To address the challenge of global data security incidents, TerraMaster, a professional brand focusing on providing innovative storage products for families and businesses, officially launched its BBS integrated backup solution, offering comprehensive data backup solutions for small and medium-sized enterprises.

This integrated backup solution combines a professional storage management system, a suite of backup software tools including Centralized Backup, TerraSync, Duple Backup, CloudSync, and Snapshot, and a hardware platform, achieving deep integration without the need for additional software costs. Backup tasks and storage capacity are unlimited. Whether the data is from employee PCs, physical servers, or virtual machines, the TerraMaster Backup Server offers a one-stop enterprise data backup service.

BBS Key Features

Flexible Combination and Full-Scenario Deployment
TerraMaster integrated backup solution allows for free combination based on different application scenarios and company sizes, enabling the implementation of various backup strategies. Additionally, its deployment is simple and efficient, featuring a graphical user interface that requires no learning curve, significantly reducing the management and maintenance costs for enterprises. Moreover, the solution boasts robust security features, capable of handling backup needs for millions of files and offering various security strategies.

For companies of different sizes, TerraMaster provides tailored solutions. Companies with fewer than 50 employees can use Centralized Backup or TerraSync to back up PCs to TNAS, with Duple Backup replicating the data to local or remote TNAS. Companies with 50-100 employees can synchronize branch office data to the central server at headquarters using TerraSync and continuously back up the data to remote TNAS servers and the cloud using Duple Backup. Large enterprises with 100-200 employees can use Centralized Backup to back up PCs, servers, and virtual machines tothe TNAS central server, with backups to a remote TNAS server as well.

The upcoming release of the next-generation TOS 6 system, integrated with the BBS full-scenario backup solution, delivering an unprecedented upgrade experience. This operating system features a brand-new user interaction model, offering a complete transformation from the inside out! Moreover, TOS 6 enhances security protection mechanisms by introducing the SPC function, ensuring that users’ data is stored more securely and reliably. Notably, TOS 6 is fully compatible with the Ubuntu root file system, making it a more familiar and easier-to-maintain operating system for a broad range of users.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post TerraMaster Launches BBS Integrated Backup Solution first appeared on AI-Tech Park.

Sumo Logic, a leading SaaS Log Analytics Platform, today announced that it has signed a Strategic Collaboration Agreement (SCA) with Amazon Web Services (AWS). The SCA will focus on continued innovation to accelerate cybersecurity, application observability and automation fueled by artificial intelligence (AI) through Sumo Logic’s partner-first go-to-market motion. Specifically, service enhancements such as Sumo Logic’s SaaS Log Analytics Platform with Amazon Bedrock and Amazon Security Lake will drive industry-leading innovation in cloud security and observability, providing powerful visibility and transparency across all AWS environments.

“Since our founding, Sumo Logic made a strategic bet to go all in with AWS. We’re built on AWS and have been a design partner in a multitude of solutions and go-to-market initiatives over the years to unify cloud insights and ignite action through the power of log analytics,” said Timm Hoyt, SVP of Worldwide Partners and Alliances. “We are delighted about this SCA as we head into a second decade of bringing together the best technologies to help customers build and secure their business across AWS and in the cloud.”

Sumo Logic unifies and analyzes enterprise data, translating it into actionable insights through one AI-powered cloud-native log analytics platform. This single source of truth enables Dev, Sec and Ops teams to simplify complexity, collaborate efficiently and accelerate data-driven decisions that drive business value. Customers around the world rely on the Sumo Logic SaaS Log Analytics Platform to ensure application reliability, security, and protection against modern security threats, as well as gain insights into their cloud infrastructures.

“The SCA with Sumo Logic strengthens our shared vision and commitment to giving our joint customers real-time visibility across their AWS workloads with AI-powered log analytics that break down the silos across security, developers and IT operations,” said Alan Braun, Managing Director, Technology Partnerships and AWS Marketplace at AWS. “We are pleased to collaborate with Sumo Logic to help make the digital world faster, reliable and more secure by unifying insights to ignite action.”

