Monday, 18 August 2014

Titania Shortlisted for the Computing Security Awards 2014


Thanks to your votes we are delighted to announce we have been made finalists in 5 categories of the 2014 edition of Computing Security Awards. The winners are decided by public vote and as a special thank you we are offering £100 in Amazon vouchers, or $1000 worth of Nipper Studio software. Here is what you need to do to qualify for the prize draw:
Go to Computing Security Awards fill in a few details (to ensure the vote is legitimate) and submit your choice before 30th of September, 2014. 

The categories are as follow:

Network Security Solution of the Year: Titania – Nipper Studio

SME Security Solution of the Year: Titania – Nipper Studio

Enterprise Security Solution of the Year: Titania – Nipper Studio

Security Company of the Year: Titania

Personal Contribution to IT Security Award: Ian Whiting – Titania

To be entered in the prize draw please forward your confirmation e-mail to alina.stancu@titania.com and specify ‘Nipper’ or ‘Amazon’ in the subject title, if you have a preference for the prize. Winners will be announced at the beginning of October. Please feel free to vote for us in as many categories as you like! More than one vote per company is allowed, if you want to share this with your colleagues and friends.

If you are not familiar with the industry, here’s a quick refresh on our products: Nipper Studio is a network security software for auditing firewalls, switches and routers, while Paws Studio is a compliance auditing and vulnerability assessment tool for servers, workstations and laptops.

Please click here to vote for Titania in Computing Security Awards.

A big thank you for your support from the entire team at Titania.

Wednesday, 13 August 2014

Cybersecurity: What the U.S. Can Teach Europe

Article originally published in FCW magazine.


By Edwin Bentley (Senior Software Developer, Titania) 

About the Author

Edwin joined Titania in 2011 and has since become a key member of development team, having primary involvement in advancement of both the Nipper Studio and Paws Studio software. He has a keen interest in Information Security and the role that the industry will play in the future advancement of technologies.


Having attended two reputable information security conferences this year, one on each side of the Atlantic, a few observations emerged on the differences and similarities of opinion on cybersecurity issues in the U.S. and Europe.

Although similar questions were raised at both conferences, the response manner was notably different. Europe took a reactive stance by signaling problems and bringing them to the attention of government agencies and legislators. The U.S., however, had a top-down approach, with industry searching for viable solutions in response to already adopted government directives.

The first event was Infosecurity Europe. The 2014 edition was hosted in London and attended by more than 11,000 information security professionals. With a 20-year tradition, the event is considered a reference point for the cybersecurity industry to find out about the latest trends and tools and keep up-to-date with European laws and compliance policies.

This year, the discussion focused on big data, the accelerated increase in organized cybercrime, the need to stay ahead of threats and an honest admission from Europol that cybercrime is best mitigated or disrupted because law enforcement lacks the resources to prosecute all crime. Staying ahead of threats was high on the agenda. Finally, there were comments on security issues in the cloud, which just like the bring-your-own-device trend, needs to be accommodated in its own right from a protection point of view.

Similar points were made at FOSE. (Editor's note: FOSE is owned and produced by FCW's parent company, 1105 Media.) As an industry event, FOSE is recognized as an official source for voicing the latest concerns in government IT. Among the issues discussed at the conference, cybercrime and cyber terrorism figured high on the agenda for defense and policy.


Continuous Diagnostics and Mitigation


In terms of security tools and trends, automation and continuous monitoring were held in high regard at the U.S. conference. The conversation on the FOSE floor focused on the Department of Homeland Security's Continuous Diagnostics and Mitigation (CDM) program. It comes on the heels of the National Institute of Standards and Technology's Cybersecurity Framework and is part of achieving the last step of that directive: monitoring security on an ongoing basis with the use of automation tools.

Released as a best-practice guidance document, the framework was embraced by the federal sector. After the latest high-profile breaches in the retail industry, a wide range of other companies have started to look at the framework as a template for assessing security practices.

