Latest news with #SBOMs
Yahoo
18-06-2025
- Business
- Yahoo
Cybeats Views EU Adoption of Cyber-Crisis Blueprints as Market Inflection Point
Toronto, Ontario--(Newsfile Corp. - June 18, 2025) - Cybeats Technologies Corp. (CSE: CYBT) (OTCQB: CYBCF) ("Cybeats" or the "Company"), a leading provider of software supply-chain security, commends the European Union Agency for Cybersecurity's (ENISA) formal adoption of the EU Cyber-Crisis Management Blueprint (the "Blueprint"). The formal adoption, which includes mandatory SBOM data exchange across national borders, represents a seismic shift in global software supply chain security. For Cybeats, it opens a unified, operationally enforced market for its platform across 27 countries.1 This new Blueprint contains a continent-wide framework that requires Member States to exchange security incident data via machine-readable artefacts, most notably Software Bills of Materials ("SBOMs"), during all stages of a cyber-incident lifecycle. "Europe is transforming SBOM from a best practice into an enforceable legal requirement," said Justin Leger, CEO of Cybeats. "Regulatory agencies, national governments, and industry giants are all arriving at the same answer: SBOMs are essential. Cybeats is the solution designed specifically to turn that requirement into operational value." The announcement follows DIGITALEUROPE's June 2025 cyber recommendations2, urging for the creation of a single reporting portal, and calling for mutual recognition of NIS2 audits across Member States, and proposing a 12-month transition before CRA essentials like SBOM generation become mandatory.3 The Blueprint adds the critical "operations layer" to the Cyber Resilience Act by specifying how SBOM data will flow between national authorities, ENISA and industry, accelerating coordinated responses to supply-chain attacks. SBOMs are becoming unavoidable across the EU, with regulations like CRA, NIS2, and the new Blueprint mandating them as digital compliance proof in procurement by 2026-27. However, SBOMs are more than compliance checkboxes: the Blueprint repositions them as real-time data tools for security response, boosting demand for continuous analytics platforms like Cybeats. Meanwhile, Digital Europe's proposed self-assessment and single EU portal make early compliance easier, accelerating adoption by thousands of smaller suppliers. Cybeats SBOM Studio addresses Europe's new SBOM rules via: Supports SPDX, CycloneDX 1.5+, and VEX formats for EU compliance. Automated APIs for SBOM and vulnerability submission to future ENISA portals. Aligns with CRA, NIS2, and Blueprint operational workflows. The Company announces that Chris Malkhassian has resigned from the Board of Directors of the Company, effective May 22, 2025. The Company thanks Mr. Malkhassian for his contributions, and wishes him all the best in his future endeavours. The Company intends to issue 181,048 common shares in a debt settlement of $22,631, at a deemed price of $0.125 per share. About Cybeats Technologies Corp. Cybeats Technologies Corp. (CSE: CYBT) (OTCQB: CYBCF) is a cybersecurity company providing Software Bill of Material (SBOM) management and software supply chain intelligence technology, helping organizations to manage risk, meet compliance requirements, and secure their software from procurement to development and operation. Cybeats platform gives customers comprehensive visibility and transparency into their software supply chain, enabling them to improve operational efficiency, increase revenue, and align organizations with current and future regulations. Cybeats. Software Made Certain. Website: Contact: Justin Leger, CEOPhone: 1-888-713-SBOM (7266)Email: ir@ Sean Peasgood, Investor RelationsPhone: (905) 667-6761Email: Sean@ Forward-looking Information Cautionary Statement Except for statements of historic fact, this news release contains certain "forward-looking information" within the meaning of applicable securities law. Forward-looking information is frequently characterized by words such as "plan", "expect", "project", "intend", "believe", "anticipate", "estimate" and other similar words, or statements that certain events or conditions "may" or "will" occur. In particular, this news release contains forward-looking information relating to, among other things, the Company's expectations with respect to the use of proceeds and the use of the available funds following completion of the Offering, and the completion of the Offering. Forward-looking statements are based on the opinions and estimates at the date the statements are made and are subject to a variety of risks and uncertainties and other factors that could cause actual events or results to differ materially from those anticipated in the forward-looking statements including, but not limited to delays or uncertainties with regulatory approvals, including that of the CSE. There are uncertainties inherent in forward-looking information, including factors beyond the Company's control. There are no assurances that the commercialization plans for the products described in this news release will come into effect on the terms or time frame described herein. The Company undertakes no obligation to update forward-looking information if circumstances or management's estimates or opinions should change except as required by law. The reader is cautioned not to place undue reliance on forward-looking statements. Company filings are available under the Company's SEDAR+ profile at 1 2 3 To view the source version of this press release, please visit Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
