Posts

Award-Logo-Penta-Security

Asian Cyber Security Vendor of the Year: Honored for 2016

APAC market leader Penta Security Systems Inc. awarded by Frost & Sullivan

frost sullivan cyber security vendor awardSeoul, Korea: On June 15, Penta Security Systems Inc. was awarded the honor of Frost & Sullivan Asian Cyber Security Vendor of the Year. The award was given at this year’s 13th annual Frost & Sullivan Asia Pacific ICT Awards Banquet in Singapore.

Cyber Security Vendor

Frost & Sullivan selected Penta Security Systems after concluding evaluations with a team of 30 analysts and consultants based in the Asian-Pacific region. Analysts examined a variety of indicators including revenue growth, market share, leadership in product innovation, major customer acquisitions, and business and market strategy. Specifically, Frost & Sullivan noted that Penta Security continues to make headway into new industries with its smart car security solution, AutoCrypt. AutoCrypt detects vehicular attacks from external systems utilizing its Application Layer Firewall, and has garnered significant attention with the increase in the news of vulnerabilities in smart cars.

CEO and Founder Seokwoo Lee attended the annual ICT Awards Banquet in Singapore in order to receive the award.

Regarding reception of the award, he stated, “We are honored to receive the Asian Cyber Security Vendor of the Year award. It confirms the 19 years of hard work we have put into development in information security.” He added, “We will continue to pursue excellence and growth in web and data security – not only in APAC, but worldwide.”

Having built relationships globally among enterprises and institutions, Penta Security Systems has grown rapidly along with the rise in demand for web and data security products. In 2015, its web application firewall (WAF) WAPPLES was acknowledged by Frost & Sullivan as the leading WAF in the APAC region in terms of market share.  The top WAF in Korea for three consecutive years, WAPPLES boasts a COCEP™ (Contents Classification and Evaluation Processing) engine, rather than traditional pattern-matching methods utilized by other cyber security vendors.


About Penta Security:

Penta Security Systems Inc. was founded in 1997 by CEO Seokwoo Lee. The company is a market leading provider of web and data security products, solutions, and services in the APAC region. Penta Security protects more than 117,000 websites. Additionally, it blocks more than 108,000,000 web attacks per month. Recognized by Frost & Sullivan, Penta Security Systems is the top Web Application Firewall vendor in the APAC Region based on market share.

For more information on Penta Security, please visit www.pentasecurity.com. For potential partnership inquiries, please send an email to info@pentasecurity.com. For more details on the Asia Pacific ICT Awards, please visit http://www.ict-awards.com/.

car security using gps or navigation

Security in IoT

Since its first introduction 15 years ago, the Internet of Things (IoT) has now become one of the hottest topics. These days, thousands of new IoT products are launched into the market each year. Although the first IoT product was only a modified Coca Cola machine, IoT is now a part of our everyday lives. Now, we feel that this is a great change. Information security is often a neglected topic, but with IoT, it’s begun to turn heads.

Stories have been already published to show that security measures are needed for IoT products as IoT hacks are on the rise. With smart car hacks, baby monitors hacks, and children’s toys hacks running rampant, we have to ask about security. Technically speaking, not all IoT products need security. Children’s bracelets that only sense a child’s mood through body temperature do not need as many security measures compared to bracelets that track a child’s location. Security is often concerned only when data is evaluated as being valuable when compromised.

How Is Security Different for IoT Businesses?

Currently, there are three major types of security that businesses regularly use:

Physical Security

Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damages. Examples of physical security include CCTV surveillance, security guards, access control protocols, etc.

Information Security

The second type of security is information security. Information security is a set of business processes that protects information regardless of how the information is formatted or whether it is being processed, in transit or stored. The most common methods of information security are: encryption, malware detection, and digital signatures.

different security for IoT

Convergence Security

The third and newest type of security is convergence security. Although the quickest growing, convergence security is a new security concept. Its meaning is just what its name suggests—a convergence or combination of physical and information security. With convergence security, the security systems of a company are joined together with the company’s IT solutions. This allows the company’s physical security to play an integral role to IT. Perhaps it may become the ultimate solution to IoT security.

Many people are mistaken that convergence security is difficult to develop. However, it is just the action of incorporating information security technology to existing industry systems. Convergence security is just the act of customizing physical and information security to an industry’s protocol. It does not require a whole new concept of security algorithms. For example, if a manufacturing factory is transitioning into a smart factory, where all the equipment is automated, security is needed to ensure that hackers do not interfere with manufacturing schedules and output. The factory can then work with an information security firm to make sure previous physical security measures are updated with the newly implemented information security scheme, thereby maintaining their existing security measures while updating protocols to meet industry convergence security standards.

Top Five Industries of IoT Security Development

The development of IoT can be categorized into five different industries. Just as industries vary with the type of data or functions that they process, their actual security regulations also vary. For example, the automotive industries security regulations are much stricter than those of consumer electronics. Also, the extent of what security solutions have actually developed is based on the extent in which that industry has been developed. Because as the demand for the product or service skyrockets, so does the demand for its security. Because of these reasons, five industries have been identified as focal points in the demand for IoT security development.

