Identity Management and Information Security News for the Week of February 9; Securiti AI, AttackIQ, senhasegura, and More

The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of February 9. This curated list features identity management and information security vendors such as Securiti AI, AttackIQ, senhasegura, and more.

Securiti AI Launches AI Security & Governance Platform

Securiti AI, a data security and management solutions provider, this week announced the release of its AI Security & Governance offering. It works by combining comprehensive AI discovery, AI risk ratings, Data+AI mapping, and advanced Data+AI security & privacy controls. This, in turn, helps organizations adhere to global standards such as NIST AI RMF and the EU AI Act, among over twenty other regulations. “Securiti AI continues to innovate, bringing a comprehensive AI Security & Governance solution to market that enables organizations to safely use AI,” said Ryan O’Leary, Research Director Privacy & Legal Technology at IDC. “It addresses the critical need for comprehensive governance strategies that go beyond basic risk assessments, offering a holistic understanding of AI utilization, system mapping, continuous monitoring, and granular controls to ensure robust end-to-end AI governance.”

Read on for more.

JPMorgan Fined Nearly $40 Billion for Two-Decade Legal Oversights

Banking giant JPMorgan Chase has suffered financial and possible reputational setbacks due to a series of legal oversights stemming from the firm’s failure to adhere to regulatory requirements. This has resulted in substantial fines that have brought attention to the banking industry’s broader challenges in combating related offenses. According to data compiled by Finbold, from 2000 to 2024, JPMorgan incurred fines totaling $39.34 billion for various violations. The largest fine, amounting to $13.46 billion, was related to toxic securities abuses. Failure to comply with investor protection policies resulted in a fine of $6.25 billion, followed by $5.36 billion for mortgage abuses. Additionally, banking violations led to fines totaling $4.26 billion during the same period.

Read on for more.

AttackIQ Secures Continuous Authority to Operate from the United States Marine Corps

AttackIQ, a vendor of breach and attack simulation (BAS) solutions and founding research partner of MITRE Ingenuity Center for Threat-Informed Defense (CTID), this week announced it has been granted a cATO by the U.S. Marine Corps Recruiting Command (MCRC). Senior officials granted this approval to launch the company’s BAS platform within the MCRC based on an in-depth, risk-based security assessment. AttackIQ is the first BAS platform to receive this cATO designation. It will enable the USMC MCRC to move from a traditional risk management framework ATO, which does not provide for continuous monitoring of risk, to a cATO, which supports continuous active penetration testing. AttackIQ’s cATO was successfully granted a Moderate classification after a thorough, multi-phase process that began in 2023 and included several levels of evaluations and rigorous security assessments. AttackIQ collaborated with SDA Solutions, LLC., a provider of “best-in-class” IT operations, systems and security engineering, cybersecurity, and test and evaluation solutions, to launch the process.

Read on for more.

Cohesity and Veritas Announce Merging of Companies

Cohesity, a leader in AI-powered data security and management, and Veritas, a leader in secure multicloud data resilience, today are announcing their definitive agreement under which Cohesity intends to combine with Veritas’ data protection business, which will be carved out of Veritas. Customers will benefit from the joint company’s scaled R&D investment, its “unwavering support for customer success,” and one of the industry’s most extensive partner ecosystems. Sanjay Poonen will lead the combined organization as CEO and President. Greg Hughes, CEO of Veritas, will serve as a Board member and strategic advisor to Poonen after the close of the transaction.

Read on for more.

Senhasegura Recognized as a 2024 Gartner Peer Insights Customers’ Choice

Senhasegura, a global provider of Privileged Access Management (PAM) solutions, announced this week that it has been recognized as a 2024 Gartner Peer Insights Customers’ Choice for Privileged Access Management. The company was also recognized as a Customers’ Choice for Midsize Enterprises. Of the 14 vendors included in the Gartner Peer Insights Voice of the Customer for PAM, senhasegura was the vendor with the highest percentage of customers willing to recommend its products, with a 99 percent rating, based on 74 reviews submitted as of November 2023. senhasegura also received the highest overall customer rating of 4.9 out of 5.0, the highest percentage of 5-star reviews (95 percent) as of December 2023, and the highest score in product capabilities with a 4.9 out of 5.0.

Read on for more.

Expert Insights Section

Watch this space each week as our editors will share upcoming events, new thought leadership, and the best resources from Insight Jam, Solutions Review’s enterprise tech community for business software pros. The goal? To help you gain a forward-thinking analysis and remain on-trend through expert advice, best practices, trends and predictions, and vendor-neutral software evaluation tools.

Live This Week: The Information Risk Podcast with David Loshin, Powered by Insight Jam

Recognized worldwide as an information management thought leader. David is a monthly columnist for TechTarget and frequently presents at The Data Warehousing Institute World Conferences, Enterprise Data World, the Data Governance and Information Quality conferences, and web-based seminars.

Read on for more.

What to Expect at Solution Review’s Solution Spotlight with Broadcom on March 14th

Solutions Review’s Solution Spotlight with Broadcom is an hour-long discussion and software demo focusing on key challenges and best practices for NOC operations. In this session, you will learn the best practices for overcoming modern network complexity hindering quality network delivery experiences. This includes networks you manage and those you don’t like ISP and cloud providers. Proven outcomes include optimizing your NOC operations, proving your innocence faster, and achieving 85 percent alarm noise reduction. Featuring NetOps by Broadcom’s Chief Technical Evangelist, Jeremy Rossbach, as guest speaker.

Read on for more.

Identity Management is the New Perimeter

Sergey Medved of Quest Software examines why, in the wake of SEC charges against SolarWinds, enterprises need to shift their focus to identity management. Recent SEC charges against the CISO of SolarWinds shook many in the cybersecurity industry as they made real the long-lasting consequences of cyber incidents. The charges also focused attention on the method used to leverage compromised SolarWinds systems way back in 2020: abuse of privileged accounts. Once attackers gained access to the privileged account status of SolarWinds deployments, they were able to do essentially whatever they wanted within numerous SolarWinds customers. The memories the SEC action conjures are needed, as many organizations are still working to get full control over privileged access to their systems. In fact, many are now considering a broader approach to identity management in general, when thinking about securing privileged identities. With the demise of workplace physical computing perimeters, due to factors such as cloud migrations and dispersed workforces, identity has become the real new enterprise computing perimeter.

Read on for more.

SEC Cybersecurity Disclosure Rules: What You Need to Know

Sanjay Bhakta of Centific walks us through the new SEC Cybersecurity Disclosure rules, and what this means for enterprises. Incredibly valuable yet infinitely reproducible, digital information is the target of countless prospectors in the modern gold rush, making its protection paramount. To that end, the U.S. Securities and Exchange Commission (SEC) has stepped into the digital arena with new cybersecurity incident disclosure rules. These rules, aimed at enhancing transparency and strengthening investor confidence, represent a pivotal change in regulatory requirements. But — between the nuances of these rules, their implications, and the challenges they pose for compliance — what does all this mean for you?

Read on for more.