DATA SECURITY

Tammy Moskites, a Veteran CISO, has been Appointed to AppViewX's Advisory Board

AppViewX | May 04, 2021

AppViewX, the leader in next-gen machine identity management via automation and application delivery automation, today announced the appointment of Tammy Moskites, CEO and founding father of CyAlliance®, as Executive Board Advisor. Tammy joins the AppViewX planning board to supply strategic cybersecurity guidance to customers and across go-to-market channels to drive awareness, growth, and customer success.

With over 30 years of technology experience, security acumen and leadership Tammy may be a result-driven and passionate executive who helped create the Machine Identity Management market category and enterprise requirements to raised govern keys and certificates. As a distinguished career CISO, Tammy actively guides peer CISOs and security architects worldwide to assist defend their organizations from cyber attacks, unplanned outages, and failed audits. Tammy has previously held executive security and technology leadership roles at Accenture, Venafi, Time Warner Cable, and residential Depot.

"We're delighted to possess Tammy Moskites to join AppViewX as an Executive Board Advisor," said Gregory Webb, AppViewX CEO. As cryptographic keys and certificates became the critical infrastructure for DevOps, SecOps, and NetOps, the importance of Machine Identity Management to an organization's overall security posture and digital transformation has become a top priority. As a highly experienced and influential executive, Tammy will add significant value to our team. Her experience as a successful career CISO is invaluable to us as we still accelerate growth and supply the foremost comprehensive, next-gen machine identity management solution for global enterprises."

Tammy may be a highly recognized cyber and ladies in technology social influencer. Amongst the various things she is involved in, she may be a Ventture Advisor to YL Ventures, a Distinguished Fellow with the Ponemon Institute, and volunteers her time with many technology organizations. She is an internationally recognized keynote/speaker, not only on security and governance but also on career building, women in technology, and leadership mentoring. She is currently an executive company board advisor to Blue Lava, Raxis, RiskIQ, and SecureAuth and a seed investor at Grip Security.

"I was an early voice, champion, and adopter of what's now, Machine Identity Management, which dates back nearly 10 years," said Tammy Moskites, Executive Board Advisor at AppViewX. "As a career CISO, I even have always had a passion and expressed the need to manage your keys and certificates and shared that zeal worldwide. I even have certainly been excited to observe the expansion and maturity during this cybersecurity space as an entire. I feel that AppViewX is maturing Machine Identity Management and also within the areas of IoT Key/Certificate Lifecycle Automation, PKI Management/PKIaaS, and Application Delivery Automation. I'm truly impressed by their dedication, focus, and most significantly, their passion for 'doing the proper things right' – which has allowed them to require Machine Identity and Automation to a subsequent level! I'm super excited to be an Executive Board Advisor at AppViewX and appearance forward to their partnership with CyAlliance® and welcome them to our Cy'Alliance' portfolio of partners!"

According to Gartner's Top Security and Risk Management Trends for 2021, Machine identity Management may be a top trend for 2021. "Machine identity management aims to determine and manage trust within the identity of a machine interacting with other entities, like devices, applications, cloud services, or gateways. Increased numbers of nonhuman entities are now present in organizations, which suggests managing machine identities has become an important part of the safety strategy."

About AppViewX

AppViewX is revolutionizing the way NetOps and DevSecOps teams deliver Machine Identity Management and Application Delivery Automation solutions services to Enterprise IT. The AppViewX Platform may be a modular software application that permits the automation and orchestration of network infrastructure using an intuitive, context-aware, visual workflow. It quickly and simply translates business requirements into automation workflows that improve agility, enforces compliance, eliminate errors, and reduce cost. AppViewX customers are among the world's most demanding Fortune 1000 organizations in financial services and banking, healthcare, oil and gas, manufacturing, and high tech.

Spotlight

As the DoD Information Assurance Certification and Accreditation Process (DIACAP) begins to make its curtain call from a defense compliance standpoint, a new process emerges and takes its place, the Risk Management Framework (RMF). How will this new process work? And more importantly, what does this mean for the way you do business? In most organizations, governance, risk, and compliance (GRC) are the pillars that ensure a business is capable of performing to meet its objectives. The national defense information security realm is no different. In the Department of Defense (DoD), cybersecurity governance is handled through various instructions, directives, and manuals. In the past, compliance was met through adherence to these rules, and validated using DIACAP. The RMF introduces a method to incorporate all three areas. It uses an established methodology through its special publication series, and incorporates DoD guidance within its 800-53 Revision 4 control set. These publications also provide information on Managing Information Security Risk (800-39) and a Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans (800-53 A) to ensure compliance to the DoD and National Institute of Standards and Technology (NIST) standards. DIACAP offered a control set to measure against, but fell short in its implementation and risk assessment guidance.

