and other emerging tech will revolutionize the way we connect and collaborate.

The day begins with the session “Beyond Reality: Exploring the Future of Work with Virtual and Augmented Reality” led by Linda Gedemer of AlphaTech. Next, Oliver Van Camp from Barco and Christopher Jaynes of Q-SYS will present “Unleashing the Power of Connectivity and Collaboration: A Glimpse into the Future.”

Paul Harris from Aurora Multimedia will also discuss “Revolutionizing the Workplace: The Future of Audio Visual & Control Technology.” The program concludes with the session “NDI and Dante AV: Which one is the real AV superhero?” with Paul Richards of PTZ Optics and Will Waters from Audinate.

“The education program at InfoComm 2023 will show you the endless possibilities of pro AV technology,” adds Annette Sandler, director, live content, U.S./Canada, AVIXA. “Attendees can take classes on specific technologies they need to learn more about and different applications and case studies for projects that they’re working on. Our Emerging Trends program is a must-attend for anyone wanting to know “what’s next” in the ever-evolving world of pro AV.”

All About AI

InfoComm 2023 will also host more than 100 hours of education on critical pro AV topics, including emerging technologies like AI.

On Wednesday, June 14, Diversified’s Stephen Jenkins and Blaine Brown will present the session “The Impact of AI: How AI Will Enhance and Transform the Industry” at the Technology Innovation Stage (booth 2260). They’ll explore AI-powered collaboration solutions and revolutionary cloud services. These include OpenAI and Microsoft Copilot. They’ll also discuss the imminent shift from “preventative” to “predictive” maintenance through AI-enabled analytics, leading to self-healing capabilities.

Brad Sousa of AVI Systems will also present “Integrating Tools to Make the Workplace More Useful: AI and Smart Technologies” on Thursday, June 15. In this session, Sousa will discuss how AI and smart technologies can enhance meeting workspaces and concierge services for individual employees as well as security tools — all using sensors, IoT, occupancy and access control to correlate data.

Another version of this article originally appeared on our sister-site Commercial Integrator on June 2, 2023. It has since been updated for My TechDecisions’ audience.

The post InfoComm 2023 Show to Spotlight Emerging Technologies appeared first on My TechDecisions.

While the FTC only mentions consumer customers, Ring does offer commercial security solutions under its Ring for Business arm. In addition, the allegations in the FTC’s complaint further demonstrate the risks that many IT and security professionals say are inherent in IoT devices. 

Under a proposed order, which must be approved by a federal court before it can go into effect, Ring will be required to delete data products such as data, models, and algorithms derived from videos it unlawfully reviewed. It also will be required to implement a privacy and security program with novel safeguards on human review of videos as well as other stringent security controls, such as multi-factor authentication for both employee and customer accounts.

“Ring’s disregard for privacy and security exposed consumers to spying and harassment,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “The FTC’s order makes clear that putting profit over privacy doesn’t pay.”

California-based Ring LLC, which was purchased by Amazon (Nasdaq: AMZN) in February 2018. According to My TechDecisions’ sister-site CE Pro’s 2023 100 Brand Analysis, Ring is the No. 1 video doorbell product installed by integrators with 66% of leading integrators installing the solution.

“Ring’s disregard for privacy and security exposed consumers to spying and harassment.”

— Samuel Levine, Director of FTC’s Bureau of Consumer Protection

In a complaint, the FTC says Ring deceived its customers by failing to restrict employees’ and contractors’ access to its customers’ videos, using customer videos to train algorithms, among other purposes, without consent, and failing to implement security safeguards.

According to the complaint, these failures amounted to egregious violations of users’ privacy. For example, one employee over several months viewed thousands of video recordings belonging to female users of Ring cameras that surveilled intimate spaces in their homes such as their bathrooms or bedrooms. The employee wasn’t stopped until another employee discovered the misconduct. Even after Ring imposed restrictions on who could access customers’ videos, the company wasn’t able to determine how many other employees inappropriately accessed private videos because Ring failed to implement basic measures to monitor and detect employees’ video access.

