- All
- Blog
- Compliance Brief
- Infographic
- Tech Report
- Tech Soundbite
- Use Case
- Video
- Whitepaper
CYBERSECURITY A BUSINESS IMPERATIVE: Certes and the TSA SD02D Mandate
Whitepaper
The TSA has introduced sensible changes, such as testing cybersecurity policies in real-world scenarios to ensure their effectiveness. Certes cutting-edge DPRM Crypto-Segmentation technology stands at the forefront of safeguarding essential systems, surpassing regulatory mandates such as the TSA SD02D mandate. The overarching mission is to empower organisations to securely navigate our interconnected world.
C-Suite Liability in Data Protection
Explore the profound impact of data breaches on businesses and C-Suite executives. Learn about the personal liability that top management faces and the costly consequences of weak security measures. Discover the crucial role of C-Suite in data protection and why safeguarding data is not just a tech issue but a fundamental responsibility for organisational leadership.
THE ROI OF DOING NOTHING
Whitepaper
Data security has become personal. Not only are companies now liable for the protection of all personally identifiable information (PII) but the C-suite is personally liable for any failures to protect that information. The C-suite needs to recognise two key points. Firstly, protecting data is a management responsibility. Secondly, network security alone is not enough.
Meta’s $1.3 billion GDPR Fine: Lessons in Data Protection
In May 2023, we witnessed Meta incur a staggering $1.3 billion GDPR fine, making it the largest-ever fine imposed by the European Union. But what lessons can companies learn from this breach? We delve further into the concept of data sovereignty and the challenges faced by companies like Meta in protecting user data.
TSA Directive
Compliance Brief
The TSA Directive is a set of regulations and guidelines aimed at ensuring the security and safety of air travel, and it’s crucial to adhere to it to protect passengers and prevent potential threats to aviation. Learn more about Certes’ crypto-segmentation to ensure…
New York Department of Financial Services
Compliance Brief
Learn how The New York Department of Financial Services were able to use Certes’ Layer 4 encryption technology quickly and easily to provide uncompromised data protection and crypto-microsegmentation.
Navigating Data Sovereignty: Lessons from the Meta Breach
Whitepaper
Earlier this year, Meta was issued the largest fine ever by the European Union for a GDPR breach at a whopping $1.3 billion. The fine came into place as Meta violated EU privacy laws by transferring the personal data of Facebook users to servers in the United States.
Anti-Exfiltraction Solution Cisco HCI
Compliance Brief
Cisco HCI Server to Secure AWS Cloud Backup over the Internet – The Backup application currently protects Data in Transit via TLS. How can you protect the data itself from the Man in the Middle data exfiltration?
Risk Mitigation from a Data Breach for Cisco SD-WAN
Compliance Brief
By adding a Certes Enforcement Point in-line we can mitigate the impact of this misconfiguration by protecting the sensitive data based on business risk before it gets to the SDWAN or WAN edge.
Cyber Security: It’s a jungle out there
Infographic
Companies often soley rely on Managed Service Providers to guide them through the wilderness of cyber security, but true data protection lies with safeguarding data throughout its entire journey.
Data Sovereignty: Protecting Your Data in a Globalised World
Blog
The implications of transferring data between different countries, the role of Managed Service Providers (MSPs) in data governance, and the potential risks and costs associated with data breaches.
DIGITAL DATA AND THE PROMISE OF SOVEREIGNTY
Whitepaper
With data breaches occurring daily to the world’s largest brands, including high profile tech companies, c-suites of every organisation need urgently to recognise that cyber security it not just about IT, it is about data governance. And the responsibility for data governance falls firmly – and heavily – at the feet of management.
THE LEGAL LIABILITY DILEMA
Blog
How do security leaders navigate the aftermath of a data breach? In the rapid pace of today’s digital landscape, data breaches have become an unfortunate reality for organisations worldwide. As these incidents continue to rise, a growing concern among security leaders, particularly Chief Information Security Officers (CISOs), revolves around their legal liability following such breaches.
DATA BREACH ACCOUNTABILITY: WHO FOOTS THE BILL?
Blog
News stories about cybersecurity data breaches are sometimes difficult to avoid and even more difficult to digest. Data is increasingly valuable to businesses – especially data related to customers, payments and of a sensitive nature.
PROTECTING DATA AT BOARD LEVEL
Whitepaper
Neglecting to safeguard data is equivalent to failing to protect the company, its employees, and shareholder value. Therefore, it is imperative that the C-Suite must understand the significance of data security and the impact it has on their accountability.
END-TO-END DATA PROTECTION FOR ITAR COMPLIANCE
Blog
ITAR compliance has been designed to control access to the various types of technology and information associated with the organisation controlled by ITAR. It’s in place to prevent the disclosure of sensitive data to safeguard US national security.
DATA PROTECTION WITH SDWAN
Use Case
Securing your critical data across the network, on its entire journey, directing traffic according to business intent policies.
THE CRITICAL ROLE OF DATA SECURITY IN THE C-SUITE
Blog
According to IBM, the average cost of a data breach in 2020 hit a whopping $3.86 million. This not only affects a company’s financial health but also its reputation and customer trust, and can even breach regulatory compliance.