“This strategic collaboration underscores Sumo Logic’s Partner First approach and investment in advancements that give clients the ability to harness the full potential of AI-driven analytics in cloud security and application observability,” said Quentin Rhoads-Herrera, Managing Director of Cybersecurity Managed Services & Platforms for Stratascale. “This collaboration amplifies Stratascale’s ability to deliver unparalleled insights and automation, ensuring that our clients can confidently navigate the complexities of modern IT landscapes. By integrating Sumo Logic’s advanced log analytics with AWS’s robust infrastructure, we are poised to provide next-generation solutions that not only enhance operational efficiency but fortify cybersecurity postures, driving transformative business outcomes.”

“We have been a long-time partner of Sumo Logic, working together to deliver world-class Cloud SIEM technology to help our customers speed up incident investigations by automatically triaging alerts and correlating threats through log analytics,” said Craig Stamm, CEO of Zyston. “It’s fantastic to see Sumo Logic continue to deepen its strategic collaboration with AWS as it helps strengthen the collective ecosystem of partnerships we have with leading cybersecurity organizations that enable Zyston to engage with their clients to build, manage and mature their cybersecurity programs.”

Sumo Logic and AWS power joint customers

As a leading electronic data interchange (EDI) provider that helps power retail supply chains worldwide, SPS Commerce has an expansive infrastructure to serve more than 120,000 customers. It consists of on-premises systems, cloud footprints in AWS and a wide range of custom applications and toolsets. From switches and routers to AWS logs, all the telemetry comes together in Sumo Logic to triage alerts and correlate threats across the company’s infrastructure.

“As the world’s leading retail supply chain network, it’s really important that we consistently deliver highly available, high-performance services to our customers. Delivering industry-leading innovative services demands that our technology teams deploy frequently and also react quickly and confidently to performance or security anomalies,” said Andy Domeier, Senior Director of Technology for SPS Commerce. “We couldn’t do this without the collaboration between Sumo Logic, AWS and our teams here at SPS Commerce. They are critical in helping us investigate really complex problems, leveraging log analytics as a common language across our AWS cloud footprint to help improve collaboration, enabling us to deliver on our promises to our customers.”

This collaboration underscores the value of Sumo Logic and AWS in providing flexibility and unlocking greater business value for customers across industries. For more information, please visit https://www.sumologic.com/resources/amazon-web-services/.

Sumo Logic Secures New AWS Competencies

Additionally, Sumo Logic announced today that it has achieved the AWS Cloud Operations Competency in the Retail, Education and Government categories as an AWS Partner who has demonstrated AWS technical expertise and proven customer success, delivering real-time log analytics across these verticals. Sumo Logic now has nine AWS Competencies, including AWS Retail ISV, AWS Government Competency, AWS Education ISV Competency, AWS Cloud Operations Software Competency, AWS Data & Analytics ISV Competency, AWS DevOps ISV Competency, AWS Built-in Competency, AWS Small and Medium Business Software Competency, AWS Containers ISV Competency and AWS Security ISV Competency. Sumo Logic is also an AWS Lambda Partner, Amazon Linux Ready Partner and AWS Graviton Partner.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Sumo Logic, AWS to Bring AI-driven Log Analytics to Dev, Sec & Ops Teams first appeared on AI-Tech Park.

“K Street Capital is excited to have invested in PrivacyHawk’s recent funding round,” said fund Managing Director and Founder Paige Soya. “We love that this is a mission driven product solving a huge problem. And this is the right team to be the ones to lead this explosive new category.”

PrivacyHawk grew 1100% in 2023 and is on track for similar rapid growth in 2024, making it one of the fastest growing consumer tech companies in the world. Its personal data protection service has grown exponentially in popularity due to its ability to mitigate a serious problem that everyone faces: personal data exposures, data brokers, and data leaks leading to an unprecedented amount of spam, scams, identity theft, and fraud.