The FTC also said Ring failed to take any steps until January 2018 to adequately notify customers or obtain their consent for extensive human review of customers’ private video recordings for various purposes, including training algorithms. Ring buried information in its Terms of Service and Privacy Policy, claiming it had a right to use recordings obtained in connection with its services for “product improvement and development,” according to the complaint.

Ring’s Alleged Security Failures

According to the complaint, Ring also failed to implement standard security measures to protect consumers’ information from two well-known online threats—“credential stuffing” and “brute force” attacks—despite warnings from employees, outside security researchers and media reports. Credential stuffing involves the use of credentials, such as usernames and passwords, obtained from a consumer’s breached account to gain access to a consumer’s other accounts. In a brute force attack, a bad actor uses an automated process of password guessing—for example, by cycling through breached credentials or entering well-known passwords—hundreds or thousands of times to gain access to an account.

Despite experiencing multiple credential-stuffing attacks in 2017 and 2018, Ring failed, according to the complaint, to implement common tactics—such as multifactor authentication—until 2019. Even then, Ring’s sloppy implementation of the additional security measures hampered their effectiveness, the FTC said.

 “The FTC’s order makes clear that putting profit over privacy doesn’t pay.”

— SAMUEL LEVINE, FTC

As a result, hackers continued to exploit account vulnerabilities to access stored videos, live video streams, and account profiles of approximately 55,000 U.S. customers, according to the complaint. Bad actors not only viewed some customers’ videos but also used Ring cameras’ two-way functionality to harass, threaten, and insult consumers—including elderly individuals and children—whose rooms were monitored by Ring cameras, and to change important device settings, the FTC said. For example, hackers taunted several children with racist slurs, sexually propositioned individuals, and threatened a family with physical harm if they didn’t pay a ransom.

In addition to the mandated privacy and security program, the proposed order requires Ring to pay $5.8 million, which will be used for consumer refunds. The company also will be required to delete any customer videos and face embeddings, data collected from an individual’s face, that it obtained prior to 2018, and delete any work products it derived from these videos. The proposed order also will require Ring to alert the FTC about incidents of unauthorized access or exposure of its customers’ videos and to notify consumers about the FTC’s action.

The Commission voted 3-0 to authorize the staff to file the complaint and stipulated final order. The FTC filed the complaint and final order in the U.S. District Court for the District of the District of Columbia.

A version of this article originally appeared on our sister site CE Pro. 

The post FTC Accuses Ring of Watching Private Videos, Poor Security Practices appeared first on My TechDecisions.

To effectively navigate the digital transformation journey, there are several key topics that manufacturing companies should consider. Enterprise Resource Planning software and manufacturing solutions offer a broad spectrum of manufacturing planning, execution, and integration, making them great models to consider for digital transformation.

1. Change management enables teams to thrive in change

Efficient change management is necessary to ensure a smooth transition to new ways of working, manage supply chain disruptions and implement new business models, and support employees to thrive with change and navigate ongoing uncertainty.

Change management has become more critical since COVID-19 because the pandemic has significantly transformed how businesses operate, and companies have had to adapt quickly. All operations are in the hands of humans, and no matter how good technology is, execution will fail if individuals do not work as a team to support the company’s mission.

Manufacturing companies can best manage organizational change by setting up and managing a change management program and a change management organization. Specific methodologies to develop, deploy, and build a change management program are integral components in the digital transformation project for the respective project, and system integrators are helping with best practices and deploying them.

2. Business process management is key to digital transformation

Effective process management and a business process management organization as an endpoint for digital transformation are crucial because it enables organizations to optimize their business processes, improve efficiency, and achieve better outcomes.

Process management involves mapping and analyzing business processes, identifying areas of inefficiency or waste, and implementing process improvements. Organizations can reduce costs, improve quality, and increase productivity by optimizing business processes.