1. Automotive

Probably the most pressing IoT security issues is smart car technology. Duk Soo Kim, the CTO of Penta Security Systems, said that “Security technology has been used to protect the assets of businesses and people, while smart car security protects those people’s lives.” It is clear that hacking smart cars or transportation system/traffic information systems can directly lead to serious physical damage and/or casualties. The US Department of Transportation has already taken key steps toward requiring security technology to be installed in every smart car in the U.S by proposing regulations for standard Vehicle-to-Vehicle (V2V) technology. Smart car security solutions such as AutoCrypt, CycurLIB, ArgusIDPS and Aerolink are already available in the market.

2. Consumer Electronics

Consumer electronics are the most common of IoT products. From major tech conferences, such as CES and the Internet of Things World Forum to television commercials, you can see that IoT is quickly becoming a part of our common lives. Although we have seen a surge in consumer electronic hacks in the past couple of years, the focus of smart consumer electronics remains to be “connectivity,” with little focus on security development. For example, home appliance manufacturers call its new refrigerator as “family hub” since items are more connected, but home appliance companies often don’t highlight how the data being collected is protected. Much to our surprise, reports of refrigerators containing spam began circulating starting in 2014, awakening the dangers of what is called thingbot.

3. Smart Office

Smart offices, also known as smart buildings or smart businesses, are a rising trend in companies. With the rising concern that smart offices are an easy target to hackers, it is imperative to develop smart office security as hackers can affect a business’ productivity when they access a building’s communications system. Security for standard buildings have been incorporated in the the past. However, smart offices now involve managing and restricting access that include physical, remote, network, and device level factors.

4. Smart Factory

A smart factory is a factory with a fully integrated automation solution in its facility. In smart factories, industrial control systems (ICS), which are computer based systems, are installed to monitor and control industrial processes such as power, oil, gas pipelines, water distribution and wastewater collection systems.

The most used type of ICS is Supervisory Control And Data Acquisition (SCADA), which allows factory workers to simplify their operational duties by only needing to use electronic communications instead of local documents. Despite its convenience, SCADA is not completely secure as it was proven during the huge malware attack in June 2014 in the European SCADA systems. A malware called Stuxnet was uploaded to European SCADA control systems and sabotaged major confidential projects as well as industrial control system software.

5. Smart Grid

A Smart Grid is when Information and Communications Technology (ICT) is incorporated with the existing electric grids so that the information about producing and consuming electricity is exchanged in real time. According to the U.S. Congressional Research Service, attacks on the U.S. power grid are continuing to increase. As countries’ economies, governments and securities rely on electricity, there is a need to build strong convergence security around smart grids’ industrial control systems.

These five categories vary in terms of their services and information processed, but it is imperative any company that deals with people’s safety (both physical and digitally) must invest in security. For products that are integrated with IoT, physical or information security is no longer safe enough. As the demand for IoT products and services increase, these companies need to commit to creating convergence security systems that completely secure customers’ products and private information.


This blog post was originally featured on cloudbric.com. Visit their blog for more insight, news, and accessible information on web threats and trends. If you would like to learn more about Cloudbric’s logic-based WAF service, please contact info@cloudbric.com.

Penta Security releases “AutoCrypt,” a solution for intelligent vehicle security

Integrated technologies that are mandatory for intelligent vehicle security

Data encryption and web security provider Penta Security Systems Inc. announced the release of “AutoCrypt,” a new brand for intelligent vehicle security on August 7, 2015.

Cars have come a long way from a mere power engine to the high-tech vehicles of today through convergence with various information technologies. Intelligent vehicles are human-friendly cars. They can recognize the internal and external situation, provide protection and convenience, and communicate with drivers. Recently released cars have GPS installed as default, and there are NFC, Bluetooth, Wi-Fi, LTE, and 4G technologies integrated in to them. This is in order to connect with internal and external devices. With that being said, people expect intelligent vehicles to be the heart of IoT in the future.

However, these connections can be used as a path for various hacking attempts, which is a side effect of these technologies. Security for automobiles including intelligent vehicles can be a threat to people’s lives directly. It is safe to say that car security is more important than any other ICT security.

AutoCrypt, Smarter and Safer Driving

The newly released AutoCrypt is an intelligent vehicle security solution researched and developed for 7 years at Penta IoT Convergence Lab(PICL). The solution includes the world’s first WAF for cars. This detects all attacks that comes from external systems to the car’s internal system through application layer (L7). It also manages the life cycle of various encryption keys that are used inside of the car, certificate, internal secured communication, and external secured communications. All of these are mandatory for intelligent vehicles.

Also, AutoCrypt secures the communication between a car and external things. It provides Secure Credential Management(SCM) system that manages and audits all records of encryption keys and certificates that are used within a vehicle including Certified Authority(CA), Registration Authority(RA), Linkage Authority(LA) that vehicle PKIs consist of.

Penta Security CTO Duk Soo Kim remarked, “We have tried to protect the assets of enterprises and people, but intelligent vehicle security protects people’s lives. Last year, Penta Security was able to start a product line of car security solutions. We have developed a vehicle communication technology that meets international standards. It was the first among Korean companies. Now, we are happy to announce that we have released the intelligent security brand AutoCrypt. We will continuously try to develop innovative solutions like AutoCrypt as a market leader in Korea.”

For more information regarding Autocrypt, head to Penta’s car security page. To contact regarding possible partnerships, please email mktg@pentasecurity.com.