Identity Management and Information Security News for the Week of July 28; OneTrust, Veza, BTQ, and More

The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of July 28. This curated list features identity management and information security vendors such as OneTrust, Veza, BTQ, and more.

Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.

Identity Management and Information Security News for the Week of July 28

OneTrust Secures $150M Investment

OneTrust, a trust intelligence solutions provider, this week announced a $150 million funding round. This capital will bolster OneTrust’s continued growth to meet customer demand for trust intelligence software. The round was led by new investor Generation Investment Management with participation from existing investor Sands Capital, bringing the total funds raised to date to over $1 billion with a current $4.5 billion valuation.

Read on for more

DoControl Announces New Bulk Remediation Capability

DoControl, an SaaS Security platform, announced this week a new patent pending bulk remediation capability, which supports Google Shared Drives. By leveraging DoControl’s implementation, customers have the ability to remediate “hundreds of thousands of unwanted file permissions, mapping entire file system hierarchies, and presenting full visibility of the impact.”

Read on for more

Veza Welcomes Phil Venables to its Board of Directors

Veza, an identity security solutions provider, has announced the appointment of Phil Venables to its Board of Directors. Venables has more than 35 years of experience working in engineering, management, and board level advisory roles, including for The White House. Before joining a large global technology company as Chief Information Security Officer, Venables was a Partner at Goldman Sachs where he spent two decades in various risk and cybersecurity leadership positions, in particular as their first CISO, a role he held for 17 years. He has been Chief Information Security Officer for other multiple large banking companies like Standard Chartered Bank and Deutsche Bank. He is on the board of directors at HackerOne, Interos, New York University, and he serves in advisory roles for The President’s Council of Advisors on Science and Technology (PCAST) and NIST.

Read on for more

BTQ’s Preon Selected by NIST as Candidate for the PQC Standardization Process

BTQ, a quantum security solutions provider, this week announced the National Institute of Standards and Technology (NIST) has selected BTQ’s post-quantum cryptography scheme, Preon, in the first round for consideration in their Post-Quantum Cryptography (PQC) standardization process. This announcement comes amidst the fourth round of the ongoing PQC standardization process, wherein several Key Encapsulation Mechanisms (KEMs) including BIKE, Classic McEliece, and HQC are still being evaluated. Since December 2016, NIST has been engaged in a public process to select quantum-resistant public-key cryptographic algorithms for standardization, to combat the threats posed by the rapid advancement of quantum computing. Thus far, several algorithms have been standardized, including public-key encapsulation mechanism (KEM) CRYSTALS-KYBER and digital signatures CRYSTALS-Dilithium, FALCON, and SPHINCS+. With the exception of SPHINCS+, all these selected schemes are based on the computational hardness of problems involving structured lattices.

Read on for more

PokerStars Confirms MOVEit Data Breach Leaked Up to 110k Social Security Numbers

On July 20, 2023, PokerStars filed a notice of data breach with the Attorney General of Maine after discovering that an application the company used to transfer files contained a vulnerability that allowed hackers to access confidential consumer information. In this notice, TSG Interactive US Services Limited, better known as PokerStars, explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, and addresses. Upon completing its investigation, PokerStars began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

Read on for more

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Solutions Review Set to Host Infinidat for Exclusive Spotlight Webinar on August 15

With the next Solutions Spotlight event, the team at Solutions Review has partnered with leading enterprise data and cloud solution provider Infinidat. This session will demonstrate how easily enterprises can create cyber-resilient storage environments that can withstand and recover from cyber-attacks.

Read on for more.

Defense-in-Depth: Paving the Way Forward in Cybersecurity

Sam Crowther of Kasada examines how defense-in-depth can potentially pave a new path forward for cybersecurity as we know it.

Each day brings new research highlighting the rampant security issues that every online business faces, detailing how detrimental a cyber-attack is to their operations, bottom line, and reputation. Despite the multitude of security tools in the market, organizations are still facing an increasing number of attacks. The root cause is that attackers continually evolve their methods of attack to get around your defenses. If there are roadblocks in place that prevent them from making money, they will find another route. This year’s Verizon Data Breach Investigations Report found that some 60 percent of all breaches occurred through web applications. Too many organizations would treat a finding like this as a “bot problem,” or an “API issue,” instead of looking at the larger picture. Attacks have many layers – so defenses should too. Concentrating solely on one security layer could mean that the most important layer – or at least the one being used in a current attack – is left unprotected. Security is the sum of all available defenses. That’s why organizations need to question their current security stack and adopt a defense-in-depth strategy.

Read on for more.