The technique, called store-now, decrypt later (SNDL), means organizations need to prepare now for post-quantum cryptography.

Although quantum computing is years away from commercial availability, business leaders, CIOs, and CISOs need to act now to prepare for the technology's inevitable ability to crack RSA-encrypted data. Failure to start adopting a post-quantum cryptography (PQC) strategy will put all existing encrypted data assets at risk of exposure, according to a stark warning from key technical cryptography experts issued on Wednesday.

A peer-reviewed paper chronicling that threat with a technical road map for transitioning to PQC appeared Wednesday in _Nature_, a leading journal for the science and technology communities.

The cybersecurity experts who wrote the paper, titled "Transitioning organizations to post-quantum cryptography," underscored the fact that when large and fault-tolerant (LFT) quantum computers become available, attackers will be able to use them to crack most existing public key crypto systems, including RSA and elliptic curve cryptography (ECC).

**SNDL Threat**

The paper points to three critical issues that the authors contend organizations must address. First is the existence of an active and critical threat called store-now, decrypt later (SNDL), a practice wherein attackers steal sensitive data and hold onto it with the intent of decrypting it once quantum computing becomes available.

Second, the authors warn that quantum computers will be able to break the most commonly relied on RSA and ECC to forge signatures. That would put at risk all SSL-based websites, zero-trust architectures, and cryptocurrencies, among other things, according to the authors.

And third, they highlight how the National Institute of Standards and Technology (NIST) is poised to select a set of PQC candidates that it will recommend as standards. Although the paper was written months ago before Wednesday's publication, NIST is poised to reveal the candidates within a few weeks and potentially sooner.

Dustin Moody, a NIST mathematician, confirmed the imminent announcement of the PQC algorithm candidates. Among cybersecurity standards, it is one of NIST's largest undertakings since developing Advanced Encryption Standard (AES) and Secure Hash Algorithm-3 (SHA-3). The new PQC standard will likely include more than one algorithm, Moody told Dark Reading.

"Security-wise, we want to make sure we're not putting all our eggs in one basket," Moody says. NIST is considering public key digital signatures as well as encryption or equivalently key establishment, Moody adds: "There will be at least one for each of these."

NIST's pending announcement was presaged by two directives last week from the Biden administration aimed at recognizing and addressing PQC.

**Impact on Existing Data Assets**

While the paper provides a detailed technical breakdown of PQC issues, it also aims to bring awareness of the implications of quantum computing for existing information assets and emphasize the need to develop a plan.

"For those organizations that have not started integrating PQC in their systems or even planning for it, we highly recommend starting their efforts now," the paper warns. "Those organizations and enterprises with sensitive data with time value exceeding five years should consider PQC immediately."

One of the co-authors of the paper is Jack Hidary, founder and CEO of Sandbox AQ, a software-as-a-service (SaaS) provider focused on bringing together quantum computing and artificial intelligence technology to address complex processing issues. The primary processing issue it is dedicated to is helping organizations understand the risk of quantum computing by identifying critical data assets that are encrypted and developing a strategy to protect them with the forthcoming PQC algorithms.

The first thing companies must do is undergo a discovery process to determine the value of all their data, particularly information that is encrypted. For example, a large pharmaceutical company could have IP for patented drugs that are worth billions of dollars per year in revenues and royalties. If that data were to end up in the wrong hands, it could render that IP worthless, Hidary warns.

"We realized that a white paper was necessary to give context to CISOs and to engineering teams and other leaders in the C-suite as to how this migration would occur," Hidary told Dark Reading. "And that's the motivation for this paper."

Hidary emphasizes that with SNDL, state-sponsored and independent attackers have already begun exfiltrating RSA encrypted data. "It's happening right now — they're storing that information, then they will decrypt in the future in a few years when they have additional computing power," he said. "That's the concern."

**PQC Attracts Powerful Friends**

Sandbox AQ may not be a well-known company today, having just come out of stealth mode. But it is a well-capitalized startup incubated by Google parent Alphabet, which spun out Sandbox AQ in March as a standalone company.

The company has a prominent advisory board consisting of former Google chairman and CEO Eric Schmidt, former U.S. Secretary of Defense Ashton Carter, former principal deputy director of National Intelligence Susan Gordon, and retired Admiral Mike Rogers, former Commander of the U.S. Cyber Command and a onetime director of the National Security Agency.

Before meeting with Hidary in January, Ernst & Young Americas cybersecurity lead David Burg said he knew PQC was an issue that his company would eventually have to address with its clients. But Burg acknowledges he was taken off guard over the need for EY to work on it with companies immediately.

"We left that meeting realizing that this is actually a problem set that our clients in the United States and around the world will need to deal with sooner than we thought," Burg says. The two companies formed a partnership to address the issue together.