The innovative solution offered by PrivacyHawk works by addressing the root of the problem: consumers’ personal data being exposed in thousands of databases, sold by data brokers, and exposed to scammers from data breaches. The company’s easy-to-use privacy app reduces your digital footprint by scanning to identify where your personal data is exposed, automatically removing personal data exposures, and providing the ability to delete your data from thousands of corporate and data broker databases significantly lowering your risk of being in a data breach by 90% or more. These data breaches, such as the recent National Public Data leak that exposed nearly every U.S. consumer’s social security number and other personal information, and the AT&T breach that affected nearly all of its wireless customers, can have devastating consequences.

“We’re on a mission to help everyone reduce their digital footprint, personal data exposure, and protect their privacy using cutting edge automation, AI, and comprehensive personal data protection algorithms,” said Justin Wright, CTO and Co-Founder of PrivacyHawk. “There is a lot of talk about the need for personal data protection, but there were no solutions that were really solving the problem. That is why we started PrivacyHawk.”

“We’re excited to announce the extraordinary milestones we have reached in the size of our user base and the addition of new investors that believe in us and our mission,” said CEO and Co-Founder, Aaron Mendes. “This growth is a testament to the depth and breadth of the problem we are solving. Everyone knows that privacy and personal data are an integral part of who we are and must be protected. We’re proud to be building the first all-in-one solution to help protect everyone’s personal data from falling into the wrong hands.”

PrivacyHawk plans to use the funds to invest in improving its flagship product and to continue to grow awareness among the masses, all of whom need personal data protection to reduce their risk of spams, scams, and identity theft.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post PrivacyHawk Blows Past 1 Million Users, Announces New Funding Round first appeared on AI-Tech Park.

Swimlane, automation for the entire security organization, today announced an exclusive global partnership with Macnica to enable greater scale and adoption of Swimlane Turbine across the Asia-Pacific Japan (APJ) and Middle East, Turkey and Africa (META) regions. Through the partnership, Macnica will gain access to Turbine, creating an advanced automation practice across their global network of distributors and resellers to bring the power of AI-enhanced security automation to the regions.

The partnership enables robust automation across Macnica’s most popular use cases including insider threat, Zero Trust, cloud security, operational technology (OT) security, web security, and XDR. Turbine will enable the Macnica customer base to take automation beyond vendor-locked XDR, limited SIEM and SOAR offerings and overly simplified no-code automation tools.

Easing APJ and META security burden and workforce gap

According to the 2023 ISC2 Cybersecurity Workforce Study, the workforce gap grew by 12.6% in 2023, with APJ and META experiencing the steepest regional rise at 12%. The report also found that 71% of cybersecurity professionals in the region think the current threat landscape is the most challenging it has been in the past five years, with 62% of respondents noting that budget cuts and layoffs have inhibited their response to threats. This highlights that security operations teams are overburdened by manual, repetitive and time-consuming tasks required to track, mitigate and respond to security events.

By partnering with Swimlane, Macnica will equip partners with the triple threat of automation, generative artificial intelligence, and low-code. This will open up new automated solutions for customers to help end users overcome the challenges of alert proliferation, product sprawl, widening talent gap and connecting disparate teams or tools.

“The cybersecurity landscape in APJ is reaching a tipping point, with alert fatigue crippling SOC teams and the talent shortage leaving them stretched thin,” said Yusuke Kobayashi, Macnica, Inc. Networks Company President. “This is why Macnica is thrilled to join forces with Swimlane to bring Turbine’s best-in-class low-code automation and AI capabilities to a wider regional audience. Equipping our partners with these solutions will empower them to deliver significant value to their customers, helping them automate workflows, streamline operations and maximize the effectiveness of their security teams.”