In order to understand why CDM is seen as the best solution by IT professionals, below are a few well-debated problems it answers:

  • Top of the agenda for information security experts is how best to integrate security with business processes. Reducing user disruption and enabling business innovation will be more easily addressed with the introduction of automated security.
  • Although CDM does not guarantee that its users will stay ahead of threats, it does offer a near-real-time state of security with risk-based assessments reported and analyzed at network speed to ensure ongoing awareness and protection.
  • A challenge for chief information security officers and CIOs everywhere is the compliance versus security conundrum. CDM implies moving away from layer upon layer of compliance in favor of perpetual alertness and security.
  • The other issue in compliance is log aggregation and reporting. Continuous monitoring would produce automated event logs that can be filed for audits or analyzed for patterns in forensic investigations.
Continuous monitoring does not promise to answer every cybersecurity problem, but it offers a practical way forward. The voluntary adoption within the U.S. business community reflects that its advantages have been recognized.


Cyber directives in Europe and U.K.

Source: fcw.com
Meanwhile, that shift in security perception has yet to happen in Europe. The latest European Union cyber directive -- Network and Information Security (NIS) -- has been taken with a pinch of salt by the industry, and some organizations fear that the stick of compliance will come down hard on their budgets while doing very little for the state of their security.

In a similar way to the NIST framework, the U.K. government released a Cyber Essentials Scheme as a best-practice guide for organizations. Operating in a less intrusive manner with smaller, more practical steps, the scheme has been received with cautious but definite approval by the business spectrum.

Although a promising start, neither the Cyber Essentials Scheme nor the NIS directive alone is sufficient to bring forward the visionary changes the industry needs. The European efforts are moving in the right direction, but compared to the older, more experienced industry in the U.S., they need further development. The Cyber Essentials Scheme might be too small, while NIS could be seen as too complicated and faces an uncertain fate amid changes to the European Parliament.

If the cybersecurity industry is to address the issues raised at Infosecurity Europe 2014 such as staying ahead of threats, mitigating cyber crime, transforming security into a business enabler and dissipating the predicament of compliance versus security, then Europe needs to continue to move in the right direction and could be inspired by the top-down approach to security in the U.S.

Friday, 25 July 2014

Nectar Small Business Awards 2014 – Titania Made The Shortlist

We are delighted to be named finalists for the Nectar Small Business Awards. Nectar Business is a rewards program for small business owners, achieved through partnerships with leading business suppliers. Experiences such as cinema trips, meals out, holidays or gifts can be obtained with Nectar points, either for personal or business use. The Awards are intended to celebrate the achievements of the SME community across the UK and we are very happy to be recognised by them.

The winner of the £2000 and 50 000 points will be determined by a panel of business experts including Apprentice star and Lord Alan Sugar’s business advisor, Karren Brady. Aside from the financial reward, the winner will also benefit of Ms. Brady’s valuable advice and business insights, at a Round Table event, in September. 





As for what would happen to the reward, should we win, Shelley Gunnell, HR manager and Titania representative for the Worcestershire Works Well scheme, has an idea: “We are always looking for new ways to improve the working lives of our staff, whether this be a health and wellbeing-related reward or just a bit of fun outside the office. The last corporate fun day was a trip to Alton Towers and before that was Diggerland. We will be putting some fun and fresh ideas out there for activities that we can all enjoy together.” 










Titania is the product of the years of experience in the information security industry of CEO, Ian Whiting. The challenges of the pentesting and auditing profession have led him to develop Nipper Studio; a network security tool that facilitates the auditing and reporting process for penetration testers and global organisations. Four years into this venture, Titania is a worldwide recognised supplier to government agencies, financial institutions and other private organisations.

For updates on Titania follow us on Twitter @TitaniaLimited and catch up with the winners of Nectar Business Awards by following #NBsba14.




Friday, 18 July 2014

Cyber Security at the NATO 2014 Summit

Titania delegate, Andy Williams attended the NATO Briefing to the Industry yesterday at the Farnborough International Airshow.