03-06-2025
- Business
- Yahoo
Cybeats Expands Contract by 34% with Fortune 500 Water Infrastructure Company to Secure Global Treatment Plants
Toronto, Ontario--(Newsfile Corp. - June 3, 2025) - Cybeats Technologies Corp. (CSE: CYBT) (OTCQB: CYBCF) ("Cybeats" or the "Company"), a leading provider of software supply-chain security, announces that the Fortune 500 water-technology company first disclosed on May 30, 2024 has renewed and expanded its SBOM Studio licence effective May 1, 2025. The contract renewal and expansion extends Cybeats monitoring to additional treatment-plant controllers, pumping-station firmware, and cloud analytics platforms used on four continents. "Twelve months of solid performance led to a bigger license footprint with this Fortune 500 client," said Justin Leger, CEO of Cybeats. "Regulations like the EPA's 2024 advisory and the EU Cyber-Resilience Act are pushing water-sector operators to take SBOMs seriously. That's driving interest in what we do, and it's helping us grow within key accounts. These wins are a big part of our 148% net revenue retention and our strategy of building recurring revenue through long-term renewals." In its 2024 annual report, the UK utility Southern Water disclosed £4.5 million in costs responding to a ransomware attack, highlighting the growing financial toll of cyber threats on critical infrastructure operators.[1] Around the world regulators and enterprises in energy, healthcare, finance, and other sectors are aligning with international frameworks such as ISO SAE 21434 and NIST guidelines.[2] Software Bills of Materials provide a scalable way to track vulnerabilities, manage open-source risk, and prove compliance across borders. Cybeats remains well-positioned to meet this growing demand by delivering the visibility and automation required to secure the modern software supply chain. About Cybeats Technologies Corp. Cybeats Technologies Corp. (CSE: CYBT) (OTCQB: CYBCF) is a cybersecurity company providing Software Bill of Material (SBOM) management and software supply chain intelligence technology, helping organizations to manage risk, meet compliance requirements, and secure their software from procurement to development and operation. Cybeats platform gives customers comprehensive visibility and transparency into their software supply chain, enabling them to improve operational efficiency, increase revenue, and align organizations with current and future regulations. Cybeats. Software Made Certain. Website: About Cybeats SBOM Studio Cybeats SBOM Studio is the management solution for your software security lifecycle. SBOM Studio is an enterprise-class solution that helps you understand and track third-party components that are an integral part of your own software. Use SBOM Studio to document what you have and where it came from, and plan for the maintenance that will prevent security posture degradation over the life of your software. Features include: Quality Analysis & Auto-Correction of Data - AI-Driven SBOM Enrichment automates software transparency, making SBOMs more structured, actionable, and machine-readable. Reclassify software components and applications for accuracy, verification, and enhanced usability. Real-Time Vulnerability Monitoring - Continuous tracking of security risks from discovery to resolution, enhancing software supply chain resilience. Regulatory Compliance & Secure Distribution - Streamlines adherence to cybersecurity mandates, simplifies audits, ensures structured data management, and enables secure SBOM sharing across stakeholders. Scalable Enterprise Deployment - Support seamless integration across multi-tenant environments and complex supply chains, improving visibility from procurement to deployment. Enhanced Security & Asset Visibility - Provides structured way to ingest, machine-readable SBOMs that strengthen software risk assessment for critical infrastructure, including energy, healthcare, and defense sectors. Contact: Justin Leger, CEOPhone: 1-888-713-SBOM (7266)Email: ir@ Sean Peasgood, Investor RelationsPhone: (905) 667-6761Email: Sean@ Forward-looking Information Cautionary Statement Except for statements of historic fact, this news release contains certain "forward-looking information" within the meaning of applicable securities