Related: Sustainability is the Key 2023 IT Trend

3. Sustainability – A new perspective for manufacturing

Sustainability is the third area of focus, driving digital transformation from both ends. It has emerged as a new initiative, pushing digital transformation forward. As a beneficiary of digital transformation, it gives manufacturing companies an entirely new world of data to measure sustainability goals such as carbon footprints or product lifecycle analysis to assess the impacts of products and what can be done.

Digital transformation to support sustainability for manufacturing is fundamental, considering the potential environmental effects of manufacturing processes, potential cost savings, reputation and branding, compliance, and innovation by adopting sustainable manufacturing practices.

Sustainability is still relatively new for most players in the general ERP space. However, the demand has never been higher than today. Managing sustainability goals can be challenging, requiring data availability, data quality, standards, frameworks, resources, investments to implement, and agreement on stakeholder expectations.

However, as with other areas in digital transformation, specific methods, and best practices are applicable.

4. The cloud is here to stay

The manufacturing industry may have been hesitant to adopt cloud computing due to concerns about data security, privacy and potential disruption to existing systems. However, as the benefits of cloud computing are more apparent, more and more manufacturers are beginning to adopt cloud-based solutions.

Security and privacy are a big concern for many; however, unless the manufacturing applications are entirely sealed off, the industry consensus is that security and privacy are a matter of managing policies rather than actual physical access issues. If done right, the cloud gives customers more control over privacy and security than traditional on-premises solutions.

Manufacturers today face a critical challenge – ensuring round-the-clock manufacturing operations with zero interruptions. Any potential disruption can have significant consequences with ramp-up and ramp-down processes requiring uninterrupted functions. However, manufacturers already offer cloud solutions with substantial development in this regard.

5. Cybersecurity challenges in manufacturing companies

In the age of digital transformation, cybersecurity is a critical concern for manufacturing companies. With increased reliance on interconnected systems, IoT devices, and cloud computing, the risk of cyber threats and data breaches is higher than ever.

Manufacturers must prioritize robust network security protocols, regular vulnerability assessment, and secure access controls to protect valuable assets. Implementing advanced intrusion detection and prevention systems, real-time monitoring, and incident response capabilities is essential for prompt threat identification and mitigation. Employee awareness and training programs also play a crucial role in preventing cyber-attacks.

By addressing these challenges, manufacturing companies can maintain operational integrity, protect sensitive information, and build customer trust. Cybersecurity must be fundamental to their digital transformation strategy for a secure future.

How to drive digital transformation

The points above highlighted the various aspects of digital transformation. However, the question that arises is how to tailor it to support the organization’s progress. The digital transformation process can be complex as it integrates new technologies, processes and data throughout the organization.

Adopting a strategic approach that aligns technology with business goals is necessary to prioritize digital transformation in the manufacturing industry. This can be achieved by following these key steps:

• Define business objectives: Identify the critical business objectives that digital transformation can help achieve.
• Evaluate current capabilities: Assess the current state of technology, processes, and data across the organization to identify areas of improvement and potential opportunities.
• Develop a roadmap: Chart a digital transformation roadmap, detailing the steps to achieve the identified business objectives
• Prioritize investments: Prioritize technology investments based on their potential impact on the business objectives identified in step one.
• Foster a culture of innovation: Encourage employees to experiment with new technologies and processes, thereby cultivating a culture of innovation.

Alexander Paulus is a Senior SAP Professional and SAP Project Manager with 15+ years of experience in various project roles, mainly in global ERP Implementation projects and Solution Architecture and Delivery & Operations Management. He is Managing Director at CNT Management Consulting Inc. and one of the key digitalization subject matter experts.

The post Five Key Topics for Digital Transformation in Manufacturing Companies appeared first on My TechDecisions.

