Tag: information security
The data currency time bomb
Corporations are not only amassing huge amounts of personal data on their customers as never before but also trading that data, frequently without the customer’s knowledge. As yet, the general public is largely unaware of the uses to which their personal information is being put or whose hands it ends up in. At the same time, companies holding the data must tread an increasingly complex regulatory minefield. According to Chris Diebler, Security VP at cybersecurity company DataGrail: “Companies are all terrified of not having enough data as data is the new currency. However, companies need to think seriously about reducing these vast mountains of data. The value of data must be balanced against the cost and security risk of maintaining it." Companies that fail to secure personal data effectively or trade customer data with third parties face considerable potential brand damage when the details are obtained by bad actors and they suffer identity theft or financial fraud as a consequence.
ID security acquisition to spark M&A growth
Identity security company CyberArk has announced that it is acquiring machine identity management specialist Venafi for US $1.54 billion from software-focused investor Thoma Bravo, which already manages US$138 billion in assets. The acquisition is being seen by some market sources as the start of more highly-focused acquisition-driven growth in the increasingly sharply defined and specialized cybersecurity sector. The logic behind the Venafi acquisition is clear. According to CyberArk, the number of machines is rapidly outpacing the growth of their human counterparts, with more than 40 machine identities for every human identity. By adding Venafi’s machine identity management to its dominant identity security position, CyberArk expects to expand its total addressable market by almost US$10 billion to around US$60 billion.
Organizations’ staff are their biggest security risk
Careless employees are the main root cause of data loss in organizations. According to the cybersecurity and compliance company Proofpoint, almost three-quarters (74 percent) of CISOs believe human error is their biggest cyber vulnerability. This is up from 60 percent in 2023 and 56 percent in 2022. Even more (80 percent) believe human risk and employee negligence will be the key cybersecurity concerns for the next two years. “Our research shows that CISOs generally believe their people are aware of their critical role in defending the business from cyber threats. That CISOs still see their people as the primary risk factor suggests a disconnect between employees’ understanding of cyber threats and their ability to keep them at bay,” says Proofpoint.