“This partnership with Macnica is a game-changer for the APJ and META regions as it extends access to world-class automation that previously wasn’t attainable,” said James Brear, CEO of Swimlane. “Macnica is a recognized leader when it comes to distributing industry-leading technology, and now as a Swimlane partner, they are empowering their vast network to deliver the full force of Turbine’s AI-enhanced and low-code capabilities.”

Redefining security operations with scale and speed

Through this partnership, Macnica partners will unlock a wealth of benefits including:

• Simplified integrations: While diverse integrations in SOCs can unlock significant value, managing them can be a time-consuming burden. For Macnica customers who implement Turbine, Swimlane shoulders the responsibility for a vast majority of integrations, including building new integrations, maintaining current integrations, and updating old integrations when API changes occur.
• Extensive customization: Macnica serves a vast and diverse customer base with varying security postures, compliance requirements and organizational structures. To effectively automate security across this spectrum, customers need a solution that offers customization capabilities. Unlike many SOAR platforms, Turbine empowers Macnica partners to deliver tailored security automation solutions to a variety of popular use cases.
• Analyst accuracy and efficiency: Security analysts constantly face the pressure of speed and repetitive tasks, increasing the risk of human mistakes. Turbine tackles this challenge by automating routine workflow to ensure data is handled according to an organization’s security policies. Turbine’s Hero AI empowers analysts through a collection of AI-enhanced innovations, powered by Swimlane’s own large language model (LLM), boosting efficiency and accuracy for a more effective security posture.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Swimlane and Macnica to Conquer Security Alert Fatigue in APJ and META first appeared on AI-Tech Park.

Normalyze, the pioneer of Data Security Posture Management (DSPM) solutions, today released new research by Omdia, commissioned by Normalyze, which sheds light on the growing importance of DSPM as a foundation for modern data strategies. This comprehensive analysis, based on a survey of 209 U.S.-based security decision-makers, underscores the significant gaps in data protection that DSPM is uniquely positioned to address, market requirements, and anticipated roadblocks.

According to the report, 89% of organizations expect a significant or moderate increase in data security budgets over the next 12 months, driven by the escalating threat landscape and stringent regulatory requirements like GDPR and HIPAA. Despite these investments, many organizations still struggle with the complexities of managing vast, unstructured data environments and ensuring compliance.

To underscore that point, respondents shared that their organizations’ top data security priorities over the next 12–24 months include reducing the opportunity for threats to infiltrate data stores (59%), improving data security posture (53%), and demonstrating ROI through improved reporting and business communication (42%).

The report delves into whether respondents have already adopted DSPM, plan to adopt it, or the reasons for not doing so.

• DSPM adoption is on the rise, particularly among larger organizations, with 72% of companies with 10,000+ employees confident in DSPM’s capabilities.
• 67% of organizations expressed confidence in DSPM’s ability to provide suitable data protection.
• 76% of respondents who have already deployed a DSPM solution agree that DSPM provides visibility and security in data-heavy environments, essential for preventing data breaches and ensuring regulatory compliance.

With data breaches costing companies an average of $4.45 million per incident, according to IBM, the need for comprehensive data security measures has never been more pressing. The Omdia report reveals that many organizations still face challenges such as inadequate classification and labeling of data, leading to increased risks of unauthorized access and regulatory non-compliance.

“Organizations must prioritize data classification and governance to stay ahead of evolving threats and regulatory demands,” said Adam Strange, Principal Analyst at Omdia. “This research makes it clear that organizations are still struggling with data security and DSPM appears to be the next stop on many roadmaps.”

Respondents shared that the most common challenges in DSPM implementation include making new hires or lacking internal resources (61%), vendor/tool selection (51%), and obtaining executive buy-in (38%).

The economic implications of failing to secure data from the outset are staggering. “DSPM is a strategic enabler for a wide range of use cases, including AI initiatives, data migration projects, and data hygiene efforts. Data context and security must be the first step in these endeavors – without it, these projects are destined to fail,” said Amer Deeba, CEO and co-founder of Normalyze. “The economic value becomes clear when considering how many of these projects fail due to a lack of classified data, which stems from insufficient understanding and alignment among leadership to secure the necessary budget and resources from the outset.”