According to the Campbell, Calif. cloud-first security company, its single-vendor SASE service is designed to help businesses and managed service providers (MSPs) strengthen their security posture and reduce costs. The company says Barracuda SecureEdge secures users, sites and IoT devices, and can connect any device, application and cloud or hybrid environment.

According to Barracuda, its SASE solution–delivered as a service–includes multi-layered network protection for consistent policy enforcement for both remote and in-office users, delivered from the cloud, on-prem or hybrid environments.

In addition, the solution offers protection against web-based threats regardless of user location, and secure remote access for any user to any application. SecureEdge also facilitates optimized cloud and application access from any user or site by providing Secure SD-WAN capabilities.

The solution also facilitates direct access to applications for remote users by leveraging Zero Trust enforcement, URL filtering, and traffic optimization to make the most of shared internet lines, the company says.

Specifically, Barracuda says SecureEdge provides control and visibility tools that give business and MSPs insight into user-generated traffic at each endpoint, allowing them to maintain control over critical application traffic.

Barravcuda’s new SASE service also features intent-based networking policies that are applied across the entire platform, including SD-WAN and secure application access, and multiple levels of security and connectivity with auto-secure SD-WAN are included over all available uplinks.

In addition, Barracuda SecureEdge includes built-in last-mile optimization using advanced forward error correction algorithms to mitigate packet loss and optimize network traffic, which are applied when connecting office locations and endpoints.

“Barracuda’s new SecureEdge platform provides businesses and MSPs with a SaaS solution that makes remote and hybrid work easier to secure and helps to improve security and reduce costs,” said Tim Jefferson, senior vice president of engineering for data, network and application security at Barracuda, in a statement. “With SecureEdge, Barracuda offers a cloud-native SASE platform that enables customers to control access to data from any device, anytime, anywhere, and allows security inspection and policy enforcement in the cloud, at the branch, or on the device.”

The post Barracuda Launches New SASE Platform for Businesses, MSPs appeared first on My TechDecisions.

AI has the potential to significantly improve business operations, boost productivity and create new opportunities. According to a report by IBM, 35% of businesses worldwide were already using some form of AI technology in 2022.  Additionally, 61% of employees believe integrating AI into their workflow has made them more efficient and productive.

However, integrating AI with existing systems can be a complex process that requires careful planning and execution. Organizations that fail to integrate AI properly may miss out on its benefits or, worse, experience negative consequences such as biased decision-making or data breaches.

This article will explore the strategies for successful AI integration and how organizations can leverage this technology for maximum benefits. We will also discuss the key considerations to keep in mind when integrating AI with your existing systems.

Tips for Successful AI Integration

Integrating AI into existing systems is not just a matter of acquiring the latest technology. It requires careful consideration of various factors and proper planning. Below, let’s look at five tips that will help you integrate AI with your existing systems effectively.

1. Develop a Clear AI Integration Strategy

Developing a clear AI integration strategy is the first and most crucial step in ensuring successful AI integration. The strategy should clearly define business objectives, identify key stakeholders and outline the resources required to achieve these objectives. It should also include a roadmap outlining the key milestones and metrics for measuring success.

To develop an effective AI integration strategy, you must consider your organization’s long-term goals. Why do you want to integrate AI with your system? For example, 38% of businesses use AI primarily for cost reduction. However, this is not the only business use case of AI. Other popular use cases include improving customer experience, generating business intelligence and automating internal processes.

Besides the immediate needs of the business, consider the scalability and adaptability of AI to changing business needs. You also need to consider the potential impact of AI on the workforce, customer experience and brand reputation.

2. Ensure Data Quality and Availability

AI algorithms rely on accurate and relevant data to make informed decisions, so you must ensure that your organization has high-quality data that is accessible and available when needed.

To ensure data quality, you must implement data governance policies that define data ownership, standards and procedures for maintaining data quality. You should also invest in data management tools that enable efficient data collection, cleaning and integration.

