About Us

TTEC Solved Cyber Security Incident

TTEC Holdings, world’s leading CX (customer experience) technology and service innovators for end-to-end digital CX solutions, resolved the cyberattack on its technology infrastructure.

TTEC noticed the cybersecurity incident on September 12 and began remediation and recovery efforts immediately. The incident was contained after the company isolated the affected systems and implemented other corrective measures. In addition, the company has launched a full investigation into the cyberattack, and it is using the results of that investigation to help its own cyber security measures. Despite initial setbacks, TTEC is now up and running all over the world.

“TTEC moved quickly and decisively to identify, contain, and resolve the cyberattack. In just five days our team moved aggressively to rebuild and further solidify our processes and infrastructure. TTEC continues to prioritize our client and people-facing processes and systems,” said Ken Tuchman, TTEC chairman and CEO.

Tuchman said, “I am humbled by the effort and resilience that the TTEC family showed during the past few days, and their continued hard work to support our clients. Our expertise in business continuity and incident response allowed us to continue to serve our clients, despite the many complications presented in this incident.”

The firm has completed the initial recovery measures, strengthened its cyber security, and is in the process of wrapping up its investigation and evaluating the incident’s effect on the organization.

Omada and SecZetta Collaborate to Decrease Threat of Third-Party Breaches

Omada, a worldwide provider of Identity Governance and Administration (IGA) solution announced an integration with SecZetta, a leading provider of third-party identity risk management solutions. Companies will be able to minimize the risk of third-party data breaches as a result of the integration.

SecZetta delivers easy-to-use, purpose-built third-party identity risk solutions to assist organizations in implementing risk-based identity access and lifecycle strategies for third-party non-employee populations such as contractors, supply chain, suppliers, partners, bots, and more. SecZetta information on managing third-party identities, onboarding, role changes, contract extension, termination, and identity risk management is used by Omada to help third-party users make better access decisions.

Companies are in danger because of this absence of protocol with non-employees; an estimated two-thirds of data breaches nowadays are caused by a third party. Businesses require a way to track and manage all of the people and things who have access to corporate systems. SecZetta uses a collaborative onboarding process to gather contextual information on third-party non-employees, which it then sends to Omada for providing and de-provisioning of access, as well as identity governance and access for SecZetta’s customers.

“Organizations are hyper-focused on adopting Zero Trust policies in the hope of reducing the risk of access-related cybersecurity incidents. Our integration with Omada enables organizations to extend the diligence they have around providing least privilege access to employees to their riskier, non-employee users,” said Jeremy Rohrs, Senior Vice President of Global Sales & Business Development, SecZetta.

“With most organizations today relying on third parties to achieve business goals, it’s critical to get access management right. It’s a balance between security and productivity – and that’s what this integration provides. Organizations can work confidently with non-employees, knowing they are all fully accounted for without creating a drag on IT resources,” said Michael Garrett, CEO, Omada.

Xiaomi Showcased Privacy Rules and Protections Practices at June Meeting

At the Xiaomi Science and Technology Park, Xiaomi’s Security and Privacy Awareness Month ended today. Xiaomi showcased its information security and privacy protection procedures to its staff, industry professionals and the general public during the June activities. It also issued white papers on security and privacy, as well as a data security transparency report.

Xiaomi’s Security and Privacy Awareness Month is in its second year. The topic for this year was ” Security is our shared responsibility. Always think before you act.” The goal was to demonstrate Xiaomi’s dedication to industry-leading security and privacy standards, as well as its commitment to transparency.

“As a leading Android smartphone manufacturer, we carry a great responsibility. We are committed to letting consumers know how their personal information is collected, used, and protected. We are proud to say that Xiaomi upholds world-class standards on security, privacy, and transparency,” said Cui Baoqiu, Xiaomi Vice President and Chairman of Xiaomi Security and Privacy Committee.