Spotlight

As the DoD Information Assurance Certification and Accreditation Process (DIACAP) begins to make its curtain call from a defense compliance standpoint, a new process emerges and takes its place, the Risk Management Framework (RMF). How will this new process work? And more importantly, what does this mean for the way you do business? In most organizations, governance, risk, and compliance (GRC) are the pillars that ensure a business is capable of performing to meet its objectives. The national defense information security realm is no different. In the Department of Defense (DoD), cybersecurity governance is handled through various instructions, directives, and manuals. In the past, compliance was met through adherence to these rules, and validated using DIACAP. The RMF introduces a method to incorporate all three areas. It uses an established methodology through its special publication series, and incorporates DoD guidance within its 800-53 Revision 4 control set. These publications also provide information on Managing Information Security Risk (800-39) and a Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans (800-53 A) to ensure compliance to the DoD and National Institute of Standards and Technology (NIST) standards. DIACAP offered a control set to measure against, but fell short in its implementation and risk assessment guidance.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Varonis Launches Its Flagship Data Security Platform as a SaaS

Varonis | November 01, 2022

Varonis Systems, Inc., a pioneer in data security and analytics, today announced early availability of its flagship Data Security Platform as a SOC® 2-compliant SaaS. Varonis' SaaS Data Security Platform simplifies deployment, delivering quantifiable data security outcomes with minimal manual effort and a low total cost of ownership (TCO). Varonis' new SaaS offering also unlocks faster threat model and policy updates, proactive threat detection and response, and autonomous risk reduction. This new release is a force multiplier for overburdened security teams responsible for protecting complex hybrid data environments with overwhelming levels of data exposure that threat actors are exploiting faster than ever. Varonis' SaaS Data Security Platform is available now, providing customers with: Real-time visibility. Continually discover, classify, and prioritize sensitive data risk with an accurate view of your data security posture. Autonomous risk reduction. Intelligently eliminate data exposure by enforcing Zero Trust without breaking business processes. Proactive detection. Transparently monitor data access activity and quickly respond to anomalous behavior. "Today marks a significant milestone in our history. We are announcing the early availability of the Varonis Data Security Platform as a SaaS delivery model. Our new SaaS offering is quick to deploy, easy to maintain, and provides our customers with the automated detection and protection capabilities they need to stay ahead of bad actors. Taken together, these enhancements create significant value for our customers." Yaki Faitelson, Varonis CEO About Varonis Varonis is a pioneer in data security and analytics, fighting a different battle than conventional cybersecurity companies. Varonis focuses on protecting enterprise data: sensitive files and emails; confidential customer, patient, and employee data; financial records; strategic and product plans; and other intellectual property. The Varonis Data Security Platform detects cyber threats from both internal and external actors by analyzing data, account activity, and user behavior; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation. Varonis products address additional important use cases including data protection, data governance, Zero Trust, compliance, data privacy, classification, and threat detection and response. Varonis started operations in 2005 and has customers spanning leading firms in the financial services, public, healthcare, industrial, insurance, energy and utilities, technology, consumer and retail, media and entertainment, and education sectors.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Qumulo Helps Customers Avoid the Complexity of Protecting Unstructured Data with its Comprehensive Approach to Data Security