Ensuring data availability involves making data accessible to the AI system when needed. For this to happen, the organization has to develop data pipelines that can feed the AI system with real-time data. However, it’s also important to ensure that these data pipelines are designed to ensure data security, privacy and compliance with regulatory requirements.

3. Train and Upskill Employees

AI integration requires a skilled workforce that can understand, develop and manage AI systems. Your organization should therefore invest in training and upskilling employees, both technical and non-technical, to ensure that they can work collaboratively with AI systems and leverage their full potential.

Here, it’s essential to design training programs that cater to different levels of expertise, from basic awareness to advanced skills. Technical training should focus on programming languages, data management, machine learning, and model development, while non-technical training should focus on business understanding, AI ethics and decision-making.

You should also design upskilling programs to support employee growth and development, such as mentorship programs and access to AI learning resources. It’s also important for the organization to encourage employees to explore new AI use cases and ideas.

4. Address Cultural and Organizational Challenges

AI integration can disrupt the status quo, change human job roles and create uncertainty among employees. Addressing these challenges is important if you want to mitigate resistance and create buy-in.

A good way to demonstrate the benefits of AI is to showcase successful AI implementations and how they have contributed to other organizations’ overall business objectives. For example, in the medical field, AI can be used to speed up medical diagnoses, provide better customer service and improve medical research.

You should also involve employees in decision-making by encouraging them to provide feedback and suggestions on how AI can be integrated into their daily work.

5. Ensure Compliance With Legal and Ethical Standards

AI integration should comply with legal and ethical standards to avoid reputational and legal risks. Your organization must also ensure its AI systems are transparent, explainable and ethical.

Transparency and explainability are essential to building trust with stakeholders and ensuring that AI decisions are fair and unbiased. The organization should document the AI system’s decision-making processes, including the data and algorithms used and the model’s output.

Your organization should also ensure its AI systems comply with relevant regulations, such as the General Data Protection Regulation (GDPR) and the Fair Credit Reporting Act (FCRA). Ethical considerations should be embedded in the AI system’s development, deployment, and maintenance.

To ensure compliance, you must establish an AI governance framework that includes policies, procedures and standards for AI development and deployment. This framework should be regularly reviewed and updated to reflect changing regulatory and ethical standards.

Key Considerations for AI Integration

When integrating AI with existing systems, there are several key considerations organizations should take into account. These include:

Data Quality

Poor quality data can lead to inaccurate predictions and insights, undermining the benefits of AI integration. Before integrating AI, you must ensure that your organization’s data is accurate, complete and consistent. This may involve cleaning and transforming data or collecting new data to train the AI models.

Security

Integrating AI with existing systems can have significant cybersecurity implications. AI-powered systems may access sensitive data and, if not properly secured, can result in data breaches and cyberattacks. Therefore, you must ensure appropriate security measures are in place to protect your organization’s systems and data. This may include access controls, encryption and regular security audits.

Scalability

As your business grows, its data volumes and processing requirements will increase, requiring more powerful AI systems. To meet future demands, ensure that your chosen AI systems can scale. This may involve selecting scalable cloud-based solutions or building scalable on-premises systems.

Ethics

AI-powered systems can have significant societal and ethical implications, and organizations must consider the ethical implications of AI integration. For example, AI-powered systems may introduce bias or discriminate against certain groups, leading to social and legal implications. Thus, you must ensure that your organization’s AI systems are developed and deployed ethically, with proper oversight and governance.

AI Integration Benefits

AI integration is a key driver of digital transformation and can help organizations improve efficiency, increase productivity and gain a competitive edge. However, successful AI integration requires a well-thought-out strategy that takes into account various factors, including data quality, technology selection, employee training, cultural and organizational readiness and compliance with legal and ethical standards.

By following the strategies outlined in this article, organizations can successfully integrate AI into their existing systems and reap the maximum benefits. These benefits include improved decision-making, enhanced customer experience, increased revenue and reduced costs.