Xiaomi has always prioritised the security and privacy of its users’ data. Xiaomi formed its Security and Privacy Committee in 2014. Xiaomi was the first Chinese company to receive TrustArc accreditation in 2016. In 2018, Xiaomi passed the European Union’s General Data Protection Regulation (GDPR) compliance assessment. Xiaomi’s security and privacy processes like ISO/IEC 27001 and ISO/IEC 27018 were certified in 2019. The first version of the MIUI security and privacy white paper were published.

Employees and guests learnt about security and privacy issues during this year’s month-long event. These included an interactive exhibition on how to preserve personal information. Employees were also given classes from Xiaomi’s Security Academy, which covered subjects such as “How to Stick to Privacy Protection in Product Development,” “General Safety Research and Development,” and “Business Risk Control,” among others. Thousands of engineers were given the opportunity to act as “hackers” and compete in a coding competition to tackle privacy concerns as part of the Xiaomi Cup CTF competition.

During the month, two key privacy papers were released: the MIUI Privacy White Paper and the Xiaomi loT Privacy White Paper. They provide an overview of Xiaomi’s privacy rules and practices in MIUI and IoT products, as well as information on what types of user data are collected and how they are handled and safeguarded. They also showed the privacy policies of each MIUI app as well as all regularly used loT goods.

Xiaomi’s privacy protection principles are transparency, responsibility, user control, security, and compliance. Xiaomi complies with local regulations in every market where it operates. It will never stop producing safe and dependable products all around the world in order to enable everyone live a better life through innovative technology.

IoT Security – An Overview

The Internet of Things (IoT) is a network of physical objects or ”things” connected through the internet to transfer data using software, sensors and technology.

IoT security encompasses the processes, protocols and technologies to protect IoT devices and networks. It also includes devices that are not meant for network security, such as smart industrial machines, smart medical equipment, automobiles, entertainment gadgets and personal IoT gadgets like a fitness band or smartwatch that employees bring to work. IoT gadgets are being introduced into organizational and customers’ networks at a stunning rate. While IoT solutions are empowering and energizing new approaches to improve effectiveness, adaptability, and usefulness, they additionally carry a danger to the organization. IoT devices, which are frequently constructed without security, have become a new threat route for cyber criminals to improve their attacks.

Different Layers of IoT Security

Future IoT linked devices will have complicated levels of systems like hardware, firmware, and software functioning at various abstraction levels.  The constituents and actions of the layer are dependent on the layer underneath it. This establishes a security hierarchy and emphasizes the importance of having a solid foundation framework.  For example, the firmware relies on hardware and the operating system depends on firmware.

Standard Security framework

The unfortunate reality is that connected devices are possible targets for cyber attackers looking for unauthorised network access, illicit device control, or IoT users’ data theft. The devices from different organizations have different levels and types of securities that can result in unexpected security flaws and unsafe services. Hence, organizations developing IoT solution should collaborate and develop a basic Standard security framework.

Customer’s Trust

This is already proving to be true. Recent findings of security flaws in the new autopilot system of car models have prompted huge recalls and security improvement to some major automobile companies. The videos of hackers hacking software and controlling cars through poorly secured software systems were all over the news and social media. Users of IoT solutions are worried about the possible consequences of a cybersecurity compromise. It indicates that IoT security market will grow fast with many opportunities.

Customer’s Privacy

The Internet of Things (IoT) market is in the initial phase of growth. The Internet of Things (IoT) sector is quickly evolving and will go through numerous stages of development. Similarly, as the market evolves, issues about the privacy and security of customers will evolve. An IoT gadgets deals with personal information of customers, their purchase history, things they like (preferences), location and behaviour. Patients on IoT based healthcare system would want their personal real-time data to be sent to medical staff like doctors or nurses, not to healthcare insurance companies. As a result, security policies should be multidimensional in order to recognize and respond to potential market disruptions.

It is astonishing that most IoT users have been sluggish to adopt standard cyber security measures already available in the market. Less than 50% of organizations employing IoT claimed they have adopted security solutions like Identity and access management, firewall for DDoS protection, etc. Considering the ubiquity and importance of IoT devices in the future world controlling everything from household devices like lights, fans, ACs and other objects like car, organizations need to start implementing security measures as early as possible.