Plurilock and CrowdStrike Partner to Secure Critical Infrastructure and Organizations

Plurilock Security Inc., a global cybersecurity services and solutions provider, and CrowdStrike are pleased to announce a new partnership to secure critical infrastructure in democratic nations and economies against modern threats. Plurilock will provide sales and support of the AI-native CrowdStrike Falcon® cybersecurity platform to help power Plurilock’s Critical Services business unit.
Through the partnership, Plurilock will collaborate with CrowdStrike to deploy the Falcon platform and related Plurilock Critical Services to key Plurilock customers that are seeking to modernize or optimize their security operations for today’s surging threat environment. Both companies have deep expertise in AI and cybersecurity, with Plurilock having been founded on AI as a cybersecurity research spin-out, and CrowdStrike providing the world’s most advanced AI-native cybersecurity platform.
“Plurilock Critical Services secures enterprise customers that are of key importance to the world’s democracies—and that are increasingly targeted by sophisticated attacks,” said Ian L. Paterson, CEO of Plurilock. “The CrowdStrike Falcon platform enables our Critical Services team to consolidate point products, remove complexity, and deliver comprehensive visibility and real-time protection across the enterprise. This partnership enables us to provide some of the most demanding customers in existence with the solution best able to address the threats they currently face.”
“Collaborating with innovative partners like Plurilock is core to CrowdStrike’s mission of stopping breaches,” said Daniel Bernard, chief business officer, CrowdStrike. “Plurilock customers are targeted by the world’s most sophisticated adversaries, and require the most advanced technology and elite services to safeguard their critical assets. We look forward to leveraging the power of the Falcon platform to achieve our shared objectives and stop advanced threats.”

2nd E.DSO Digital Award

Are you the creator of a pioneering solution or technological innovation that will facilitate the energy transition and leave a significant impact for society?
E.DSO, the Association of Distribution System Operators (DSOs), is launching the ‘2nd E.DSO Digital Award’ in recognition of the most meaningful and relevant digital innovations contributing to the shaping of DSOs roles. This award wants to highlight the importance of digitalisation in the energy sector and to acknowledge those who are leading the way in creating a more efficient, resilient, and consumer-centric energy system.
This opportunity is reserved for start-ups that have developed an innovative, revolutionary and relevant technological tool and digital solution for a future energy system.
Candidates are invited to send a brief description plus a video of their invention and its contribution by 21 October 2024.
The Award will be announced during E.DSO 1st FutureGrid Innovation Summit scheduled in Brussels on 6 February 2025.

UK Data centres to be given massive boost and protections from cyber criminals and IT blackouts

Technology Secretary Peter Kyle, has announced the government has now classed UK data centres – the buildings which store much of the data generated in the UK – as ‘Critical National Infrastructure’. It is the first Critical National Infrastructure (CNI) designation in almost a decade, since the Space and Defence sectors gained the same status in 2015.
It means the data housed and processed in UK data centres - from photos taken on smartphones to patients’ NHS records and sensitive financial investment information - is less likely to be compromised during outages, cyber attacks, and adverse weather events. Putting data centres on an equal footing as water, energy and emergency services systems will mean the data centres sector can now expect greater government support in recovering from and anticipating critical incidents, giving the industry greater reassurance when setting up business in UK and helping generate economic growth for all.
CNI designation will, for example, see the setting up of a dedicated CNI data infrastructure team of senior government officials who will monitor and anticipate potential threats, provide prioritised access to security agencies including the National Cyber Security Centre, and coordinate access to emergency services should an incident occur.
It comes as the government welcomes a proposed £3.75 billion investment in Europe’s largest data centre, as plans have been submitted to Hertsmere Borough Council for construction in Hertfordshire by data company DC01UK which will directly create over 700 local jobs and support 13,740 data and tech jobs across the country.
Critical National Infrastructure status will also deter cyber criminals from targeting data centres that may house vital health and financial data, minimising disruption to people’s lives, the NHS and the economy.
In the event of an attack on a data centre hosting critical NHS patients’ data, for example, the government would intervene to ensure contingencies are in place to mitigate the risk of damage or to essential services, including on patients’ appointments or operations.
The new protections will also boost business confidence in investing in data centres in the country, an industry which already generates an estimated £4.6 billion in revenues a year.

FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure

The Federal Bureau of Investigation (FBI )— in partnership with CISA, the National Security Agency (NSA), and other U.S. and international partners — have released a joint Cybersecurity Advisory Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure.
This advisory provides overlapping cybersecurity industry cyber threat intelligence, tactics, techniques, and procedures (TTPs) and Indicators of Compromise (IOCs) associated with Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) cyber actors, both during and succeeding their deployment of the WhisperGate malware against Ukraine.
These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020. The authoring agencies encourage organizations to review this advisory for recommended mitigations against such malicious activity.

DHS Has Efforts Underway to Implement Federal Incident Reporting Requirements

Cyber threats to systems that provide essential services such as banking and health care are growing.
A 2022 law required the Department of Homeland Security to take several actions to address these threats.
The first set of requirements for DHS included proposing a rule that identifies which infrastructure operators have to report about cyber incidents. DHS proposed the rule in March 2024. According to DHS, access to cyber incident reports could help it improve its prevention of and response to cyber threats.
DHS also met requirements related to specific programs, and to its coordination of federal cybersecurity efforts.
What GAO Found
The Department of Homeland Security (DHS) has implemented the 13 requirements from the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the act) that were due by March 2024. Specifically, DHS's Cybersecurity and Infrastructure Security Agency (CISA) submitted a proposed rule related to cyber incident reporting requirements to the Federal Register in March 2024, and it was published in April 2024. DHS plans to issue the final rule by October 2025. In addition, the department implemented the remaining 12 requirements (see figure). As a result of these efforts, DHS should be better positioned to coordinate the federal government cybersecurity and mitigation efforts more effectively, as intended by the act. Additionally, DHS should be better positioned to assist entities with defending against cyber incidents on the critical infrastructure.
Extent to Which the Department of Homeland Security (DHS) Implemented 13 Applicable Cyber Incident Reporting for Critical Infrastructure Act of 2022 Requirements
DHS identified a variety of challenges in implementing the act and is taking steps to address them. These challenges are related to harmonizing cyber incident reporting requirements, addressing cyber incident review responsibilities, and facilitating a more efficient method for federal agencies to begin sharing cyber incident reports. DHS noted that it has taken several mitigation steps to address these challenges, such as (1) identifying four recommendations for federal agencies and three proposals to Congress to address duplicative reporting requirements; (2) updating its technologies; and (3) hiring additional staff to facilitate the review, analysis, and sharing of reports. If implemented effectively, the four recommendations and three proposals can further mitigate challenges and help standardize incident reporting.
Why GAO Did This Study
Cybersecurity incidents involving critical infrastructure sectors—the sectors whose assets, systems, and networks provide essential services—cost the United States billions of dollars annually and cause significant disruptions. To provide increased visibility into the growing cyber threats to critical infrastructure, Congress and the President enacted a law on cyber incident reporting. This law calls for DHS to address 13 requirements by March 2024, including publishing a proposed rule for certain entities to submit reports on cyber incidents and ransom payments to DHS.
The law also includes a provision for GAO to report on the implementation of the act. This report (1) examines the extent to which DHS has implemented the act's requirements and (2) describes efforts DHS has made to identify and mitigate challenges with meeting the act's requirements.
To do so, GAO identified 59 requirements in the act that DHS was responsible for implementing. Of those, 13 requirements were due by March 2024. GAO organized the requirements into four categories: proposed rule for reporting requirements, cyber incident reporting council, ransomware pilot program, and joint ransomware task force. GAO then analyzed the department's implementation of the 13 requirements. GAO also summarized documentation and testimonial evidence regarding challenges DHS faced in implementing the act's requirements and its mitigation plans.

CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

CISA—in partnership with the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3)—released Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations. This joint advisory warns of cyber actors, known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm, targeting and exploiting U.S. and foreign organizations across multiple sectors in the U.S.
FBI investigations conducted as recently as August 2024 assess that cyber actors like Pioneer Kitten are connected with the Government of Iran (GOI) and linked to an Iranian information technology (IT) company. Their malicious cyber operations are aimed at deploying ransomware attacks to obtain and develop network access. These operations aid malicious cyber actors in further collaborating with affiliate actors to continue deploying ransomware.
This advisory highlights similarities to a previous advisory, Iran-Based Threat Actor Exploits VPN Vulnerabilities published on Sept. 15, 2020, and provides known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).
CISA and partners encourage critical infrastructure organizations to review and implement the mitigations provided in this joint advisory to reduce the likelihood and impact of ransomware incidents. For more information on Iranian state-sponsored threat actor activity, see CISA’s Iran Cyber Threat Overview and Advisories page.

CISA Releases Secure by Demand Guidance

CISA and the Federal Bureau of Investigation (FBI) have released Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem to help organizations drive a secure technology ecosystem by ensuring their software manufacturers prioritize secure technology from the start.
An organization’s acquisition staff often has a general understanding of the core cybersecurity requirements for a particular technology acquisition. However, they frequently don’t assess whether a given supplier has practices and policies in place to ensure that security is a core consideration from the earliest stages of the product development lifecycle.
This guide provides organizations with questions to ask when buying software, considerations to integrate product security into various stages of the procurement lifecycle, and resources to assess product security maturity in line with secure by design principles.
This guide compliments the “Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle” that was recently published.
CISA encourages organizations to review both the Secure by Demand Guide and Software Acquisition Guide and implement recommended actions.

DHS Deploys Pilot Programs, Expands Efforts to Leverage AI to Secure Nation’s Critical Infrastructure