To learn more about the research, please join our webinar on Wednesday, August 28th at 9:00am Pacific. Register here.

To access these critical insights and prepare your organization for the future of data security, download the full Omdia report here.

Methodology
This report was drawn together using a commissioned study by Normalyze, surveying 209 US-based data security decision makers. Respondents were from organizations of at least 1,000 employees, across a variety of industries including retail, banking and financial services, technology services, healthcare, and SaaS. Respondents had to hold manager-level roles or more senior, with decision-making ability for their organization’s data security strategy/program, in order to qualify for the study. This study was conducted in April 2024.

This report also draws on the 2023 Omdia decision maker survey which analyzes responses from over 600 globally distributed IT decision makers and is repeated on an annual basis. Also a background source were several of the Omdia ‘On the Radar’ or ‘OTR’ reports into specific vendors and their respective DSPM propositions. These are all available from www.omdia.com.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post From Reactive To Proactive: DSPM’s Transformative Role in Data Security first appeared on AI-Tech Park.

Achieving Governance at Scale with Borneo and Confluent Kafka

Borneo is designed to help organizations achieve continuous compliance and data protection through accurate and actionable real-time data discovery of even data-in-motion. When integrated with Confluent Kafka, Borneo automates the process of scanning Kafka data streams for sensitive information and feeding the identified infotypes into the Confluent Kafka Stream Catalog. This integration provides a seamless way to ensure data governance at scale in real-time. In addition, only Borneo can then also offer an additional layer of protection automatically by encrypting sensitive from end-to-end. By being able to automate these actions Borneo:

• Ensures that organizations are more strictly following industry regulations and best practices regarding data protection to better achieve compliance
• Protects against access to sensitive data by Confluent employees, including SRE and Engineering
• Prevents exposing sensitive data through third-party tools we use, such as Amazon S3 and others

Key Benefits of Borneo-Confluent Kafka Integration

1. Real-Time Data Observability: Enables continuous monitoring and tagging of sensitive data across Kafka streams.
2. Automated Data Management: Reduces the need for manual tagging, minimizing errors and saving time.
3. Enhanced Compliance: Ensures adherence to data privacy regulations with automated detection and tagging of sensitive data for standards such as HIPAA, PCI, GDPR, CCPA, DPDP, RBI, etc.
4. Client -Side Field Level Encryption (CSFLE): Automatically safeguards sensitive data end-to-end throughout its entire lifecycle.
5. Seamless Integration: Automatically integrates sensitive data findings into the Confluent Stream Catalog, enhancing data governance workflows.

“Processing of dynamic data by organizations is critical to their business and we are thrilled to offer the industry’s first data security and privacy solution for the Kafka stream library offered by Confluent”, said Prithvi Rai, CEO of Borneo Data, Inc. “Getting real-time observability into sensitive data when using stream libraries has been a challenge for organizations up until now. By working with Kafka Stream Catalog integrated with Borneo’s Data Risk Remediation platform, we are the first solution to solve this challenge and even provide automated response in the form of automated end-to-end encryption of sensitive data to accelerate our customers efforts in ensuring data governance and meeting compliance objectives.”

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Borneo’s integration with Confluent Kafka Stream Catalog available first appeared on AI-Tech Park.

Carahsoft Technology Corp., The Trusted Government IT Solutions Provider^® and Wiz, the leading cloud security platform that provides users with full visibility into their critical cloud risks, today announced that Carahsoft has added Wiz’s Cloud-Native Application Protection Platform (CNAPP) to its GSA (General Services Administration) Schedule, making Wiz’s solutions available to the Public Sector through Carahsoft and its reseller partners. Federal, State and Local Government agencies are now able to more easily leverage Wiz’s Federal Risk and Authorization Management Program (FedRAMP^®) Moderate solutions to secure their cloud environment.