WHO PAYS FOR A DATA BREACH?
Use Case
Data breach is almost inevitable – which means it is vital that companies and their Managed Services Providers (MSPs) understand exactly who is responsible and who bears the financial brunt. But recent research reveals that both companies and MSPs are disturbingly unclear about their legal and financial obligations
END-TO-END DATA PROTECTION : WHAT IT REALLY MEANS
Blog
End-to-End Data Protection: What it really means and why you need it. Securing critical data along its entire journey and why.
END-TO-END DATA PROTECTION
Use Case
The provision of cryptographic protection of data, such that the data is not in an unencrypted form, between an originator (or the originator’s in-country security boundary) and an intended recipient (or the recipient’s in- country security boundary).
DATA PROTECTION FOR IPSEC
Use Case
IPsec is often used to establish mutual authentication between computers at the beginning of a session and to negotiate cryptographic keys during a session.
DATA PROTECTION FOR MPLS
Use Case
Provider networks typically leverage MPLS to establish independent IP routing domains on their backbone network, and can leverage other associated protocols to enhance switching of MPLS packets.
HIGH ASSURANCE DATA PROTECTION
Use Case
Securing your critical data across the network, on its entire journey, directing traffic according to business intent policies.
END-TO-END ITAR DATA PROTECTION
Compliance Brief
How Certes meets the ITAR policy requirements and fully comply with regulations required to export and manage classified and unclassified data.
HIGH ASSURANCE RESEARCH WHITEPAPER
Whitepaper
To understand how SD-WAN security is being approached by regulated organisations, Certes Networks commissioned Sapio Research to undertake a survey of Senior Decision Makers, Managers & above who are responsible for or involved in the management of their organisation’s data protection in the UK and USA.
OVERCOMING NCUA AUDIT CHALLENGES
Compliance Brief
The NCUA is a federal government agency responsible for insuring deposits at federally-insured credit unions regulates, charters and supervises all federal credit unions to protect the credit union system and its members. One important program that falls under the scope of its regulatory and supervisory responsibilities is the Information Security Examination and Cybersecurity Assessment Program.
UNDERSTANDING NERC CIP 012-1
Compliance Brief
Standards set out in the (NERC CIP) govern critical infrastructure, requiring utility companies in North America to adhere to a set of cybersecurity measures.
NIST ZERO TRUST ARCHITECTURE
Whitepaper
Certes Networks’ solutions can help organizations meet several requirements of NIST’s Zero Trust Architecture Publication.
HAVE DATA BREACHES BECOME COMMON?
Blog
The year 2020 was a landmark year for data breaches experiencing over 3,800 breaches, which is a 50% greater increase over the last four years.
HOW LONG DOES IT TAKE TO CONTAIN A DATA BREACH?
Blog
Learn about the five most important steps necessary to contain a data breach. Is your organization prepared?
BUILDING A TRUSTWORTHY DIGITAL ECONOMY
Blog
For CEOs, the task is clear: Build a trustworthy digital economy that safeguards our future prosperity.
OBSERVABILITY VS VISIBILITY
Tech Soundbite
Understand how observability and visibility are different and why organizations often confuse the two. Both are equally important but serve very different purposes in protecting data as it crosses the network.
SD-WAN PAVES THE WAY
Tech Soundbite
As SD-WAN matures, enterprises are moving away from traditional branch routers to offer consolidated network functionality on a single device.
MSP & MULTIPLE CARRIER NETWORKS OVER AN SD-WAN
Use Case
Global Managed Service Provider uses Certes Networks for an on-premise SD-WAN solution to provide improved services across multiple carrier networks for banking customers.
MSP & MULTIPLE CARRIER NETWORKS OVER AN SD-WAN
Use Case
Global Managed Service Provider uses Certes Networks for an on-premise SD-WAN solution to provide improved services across multiple carrier networks for government end-users.
CHALLENGES OF UK CYBER SECURITY STANDARDS
Compliance Brief
United Kingdom National Cyber Security Centre (NCSC) has issued principles for cyber secure enterprise technology to organisations, including guidance on deploying and buying network encryption. Learn more by clicking below.
PCI DSS COMPLIANCE
Compliance Brief
Developed by the major credit card issuers, the Payment Card Industry Data Security Standard (PCI DSS) outlines best practices and requirements for processing, transmission and storage of consumer credit card information.
NERC CIP
Compliance Brief
NERC’s authority has led to critical infrastructure protection (CIP) standards that guide utilities’ to mitigate internal and external security risks. The CIP standards have evolved focusing on both physical security measures and the integration of cybersecurity system technologies and applications.
GDPR
Compliance Brief
Any enterprise that provides a service whereby personal data of a resident of the EU is processed will be impacted by GDPR requirements. Learn more by clicking below.
NY SHIELD ACT
Compliance Brief
The Stop Hacks and Improve Electronic Data Security Handling (SHIELD) Act applies to any entity that processes the private information of residents of New York regardless of where that entity is located. Learn more by clicking below.
