The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of September 16. This curated list features identity management and information security vendors such as Sumo Logic, SandboxAQ, Dig Security, and more.
Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.
Identity Management and Information Security News for the Week of September 16
Sumo Logic Adds Cloud SIEM to FedRAMP-Moderate Offering
Sumo Logic, a SaaS analytics platform, announced that Sumo Logic Cloud SIEM is now available as part of the Sumo Logic FedRAMP-Moderate offering. With this designation, Sumo Logic becomes the first cloud-native SIEM to deliver insights into on-premises and cloud environments for public sector organizations to help them navigate the growing global threat landscape. Sumo Logic also announced that it expanded its partnership with CloudHesive, a cloud-based Managed Security Services Provider (MSSP). CloudHesive will use Sumo Logic Cloud SIEM to strengthen the security posture for data and digital services required by the federal government security protocol – Cybersecurity Maturity Model Certification 2.0 (CMMC).
Ransomware Gang Threatens 1M-Plus Medical Records Leak
Two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs. Daixin Team has taken credit for a September 1 assault on Texas-based OakBend Medical Center, causing a shutdown of the organization’s communication and IT systems as well as exfiltrating internal data. The criminals claim to have stolen more than a million records including names, dates of birth, Social Security numbers, and patient treatment information. It’s not immediately clear if that’s one million patients affected or one million pieces of sensitive medical and personal info. The gang further warned a “full leak” of the data may follow, and claims to have shared employees’ personal information already as a download, presumably to prove it siphoned data and/or to chivy the healthcare group into meeting the extortionists’ demands.
Concentric AI Partners with Snowflake to Enhance Data Security Posture Management
Concentric AI, a vendor of intelligent AI-based solutions for protecting business-critical data, announced it has partnered with Snowflake, the Data Cloud company, to integrate its Semantic Intelligence solution. This integration benefits joint customers by making Concentric AI’s data security posture management capabilities readily available on the Snowflake Data Cloud. Semantic Intelligence offers Snowflake customers a comprehensive solution for data discovery, risk evaluation, and mitigation activities. This helps joint customers quickly scan data to establish least-privileges access controls and comply with regulatory requirements for personally identifiable information (PII), personal health information (PHI), and financial information (PCI). Semantic Intelligence operates continuously and autonomously, processing data on the Snowflake Data Cloud accurately and without IT overhead.
U-Haul Discloses Data Breach Exposing Customer Driver Licenses
Moving and storage giant U-Haul International (U-Haul) disclosed a data breach after a customer contract search tool was hacked to access customers’ names and driver’s license information. Following an incident investigation started on July 12 after discovering the breach, the company found on August 1 that attackers accessed some customers’ rental contracts between November 5, 2021, and April 5, 2022. The attacker accessed the U-Haul rental contracts search portal after compromising two “unique passwords.” While it didn’t explain how the credentials were compromised, the company changed them after the breach was detected to block additional malicious activity.
SandboxAQ Acquires Cryptosense
SandboxAQ, an enterprise SaaS company delivering the compound effects of AI and Quantum tech (AQ) to governments and the Global 1000, announced it has acquired Cryptosense, a cybersecurity and encryption analysis software company. SandboxAQ’s acquisition comes just weeks after the company unveiled its Strategic Investment Program and initial investment in evolutionQ. The acquisition of Cryptosense complements and accelerates the deployment of SandboxAQ’s Post-Quantum Cryptography (PQC) solutions to corporations and government institutions worldwide. SandboxAQ’s cybersecurity products enable large enterprises to scale cryptography management across their IT infrastructure, providing CISOs with a single, 360° view of how encryption is used throughout the enterprise – a critical first step in migrating to PQC.
Sift Welcomes Mary Writz as New Senior Vice President of Product
Sift, a Digital Trust & Safety platform, announced that Mary Writz has joined the Executive Leadership Team as Senior Vice President of Product. With over 20 years of experience in building and scaling cybersecurity solutions, Writz will lead Sift’s product strategy and development to help businesses secure every stage of the customer journey. Writz joins Sift after four years at identity management company ForgeRock, where she led the consumer identity product organization and helped the company through an IPO. Prior to ForgeRock, Writz held product leadership positions at Hewlett Packard and IBM where she focused on threat detection, machine learning, security intelligence, and targeted attack protection.
OneSpan Launches Virtual Room Enabling Secure Face-to-Face Transactions
OneSpan, the digital agreements security company, announced the general availability of its secure Virtual Room cloud service which enables organizations to deliver live, high-touch assistance to their customers in a high-assurance virtual environment. This next-generation customer engagement solution gives organizations the ability to balance identity security, authentication, and e-signature solutions from the broader OneSpan portfolio with a high-assurance virtual experience that is the next best thing to entering a branch or meeting in person. Virtual Room complements digital-first transaction experiences by providing a unique opportunity for organizations to create personalized, high-touch, human-assisted interactions, and by improving the customer experience, increasing agreement completion rates, and reducing security risks and fraud.
Dig Scoops Up $34M to Tackle Cloud Data Security
Startup data security company, Dig Security, has raised a $34 million Series A investment that going to be used to continue expanding its platform. The investment is being led by SignalFire, with Felicis Ventures, Okta Ventures and previous backer, cybersecurity-specialist incubator and investor Team8, also participating. Dig emerged from stealth and announced its $11 million seed round only in May of this year. The reason for the rapid follow-up is that the seed round had actually closed (and been used) some time before it was actually announced, and because the emergence from stealth found the company getting a lot of inbound contacts from customers and investors.
Editor’s Choice in e-Learning and Online Training: Security Architech, Udacity Nanodegree Program
You’ll master the skills necessary to become a successful security architect. Learn core strategies and implementation elements of security infrastructure design and management at an enterprise level.
For consideration in future news round-ups, send your announcements to firstname.lastname@example.org.