“The addition of Wiz’s FedRAMP Moderate CNAPP to Carahsoft’s GSA Schedule marks a significant milestone in our commitment to enhancing cloud security for Government agencies,” said Dean Scontras, VP of Public Sector, Wiz. “This strengthens our ability to offer Federal, State, and Local Governments comprehensive visibility and protection against evolving cloud risks while meeting their strict security regulations.”

Wiz’s CNAPP provides an integrated view of risk with comprehensive visibility and actionable insights for users. It includes Vulnerability Management, Cloud Security Posture Management (CSPM), Kubernetes Security Posture Management (KSPM), Cloud Infrastructure Entitlements Management (CIEM), Cloud Detection & Response (CDR), and Cloud Workload Protection Platform (CWPP), which enables proactive risk mitigation across entire cloud environments. For Public Sector agencies securing Government assets, Wiz conducts thorough risk assessments and identifies potential attack paths, presenting a prioritized view through a graph-based visual interface. With Wiz’s continuous assessment and rapid gap remediation, Public Sector customers can uphold secure, compliant cloud environments.

“The CNAPP addresses the complex cloud security challenges that agencies face daily,” said Brian O’Donnell, Vice President of Cybersecurity Solutions at Carahsoft. “Wiz’s addition to Carahsoft’s GSA Schedule, now supported by its FedRAMP Moderate designation, offers the Government streamlined access to essential tools for securely managing cloud infrastructures. This enhancement not only boosts operational efficiency but also enables our reseller partners to effectively support agencies in prioritizing and mitigating risks with ease.”

Having recently achieved the FedRAMP Moderate designation, Wiz demonstrates its dedication to enhance operational efficiency and security for government agencies. FedRAMP ensures standardized cloud security, streamlining adoption by Federal agencies, while Wiz’s compliance with NIST Special Publication 800-53 underscores its ability to meet stringent security standards.

Wiz’s platform is available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, and additional Federal, State and Local, and Education contracts. For more information, contact the Wiz team at Carahsoft at (888) 662-2724 or Wiz@carahsoft.com.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Wiz’s FedRAMP® Moderate Cloud-Native Application Protection Platform first appeared on AI-Tech Park.

Experian^® today released its 2024 U.S. Identity and Fraud Report revealing that generative AI (Gen AI), deepfakes and cybercrime are critical threats putting intensifying pressures on businesses. The 9th annual Experian Identity and Fraud Report provides valuable insights into emerging fraud trends such as these, as well as shifting consumer expectations.

Top fraud concerns and expectations from consumers

According to the FTC, consumers reported losing more than $10 billion to fraud in 2023 alone, representing a 14% increase over the previous year and the highest dollar amount ever reported. Experian’s research shows over half of consumers say they’re somewhat or very concerned about conducting activities online with identity theft (84%) and stolen credit card information (80%) as their top online security concerns, an over 20% jump from the previous year. Additionally, online privacy (67%), phishing emails or phone scams (65%), and false information or fake news and ads (49%) round out the top five online security concerns for U.S. consumers.

While consumers want the convenience and accessibility of digital transactions, they don’t want to compromise on security. As such, consumers’ expectation that businesses will react to their fraud concerns has remained high at 82%. People understand the connection between identity verification and a positive customer experience with 63% saying it’s extremely or very important for businesses to be able to recognize them online.

The ability to repeatedly identify consumers can translate to trust. Eighty-one percent of consumers say they’re more trusting of businesses that can accomplish easy and accurate identification.The report also found that financial services companies were the most trusted, with retail banks, P2P lending and buy now, pay later financing all listed as top trusted organizations by U.S. consumers.