Isla Sibanda is a B2B copywriter from Cape Town, South Africa with a background in computer science and ethical hacking. Since 2012 she’s worked with local and international companies completing numerous bug bounty programs and pen tests.

The post AI Integration: How To Integrate AI With Existing Systems for Maximum Benefits appeared first on My TechDecisions.

According to Microsoft, that version of Windows 10 will remain in support with monthly security update releases through Oct. 14, 2025 for all editions. Microsoft has been saying for some time now that it would support at least one version of Windows 10 through that date, but it not appears that Microsoft will put all of its support behind Windows 11 past that date.

That essentially means that organizations that continue to use Windows 10 past that date will not get security updates, leaving them open to potential cyberattacks. The previous Windows 10 release, version 21H2, will go out of support next year on June 11.

Existing LTSC releases will continue to receive updates beyond that date based on their specific lifecycles, the company says in a Windows client roadmap update. According to the company’s product and services lifecycle document, existing Windows 10 LTSC releases have end dates of Jan. 12, 2027 or later.

Read Next: How to Upgrade to Windows 11

Now, organizations essentially have two options for the immediate future:

• Upgrade to Windows 11 to keep operating systems up-to-date, secure, and equipped with new features.
• Update to Windows 10, version 20H2 to continue receiving monthly update releases through Oct. 14, 2025.

Microsoft is also announcing that the next Windows 11 LTSC releases will be available in the second half of 2024 for Windows 11 Enterprise and Windows 11 IoT Enterprise.

Organizations waiting for a Windows 11 LTSC release should begin planning and testing applications and hardware on the current generally available release, Windows 11 22H2, Microsoft says.

Microsoft rolled out Windows 10 22H2 in October 2022 along with several additional features for Windows 11 that weren’t included in the 2022 update, although the Windows 10 feature update was limited in scope and new features and functionality. That update came about a month after the company started to roll out the annual feature update for Windows 11, which included dozens of new features in security, efficiency, productivity, usability and more.

Windows 10 20H2, however, is the next version of the operating system slated for death, with an end-of-support date of May 9, less than two weeks away.

The post Windows 10, 22H2 is the Last Version of Windows 10, Microsoft Decrees appeared first on My TechDecisions.

The property is owned by the City of Memphis and is managed by global sports and entertainment company Oak View Group (OVG), which announced a strategic partnership with Xtract One in October 2022.

Fan Safety Ahead of USFL Season

“As we began preparations for the start of the USFL season, we wanted to optimize our security screening technology,” Thomas Carrier, Oak View Group’s General Manager at Simmons Bank Liberty Stadium, said in a statement.  “At the stadium and across Oak View Group, we prioritize fan safety, while simultaneously leveraging innovation to enhance the fan experience. The kickoff of the new USFL season was a logical starting point to introduce Xtract One’s SmartGateway screening solutions. It is one of many prevention strategies coming to the venue for the safety and security of fans, teams, talent and staff, which we will continue using throughout the year, including during Memphis Tigers games and for the Southern Heritage Classic and AutoZone Liberty Bowl.”

Xtract One SmartGateway System

The SmartGateway system was designed for large, ticketed venues to enable high throughput, but with customizability based on the customer’s individual needs and security requirements. SmartGateway delivers fast, reliable, and accurate patron screening, replacing intimidating metal detectors. This solution unobtrusively scans patrons for guns, knives and other prohibited items as they enter the facility, using AI-powered sensors to detect threats without invading patrons’ sense of privacy and comfort.

“It is important for community and commercial enterprises to work on collaborative solutions that allow guests to focus on fun and togetherness and cheering on their teams,” said Mayor Jim Strickland, in a statement. “The City of Memphis, Oak View Group and Xtract One are together enhancing the safety of the fans and our community.”

Simmons Bank Liberty Stadium will deploy SmartGateways in two phases. Phase one, beginning April 15, will leverage SmartGateways for games of the Memphis Showboats (USFL).

