Identity Management and Information Security News for the Week of September 8; Logpoint, Jumio, Cowbell, and More
The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of September 8. This curated list features identity management and information security vendors such as Logpoint, Jumio, Cowbell, and more.
Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.
Identity Management and Information Security News for the Week of September 8
Logpoint Appoints Michael Haldbo as Chief Financial Officer
This week, Logpoint announced the appointment of Michael Haldbo as Chief Financial Officer (CFO). Michael Haldbo has 20 years of International and Nordic experience in financial planning, analysis, and strategy execution. He served as CFO at Signicat, Europe’s leading provider of digital identity solutions. Michael has also held financial executive roles at other companies in the IT and payment-related sector, including Nets and Unwire.
BullWall Launches BullWall Server Intrusion Protection; Introducing MFA to Server Access
BullWall, the global provider in ransomware protection for critical infrastructure, this week introduced BullWall Server Intrusion Protection to protect servers from unauthorized access resulting from the use of compromised credentials during Remote Desktop Protocol (RDP) sessions. By placing BullWall’s multi-factor authentication (MFA) between the server and any unauthorized users, organizations are protected from bad actors who may have gained entry to the network, preventing the deployment of ransomware. BullWall Server Intrusion Protection works together with BullWall Ransomware Containment (formerly BullWall RansomCare) to prevent and contain ransomware, protecting the organization’s most important, targeted digital assets against cyberattacks.
IBM Expands Cloud Security and Compliance Center to Help Clients Protect Data
This week, IBM announced the expansion of the IBM Cloud Security and Compliance Center, a suite of cloud security and compliance solutions designed to help enterprises mitigate risk and protect data across their hybrid, multicloud environments and workloads. With the new addition of IBM Cloud Security and Compliance Center Data Security Broker, developed in collaboration with Baffle, Inc., the capabilities of the solution suite extend beyond compliance posture management and workload protection capabilities to include application-level security.
Jumio Expands Presence in U.S. Gaming and Sports Betting
Jumio, an identity security solutions provider, announced this week its support of the American Gaming Association’s Responsible Gaming Education Month and its ongoing commitment to helping gaming operators and players follow safer gambling practices. Jumio is doubling down on its online gaming focus and commitment to promoting responsible gambling by obtaining licenses in multiple U.S. states where online betting is legal. To date, Jumio is licensed or otherwise permitted to provide its services to online gaming and sports betting operators in at least 15 states. By using Jumio’s automated solutions, gaming operators can verify their customers are not underage by checking their age from the date of birth on their identity document, and that they are not using an adult’s ID to create an account. Operators can also verify the person logging in is the same person who opened the account. This helps to prevent children from logging in to a parent or guardian’s account.
Xage Security Sees 420 Percent Revenue Growth; Announces Geoffrey Mattson as New CEO
Xage Security, a zero-trust cybersecurity solutions provider, reported that demand for its zero trust cybersecurity mesh platform across critical infrastructure industries has driven year-over-year revenue growth of 420 percent in the first half of 2023 and a 560 percent growth in bookings over the same period. To guide its next phase of growth, Xage has named entrepreneur and cybersecurity executive Geoffrey Mattson as CEO, who brings decades of experience as a leader in R&D, product development, and go-to-market (GTM). Mattson’s predecessor, Duncan Greatwood, has assumed the role of Executive Chair of the Xage board. Greatwood will support Mattson in his leadership of Xage and contribute to the company’s vision and strategic direction as Xage accelerates its product and GTM investments.
Tenable Announces Agreement to Acquire CNAPP Vendor Ermetic
Tenable, an exposure management platform, announced that it has signed a definitive agreement to acquire Ermetic Ltd. (“Ermetic”), a cloud-native application protection platform (CNAPP) company. Tenable intends to integrate these capabilities into its Tenable One Exposure Management platform to deliver contextual risk visibility, prioritization and remediation across infrastructure and identities, both on-premise and in the cloud. Combining Ermetic’s insights into Tenable One will extend Tenable’s offerings for hybrid environments.