Businesses recognize the importance of Gen AI but there’s a lack of focus on fraud prevention

This year’s data found that companies reported high engagement and investment in Gen AI, Gen AI security solutions and AI models that improve customer decisions. With that said, businesses recognize the challenges of Gen AI with 70% of businesses saying that AI fraud is expected to be the second greatest challenge for their business. In fact, Tier 1 businesses listed Gen AI fraud as their top stress point.

Despite those concerns, funding for Gen AI fraud detection and prevention is lacking. When asked about the most important potential investment areas for 2024, businesses ranked detecting and preventing Gen AI fraud and deepfakes as the 12th most important investment area behind prevention for legacy fraud types like identity theft and first-party fraud. As the widespread use of Gen AI continues to accelerate, businesses will need to be prepared to address this evolving fraud.

Consumers want more behavioral and physical analytics verification

Currently, multifactor authentication (48%) and the use of passwords (45%) are the most used fraud prevention methods. Among the methods used most recently, physical analytics (71%), PINs sent to a mobile device (70%) and behavioral analytics (66%) evoke the highest sense of security for consumers, with security questions (63%) and passwords (58%) rounding out the top five. Interestingly, while consumers have greater trust in physical biometrics and behavioral analytics, less than 30% of businesses are using these solutions — showing companies could consider investments in physical and behavioral analytics to verify identities and combat fraud.

“With digital transactions increasing every day and new technology changing the fraud landscape, our latest report underscores the need for businesses to review their current strategies and invest in the right tools to address the evolving complexity of fraud schemes of the future,” said Kathleen Peters, Chief Innovation Officer for Experian in North America. “Companies need to take a multilayered approach to fraud prevention that leverages the right data, analytics and technology in an orchestrated way to combat fraud and build trust and positive experiences with legitimate customers.”

Experian’s identity verification and fraud prevention solutions helped clients avoid an estimated $15 billion in fraud losses globally last year. To read Experian’s 2024 Identity and Fraud Report, please visit https://www.experian.com/innovation/thought-leadership/2024-us-identity-and-fraud-report.jsp. To learn more about Experian’s fraud prevention solutions, please visit https://www.experian.com/business/solutions/fraud-management.

Methodology:

Experian’s 2024 Identity and Fraud Report is based on two major surveys conducted in the U.S. in March 2024. The first asked more than 2,000 U.S. consumers about their online interactions and expectations regarding security and customer experience. The second survey asked more than 200 businesses in the U.S. about their strategies for effective fraud management, customer identification and authentication, including investments related to security and customer experience. Companies ranged in size from $10–$49 million to above $1 billion in revenue. Industries that completed the survey include retail banks, fintech, consumer technology and electronics, payment system providers, and many other companies from a range of verticals.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post GenAI, Deepfakes & Cybercrime Are the Top Fraud Concerns for Businesses first appeared on AI-Tech Park.

The HITRUST CSF certification for Ontrak’s Advanced Engagement System not only exemplifies our commitment to the gold standard in data protection and compliance but also ensures that our Ontrak Identify product suite, a core component of its WholeHealth+ solution, operates at the forefront of secure, AI-driven healthcare engagement, offering peace of mind to our partners and unparalleled care for our members.

The HITRUST CSF^® certification is a comprehensive and flexible framework that combines healthcare-specific security, privacy, and regulatory requirements from existing frameworks such as HIPAA, NIST, ISO, and COBIT. Ontrak’s certification, valid for two years, is a testament to the company’s dedication to protecting sensitive health information, a crucial aspect in the healthcare industry.

“Ontrak’s ongoing commitment to customer data security is at the forefront of our operations,” said Arik Hill, the Company’s Chief Information Officer. “Achieving the HITRUST CSF certification is not just a badge of honor; it represents our promise to our customers that their data is safeguarded with the utmost care and according to the highest standards in the industry.”

The certification process involved a rigorous assessment by an Authorized External Assessor, validating the security and compliance of Ontrak’s Axiom TransSend platform, along with the AWS infrastructure, met the HITRUST CSF v11.0.1 Risk-based, 2-year (r2) certification criteria, ensuring a secure and compliant environment for handling customer data.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Ontrak Health Secures HITRUST CSF® Certification for 2024 first appeared on AI-Tech Park.

