Identity Management and Information Security News for the Week of September 29; Palo Alto Networks, Sony, ProofID, and More

The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of September 29. This curated list features identity management and information security vendors such as Palo Alto Networks, Sony, ProofID, and more.

Immersive Labs Unveils Enterprise-Class Cyber Skills and Resilience Platform

Immersive Labs, a cyber resilience solutions provider, this week unveiled the expansion of its “enterprise-class, AI-ready” platform, now with coverage across the entire organization through its new Workforce Exercising solution. Immersive Labs’ new Workforce Exercising solution leverages the latest behavioral science techniques using relatable content and labs to immerse employees in vital cyber capabilities and best practices. The new solution allows cyber leaders to assess different departments – such as high-value targets like Finance and Supply Chain teams – and gain insights through the Immersive Labs Resilience Score to identify and fill skills gaps.

Read on for more.

National Student Clearinghouse Data Breach Impacts 890 Schools

U.S. educational nonprofit National Student Clearinghouse (NSC) has disclosed a data breach affecting 890 schools using its services across the United States. In a breach notification letter filed with the Office of the California Attorney General, Clearinghouse said that attackers gained access to its MOVEit managed file transfer (MFT) server on May 30 and stole files containing a wide range of personal information. The personally identifiable information (PII) contained in the stolen documents includes names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records (e.g., enrollment records, degree records, and course-level data).

Read on for more.

“All Your Base Are Belong to Us” Ransomware Group Claims “All” of Sony’s Console Data

Ransomware group Ransomed.vc claims to have successfully breached Sony Group and is threatening to sell a cache of data stolen from the Japanese company. While its claims remain unverified, Cyber Security Connect reports that the relative ransomware newcomer “has racked up an impressive amount of victims” since bursting onto the scene last month. “We have successfully compromissed [sic] all of sony systems,” the group claimed on both the clear and dark nets. “We won’t ransom them! We will sell the data. Due to Sony not wanting to pay. DATA IS FOR SALE.”

Read on for more.

Baffle Unveils Data Security for Generative AI Platform

This week, Baffle, Inc. unveiled “the first and only” solution for securing private data for use in generative AI (GenAI) projects that integrates seamlessly with existing data pipelines. With Baffle Data Protection for AI, companies can “accelerate GenAI projects knowing their regulated data is cryptographically secure and remain compliant while minimizing risk and gaining the benefits of a breakthrough technology.” With Baffle Data Protection for AI, sensitive data is encrypted with the advanced encryption standard (AES) algorithm as it is ingested into the data pipeline. When this data is used in a private GenAI service, sensitive data values are anonymized, so cleartext data leakage cannot occur even with prompt engineering or adversarial prompting. And because sensitive data remains encrypted no matter where the data may be moved or transferred in the GenAI pipeline, unauthorized users cannot see private data in cleartext, and companies are able to meet specific compliance requirements, such as GDPR’s right to be forgotten, by simply shredding the associated encryption key.

Read on for more.

ProofID Acquires Regatta Solutions Group

Identity and Access Management (IAM) specialist ProofID has announced this week that it has acquired Identity Governance and Administration (IGA) integrator, Regatta Solutions Group. The acquisition unites the competencies of both organizations as leading integrators of Ping Identity and SailPoint solutions respectively – whilst positioning the company as a provider of enterprise identity solutions and global identity managed services. The combined business is projected to generate more than $32 million in revenue in 2023. Based in Austin, Texas with 35 identity specialists, the company will initially trade as ‘Regatta, a ProofID company’ and will subsequently be fully integrated into ProofID, creating IAM solutions and managed service provider (MSP) across Europe and North America.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Contributed Content Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry thought leaders together to publish the web’s leading insights for enterprise technology practitioners.

What to Expect at Solutions Review’s Solution Spotlight with Zscaler on October 5th

With the next Solution Spotlight event, the team at Solutions Review has partnered with Zscaler to provide viewers with a unique webinar called Deliver Fast and Secure Digital Experiences for the Modern Hybrid Workforce. In this webinar, attendees will hear how to efficiently detect, triage, and resolve IT incidents that have global, regional, or user-specific impact, at scale. Solutions Review’s Solution Spotlights are exclusive webinar events for industry professionals across enterprise technology. Since its first virtual event in June 2020, Solutions Review has expanded its multimedia capabilities in response to the overwhelming demand for these kinds of events. Solutions Review’s current menu of online offerings includes the Demo Day, Solution Spotlight, best practices or case study webinars, and panel discussions. And the best part about the “Spotlight” series? They are free to attend!

Read on for more.

Unspoken Online Risks for Seniors

Chris Olson of The Media Trust speaks on the unspoken online risks for seniors and how to virtually protect our most vulnerable citizens. Your parents, grandparents, and elderly neighbors are under attack. Every time they access the internet — read the news, look up the weather, buy an online gift, place a grocery delivery order, log into a social platform — these aging adults are at risk of malware. From phishing and credit card theft to exploit kits and backdoors, these attacks often happen without their knowledge. Even worse, many attacks are scouting missions, seeking to better understand an individual in preparation for launching future, larger-scale, more harmful attacks. Unfortunately, antivirus, endpoint, or creative blocking security solutions don’t stop these issues, leaving seniors exposed.

Read on for more.

Dynamic Authorization Fulfills the Promise of Zero-Trust Architecture

Gal Helemski of PlainID examines how Dynamic Authorization fulfills the promise initially made by zero-trust architecture. Cybersecurity is a tough business for many reasons, foremost among them the fact that nine times out of ten, your most paranoid fears turn out not to be paranoid enough. Whatever worst-case scenario you might be worrying over, you can be sure a hacker is hard at work bringing something even worse to life. The only response to our current threat environment — in which ransomware attacks are continually on the rise — is an unflagging investment in true zero-trust network architecture. Only dynamic, granular, ultra-responsive authorization can truly keep businesses and consumers safe.

Read on for more.

The Best Defense Against Insider Threats: Securing Active Directory

Igor Baikalov of Semperis walks us through the ins and outs of an insider attack and why preventing it starts with protecting the Active Directory. Although external malicious actors receive most media attention, insider threats are on the rise, having increased by 44 percent over the past two years. Negligence by employees or contractors accounts for 56 percent of those threats; 26 percent of the threats result from malicious intent. For two-thirds of companies, insider-related incidents occur up to 40 times per year, with each incident incurring an average cost of $484,931— a high price to pay for those who are unable to catch insider threats in time. Regardless of intent, many organizations lack the ability to identify vulnerabilities that can result in insider abuse. Furthermore, many are unable to perform post-breach forensics to close backdoors left by malicious insiders. It’s clear that businesses need to improve their defenses against these growing and costly attacks.

Read on for more.

Widget not in any sidebars