“We are thrilled to have been chosen by Simmons Bank Liberty Stadium, Oak View Group, and the City of Memphis to implement our SmartGateway technology for the safety and security of their patrons. This partnership showcases our commitment to revolutionizing the security landscape, enhancing fan experiences, and streamlining entry processes for large-scale venues,” said Peter Evans, CEO of Xtract One, in a statement. “We look forward to continuing our work with Oak View Group, and providing advanced, unobtrusive security solutions for their growing portfolio of world-class venues.”

The post Xtract One Elevates Fan Experience with SmartGateway, AI Security Screening Technology appeared first on My TechDecisions.

According to CISA, the Untitled Goose Tool offers novel authentication and data gathering methods for network defenders to use as they analyze their Microsoft cloud services for threats.

The agency says the tool can help security professionals export and review AAD sing-in and audit logs, M365 unified audit log, Azure activity logs, Microsoft Defender for IoT alerts, and Microsoft Defender for Endpoint data for suspicious activity.

In addition, the tool can query, export and investigate configurations; extract cloud artifacts from AAD, Azure and M365 environments; perform time bounding of the M365 unified audit log; extract data within those time bounds; and collect and review data using similar time bounding capabilities for Defender for Endpoint.

The tool was developed by CISA with support from Sandia National Laboratories.

CISA calls the Untitled Goose Tool a “robust and flexible hunt and incident response tool” that helps defenders gather data from a large M365 tenant. It requires Python 3.7, 3.8 or 3.9, and is best used within a virtual environment, the agency says.

To learn more, read the fact sheet and visit the Untitled Goose Tool GitHub repository.

The post Use This Free CISA Tool for Threat Hunting, Incident Response appeared first on My TechDecisions.

According to the Redmond, Wash. tech giant, Defender for IoT helps organizations manage assets, track emerging threats and control risks across enterprise and mission-critical networks in both connected and air-gapped environments.

In a blog, Microsoft says cloud-powered IoT and OT security solutions offer advantages over traditional solutions, including discovery of assets-end-to-end, detecting and responding to threats in real-time, defending against known and unknown threats, compliance reports, and workflows and integrations that leverage the cloud.

The solution also helps organizations solve OT security issues faster by unifying the security operations center (SOC) for both IT and OT assets, the company says.

“With Microsoft Defender for IoT, you can achieve faster time-to-value, improve agility and scalability, increase visibility, and strengthen the resiliency of your network and infrastructure without making significant changes,” Microsoft IoT and OT security experts write in a blog. “The Defender for IoT cloud is designed to augment your on-premises processing power while providing a source of centralized management for global security teams—raising the bar for OT defense.”

The company gives one scenario showing how Defender for IoT works in which a new vulnerability is published with information that could impact an organization’s OT devices, and threat actors are currently trying to exploit the bug.

“With Microsoft Threat Intelligence, the new CVE is ingested automatically and shared across our cloud-based security services, including Defender for IoT,” the company says.

Organizations can use the Microsoft Azure Portal to monitor for the new vulnerability across all devices and sites, resulting in a faster response time to secure IoT and OT environment.

Other scenarios where security professionals can benefit from Defender for IoT include OT security and compliance audits, attack surface reduction consulting and tabletop exercises, the company says.

The Defender for IoT solution also includes a new device inventory feature that allows SOCs to manage OT devices through the Microsoft Azure Portal. The feature supports unlimited data sources, including manufacturer, type, serial number, firmware, and more, helping organizations gain a complete picture of their IoT and OT assets to address any vulnerabilities.

In addition, Defender for IoT integrates with Microsoft Sentinel to provide security information event management for both OT and IT environments, and the solution also shares threat data with Microsoft 365 Defender, Microsoft Defender for Cloud and other products like Splunk, IBM QRadar and ServiceNow, Microsoft says.

The post Microsoft Launches Defender for IoT Cloud-Managed Platform appeared first on My TechDecisions.