PR Newswire | May 18, 2023
OneTrust, the market-defining leader for trust intelligence, introduces OneTrust Artificial Intelligence (AI) Governance, a comprehensive solution designed to help organizations inventory, assess, and monitor the wide range of risks associated with AI. As organizations use AI and machine learning (ML) to process large amounts of data and drive innovation, AI Governance provides visibility and control over data used and risks generated by AI models.
According to Gartner, "Success and scaling of AI projects require leaders to address strategies and methods related to fairness, transparency, explainability, reliability, privacy, and security."1 As the use of AI and machine learning becomes more widespread, it is essential for organizations to address the privacy, ethical, and societal risks associated with these technologies. With AI Governance, organizations can embed data ethics, privacy, and security practices by default into the use of AI across their business.
"Responsible AI is not an option, but a necessity in today's business landscape," said Blake Brannon, Chief Product and Strategy Officer at OneTrust. "AI Governance provides a comprehensive solution for managing the unique risks associated with AI, including privacy, ethical, compliance, and operational risks. Using our product, organizations can automate record keeping and risk management, ensuring transparency, fairness, and accountability in their AI systems. By implementing responsible AI practices, companies can build trust with customers, regulators, and society at large, and position their business for success in the AI-driven future."
With AI Governance, compliance teams and data scientists can better understand data use and classification, evaluate the risks, and demonstrate compliance with emerging global requirements to ensure AI is used ethically and responsibly:
Inventory: Organizations can centrally view and manage AI projects, models, and data sets both internally developed and sourced from third parties. AI Governance establishes relationships across data sets and AI models to trace the path of data from its origin.
Assess risk: Users can assess AI projects against global laws and frameworks, including the NIST AI Risk Management Framework (RMF), OECD AI Principles, and more. AI Governance, along with OneTrust Data Discovery & Governance, connects to structured and unstructured sources of data to automatically discover and classify sensitive and personal data that may drive algorithmic bias or privacy risk. Regulatory intelligence helps automate compliance workflows and risk management, and automatically generate required control mitigations and compliance documentation such as conformity assessments.
Monitor: AI Governance integrates with existing model registries and MLOps tooling to detect AI model use and changes, and sync with a centralized inventory. Teams can continually evaluate models and training data for drift, bias, fairness, accuracy, and quality with in-app alerts.
Only OneTrust provides the powerful combination of privacy and risk management solutions, built-in regulatory guidance, data discovery and classification, and AI risk management framework templates to manage the unique and broad-reaching risks posed by AI systems. The solution leverages OneTrust's deep experience in data privacy and governance, and robust tools for managing risk and record keeping for audit, compliance, and proactive trust management.
OneTrust AI Governance will be available to select, qualifying customers through the AI Governance Early Access Program (EAP). This program offers an opportunity to get an early look at the solution and provide feedback to shape its development.
OneTrust is the trust intelligence cloud platform organizations use to transform trust from an abstract concept into a measurable competitive advantage. Organizations globally use OneTrust to enable the responsible use of data while protecting the privacy rights of individuals, implement and report on their cyber security program, make their social impact goals a reality, and create a speak up culture of trust. Over 14,000 customers use OneTrust's technology, including half of the Global 2,000. OneTrust currently ranks #24 on the Forbes Cloud 100 list of top private cloud companies in the world and employs over 2,000 people in regions across North America, South America, Asia, Europe, and Australia.
EMERGING TECHNOLOGY, CYBERSECURITY
Prnewswire | April 20, 2023
Cynamics, the AI-driven cybersecurity company, is partnering with Merlin Cyber to bring its novel, sample-based network detection and response (NDR) solution to the rapidly expanding US federal government market.
A new subsidiary launched with Merlin, Cynamics Federal, will be wholly dedicated to bringing this NDR solution to the federal market, helping US government agencies safeguard critical and sensitive information from ever-growing threats.
Working closely with US government agencies, Cynamics last month identified a new range of critical vulnerabilities within current protection layers. These findings, along with Cynamics' state-of-the-art proven NDR technologies, will be showcased at the RSA conference on April 24-27 in San Francisco.
"Cynamics has already been working closely with government agencies across the US, and we are excited to introduce our low-touch, built-for-scale NDR solution to the federal government in cooperation with Merlin Cyber," said Eyal Elyashiv, CEO and Founder of Cynamics.
Analogous to the accuracy of taking a blood sample, Cynamics' cloud-based solution collects less than 1% of network flow samples and uses its AI technologies to provide 100% network coverage and threat prediction for any network size and environment.
Recently, Gartner highlighted Cynamics as an NDR "emerging vendor" leveraging packet sampling as a new data-collection approach. This unique method discovers network blind spots, exposes potential backdoors, identifies anomalous behavior, and enables quick and straightforward remediation. According to Elyashiv, no other solution currently has this capability while being built-to-scale for the US federal government and the largest and most complicated networks in the world.
The solution is deployed in a frictionless way within minutes, without installing a single appliance or agent, and begins to deliver valuable insights within hours from onboarding, using only network metadata and without collecting, processing, or analyzing any sensitive or private information, which is a key advantage for the federal audience. This vastly reduces supply chain vulnerabilities.