law. Forward-looking information is frequently characterized by words such as "plan", "expect", "project", "intend", "believe", "anticipate", "estimate" and other similar words, or statements that certain events or conditions "may" or "will" occur. In particular, this news release contains forward-looking information relating to, among other things, the Company's expectations with respect to the use of proceeds and the use of the available funds following completion of the Offering, and the completion of the Offering. Forward-looking statements are based on the opinions and estimates at the date the statements are made and are subject to a variety of risks and uncertainties and other factors that could cause actual events or results to differ materially from those anticipated in the forward-looking statements including, but not limited to delays or uncertainties with regulatory approvals, including that of the CSE. There are uncertainties inherent in forward-looking information, including factors beyond the Company's control. There are no assurances that the commercialization plans for the products described in this news release will come into effect on the terms or time frame described herein. The Company undertakes no obligation to update forward-looking information if circumstances or management's estimates or opinions should change except as required by law. The reader is cautioned not to place undue reliance on forward-looking statements. Company filings are available under the Company's SEDAR+ profile at [1] [2] To view the source version of this press release, please visit Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
30-04-2025
- Business
- Yahoo
The Pentagon must balance speed with safety as it modernizes software
The Department of Defense is at grave risk of being caught flat-footed by the next software vulnerability. When an adversary discovers it, the Pentagon may not know which systems are exposed until substantial damage has been done. This blind spot is dangerous. The Pentagon needs to balance expediting its software acquisition process with a better system for gauging prospective vulnerabilities and mitigating harm in the event of an attack. DOD understands the need for software modernization and is taking steps to improve both its development and procurement methods. A recent directive designates the Software Acquisition Pathway (SWP) as the primary process for creating both weapons and business systems. This necessary evolution marks a shift from lengthy, hardware-focused timelines to a faster and more flexible software-centric model. SWP streamlines development and emphasizes speed by allowing programs to share and repurpose software test results. While speed is important, this new approach also magnifies potential vulnerabilities: If a flaw goes undetected in one project or only comes to light after initial testing, there may be no subsequent security tests to identify it. This creates a critical visibility problem. Software is constantly changing. A system that passed security tests last month could be vulnerable today because of a newly discovered flaw in one of its dependencies. Without a clear record of what is inside each software package, there is no reliable way to assess whether existing test results still apply. To remedy these challenges, the Pentagon should require Software Bills of Materials (SBOMs) for all software it acquires and manages. SBOMs will prepare the Pentagon to quickly respond and mitigate software flaws that adversaries exploit to conduct espionage and disruptive cyberattacks. They should be complemented by Vulnerability Disclosure Reports (VDRs) from software's original producers and a centralized system to track and share this information across the DOD enterprise. SBOMs are digital manifests that list the ingredients of a software package — every component, version, and dependency. They give cybersecurity teams the context necessary to act quickly when a vulnerability emerges. Requiring SBOMs will enable the Pentagon to trace threats and pinpoint risk in minutes rather than hours or days. The benefits are not hypothetical. When the Log4Shell vulnerability hit in 2021, organizations with SBOMs immediately identified their exposure to the compromised Log4j library. Entities without them scrambled, manually combing through codebases and vendor lists. That sort of delay is not just inefficient in a defense setting — it is a catastrophe. Other countries recognize this as well. India, for example, has explicitly endorsed SBOM requirements in public sector procurement, while the British government has publicly acknowledged the benefits of SBOMs for tracing vulnerabilities in cyber components. Although SBOMs provide transparency into a product's components, they do not fully demonstrate whether a given vulnerability is exploitable. That is why the Pentagon should complement SBOMs with VDRs from the product's original developers to make that