The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of July 7. This curated list features identity management and information security vendors such as SandboxAQ, Dig Security, Kivera, and more.
Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.
Identity Management and Information Security News for the Week of July 7
DISA Awards SandboxAQ Other Transaction Authority Agreement
SandboxAQ, a quantum security solutions provider, this week announced it has been awarded the Prototype Quantum Resistant Cryptography Public Key Infrastructure Other Transaction Authority Agreement by the U.S. Defense Information Systems Agency (DISA). DISA, which provides a globally accessible enterprise IT infrastructure in direct support to joint warfighters, national-level leaders, and other mission and coalition partners, selected SandboxAQ from a pool of vendors after a three-phase process. To deliver on this program, SandboxAQ selected Microsoft, which will provide the DevSecOps platform, and global systems integrator Deloitte & Touche LLP for their respective software and services capabilities.
Dig Security Announces Support OCR For Image Classification
Dig Security, a data security solutions provider, this week announced it has added support for Optical Character Recognition (OCR) to the Dig Data Security Platform. Dig can now detect sensitive customer data in image files, such as passports and driver’s licenses, that are stored in multi-cloud environments. OCR capabilities are critical as enterprises increasingly collect and store data in image files, and unless they can map all the sensitive data, it remains open to mass exposure. The new OCR capabilities enable Dig customers to identify sensitive data hidden in image files and move it to a secure environment. In one user’s environment — a company that validates customers via a driver’s license or passport — Dig found that the number of images containing Personal Identifiable Information (PII) was as high as the total number of customers. Dig found 80K images in one bucket.
Thales Report: “Cloud Assets the Biggest Targets for Cyberattacks”
Thales, a cloud security solutions provider, announced the release of the 2023 Thales Cloud Security Study, its annual assessment on the latest cloud security threats, trends and emerging risks based on a survey of nearly 3,000 IT and security professionals across 18 countries. This year’s study found that more than a third (39 percent) of businesses have experienced a data breach in their cloud environment last year, an increase on the 35 percent reported in 2022. In addition, human error was reported as the leading cause of cloud data breaches by over half (55 percent) of those surveyed. This comes as businesses reported a dramatic increase in the level of sensitive data stored in the cloud. Three quarters (75 percent) of businesses said that more than 40 percent of data stored in the cloud is classified as sensitive, compared to 49 percent of businesses this time last year. More than a third (38 percent) ranked Software as a Service (SaaS) applications as the leading target for hackers, closely followed by cloud-based storage (36 percent).
Deloitte and the World Economic Forum Collaborate to Launch the Quantum Readiness Toolkit
This week, in collaboration with Deloitte, the World Economic Forum (The Forum) released actionable guidance to help protect organizations during the rapid development of quantum computing technology. The Quantum Readiness Toolkit provides specific guidance in line with the overall framework presented in last year’s flagship report, Transitioning to a Quantum-Secure Economy. Advancements in quantum computing have the potential for systemic cybersecurity risk, whether through increased breaches of sensitive health and financial personal data, compromised private communications, or forged digital versions of information, identities and sensitive data. The new paper, Quantum Readiness Toolkit: Building a Quantum Secure Economy, outlines five principles businesses and organizations should follow when building their quantum security readiness.
Kivera Welcomes Joe Lea as CEO
Cloud security company Kivera this week announced the appointment of Joe Lea as Chief Executive Officer of the company. In this role, Lea will oversee and manage the company in its mission to “provide a generational leap in cloud security through proactive policy enforcement.” He will focus on the operations as well as the strategic direction for Kivera, ensuring growth and success of Kivera’s Cloud Security Protection Platform (CSPP). Lea is a veteran in the enterprise and cybersecurity spaces. With 25 years of operating experience including serving Boards of Directors and advising startups, he most recently held the role of President at Shift5 where he managed operations as the company raised its Series A through B rounds while deepening its customer base within the U.S. Department of Defense (DoD). Before that, Lea led Product for IoT security trailblazer and asset intelligence platform, Armis, from its earliest days through its unicorn status. Prior to that, Lea led Product at Tanium, the endpoint management and security platform used by half of the Fortune 500 which is valued at $10B.
Expert Insights Section
Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.
Prioritizing Vulnerabilities Through Knowledge and Automation
Jacob Baines of VulnCheck examines how automation and shared knowledge can aid teams in prioritizing vulnerabilities. CISOs and security teams are at a real disadvantage these days in dealing with the exponentially growing list of software vulnerabilities. Teams are inundated every month with new lists of weaknesses via Patch Tuesdays, threat research from cybersecurity organizations, and other vendor resources. The challenge, however, is knowing which vulnerability to fix first, which is an increasingly complex problem as workloads continue to increase. It can leave teams working to address minor or low-priority threats while letting more critical ones linger for months or longer. The need to prioritize the most severe vulnerabilities and fix them quickly is urgent, as research shows they can be exploited in a matter of days. But while the information on new vulnerabilities that organizations regularly receive is helpful, it doesn’t offer much assistance in identifying which poses the most significant risk to them. In this new threat environment, the need to establish a process for assessing the risks posed by a vulnerability is just as critical as identifying them in the first place.
- Identity Management and Information Security News for the Week of July 7; SandboxAQ, Dig Security, Kivera, and More - July 7, 2023
- Identity Management and Information Security News for the Week of June 23; Brinqa, Securiti, Baffle, and More - June 22, 2023
- Debunking 7 Common IAM Myths - June 20, 2023