Source: bbc.co.uk
FIA 2014 is a great opportunity for a day out with the family. The acrobatic demonstrations from renowned aircrafts such as the Breitling Wing Walkers, Aerostars and the RAF Red Arrows, made for a memorable spectacle.

Source: gov.uk
However, Farnborough is not only hosting a public airshow for aviation enthusiasts, but also one of the most recognised trade exhibitions for the aerospace and defence industries. In the run up to the NATO Summit taking place in Wales in September 2014, ADS and UKTI Defence and Security Organisation have jointly offered UK industry the opportunity to connect and engage with the Alliance’s two main agencies: NATO Communications and Information Agency (NCIA) and NATO Support Agency (NSPA).

Source: rocketroute.com
The purpose of the briefing was to showcase the NATO market to the UK industry by bringing together the two agencies involved in budget spending and strategic operational activities, together with the UK defence and intelligence industry. The event is consistent with a previous declaration, by President Barack Obama, where he along with NATO’s Secretary General Fogh Rasmussem would identify the host country for the 2014 Summit, which will look at building up NATO’s ability to address cyber threats and “lock in” commitments by members. The “lock in” reference is a reminder of the message that US has sent before to NATO members, that cyber security is a shared responsibility.

Currently the agenda for the Summit revolves around: Afghanistan troop withdrawal; adapting the Alliance’s existence in the 2014 post era to respond to emerging threats - where cyber defence, intelligence cooperation and special op forces are discussed; budgetary concerns.

Previous meetings establishing the agenda have increasingly discussed cyber issues as an emerging challenge which should enter NATO’s defence strategy. So does this mean will see a grounded cyber security strategy at the 2014 Summit, in Wales? According to Chatham House, inside sources have been quoted saying to expect ‘more of the same’ – a focus on exercises, enhanced training, standard and greater work with partners.

The Alliance is confronting serious criticism from within. The first question on cyber issues has been about the defence of the organisation itself before taking over more ambitious projects. In response, the Alliance has hired Finmeccanica and Northrop Grumman to install cyber security equipment and Incident Response Capability programs across NATO headquarters, in 28 countries. In addition, the organisation also set up two Rapid Reaction Teams to protect its networks against cyber attacks.

Another discussion concerns whether the Alliance should leave cyber security policies to the EU. An enhanced long-term dialogue is needed in order to avoid duplicating efforts with the European Union and this seems to be a recognised concern for NATO leaders this September.

Source: nato.int
Finally, the most pressing question of all is who foots the cyber security bill and from that perspective, the members appear to be fairly reluctant to an offensive cyber strategy, which would put further strain on the already undercut budget. But as indicated in this research paper published by the NATO Defence College, Rome, ultimately there is pressure for the Alliance to justify its presence in the post 2014 era. Perhaps the answer lies in different prioritization over what constitutes a threat in 2014, with new budgets reflecting it appropriately. The Farnborough ‘Briefing to the Industry’, involving the relevant bodies of NATO and emphasizing strategic capacity and budget allocation, indicates the Alliance is already taking steps in the right direction. 


Monday, 14 July 2014

H & W Chamber Awards 2014 - Titania Receives Highly Commended for Commitment to Health and Wellbeing

Titania’s team had the pleasure to attend the 2014 Herefordshire and Worcestershire Chamber Business Awards last week. The ceremony was held at the Bank House Hotel, in Bransford to celebrate the best of the business community of Worcestershire and Herefordshire. The company’s representatives to the event were Ian Whiting, CEO, Nicola Whiting, COO and HR Manager, Shelley Gunnell.





The awards represented an excellent opportunity for networking amid the business society of Herefordshire and Worcestershire. Entertainment was provided by young musician Tina V, while radio host, Howard Bentham of BBC Hereford and Worcester, was responsible for announcing the winners.