Cowbell Expands Partnership with Cloudflare
Cowbell, a leading provider of cyber insurance for small and medium-sized enterprises (SMEs), this week announced a new integration with Cloudflare, a cybersecurity solutions provider. With this integration, Cowbell has added security insights from Cloudflare to its risk rating model for cyber insurance. Cowbell is the first cyber insurance provider to incorporate Cloudflare security data into its cyber risk modeling, bringing “unprecedented benefits” to policyholders using Cloudflare.
Expert Insights Section
Watch this space each week as Solutions Review editors will use it to share new Contributed Content Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry thought leaders together to publish the web’s leading insights for enterprise technology practitioners.
Bystander Engagement Means Everyone is Responsible
“As we head into National Insider Threat Awareness Month, we’re reminded of the significance of this year’s theme of Bystander Engagement. The rapid adoption of cloud native technologies increases risk and need for engagement by CISO and security teams. There are now far more machines from datacenter to clouds that can be misused. Edward Snowden’s NSA breach shows how one individual in complex environments can exploit machine identities to go undetected and deal significant damage to an organization. Attacks like those against Capital One in the cloud demonstrate the risk that insider attacks are now most likely to happen in the cloud. Bystander Engagement means the developers and platform teams are part of the solution as CISO and Security teams make sure that observability and guardrails keep business safe.” – Kevin Bocek, VP, Ecosystem and Community at Venafi
Scaling Up the Response to Insider Threats
“Stolen identities continue to cause massive security breaches – and insider threats are a major part of the story. Without strong identity governance and a least-privileged access model, malicious insiders can move laterally across an organization’s systems to exploit valuable data. Such threats are a particularly pernicious type of unauthorized access; this overall method resulted in 91 percent of all records breached in the U.S. in 2022. In light of National Insider Threat Awareness Month, organizations must work to embrace faster and more scalable security methods, such as using decisioning AI, which can automate cumbersome workforce identity governance tasks to evaluate users quickly and the resources they can access. Such an approach can accelerate an organization’s Zero Trust maturity by enabling finer-grained, more dynamic, and contextually sensitive access decisions. In this way, security teams can better manage the looming security of insider threats – not just this month, but year-round.” – Eve Maler, CTO at ForgeRock
Security is a Team Sport
“Insider threat is a major concern for CISOs and top executives, but acknowledging that concern internally is challenging because it can feel like you’re saying you don’t fully trust your colleagues, which can be isolating and cause internal strife. CISOs should be a partner in security, not the “security police.” There’s always going to be potential for some people to purposefully be bad actors, but CISOs can instill preventative measures against insider threat in ways that still show respect to their coworkers and don’t assume malicious intent. I’m not often worried about what my coworker is doing, but I am worried about what their account is doing. While it might be my coworker (and yes, we do a lot to make sure that it is, like using two-factor authentication and keeping malware off devices), it might instead be a sneaky hacker who somehow managed to get onto their laptop and is misusing their access. So when we construct our security with that understanding and talk about it in that way, we are genuinely working with our coworkers to protect our customers and our systems. Another thing I worry about is someone pressuring my coworker. I’ve had coworkers at previous jobs pressured to turn over the personal information of dissidents to the precise governments who are unhappy about them. When those coworkers can truthfully say that this information is protected, it protects them. Even in cases where my coworkers might be tempted to make bad choices, I’m there to try to keep them from taking actions which, yes, could hurt our customers, but also actions which they might regret. It’s really, really important to explain why we’re doing what we’re doing both clearly and with respect– security is a team sport. Considering the motivations behind the potential attacks lets us more effectively ameliorate inside threat without alienating the people we work with.” – Lea Kissner, CISO at Lacework
- 12 Common Cloud Security Mistakes Made by Enterprises - September 15, 2023
- Identity Management and Information Security News for the Week of September 8; Logpoint, Jumio, Cowbell, and More - September 8, 2023
- Identity Management and Information Security News for the Week of August 25; Thoma Bravo, Rambus, Deep Instinct, and More - August 25, 2023