Comprehensive software reviews to make better IT decisions
RSA Archer Among Other RSA Products Sold to Symphony Technology Group
RSA Archer, a leader in the governance, risk, and compliance space has been acquired by Symphony Technology Group, based in Palo Alto, California. Symphony, a private equity firm, has investments in a cross section of companies in the analytics space, HR and recruitment, and supply chain among many others.
Jeff Clarke, COO, Dell, announced on February 18, 2020 that in a move to “further simplify our business and product portfolio” it was selling its RSA arm including the RSA Conference, RSA Archer, RSA NetWitness Platform, RSA SecureID, RSA Fraud, and Risk Intelligence.
Source: SoftwareReviews Governance, Risk and Compliance, Accessed March 23, 2020
In an announcement by Rohit Ghai, President, RSA, on February 18, 2020, the move provides the following opportunities:
- Allows RSA to leverage private equity banking to grow its business.
- Partners with an organization aligned with RSA’s commitment to customer and partner base.
- Is an opportunity to enhance usage of its talent and experience.
- Accelerates innovation in the proposed, more independent configuration.
Source: Our Next Episode, RSA blog Feb. 2020
RSA Archer, a long-held leader in large and mid-sized GRC rollouts, has lost traction in recent years with increased competition in the GRC tool space and as a result of the competitiveness of the cloud SaaS (Software as a Solution) model. As of February 12, 2020, RSA Archer announced the availability of its SaaS suite in the cloud. No announcement has been made yet, however, existing RSA Archer clients are expected to have the option to migrate to the SaaS platform or remain on premises, providing options to review existing services and modules needed.
In moving to a more independent position within a private equity portfolio, it is clear that RSA is looking to take control over its role in the market and chart its future. It is not yet clear whether significant changes to its product are in store, however, this move to the SaaS model offers the traditional benefits of a quicker time to value, scalability of the cloud, faster access to latest feature set, and operating resilience.
By exploiting a five-year-old configuration error, a hacker was able to access Amazon’s S3 cloud storage buckets on which Twilio’s code was loaded. As a result, customers were able to unknowingly download the modified code for twenty-four hours.
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
Navigating the vendor risk management space, particularly in the current environment that consists of a mix of cloud, managed services, and critical supply chain, is key to ensuring that you don’t inadvertently introduce new risks through this dynamic channel.
On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
From employee management through leadership and communication, increased cyber threats, logistics and operations to post-pandemic planning and risk mitigation, the threat landscape has experienced enormous change. These noticeable shifts force us to consider rethinking and retooling how we address risk.