Titania was shortlisted in three categories: Small Business of the Year, Growth Business of the Year and Commitment to Supporting Health and Wellbeing in the Workplace (for Worcestershire businesses only) sponsored by Worcestershire Works Well. The 2014 edition of the Awards saw a fierce competition among the finalists, with high quality contenders for each category. For this reason, Titania was very proud to take home the title of Highly Commended for Commitment to Supporting Health and Wellbeing in the Workplace. The company’s “ ‘Duvet Day’ scheme, whereby staff can request to take a paid day of leave at short notice, proved understandably popular with employees”, Worcester News acknowledged.

Incidentally, the morning before the Awards, Titania’s HR Manager and COO, were invited to speak at the Worcestershire Works Well breakfast meeting at the Malvern Science Park about the company’s contribution to the health and wellbeing of its employees.

Speaking to the H & W Chamber of Commerce, Shelley Gunnell said: “We are absolutely thrilled to be highly commended in the category for supporting health and wellbeing in the workplace. We’d like to thank Worcestershire Works Well for their continued support and the Titania family for working together to create our health and wellbeing culture, which is central to our success. This is a really exciting time for Titania and the Chamber’s recognition is the best way to reflect it, thank you!”


Congratulations to all the winners and highly-commended. Titania hopes you continue representing excellency in your respective fields of work and wishes you a successful year ahead: Gtech, Kinetic Six, Allvalves Online Ltd, Allteko Ltd, Thomas Vale Construction, Orchard Valley Foods Ltd, SouthcoManufacturing Ltd, Kingspan Insulation, Gemporia, QinetiQ, Apreco Limited and Pulsar ProcessMeasurement Ltd.



Friday, 4 July 2014

Computing Security Awards 2014 - Titania Needs Your Vote

It's that time of the year again. The time when the prestigious Computing Security Awards open for nominations and we need to kindly ask you to vote for us. Thanks to your votes we've been successful in these awards before. Here's a look at how we did previously: 


Computing Security Award for 
Network Security Solution of the Year 
2012

Computing Security Award for 
Enterprise Security Solution of the Year 
2012
Computing Security Award for 
Enterprise Security Solution of the Year 
2013

Computing Security Award
Editor's Choice
2013


This was all due to you and your recognition for what we do, and we would love to achieve the awards again this year. If you can give us a quick nomination, follow this link: http://www.computingsecurityawards.co.uk

Fill in a couple of details (to make sure the entry is legitimate and no spamming takes place) and then choose a category. For those of you who are not necessarily in the cyber security sector, the most appropriate categories for us are:


Network Security Solution of the Year

Enterprise Security Solution of the Year

Security Company of the Year

SME Security Solution

Personal Contribution to IT Security 
(Ian Whiting Titania CEO & Creator of Nipper Studio)

Please feel free to vote for us in as many categories as you like! More than one vote per company is allowed, if you want to share this with your colleagues and friends. Voting closes on the 25th of July, 2014. If we have been made finalists in any category, we will ask you for your help in voting again to decide the winners. 

Here's a quick refresh on our products: Nipper Studio is network security software for auditing firewalls, switches and routers, while Paws Studio is a compliance auditing and vulnerability assessment tool for servers, workstations and laptops.

A heartfelt thank you for your support from the entire team at Titania!


Wednesday, 2 July 2014

Compliance Auditing & Vulnerability Assessment in One Tool: Paws Studio

https://www.titania.com/pawsstudio
For the first time, Paws Studio, Titania’s powerful compliance auditing tool, will now include vulnerability assessments as well as compliance. This enhancement is the first step towards delivering a more holistic solution for auditors of workstations and servers, just as Titania’s flagship product Nipper Studio has for auditor of firewalls, switches and routers.

Titania is pleased to announce the introduction of OVAL (Open Vulnerability Assessment Language) compliance and vulnerability assessment to Paws Studio, the compliance auditing tool for workstations and servers. The latest release will complement existent policies such as: PCI DSS, SANS, NERC CIP 007-4, NSA and DISA STIG, in order to provide an even more comprehensive view for auditors.