It has been over 270 days since President Biden issued his landmark Executive Order (EO) 14110, “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” ensuring that the United States leads the world in seizing the promise of Artificial Intelligence (AI) while addressing its risks. Throughout its AI-related efforts, the Department of Homeland Security (DHS) has maintained a clear set of principles and robust governance that prioritizes the protection of civil rights, civil liberties, and privacy, and increased its engagement with affected communities.
Conducted New AI Pilot to Identify and Combat Vulnerabilities in Critical United States Government Software, Systems, and Networks
- As directed in executive order 14110 and on behalf of DHS, the Cybersecurity and Infrastructure Security Agency (CISA) developed, conducted, and completed an operational pilot using AI capabilities to support CISA’s cybersecurity mission in the detection and remediation of vulnerabilities in critical United States Government software, systems, and networks.
- Through this operational pilot, CISA examined whether current vulnerability detection software products that use AI, including large language models, are more effective at detecting vulnerabilities than those that do not use AI.
- The report found that the best use of AI for vulnerability detection currently lies in supplementing and enhancing, as opposed to replacing, existing tools.
- AI tools are improving constantly, and CISA will continue to monitor the market and test tools to ensure CISA’s vulnerability detection capabilities remain state-of-the-art.
Developed an AI International Engagement Plan for Collaboration with Allies and Partners
- DHS developed a comprehensive strategy of engagement on AI and critical infrastructure with our international allies and partners, including, Canada, Mexico, the European Union (EU), and Five Eyes partners covering everything from cybersecurity to transnational infrastructure. This collaborative strategy identifies ways for the United States and its allies to detect, deter, and prevent threats at the nexus of AI, cyber, and critical infrastructure security.
- The efforts outlined in the strategy include sharing lessons learned and threat information, and identifying and collaborating on new opportunities and risks, through existing and novel international forums. DHS will engage across the spectrum with our closest security allies, in support of the Biden-Harris Administration’s AI contact group of nations, multilateral efforts such as the G7 and the Organization for Economic Cooperation and Development, and pivotal bilateral engagements with countries, including those with shared critical infrastructure.
Hired 15 New Experts to the “AI Corps” Who are Helping Responsibly Leverage AI Across DHS Mission Areas
- As part of the Department’s “AI Corps” hiring sprint, DHS has onboarded the first cohort of 15 AI experts from the private and public sectors to play pivotal roles responsibly leveraging AI across strategic mission areas in the Department. The AI Corps is one of the most significant AI-talent recruitment efforts of any federal civilian agency, aiming to hire 50 AI experts to enhance service delivery and impact the homeland security mission while safeguarding privacy, civil rights, and civil liberties.
- AI Corps members are currently working with the DHS Supply Chain Resilience Center to investigate how AI could be used to forecast the impacts of critical supply chain disruptions to public safety and security; working with DHS Science & Technology (S&T) to develop test and evaluation (T&E) requirements across the lifecycle of an AI system; and leveraging generative AI to support the work of the Department’s Homeland Security Investigations (HSI) department to combat fentanyl, human trafficking, child exploitation, and other criminal networks.
- In addition to the AI Corps, the DHS Office of Partnership and Engagement (OPE) hired a new Senior Director for Artificial Intelligence to further build the Department’s engagement on AI across sectors, meeting a commitment outlined in the AI Roadmap and establishing a channel for ongoing stakeholder feedback and information sharing.
Convened the AI Safety and Security Board and Took Steps to Bolster AI Safety and Security
- At the President’s direction, Secretary of Homeland Security Alejandro N. Mayorkas established the AI Safety and Security Board (AISSB), an unparalleled gathering of AI leaders representing prominent companies in the hardware and software industries, AI model labs, critical infrastructure owners and operators, civil rights leaders, and federal, state, and local officials.  The President directed the Board to provide to the Secretary and the critical infrastructure community advice, information, and recommendations on the safe and secure development and deployment of AI.
- The Board convened its inaugural meeting in May 2024. Since then, the Department and the Board have been developing guidance and standards of practices to improve AI safety and security across the AI ecosystem.  The deployment of safe, secure, and trustworthy AI generates consumer trust and fuels adoption and innovation.  AI can substantially improve the services the nation’s critical infrastructure provides, if we secure systems against safety and security threats.
Met with 16 Groups to Better Ensure Civil Rights, Civil Liberties and Privacy Are Protected in AI Adoption
- Through the DHS Artificial Intelligence Task Force, the DHS Office for Civil Rights and Civil Liberties (CRCL), in collaboration with the DHS Privacy Office, leads efforts to develop tailored approaches to provide guidance, risk assessment, mitigation strategies, and oversight for the protection of civil rights and civil liberties in projects championed by the DHS AI Task Force.
- In March 2024, the Department launched the AI Roadmap, which details plans to test uses of the technologies that deliver meaningful benefits to the American public and advance homeland security, while ensuring that individuals’ privacy, civil rights, and civil liberties are protected.
- Under the leadership of the DHS Office of Partnership and Engagement (OPE), the Department is exercising its commitment to ensure increased engagement on the development and deployment of AI with community-based organizations; civil-rights and civil-liberties organizations; academic institutions; industry; State, local, Tribal, and territorial governments; and other stakeholders. Building on an initial series of AI and civil rights engagements led by OPE with DHS leadership in Spring 2024, OPE facilitated engagement for Secretary Mayorkas with civil society leaders to discuss the AI Roadmap. In his engagement, the Secretary emphasized the AI Roadmap’s direction to ensure the responsible and trustworthy use of AI and explicit commitment to continued partnerships and engagement with civil society. The Department has continued to engage with multiple civil society, academic, industry and other organizations to discuss privacy, civil rights, and civil liberties protections and impacts and how they are being addressed through the DHS AI Roadmap.
These efforts build and expand on the Department’s ongoing AI initiatives announced earlier this year to facilitates the safe and responsible deployment and use of AI in federal government, critical infrastructure, and the U.S. economy.

