Sectigo announced this week a partnership with SPYRUS, provider of cryptographic operating systems delivering the strongest protection for data in motion, at rest, and at work, to help universities and enterprises protect against ransomware attacks. By collaborating, Sectigo and SPYRUS ensure the confidentiality, integrity, and availability of sensitive data, enabling organizations to combat ransomware attacks.
Device identity, authentication, and access management are critical to ransomware prevention. The SPYRUS Rosetta Hardware “Root of Trust” product suite protects the private keys for Sectigo-provided device identity and encryption certificates to enable strong authentication and secure storage.
Together, SPYRUS and Sectigo provide fully automated management of all digital identities, regardless of issuer, across use cases, such as banking and financial transactions, as well as computing and IoT device authentication, using modern industry standards.
Cybersecurity Ventures predicts that a new organization will fall victim to a ransomware attack every 11 seconds by 2021. A type of malware attack, ransomware is spread through malicious email attachments, infected software apps, and external storage devices.
Public sector organizations are hit particularly hard by ransomware attacks, which lock the data on a victim’s computer until a cybercriminal receives payment and returns access. For example, hacks of school districts and universities are causing cities to declare a state of emergency, and a recent ransomware attack on the Baltimore government cost the city $18.2 million.
“It is increasingly important for enterprises to manage and secure digital identities properly,” said Damon Kachur, Vice President, IoT Solutions, Sectigo. “The collaboration between Sectigo and SPYRUS combines purpose-built PKI solutions with cryptographic operating systems to fully automate digital identity management, helping to assure organizations that their sensitive data is protected from cybercriminals.”
“Given the openness of American society, particularly in academic and scientific communities, costly incidents of ransomware continue to grow. By partnering with Sectigo, we can comprehensively address the security challenges universities and enterprises face in managing digital identities,” explained Grant Evans, CEO, SPYRUS. “Our partnership with Sectigo enables enterprises across sectors to address device identity, authentication, and access to combat these attacks.”
The Texas A&M University System is deploying a model solution that will allow researchers in higher education to meet all of the requirements for Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, which is stipulated by the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012 in accordance with NIST SP 800-171.
Kevin R. Gamache, Ph.D., chief research security officer with The Texas A&M University System, anticipates the Root of Trust offered by SPYRUS Solutions—along with the automated PKI management and distributed revocation status—will protect the University System’s authentication, encryption keys and algorithms.
“We expect solutions offered by SPYRUS and Sectigo to help ensure strong authenticated data encryption that will protect universities’ intellectual property. This model will scale to assure that all university research is secured and compliant with DFARS,” said Dr. Gamache.
Last month, Sectigo released integrations with five popular DevOps configuration management and container orchestration platforms. The additions of Docker, Kubernetes, Ansible, Terraform, and soon HashiCorp Vault, delivering comprehensive PKI solution for DevOps. This unique combination of solutions will immediately help IT teams ensure their DevOps environments follow accepted security practices, meet compliance and auditability requirements, and provide crypto agility.