OVAL is supported by the Department of Homeland Security as well as other U.S. governmental agencies and it is a risk and compliance management solution, extensively used by the IT industry. The OVAL compliance framework supports 560+ checks, depending on the operating system, with further check support to be added in the future. The OVAL vulnerability directory carries out 70+ checks, subject to the operating system. Due to frequent updates applied to OVAL, Paws Studio will facilitate the updating process through a convenient Policy Converter which can be found in the ‘Utilities’ tab. The Policy Converter allows the user to download the latest updates from the OVAL website, save it and then upload it to Paws Studio. The Titania Technical Team will also update OVAL on a regular basis within Paws Studio.

Additional improvements to the software include enhancing the Registry Checks to be case sensitive or insensitive, which will minimise the risk of false reporting. Registry values can now be evaluated against regular expressions. Also for a more accurate view, Paws Studio now allows checks for “<=” and “>=” in conjunction with the already present “<” and “>”.

For the Technical Team to offer the best support possible to customers, Paws Studio now offers an easy logging option which can be accessed through GUI, under ‘Settings’, by checking the box for ‘Enable logging’. This option enables the support team to extract a log with useful information for supplying specific and time-efficient assistance.

Overall, the team has also performed general maintenance work to consolidate Paws Studio to an even more robust structure and improved user experience. Titania cares about customers’ suggestions and endeavours to add new features to its products, according to users’ feedback. If you have any suggestions or questions about Paws Studio, please contact the Titania team at support@titania.com

[Note this release is for Windows, Ubuntu 12.04, Open Suse 12.3 and Fedora 19 platforms with releases for CentOS, Open Suse 13.1 and Ubuntu 13.10 to follow.]

Friday, 27 June 2014

Cyber Security Challenges Conference - Titania Discusses Experiences in the US Market

On Tuesday the 24th of June, Titania's CSO Andy Williams, joined a panel of speakers at the half day Cyber Security Challenges conference held at the BIS Conference Centre in London.


Cyber Security Challenges - panel session


Organised by UK Trade & Investment (UKTI), techUK and the Fairfax Country Economic Development Authority (FCEDA) speakers discussed the opportunities for UK companies in the US cyber security market in the public and private sectors. 

Having supplied to over 60 countries worldwide, with around 60% of revenue coming home from the US, Titania's Andy Williams delivered a talk outlining the experience Titania have of the US cyber market and advice on how to do business. 

Other speakers included Lockheed Martin who outlined opportunities in the US market, plus FCEDA and UKTI discussing the support they offer to UK companies looking to supply to the US government and cyber industries. 

The event concluded with a networking lunch and a chance for 1-2-1's with attendees and speakers. 

Andy Williams said: "We know from experience that the cyber security sector in the US is receptive to highly innovative British products. This event was a perfect opportunity to hear from companies who have already achieved success in the market, as well as Government and industry experts who can offer support and insight into doing business in the US."


Andy Williams speaking about cyber security challenges in the US market


Friday, 20 June 2014

WorcsLitFest Launches With the Young Writer Award At The Worcester Guildhall

Source: worcslitfest.co.uk

The evening of Friday, 20th of June, will see the launch of the much awaited Worcestershire Literary Festival. Hosted at the Guildhall, Worcester City Centre, the night will conclude with the competition to determine the Worcestershire Poet Laureate for 2014 /2015.

The panel of judges includes Poet Laureate Emeritus Maggie Doyle, Poet Laureate Tim Cranmore, County Arts Officer Steve Wilson,  Young Poet Laureate Holly Perrett and Secretary of LitFest Polly Robinson. Last year’s winner Tim Cranmore will hand over his title to one of 6 finalists: Bronwyn Durand, Louise Jones, Damon Lord, Fergus McGonigal, Claire Walker and Suz Winspear.

As part of the WorcsLitFest supporters, Titania’s team will be there from 18.30, ready to open the evening with the Young Writer competition. The judges are looking for youngsters between the ages 13 and 19 with a unique talent. As sponsors of this event Titania will then present prizes to the young winners.  Later, winners of the Flash Fiction awards, an internationally recognised short-story competition, will be announced by the judge and founder of the contest, Lindsay Stanberry-Flynn.