Microsoft Pushes for Windows Changes After CrowdStrike Incident

Over the past 10 days, CrowdStrike and Microsoft have been working around the clock to help customers affected by the massive Windows BSOD issue caused by a faulty CrowdStrike update. Along with providing ways to fix the issue, CrowdStrike has already published its Preliminary Post Incident Review for this outage. According to their report, the BSOD was caused by a memory safety issue where their CSagent driver performed a read-out-of-bounds access violation.
In the wake of a major incident that affected millions of Windows PCs, Microsoft is calling for significant changes to enhance the resilience of its operating system. John Cable, Microsoft's vice president of program management for Windows servicing and delivery, said there was a need for "end-to-end resilience" in a blog post, signaling a potential shift in Microsoft's approach to third-party access to the Windows kernel.
Microsoft published their detailed technical analysis of this outage caused by the CrowdStrike driver. Microsoft's analysis confirmed the findings of CrowdStrike that the crash was due to a read-out-of-bounds memory safety error in CrowdStrike's CSagent.sys driver. The csagent.sys module is registered in a Windows PC as a file system filter driver to receive notifications about file operations, including the creation or modification of a file. This allows security products, including CrowdStrike, to scan any new file saved to disk.
Microsoft recommends security solution providers balance needs like visibility and tamper resistance with the risk of operating within kernel mode. For example, they can use minimal sensors that run in kernel mode for data collection and enforcement, limiting exposure to availability issues. The rest of the features, like managing updates, parsing content, and other operations, can occur isolated within user mode.
In the blog post, Microsoft also explained the built-in security features of the Windows OS. These security capabilities offer layers of protection against malware and exploitation attempts in Windows. Microsoft will work with the anti-malware ecosystem through the Microsoft Virus Initiative (MVI) to take advantage of Windows built-in security features to further increase security along with reliability.
Microsoft has planned the following for now:
- Providing safe rollout guidance, best practices, and technologies to make it safer to perform updates to security products.
- Reducing the need for kernel drivers to access important security data.
- Providing enhanced isolation and anti-tampering capabilities with technologies like the recently announced VBS enclaves.
- Enabling zero-trust approaches like high-integrity attestation, which provides a method to determine the security state of the machine based on the health of Windows native security features.
While over 97% of Windows PCs affected by this issue are back online as of July 25, Microsoft is now looking ahead to prevent such issues in the future.

EU mobilises aid to combat wildfires in North Macedonia and Bulgaria

In response to urgent requests for assistance in their fight against severe wildfires received from North Macedonia and Bulgaria, the EU Civil Protection Mechanism has been activated.
North Macedonia is receiving 1 helicopter from Serbia, 2 helicopters from Slovenia, 2 aircrafts and 1 helicopter from Türkiye, and 1 aircraft from the rescEU firefighting fleet from Croatia.
Bulgaria is also receiving 2 helicopters from Czechia, one of them from the rescEU firefighting fleet.
Commissioner for Crisis Management, Janez Lenarčič, emphasised the importance of solidarity in these efforts: “The EU stands united in its support. Our rapid response through the EU Civil Protection Mechanism is crucial in aiding local efforts against these devastating wildfires. We remain ready to provide additional support if needed. Wildfires know no borders, and neither does our commitment to help.”
The EU's Emergency Response Coordination Centre continues to closely monitor the situation, ensuring that further assistance can be swiftly deployed if required.
The Commission has put together a fleet of aircraft and pre-positioned firefighters this summer across Europe. 556 firefighters from 12 countries are strategically prepositioned across key locations in Europe this summer, such as France, Greece, Portugal, and Spain, ready to help local fire brigades.
The EU has assembled a dedicated rescEU fleet of firefighting aircraft for this summer, consisting of 28 airplanes and 4 helicopters stationed in 10 Member States.
1 2 3 53