Cynamics has hundreds of clients across the public and private sectors, of different domains, sizes, and geographies. Deep cyber expertise is not required to use and manage the solution, which makes the technology easier for government agencies to deploy.
Casting light on a little-known vulnerability, Elyashiv said that the fact that legacy mDNS (multicast DNS) and LLMNR (Link-Local Multicast Name Resolution) are used to resolve hostnames to IP addresses, by sending highly vulnerable multicast messages across local networks, enabled sophisticated attackers to map out the networks and infect them more effectively.
"Cynamics' solution offers state-of-the-art protection quickly and with surgical precision for the most valuable assets in our network," said Jad Al-Bijaly, Information Technology and Cybersecurity Manager for Guilford County, North Carolina, a trusted Cynamics customer. Other customers include the cities of Rocky Mount, Urbandale, Saratoga Springs, and others.
According to Gartner, in 2022, "the industries with the most interest in NDR continued to be the government and finance industries."
Having generated more than $4 billion in contracts to date, Merlin Cyber partners with industry-recognized companies as well as startups, seeing them through all stages of their development and go-to-market execution. Merlin Ventures, the investment arm of Merlin Group, invests most of its capital in startups from Israel, a global hub of innovation in the cybersecurity sector, accelerating them from seed to scale.
"The partnership with Cynamics reflects Merlin's commitment to providing a gateway for the most promising global cybersecurity startups to help protect America's critical digital infrastructure," said Seth Spergel, Managing Partner of Merlin Ventures. "We've been tracking the success of Cynamics and are proud to join as both an investor and a partner in helping to bring their solutions to market. Their AI-based network detection and response solution is unique and ideal for how large government networks are architected."
About Merlin Cyber
Merlin Cyber is the go-to-market arm of Merlin Group, a powerful ecosystem of cybersecurity investment, technical expertise, and partner growth acceleration with 25 years of experience working with the US government. Through Merlin Cyber, federal civilian, defense, state, local and education customers access innovative, public sector-ready cybersecurity solutions that meet government requirements and mission priorities. Merlin does this by selectively partnering with best-in-class cybersecurity brands, investing in visionary emerging technologies, accelerating partner growth, and enabling the US government to successfully keep ahead of today's critical threats, accelerate modernization initiatives, and defend our nation. Learn more at merlincyber.com
Cynamics is the only Next Generation (NG) Cloud Network Detection and Response (NDR) solution on the market today using standard sampling protocols built-in to every gateway, patented algorithms, as well as AI and Machine Learning, to provide threat prediction and visibility at speed and scale. Built to protect networks of all sizes and complexity, its highly scalable approach discovers threats missed by competitors and provides clients and partners with an elite defense against cyberattacks, with little-to-no burden on their resources. To learn more visit: https://www.cynamics.ai/
EMERGING TECHNOLOGY, CYBERSECURITY
PRnewswire | April 21, 2023
Pexip, a leading provider of enterprise video and collaboration solutions, announced its Pexip Government Cloud (PGC) Cloud Service Offering (CSO) has received an Authority to Operate (ATO) at the Moderate Impact level from the Federal Risk and Authorization Management Program (FedRAMP), sponsored by the U.S. Department of Labor.
With Pexip, employees can securely join Microsoft Teams calls using Cloud Video Interop (CVI) from standards-based video conferencing systems in meeting rooms in addition to their personal devices, bringing everyone together from the office or home. Agencies can also use Pexip to manage existing video infrastructure investments and host mission-critical meetings.
As agencies move to the cloud, Pexip can now support them along every step of the way. Customers can access secure video conferencing as a service through our FedRAMP-Authorized Pexip Government Cloud (PGC) platform, or they can deploy in their own private cloud, including Azure Government Community Cloud (GCC) High. Those with the strictest security needs can also host Pexip on-premises for full data control.
"Our FedRAMP Authorized platform offers a pathway for Pexip customers and federal government agencies to future-proof their video investments and securely unite their hybrid workforce. Already trusted by agencies including the VA, NASA, EPA, and the US Air Force, FedRAMP Authorization now enables even more agencies to access Pexip's solution," said Peter McCarthy, VP, Public Sector, Pexip.
This FedRAMP approval strengthens Pexip's existing security accreditation and authorization posture, which already includes:
US Department of Defense (DoD) Unified Capabilities Approved Product List (UC APL) authorized
Cryptographic Module Validation Program (CMVP) validated Federal Information Processing Standard (FIPS) 140-2 module #3503
ISO/IEC 27001:2013 certified
Section 508 compliant
General Data Protection Regulation (GDPR) compliant
Supports Health Insurance Portability and Accountability Act (HIPAA) compliance
Supports zero trust security architectures
Pexip enables enterprises and organizations of any size to deploy and use video-based communication and collaboration. The Company’s portfolio of products ranges from self-hosted software to cloud service video solutions. Pexip provides seamless collaboration between previously incompatible video and audio technologies such as professional video conferencing systems, Skype for Business, Microsoft Teams, Google Hangouts Meet, and WebRTC. Pexip’s software-based meeting platform can also be used as a foundation for service provider offerings. Pexip has HQ in Oslo, Norway, main offices in London, UK, New York and Reston, US and Sydney, Australia, as well as sales offices across the globe.