Tickets for the first part of evening can be purchased from the WorcsLitFest website.
The night is set to end with a gentle Midnight Moonlight walk around what was once known as the hunting grounds of Malvern Chase.

This however is only the beginning. Over the next 10 days, the organisers, volunteers and WorcsLitFest advocates have worked very hard to bring new, fun, vibrant and dramatic moments to Worcester. There will be a Romantic Novelists Panel with four award winning authors, writing workshops, stand-up poetry, a live cooking demonstration, children story-telling and an evening with house hold name and radio personality Mike Harding, plus many other surprises.

Along with Titania, the Worcester business community has enthusiastically committed to support the Worcestershire Literary Festival. Among the organisations that have joined forces are: The University of Worcester, Sanctuary Group, The Hive, Worcester Whitehouse Hotel, SME Solicitors, Andrew Grant, King’s Worcester, Tudor House, Severn Valley Railway, Pure Risks, Simply Lets, The Old Rectifying House, Drummonds Bar, Avoncroft Museum, eRotary and others.

Tickets are still available online. For enquiries contact secretary@worcslitfest.co.uk

For updates follow @WorcsLitFest and tweet at #worcslitfest


Monday, 16 June 2014

IA14 The Government's Information Assurance Event

Titania is attending IA14, the ‘government’s flagship event on cyber security and information assurance’. Hosted at Park Plaza Westminster Bridge Hotel, London over 16 – 17 June 2014, the event was designed to provide a platform for discussion across government IT, public sector, industry and academia. The debates will focus on how the UK can become an international authority in information security.

Having recently attended information security conferences on both sides of the Atlantic, Titania’s delegate, Andy Williams will be able to share relevant insights with corporate and public sector representatives.

Source: cesg.gov.uk


Conference

IA14 comes shortly after the launch of the Cyber Essentials Scheme and it is likely to be a point of interest at the conference. Another recent initiative in UK’s cyber security policy that IA14 participants can expect to hear about is the CBEST framework, established by CREST (Council for Registered Ethical Security Testers) and the Bank of England. 

Combining government views with industry voices, the keynote speeches promise to reflect a balanced perspective of the cyber security landscape. Ciaran Martin and Iain Lobban of GCHQ, along with Rt. Hon. Francis Maude MP comment on behalf of the Cabinet Office. Bringing industry views are Kathy Warden of Northrop Grumman Information Systems, Symantec’s Samir Kapuria, while Lionel Barber, editor at the Financial Times, will be chairing a panel session.

Streams

Aside from the conference, delegates have the opportunity to observe four streams, organised as collective panels between industry, government and CESG.

The first stream illustrates the challenges of globalisation for the security industry, with issues from manufacturing, international trade and what constitutes an acceptable security promise from vendors. Also included are a comparative look at the cloud service providers, national and international context, and a talk from CESG on new cloud security principles.

The second stream addresses the problem of an ever-changing threat landscape for Government, industry and citizens, by looking at information sharing across governmental departments. Delegates will also have the chance to hear updates on the Defence Cyber Protection Partnership.

Stream three looks at the Secure by Default strategy and features Chemring Technology Solutions as a compelling case study on secure voice communications.

The fourth stream brings Andrew Gracie from the Bank of England and Ian Glover, CREST President, together to explain the corroborated efforts behind CBEST and its benefits to risk-management. Atkins debates the critical vulnerabilities faced by ICS (Industrial Control Systems). Finally, one of the most acute questions in cyber security today: “Why system users don’t simply follow the rules?” is discusses by Prof. Angela Sasse in the context of psychology and human behaviour. Dr. Emma Philpott of the Malvern Cyber Security Cluster concludes the session with a speech on the full leverage that SMEs can exercise in the supply chain.

Exhibition

The exhibition does not fall short of great industry names either. With exhibitors such as BAE Systems, Surevine, Blue Coat Systems, Blackthorn, Symantec, Nexor and Skyscape, delegates and public sector officials will have the opportunity to find the most up to date tools and solutions available in the industry.