Entrust, a global leader in identity and data security, today announced that its high-performance, next generation nShield 5, hardware security modules (HSMs) have achieved Federal Information Processing Standards (FIPS) 140-3 certification. FIPS 140-3 is the latest version of the U.S. government computer security standard from the National Institute of Standards and Technology (NIST) used to validate cryptographic modules.

By achieving FIPS 140-3 Level 3 validation, Entrust becomes one of the few vendors that can meet the very stringent data security requirements of governments, financial institutions, and enterprises globally. Entrust nShield 5 HSMs feature an innovative new container-based architecture, and a crypto-agile programmable security processor. Entrust’s newest HSM is up to 40% faster than previous versions, making it able to support the accelerating demand from applications requiring the highest levels of data security. Additionally, earlier this year, nShield 5 HSMs achieved Common Criteria EAL4+ certification, meeting the latest industry standards for HSMs to comply with the European Union’s strict eIDAS requirements. Together with the FIPS 140-3 certification, Entrust is positioned to meet organizations’ increasing need for global regulatory compliance support.

“This is a critical milestone – FIPS 140-3 certification for Entrust nShield 5 HSMs provides customers with the security foundation that meets their most demanding protection and performance requirements, and future-proofs investments with the ability to be securely updated as cryptographic standards continue to evolve, for example with post-quantum algorithms,” said Giuseppe Damiano, VP of Product Management at Entrust. “By achieving this certification, along with the Common Criteria Standards certification, Entrust nShield 5 HSMs provide customers around the world with assurance their cryptographic modules deliver the highest standards of security and compliance to protect their most sensitive data.”

“To become FIPS 140-3 certified, there’s a great deal of analysis and testing that has to be done by an accredited, independent third-party laboratory,” said Jason Lawlor, President of Lightship Security. “Having an HSM with FIPS 140-3 certification is an essential next step for organizations as they work to protect their data now and into the future. We were thrilled to work with Entrust to achieve this certification and help their customers remain compliant.”

Crypto agility is the capability of organizations to seamlessly adopt new, emerging encryption methods. This is critical as the first waves of post-quantum cryptographic algorithms are standardized, and as additional algorithms continue to be introduced. The nShield 5 HSM offers crypto agility out of the box with its security processor, a field programmable gate array (FPGA) that can be readily reprogrammed via software updates. This reduces costly and time-consuming hardware refreshes and increases resilience against quantum computers that may compromise the encryption techniques we rely on today. As we prepare for the coming challenge of quantum computers, HSMs are essential to the security and trust of IT systems, the cloud, and the Internet.

“Our customers seek best in class, high assurance hardware security modules to protect their high value cryptographic keys. I’m delighted that the Entrust nShield family of HSMs are now validated to FIPS 140-3,” said Carl Persson, Sales Director Encryption at Verisec International AB. “Verisec is a long-standing partner of Entrust and we recognize the significance of achieving this new security validation for the nShield 5 HSM. Our joint customers will now be able to choose Entrust nShield HSMs to meet their high assurance needs knowing that it has the latest FIPS 140-3 validation in addition to Common Criteria certification and a number of other compelling features.”

nShield 5 HSMs are designed to seamlessly integrate with Entrust KeyControl, Entrust’s flagship enterprise key management service. KeyControl offers a unified dashboard for complete visibility, traceability, compliance tracking, and an immutable audit trail for cryptographic assets such as keys and secrets. Its decentralized vault architecture ensures keys remain secure within authorized endpoints, while also supporting a wide range of cryptographic use cases. As a root of trust, Entrust nShield 5 HSMs provide an additional layer of security protecting the keys and secrets managed by KeyControl.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Entrust is FIPS 140-3 Certified for nShield 5 HSM Product Suite first appeared on AI-Tech Park.