determination. When researchers discover vulnerabilities in component pieces of software, only the producer has the expertise to confirm whether the vulnerability affects their product. Similar to how a thorough home inspection reveals potential hazards or a Carfax report tracks issues with cars, a VDR is a dynamic document that details known weaknesses or issues with a software product. As a result, a VDR is just as essential to effective software risk assessment as an SBOM. Furthermore, SBOMs and VDRs save time and money. They reduce redundant testing, speed up incident response, and help acquisition teams verify that what they procure is safe. The up-front cost of implementation is small compared to the damage a breach could cause, not just in dollars but in mission impact. DOD policy already supports the principles behind SBOMs and VDRs. The SWP encourages continuous testing and automated security checks. Executive Order 14028 directs federal agencies to enhance software supply chain security and allows them to request SBOMs from vendors, particularly for critical software, as part of broader secure development and procurement practices. Guidance from the Office of Management and Budget states software suppliers must ensure no known exploitable vulnerabilities are present in software released to the market, a requirement echoed in the EU Cyber Resilience Act and CISA's Secure Software Attestation Form. The DOD Cybersecurity Test and Evaluation Guidebook, the Army's 2024 directive on software transparency and guidance from the National Institute of Standards and Technology reinforce this direction. The foundation is there, but the recommendations outlined here need to be put into practice. To do that effectively, the Pentagon also needs a plan to manage the information it gleans from SBOMs and VDRs. If each DOD office or military unit stores these artifacts in separate systems, the visibility problem will not disappear. Instead, DOD needs a centralized repository, a common platform where teams across the department can access SBOMs, VDRs and other attestations to inform decisions, track risks and avoid duplication. That capability already exists. CISA's Repository for Software Attestations and Artifacts (RSAA) portal provides centralized, secure storage for SBOMs and related artifacts, including VDRs, accessible to all U.S. government agencies. Leveraging RSAA as a government-wide resource requires no new infrastructure or cost, and it can serve as the backbone for software transparency efforts moving forward. Speed is critical. Speed without insight and security is a gamble. As the Pentagon races to modernize its software acquisition, it must do so with a clear knowledge of what it is operating. The solutions proposed here are easily implementable, cost-effective and will advance a secure supply chain worthy of the missions it supports. Dr. Georgianna 'George' Shea is chief technologist at the Foundation for Defense of Democracies' Center on Cyber and Technology Innovation and its Transformative Cyber Innovation Lab. She is at the forefront of cybersecurity innovation with nearly 30 years of pioneering experience across federal and commercial sectors.
Yahoo
30-01-2025
- Business
- Yahoo
Cybeats Expands Healthcare Client Base and Achieves 148% Net Revenue Retention in 2024
Toronto, Ontario--(Newsfile Corp. - January 30, 2025) - Cybeats Technologies Corp. (CSE: CYBT) (OTCQB: CYBCF) ("Cybeats" or the "Company"), a leading provider of software supply chain security solutions, announces two new strategic commercial contracts in the healthcare sector, supporting the growth of Cybeats in the Software Bill of Material ("SBOM") management market. The new contracts with two healthcare organizations further demonstrate strong momentum across the strategic objectives of the Company, especially in its medical device manufacturer ("MDM") vertical. The two healthcare organizations awarded contracts via competitive processes. Cybeats was successful, owing to its solutions' ease of integration, ability to meet regulatory requirements, demonstrated ROI, innovative features, scalability, support for multiple third-party SBOMs, market trust and leadership, and operational expertise. "MDMs are interested in SBOM solutions because of increasing regulatory pressure in the US and EU, improvements to patient safety, increasing risks to the software supply chain, and improved incident response," said Justin Leger, CEO of Cybeats. "Our continued success in scaling recurring revenues while retaining and expanding our Fortune 500 customer base speaks to the strength of our approach. This traction, alongside our strong financial performance, ongoing customer trials and conversion rates positions us well for sustained revenue growth as we enter 2025." Cybeats is also providing the following operational updates: 148% net revenue retention in 2024, at a rate well above the industry benchmark of 100-120%; $7+ million in total contract commitments in 2024, up from $3.8 million 2023, with the vast majority of revenue being annually recurring revenue; 90% conversion rate of product trial programs to long-term commercial license; new website and logo, showcasing Cybeats' its commitment to innovation and leadership in software supply chain security; SBOM Consumer product now supports integration with numerous asset management platforms, empowering users to link SBOMs to specific assets and monitor them continuously for risks, essentially operationalizing SBOMs for improved cybersecurity practices by the market of software product buyers. appointment of Chris Malkhassian as a new independent director to the Board of Directors, effective January 9, 2025; Attending S4x25 Cybersecurity Conference Cybeats also announces its participation in the S4x25 cybersecurity conference, taking place from February 11-13, 2025 in Tampa, Florida. This premier event brings together over 1,000 professionals from the operational technology and industrial control system sectors for impactful discussions, networking, and insights into the latest cybersecurity trends. These conferences have consistently generated high-quality leads, driving new deals and a growing pipeline for Cybeats. FDA Regulations on MDM The U.S. Food and Drug Administration's ("FDA") solidified its role in regulating medical device cybersecurity with its authority to approve or reject premarket submissions based on compliance with Section 524B of the Federal Food, Drug, and Cosmetic Act. This section mandates that MDMs provide a SBOM for their devices' commercial, open-source, and off-the-shelf software components. To proactively manage cybersecurity risks, MDMs must maintain an accurate inventory of device components, develop vulnerability management and risk assessment processes, provide device patches, and maintain device change records. The FDA's Refuse-to-Accept authority emphasizes the significance of SBOM management solutions like SBOM Studio. The National Security Agency and the U.S. Department of Defense released its 2023 recommended best cyber practices report, where Cybeats' SBOM Studio1 product is the only commercial service featured for managing SBOMs2. Learn more here about how Cybeats can help you to manage risk and meet evolving cyber regulatory requirements. About Cybeats Technologies Corp. Cybeats Technologies Corp. (CSE: CYBT) (OTCQB: CYBCF) is a cybersecurity company providing Software Bill of Material ("SBOM") management and software supply chain intelligence technology, helping organizations to manage risk, meet compliance requirements, and secure their software from procurement to development and operation. Our platform gives customers comprehensive visibility and transparency into their software supply chain, enabling them to improve operational efficiency, increase revenue, and align organizations with current and future regulations. Cybeats. Software Made Certain. Website: Contact:Justin Leger, CEOPhone: 1-888-713-SBOM (7266)Email: ir@ Sean Peasgood, Investor RelationsPhone: (905) 667-6761Email: Sean@ Forward-looking Information Cautionary Statement Except for statements of historic fact, this news release contains certain "forward-looking information" within the meaning of applicable securities law. Forward-looking information is frequently characterized by words such as "plan", "expect", "project", "intend", "believe", "anticipate", "estimate" and other similar words, or statements that certain events or conditions "may" or "will" occur. In particular, this news release contains forward-looking information relating to, among other things, the Company's expectations with respect to the use of proceeds and the use of the available funds following completion of the Offering, and the completion of the Offering. Forward-looking statements are based on the opinions and estimates at the date the statements are made and are subject to a variety of risks and uncertainties and other factors that could cause actual events or results to differ materially from those anticipated in the forward-looking statements including but not limited to delays or uncertainties with regulatory approvals, including that of the CSE. There are uncertainties inherent in forward-looking information, including factors beyond the Company's control. There are no assurances that the commercialization plans for the products described in this news release will come into effect on the terms or time frame described herein. The Company undertakes no obligation to update forward-looking information if circumstances or management's estimates or opinions should change except as required by law. The reader is cautioned not to place undue reliance on forward-looking statements. Company filings are available under the Company's SEDAR+ profile at 1https:// 2https:// To view the source version of this press release, please visit Sign in to access your portfolio
