RSA Archer, a leader in the governance, risk, and compliance space has been acquired by Symphony Technology Group, based in Palo Alto, California. Symphony, a private equity firm, has investments in a cross section of companies in the analytics space, HR and recruitment, and supply chain among many others.
Jeff Clarke, COO, Dell, announced on February 18, 2020 that in a move to “further simplify our business and product portfolio” it was selling its RSA arm including the RSA Conference, RSA Archer, RSA NetWitness Platform, RSA SecureID, RSA Fraud, and Risk Intelligence.
Source: SoftwareReviews Governance, Risk and Compliance, Accessed March 23, 2020
In an announcement by Rohit Ghai, President, RSA, on February 18, 2020, the move provides the following opportunities:
Source: Our Next Episode, RSA blog Feb. 2020
RSA Archer, a long-held leader in large and mid-sized GRC rollouts, has lost traction in recent years with increased competition in the GRC tool space and as a result of the competitiveness of the cloud SaaS (Software as a Solution) model. As of February 12, 2020, RSA Archer announced the availability of its SaaS suite in the cloud. No announcement has been made yet, however, existing RSA Archer clients are expected to have the option to migrate to the SaaS platform or remain on premises, providing options to review existing services and modules needed.
In moving to a more independent position within a private equity portfolio, it is clear that RSA is looking to take control over its role in the market and chart its future. It is not yet clear whether significant changes to its product are in store, however, this move to the SaaS model offers the traditional benefits of a quicker time to value, scalability of the cloud, faster access to latest feature set, and operating resilience.
The Department of Justice is looking to acquire a GRC tool for the Office of the CIO within the FBI’s Enterprise Information Security Section.
The International Association of Privacy Professionals (IAPP) has released its 2020 Privacy Tech Vendor report, reviewing key software solution vendors within the space. This year’s report highlighted the recent addition of Data Subject Request (DSR) to the feature categories.
In early March, Titus released Titus Illuminate 2020, which was the company’s answer to the question of analyzing data at rest. This latest version of Illuminate leverages machine learning and AI in an effort to manage data that contains potentially sensitive or high-risk personal information.
PHEMI is a data privacy solution focused on keeping data-processing activities secure by redacting information based on the role of the accessor. Thus, allowing such data to be used for multiple use cases without compromising privacy.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.
“Connected reporting capabilities, control testing, real-time collaboration, cloud-based access, stringent security measure and permissions controls” are considered the leading factors behind CFGI offering Workiva to its clients.
We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.
Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.
The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.