ransomware
Image credit: Provided

Device identity, authentication, and access management are critical to ransomware prevention. A new partnership between Sectigo, one of the largest commercial Certificate Authorities (CA) and SPYRUS, a provider of cryptographic operating systems, will help universities and enterprises protect against ransomware attacks.

By collaborating, Sectigo and SPYRUS plan to make it easier to protect the confidentiality, integrity, and availability of sensitive data, enabling organizations to combat ransomware attacks. 

Cybersecurity Ventures predicts that a new organization will fall victim to a ransomware attack every 11 seconds by 2021. A type of malware attack, ransomware is spread through malicious email attachments, infected software apps, and external storage devices. Public sector organizations are hit particularly hard by Ransomware attacks, which lock the data on a victim’s computer until a cybercriminal receives payment and returns access.

Hacks of school districts and universities are causing cities to declare a state of emergency, and a recent ransomware attack on the Baltimore government cost the city $18.2 million

“It is increasingly important for enterprises to manage and secure digital identities properly,” said Damon Kachur, vice president, IoT Solutions, Sectigo. “The collaboration between Sectigo and SPYRUS combines purpose-built PKI solutions with cryptographic operating systems to fully automate digital identity management, helping to assure organizations that their sensitive data is protected from cybercriminals.” 

The SPYRUS Rosetta Hardware “Root of Trust” product suite protects the private keys for Sectigo-provided device identity and encryption certificates to enable strong authentication and secure storage.

Texas A&M University system safeguards research

The Texas A&M University System is deploying a model solution that will allow researchers in higher education to meet all of the requirements for Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, which is stipulated by the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012 in accordance with NIST SP 800-171.

Cybersecurity is one of the key topics under discussion at European Utility Week this year. Find out more here

Kevin R. Gamache, Ph.D., chief research security officer with The Texas A&M University System, anticipates the Root of Trust product — along with the automated PKI management and distributed revocation status — will protect the University System’s authentication, encryption keys and algorithms. 

“We expect solutions offered ... to help ensure strong authenticated data encryption that will protect universities’ intellectual property. This model will scale to assure that all university research is secured and compliant with DFARS,” said Dr Gamache.

“Given the openness of American society, particularly in academic and scientific communities, costly incidents of ransomware continue to grow. By partnering with Sectigo, we can comprehensively address the security challenges universities and enterprises face in managing digital identities,” explained Grant Evans, CEO, SPYRUS. "[This partnership] enables enterprises across sectors to address device identity, authentication, and access to combat these attacks.”