Welcome to Our Newsletter
Welcome to the latest edition of ISEC7’s monthly newsletter! This month we will share some exciting product updates and recertifications, industry news, and our most recent blog posts with you.
ISEC7 Product Updates
ISEC7 is pleased to introduce 7CEES – a dynamic, crypto-agile, and CSfC-compliant solution to future-proof the security of your data and communications networks. The problem with modern encryption is it relies on decades old methods for creating, distributing, and managing keys on endpoints, which makes today’s encrypted communications highly vulnerable to multiple current and future attack vectors. Thankfully, ISEC7’s 7CEES is a Zero Trust Network Access (ZTNA) platform that is crypto diverse and quantum safe, overlays into existing infrastructure, and offers zero downtime and zero latency, making it able to address post-quantum cryptography (PQC) migration challenges, crypto monoculture, and future threats all at once.
ISEC7 MAIL for iOS version 1.9.1 was recently released with added support for conditional access in Intune version, various improvements, and bug fixes. In addition, ISEC7 MAIL for Android version 1.9.11 is currently available as an open beta. New Features include support for mail-enabled public folders and defining separate signatures for new e-mails, replies and forwarded e-mails or e-mails to certain domains. Additionally, there is a new security setting to block screenshots, and app config attribute "Disable Maps" to prevent show route and show location integration.
Industry News: Apple Warns iPhone Users of Global Spyware Attacks
Apple has again warned iPhone users across 98 countries that they have been targeted by “mercenary spyware attacks,” which could compromise the personal data on their devices.
While iPhones are very secure, there are companies whose software can gain access to almost all the personal data stored on an iPhone. These companies pay large sums to hackers who discover vulnerabilities which can be used for zero-click exploits – where no user interaction is required by the target. If Apple detects activity consistent with a mercenary spyware attack, they notify the device owner. Victims are typically advised to use Lockdown Mode, where device functionality is limited to greatly reduce the “attack surface” of potential exploits and harden defenses.
With today’s ever-increasing security threats, ensuring your infrastructure and devices are protected is paramount. The team at ISEC7 has been working with companies in the private and public sectors to ensure their ecosystems are protected and their security posture endures through training and best practices. If you have any questions or concerns regarding spyware attacks and other data security risks, please reach out to the team at ISEC7, and we can complete a security assessment and help you navigate the options available to help strengthen and protect your infrastructure.
ISO Recertification
ISEC7 has just received several recertifications from the International Organization for Standardization (ISO). These include ISO 9001 and ISO 2015, which are international standards for Quality Management Systems (QMS), ISO 27001 – the world’s best-known standard for information security management systems (ISMS), and ISO 14001 – the internationally recognized standard for environmental management systems (EMS).
Early next year will see the final publishing of the Cybersecurity Maturity Model Certification (CMMC) program, which enforces cybersecurity standards for contractors and subcontractors that handle sensitive unclassified information for the Department of Defense (DoD). We are eagerly anticipating this publication so we can better position ourselves to be ready for the new CMMC requirements.
Thanks for Visiting Us at TechNet Cyber
We would like to thank everyone who came to visit our booth at AFCEA’s TechNet Cyber on June 25 – 27 in Baltimore, MD. We showcased all our proprietary solutions, particularly data marking and classification tool ISEC7 CLASSIFY, and we announced we are expanding ISEC7 CLASSIFY’s capability to include Microsoft Office Suite.
We enjoyed the opportunity to connect with partners, meet with current customers as well as promising prospects, and be a part of the conversation led by U.S. Cyber Command, DISA, the DoD CIO, and numerous industry and academia partners. This year, AFCEA is offering a dedicated virtual channel providing access to 13 recorded sessions from the event that qualify for continuing education credit and, for those interested, registration is free.
Our next event will be TechNet Indo-Pacific on October 22 – 24 in Honolulu, HI and if you are planning to register, you can book a meeting with us ahead of time.
Check out our latest blog posts:
The U.S. Department of Defense (DoD) recently released a memo to warn about unauthorized disclosure due to typographical errors, where the .mil domain (used by the U.S. military) was misused and .ml (corresponding to the country of Mali, Africa) used instead, leading to potential leaks of Controlled Unclassified Information (CUI).
This post, we will focus on cybersecurity attacks that require a little more than just training, with steps like enhancing your network architecture, implementing continuous monitoring, and enforcing encryptions, among others.  
You have probably heard about the cybersecurity attack developed by security researchers called “TunnelVision”...
Never miss an update! Follow us on LinkedIn:
ISEC7 Group & ISEC7 Government Services
ISEC7 Group
8 Market Place, Suite 402, Baltimore, MD 21202, USA
Tel: (866) 630-1893 | sales-na@isec7.com www.isec7.com