Industry Collaboration and Standards
HardenStance’s RSA 2022 Survey Report
Carried out live from the Moscone Centre in San Francisco, HardenStance’s 2022 RSA Survey found industry leaders pointing to education, authentication and operations to drive the biggest improvements in our cyber resilience. View the Briefing
White Paper: 5G Roaming Drives Security by Redesign
How the specifications for 5G roaming have had to be revisited – and why we should pay as much attention to hardening the security of the legacy 2G, 3G, & 4G roaming ecosystem. View the White Paper
Briefing: Using Threat Intelligence in Telecoms
Over four hours of HardenStance’s “Telecom Threat Intelligence Summit” summarized in 5 pages.View the Briefing
Guest Blog: “Rising to SASE and Zero Trust Challenges”
A guest blog for MEF, explaining the context behind the organization’s commitment to leading in SASE and Zero Trust standardization. View the blog
Briefing: A Way to Turn the Tide on Fake News
Facebook, YouTube and Twitter aren't going to reduce the risk posed by Fake News down to the minimal level needed on their own. It's time they collaborated to get this done - here's how.
Briefing: New Standards for Securing AI
ETSI is doing some excellent work to fill a glaring gap in cyber security standards - how you secure AI algorithms.
White Paper: 5G SA Networks Trigger a New Era in 5G Security
With the launch of the first 5G Stand Alone (5G SA) networks, mobile network security will never be the same again - here's why and what to do about it.
Briefing: An ATT&CK-Like Framework for Telcos
Will operators step up and support two enterprising individuals from Ericsson and Nokia in defining an ATT&CK-like Framework for the telecom sector?
Briefing: Deploying STIR/SHAKEN as a Service
All but the largest telecom operators should be looking at deploying the STIR/SHAKEN standard for blocking unwanted calls as a service, managed by a vendor partner, rather than building out their own infrastructure.
Briefing: MITRE’s ATT&CK Evals Are Out: Cheers!
The new MITRE ATT&CK Evaluations offer free access to high quality, comparative data on EDR product detection capabilities against APTs on an unprecedented scale. Those that need to - and know how to - can make good use of this data.
Briefing: New STIX & TAXII Releases Approved
The new open standard STIX and TAXII 2.1 releases have been approved by OASIS. A new self-certification program should help drive adoption and enable SOC teams to arrive at faster time to detection and time to mitigation.
Briefing: Orange Funds New CI/CD Security Tool
Orange Polska has released Mixeway, an open source CI/CD security orchestration tool. It needs a lot more work but the GUI and aspiration to correlate vulnerability testing across security tools make it worth taking a look at.