CALIFORNIA CONSUMER PRIVACY ACT (CCPA)
Compliance Brief
How the CCPA will impact organizations that conduct business in the State of California, or any business, regardless of location, that process data of a California resident.
CJIS SECURITY POLICY
Compliance Brief
Learn more about the CJIS Security Policy requirements and mandates affecting any entity accessing the information provided by the CJIS database.
BANKING ON SECURITY: KEEPING DATA SECURE
Tech Soundbite
As published in BCW Publisher News, August 2019 and Professional Security, October 2019. “Banking on Security: Keeping Data Secure in Financial Services.”
BANKS MOVE TOWARD SD-WAN TO IMPROVE EXPERIENCE
Tech Soundbite
As published in Finance Digest, January 2020. “How SD-WAN will help banks improve their branch communication and enrich the customer experience.”
NATIONAL BANK VLAN-BASED ETHERNET ENCRYPTION
Use Case
Country’s 7th largest bank with 586 branches nationwide chooses Certes Networks and uses VLAN-based Ethernet encryption to maintain network performance..
REGIONAL BANK VoIP ENCRYPTION
Use Case
Regional bank chooses Certes Networks to deploy group encryption to encrypt VoIP data between 250 locations over a converged MPLS backbone..
CNI DEPENDS ON STRONG DATA ENCRYPTION
Blog
Increasingly, critical infrastructure relies on internet connect industrial control systems (ICS)….
OIL & GAS: KEEPING DATA SECURE
Tech Soundbite
As published in Security Middle East, Business Chief Middle East and Professional Security Magazine: “Keeping Data Secure In the Oil & Gas Industry”.
COLLABORATION: GOVERNMENT & ICS
eBook
Critical infrastructure cybersecurity depends on strong encryption and collaboration between Government and ICS technology.
U.S. UTILITY COMPANY
Use Case
A U.S. diversified energy and utility company that operates in 23 states contacted Certes Networks for an encryption management solution.
NATIONAL OIL COMPANY
Use Case
A National Oil Company wanted visibility of their data as it traversed the network but had no secure key management system to automate easy key rotation nor the ability to define and deploy policies.
LAW ENFORCEMENT: DHS IN CYBER SECURITY
Tech Report
Intelligence community works together with law enforcement to mitigate threats to U.S. cyber and communications systems.
LAW ENFORCEMENT: TARGET FOR CYBER CRIMINALS
Tech Report
Law Enforcement is a highly-focused target for cyber criminals whose sole purpose is to exploit sensitive information and impact a region’s critical infrastructure and services.
LAW ENFORCEMENT & CJIS CHECKLIST
Tech Report
Law Enforcement agencies must use data encryption to comply with CJIS regulations.
COLUMBIA COUNTY SHERIFF’S OFFICE & CJIS
Use Case
Columbia County Sheriff’s Office chooses Certes Networks to encrypt their data using FIPS 140-2 certified technology at six locations to comply with the CJIS Security Policy.
COUNTY SHERIFF’S OFFICE & CJIS COMPLIANCE
Use Case
Maryland County Sheriff’s office chooses Certes Networks to assist with data encryption mandate to comply with CJIS.
U.S. LOCAL COUNTY
Use Case
Leading U.S. local county government agency chooses Certes Network FIPS 140-2 Certified encryption technology to meet CJIS data encryption requirements in order to pass CJIS audit.
STATE JUDICIAL DEPARTMENT
Use Case
A U.S. State Judicial Department encrypts sensitive data and traffic between their courthouse and recovery site aimed at integrating state and federal resources into a single center.
USING CRYPTO-SEGMENTATION FOR DATA ASSURANCE
Use Case
Crypto-segmentation takes on the mission of the old-style router Access Control Lists (ACLs), but with an entirely new approach that allows government to quickly and easily divide physical networks.
SMART CITIES
Use Case
When connectivity and innovation meet such large city infrastructures, they immediately become vulnerable to cyber threats from malicious actors waiting to bring all that hard work to a standstill.
DHS RANSOMWARE ACT
Blog
A new law passed the U.S. Senate demands the federal government heighten its support for organizations hit by ransomware through the DHS Cyber Hunt and Incident Response Teams Act.
CERTES PARTNERSHIP WITH EU COMMISSION
Tech Soundbite
Certes Networks announces its ongoing partnership with the European Commission as a trusted cybersecurity technology provider.
UK CYBER SECURITY STANDARDS
Tech Soundbite
Certes Networks helps public sector organisations in the UK migrate from Legacy MPLS to SDN and SD-WAN network architectures due to ever-evolving government cyber security standards.
MINISTRY OF FOREIGN AFFAIRS
Use Case
Eastern European Ministry of Foreign Affairs protects essential network applications with Certes Layer 4 solution..
CALIFORNIA PRIVACY LAW GOES BEYOND TECH
Blog
California residents will have the right to ask retailers, restaurants, airlines, banks etc to provide them with any personal information.
GOVERNMENT AGENCIES MOVE TO SD-WAN
Use Case
U.S. Federal and national government agencies turning to SD-WAN to modernize their wide-area network in order to make Zero Trust a best practice.
Contact Us
Want to learn more? One of our team members would be happy to help!