Support • (786) 621-8600 Contact us
Demo

Recent Posts

Posts Tagged ‘TrapezoidFIVE’

DigitalEra Group Appoints James Cason, José González to its Board

DigitalEra Group, has announced the appointment of two new members to its Board of Directors, James C. Cason and José E. González.

Mayor Jim Cason

“These two individuals personify leadership in IT and cybersecurity, and bring a trove of security innovation, global business and government agency expertise to the table. We’re honored to have them by our side as we continue to expand our advanced cybersecurity products and services offering for protecting organizations throughout the southeast US and Latin America.” said Patrick Dyer, DigitalEra President and CEO.

James “Jim” Cason  recently retired after his third term as Mayor of Coral Gables Florida.  He has a wealth of experience building business and government relationships, and in the promotion of safety and protection. Prior to becoming Mayor, Cason spent 38 years as a Foreign Service Officer for the US State Department, serving in 12 countries. He has been the Ambassador to Paraguay and Chief of Mission in Havana, Cuba. Mayor Cason has received numerous awards from State, Defense, the White House and the intelligence community.

“Cybersecurity affects everyone across the globe and plays a rapidly increasing role in our everyday lives, from common devices we use as consumers to enterprise level programs and government agency systems”, Cason said. “I’m proud to be part of DigitalEra’s board and share their commitment to helping organizations keep systems, operations, data and people safe.”

Cason holds a master’s degree in International Relations and Affairs from Johns Hopkins SAIS, studied Military Strategic Studies at the National Defense College and has an undergraduate degree from Dartmouth College.

Trapezoid CEO, José González

José González is the Chief Executive Officer of Trapezoid, Inc., a firmware and IoT protection firm headquartered in Miami, FL. Trapezoid produces Trapezoid FIVE®, an advanced integrity monitoring solution that helps organizations detect, alert and help remediate attacks affecting BIOS and firmware, while also meeting critical NIST SP 800-53 and 53A controls.

González has invested a large portion of his career in the technology space.  Prior to Trapezoid, he served as Chief Legal Officer and SVP of Business Affairs at Terremark Worldwide, Inc., and has held key legal roles at Sunbeam Corp, Blockbuster Ent. Grp (Viacom, Inc. subsidiary) and American Express. González received his JD from Fordham School of Law and BA from Fordham University, and is a member of the New York Bar.

“I’m excited to join Ambassador Cason on this board and play a role in DigitalEra’s mission of bringing innovative security technologies and services to the southeast and Latin America.” González said.

DigitalEra is a premier IT security technology distributor and services provider. We help organizations of all kinds protect data, systems and people. We assess and solve complex security challenges, provide guidance on security technologies and solutions, and implement comprehensive security strategies and solutions. DigitalEra represents an impressive collection of the world’s most powerful security products and technologies, including Cylance, Cyphort, FireEye, LogRhythm, McAfee, Symantec Tanium, Tenable, Trapezoid and more. DigitalEra serves businesses, government agencies and education and nonprofits throughout the southeast US, Texas, the Caribbean and Latin America. For more information about DigitalEra, call (786) 621-8600 or visit http://www.digitaleragroup.com.

Media contact: B. Lambright Email: beverly.lambright@digitaleragroup.com, Tel: (786) 621-8600 ###

Webinar: “NIST Firmware Controls for Non-Federal Entities: What You Need to Know”

Effective this month, compliance with NIST 800-53 and 800-53A applies to all types of organizations at all levels. This includes state, local, and tribal governments as well as all industry and academia. Your organization will be expected to comply.

DigitalEra is bringing together firmware experts José González and Michael Dyer for this timely presentation to review the requirements and share new firmware protection technologies to help you be prepared.

There are two sessions to choose from:

Tuesday, March 14th at 2:00 p.m., ET and Thursday, March 16th at 10:00 a.m. ET.

This 60 minute presentation covers:

  • The NIST Rule: Why it now affects you
  • Case Studies: The breaches that led to the ruling and how you’re at risk
  • NIST Compliance: What you need to know now to comply
  • Advanced Technologies for protecting your organization

Find out what you need to do to comply with NIST Regulations and see new technologies for protecting your firmware.   Register now.

 

The Problem with Firmware

Guest blog | José González, CEO – Trapezoid, Inc.

Would you secure your windows and doors but leave the basement door wide open?

Well, that’s what organizations are doing with firmware.

Simply put, firmware is the unmonitored and unprotected layer at the bottom of the computer code stack. While existing security tools have a done great job focusing on application and operating system levels, firmware has been overlooked.  Exacerbating the problem: Firmware has the most permissions of any code on your system, which increases the impact of an attack. Firmware is everywhere; from the largest data center to the smallest networked LED light bulb. It is the most powerful code on any system because it controls how other code on a device interacts with its hardware (keyboard, screen, storage, network). Compromised firmware can corrupt or steal data, spy on your environment or even destroy the system it is controlling.

How firmware gets compromised

Compromised firmware takes two forms: bad actors installing malware posing as legitimate firmware on systems, or manufacturers discovering vulnerabilities in their firmware and publishing updates. Compromised firmware can shut down your operations by taking out your critical infrastructure. Unmonitored firmware exposes enterprises to an unacceptable level of risk for devastating financial harm to businesses and life-threatening consequences for consumers. You don’t have to look far for examples of firmware attacks and breaches – they’re in the news daily. From devastating attacks on global routers and national powergrids, to vulnerabilities in medical devices, government and business networks, home computers and devices, smartphones and handheld devices…virtually anything that is part of the “Internet of things”. Because this is a very real risk, all the major cybersecurity and compliance frameworks include controls dictating best practices around firmware patch management, and many include controls for continuous monitoring of firmware integrity. Why do so many organizations leave firmware out of their cybersecurity program?

trapezoid-stat-chart

Some do not know these controls exist and apply directly to them.  Others mistakenly believe their existing security tools (e.g. AV or file integrity monitoring) already address firmware integrity and related controls.  Still others understand the risk, but  lack commercially available tools to effectively monitor firmware. The reality is that regardless of your industry sector, if your aim is to follow cybersecurity and compliance best practices, then you do need a continuous firmware integrity monitoring solution. While traditional security tools do not address this space, Trapezoid’s Firmware Integrity Verification Engine (“T-5”) is expressly designed to help you protect the integrity of your firmware.

The next generation of firmware protection is here

T-5 closes the “basement door” while providing you visibility into an area previously uninspected. It continuously monitors and alerts on changes in firmware integrity, quickly identifies systems that need patching – and provides threat updates for you to stay on top of newly discovered vulnerabilities. T-5 acts like a firmware DVR to forensically prove to auditors the state of the integrity of your infrastructure from the time T-5 begins monitoring.  Because it integrates with existing security tools, T-5 brings visibility of the firmware space, which those tools currently cannot see. Moreover, T-5 meets cyber security compliance controls such as HIPAA, HITRUST, NIST CSF, FISMA/FedRAMP, PCI-DSS, ISO/IEC 20001 and the FFIEC Cybersecurity Assessment Tool. One thing is clear, the proliferation of the connected devices is not slowing down, and neither are hackers. T-5 is the advanced level of firmware integrity protection you need for all your assets that support your operations, systems, information, finances, revenue streams and people.

For more information on firmware risks and Trapezoid5, visit Trapezoid.com.