Qumulo, Inc. | November 11, 2022

Qumulo, the radically simple way to manage petabyte-scale data anywhere, today announced the launch of the company’s new corporate security initiative “Simply Secure,” a multi-layered approach designed to protect data across multiple points of vulnerability. Qumulo’s “Simply Secure” initiative is meant to help organizations minimize the risk of business disruption and protect their data from theft or loss with a complete suite of security features that continue to harden over time, all-inclusive with their Qumulo® subscription, without additional cost for future releases. The unprecedented rise in cyber threats in recent years is creating dire consequences for businesses: multi-million dollar ransom payments, days or weeks in disruption of operations, and potential loss of valuable data sets. Not only that, cyber attacks which become public often leave behind permanent reputational damage. While most organizations understand and respect the risk of poor security posture, many are strapped for cycles, time, and expertise to build adequate defenses around their unstructured data. Qumulo is meeting its customers anywhere – edge, core, and in the cloud – with a holistic approach to security, making it simple for customers to protect their data from ransomware attacks, data theft, and data destruction. Qumulo not only helps customers ensure lighting-fast recovery but also helps proactively detect and prevent anomalies, so organizations and end users can simply secure their sensitive data. Customers are granted access to each new security feature every two weeks, which is available through non-disruptive software upgrades, increasing the value of Qumulo clusters over time. “Qumulo’s focus on radical simplicity means it's taken an approach to security that makes it as easy as possible for customers to protect their data everywhere it’s stored.” Kiran Bhageshpur, Chief Technology Officer at Qumulo Qumulo is constantly developing new and enhancing existing features to provide the most robust security possible. The most recent releases add five new layers to storage security for greater data protection, including: Multi-tenancy VLAN Isolation: Organizations can now use virtual local area networks (VLANs) to isolate administrative interfaces from their file system clients, such that the general network population cannot reach the interfaces. This adds an additional guarantee of network protection, while helping consolidate multiple use cases on a single cluster, resulting in potential cost savings. Single sign-on & Access Tokens: Cluster administrators can now eliminate the need for sensitive user passwords when logging into the Qumulo administrator UI or API since user credentials are prime targets for theft by cyber attackers. NFSv4.1 Kerberos Authentication & Encryption: All data is encrypted before transmitting across networks, preventing any bad actor that intercepts the data from understanding it in plain text. Federal Information Processing Standards (FIPS) 140-2 certification of Qumulo encryption: Now, customers with FIPS requirements can maintain compliance and independently verify that Qumulo’s data-at-rest encryption meets the standards set by the National Institute of Standards and Technology (NIST). Customers who don’t require FIPS certification can rest assured their data is protected by the highest standards. OpenMetrics API provides telemetry data to 3rd party monitoring and alerting systems, so organizations can proactively detect and quickly respond to anomalies at risk of disrupting operations such as an attack-in-progress. “Trust is mission critical when it comes to security,” said Kathy Ahuja, VP of Information Security at Qumulo. “That’s why we’ve built a security posture with FIPS 140-2 accreditation and enhanced encryption that provides the greatest level of protection for our cryptographic modules. Our customers know they can trust Qumulo with their data. And as cybercriminals continue to advance their own breach strategies, we’re well prepared to continue to improve our security measures to match and defeat the complexities of these attacks.” About Qumulo, Inc. Qumulo is the radically simple way to manage petabyte-scale data anywhere – edge, core or cloud – on the platform of your choice. In a world with trillions of files and objects comprising 100+ Zettabytes worldwide, companies need a solution that combines the ability to run anywhere with simplicity. This is precisely what Qumulo was founded to accomplish.

Read More

ENTERPRISE IDENTITY,PLATFORM SECURITY,IDENTITY MANAGEMENT

Simeio and SailPoint Partner to Provide Enterprise Identity Security

Simeio | December 27, 2022

A business needs to manage and protect the digital identities of its employees, contractors, partners, and customers. Enabling the right individuals to access the right resources at the right times for the right reasons with secure access control is needed for organizations to keep their vital information safe and secure at all times. In this regard, Simeio provides identity and access management (IAM) solutions. Using intelligent solutions, enhanced cybersecurity measures are enforced on systems with cloud identity security services. Simeio, a leader in the cybersecurity industry when it comes to identity and access management (IAM) services, has announced a partnership with SailPoint, a leader in enterprise identity security. The goal of the partnership is to improve the security and protection of the companies' identities by using enterprise identity governance controls and best-in-class technologies. The partnership will also allow clients to simplify, automate, and enable their identity governance and administration (IGA) programs, providing continuous threat protection and improving the maturity of identity processes across enterprises. Simeio plans to bring over 50 SailPoint-certified identity experts to the partnership. The clients of both companies will benefit from the identity convergence capabilities of the Simeio IO platform, which brings together IGA, access management, and privilege identity functions to deliver cross-domain identity analytics. Through this partnership, organizations will also be able to update their identity security services in the cloud. "The global identity and access management (IAM) market is expected to grow from USD 14.82 billion in 2020 to USD 31.74 billion by 2025, at a CAGR of 16.7% during the forecast period, as per Marketsandmarkets." Companies are getting more and more identity security and access management solutions because cyber threats and data breaches are getting worse. Artificial intelligence, machine learning, IoT compatibility, decentralized identity systems, and the use of innovative biometric authentication mechanisms are all part of the future of identity security. About Simeio Simeio is a global managed services provider that offers identity and access management solutions as a service. Simeio's 700+ employees secure 160 million identities for businesses and governments. Simeio offers Customer Identity & Access Management, Privileged Access Management, Identity Proofing, Access Management & Federation, Identity Governance & Administration, and Application Onboarding. Gartner, Forrester, KuppingerCole, and Great Places to Work® have recognized the company's business and technical leadership. About SailPoint SailPoint is the market leader in enterprise identity security. SailPoint automates the management and control of access by leveraging the power of AI and machine learning, granting only the required access to the right identities and technology resources at the right time. Our advanced identity platform integrates seamlessly with existing systems and workflows, providing a unified view of all identities and their access. We meet customers where they are with an intelligent identity solution that satisfies the enterprise's scale, velocity, and environment requirements. SailPoint empowers the world's most complex businesses to establish a security foundation based on identity security.

Read More