**Protecting Health Information at Mount Sinai**

One of the clients EY is working with is the Mount Sinai Health System, which has 43,000 employees throughout its eight hospital campuses in the New York City area. Kristin Myers, who is Mount Sinai's CIO and dean of technology for its medical school, says cybersecurity is her No. 1 priority.

"In regard to quantum computing, the reality is that because of this innovation, it's going to be possible to decrypt data that is currently encrypted in the future," Myers says. "And as you can imagine for healthcare, an unauthorized disclosure of sensitive PHI \[personal health information\] would really impact patients, whether it happened now, five years from now, or beyond."

Myers says she signed up Mount Sinai with Sandbox AQ and will start conducting a review and inventory of all the encryption methods now in use. Sandbox AQ will then provide recommendations on how to move forward.

"We'll do a feasibility study of some of the products that we'll need to implement with them," she says. "This is going to be a multiyear journey with them, but just to be able to get started is going to be important for us."

Threat Actors Are Stealing Data Now to Decrypt When Quantum Computing Comes

Proper identity and access management configuration serves as an effective starting point for organizations looking to secure their cloud infrastructure.

Cloud security is a broad industry spanning multiple solutions, from cloud workload protection (CWP) and cloud security posture management (CSPM), to infrastructure as code (IaC) security and much more. Within each respective solution comes more targeted solutions: serverless security, container security, platform security, threat detection, and the list goes on.

With an ever-expanding number of tools that organizations are expected to have to keep their clouds secure, it can be overwhelming for security teams and the wider organization to know where to start with their security strategy. Based on recent data uncovered by the Unit 42 cloud threat research team, I would argue that if there is one place for you to consider when beginning to map a robust security strategy, it’s with your identity and access management (IAM) policies.

You may have heard many people within the cloud security industry say that it is typical to start with CSPM when developing a strategy, and really, there is no incorrect place to begin. By starting somewhere, organizations open up the door to achieving comprehensive security across all aspects of being in the cloud. However, even though cloud security posture management is tried and tested when it comes to gaining visibility into your cloud environments, starting with identity brings in a vital piece that the former solution is missing: the human element.

**Why Identity Is Your First Line of Defense  
**An identity in a cloud environment can be either human or non-human such as a service account, but it is people who manage the access permissions around those identities. When attackers take advantage of misconfigured or overly permissive identity access controls, they don't need to figure out how to pull off a technically complex compromise. Instead, they can simply gain access to resources as if they have a right to them.

According to Unit 42’s research spanning over 200 organizations, 99% of cloud users, roles, services, and resources were granted excessive permissions, which were left unused. This opens the door for threat actors who specifically target the cloud (also called cloud threat actors) to take advantage of vulnerable identity and access management policies. Organizations need to be aware of how to properly configure their IAM to help block unintended access, provide visibility into cloud activities, and reduce the impact when security incidents occur.

**How to Get Started With Implementing Effective Identity and Access Management  
**While IAM governs the security of cloud infrastructure and helps prevent organizations from becoming a target for cloud threat actors, proper IAM configuration is challenging to achieve due to its dynamic nature and complexity. To help organizations defend themselves, they can start with the following three tactics: employ a cloud native application protection platform (CNAPP), focus on cloud infrastructure entitlement management (CIEM), and increase security automation.

First, cloud threat actors could successfully evade a siloed set of capabilities, but the comprehensive nature of a CNAPP — which consolidates security tools into a single platform from development through runtime — allows organizations to monitor all activity occurring in their cloud environments.

Additionally, by focusing on CIEM, organizations reduce the possibility of becoming an easy target. Minimizing admin credentials, implementing a strong password policy, enforcing least privilege access, and more are all methods to make this possible.

Finally, as cloud usage continues to grow, organizations need to keep up with vulnerability management at scale. Incorporating automation wherever possible can help reduce the manual steps involved in resolving security issues.

**Start With Identity, End With Security  
**Most organizations are unprepared for an attack made possible by taking advantage of weak IAM policies. By making identity and access management the clear starting point for your organization’s security efforts, you shift your focus to something specific and tangible rather than the cloudy (no pun intended) call to action to implement cloud security as a whole. Through employing a CNAPP for your cloud security efforts, focusing on CIEM, and increasing security automation, identity becomes a tool for security rather than a key to the kingdom for exploitation.

**About the Author**

    

Dr. Jay Chen is a cloud security researcher with Prisma Cloud and Unit 42. He has extensive research experience in cloud native and DevOps security. His current research focuses on investigating the vulnerabilities, design flaws, and adversarial TTPs in cloud native technologies such as containers and public cloud services. In the past, he also researched mobile cloud and distributed storage security. Dr. Chen has authored 20+ academic and industrial papers

Ready, IAM, Fire: How Weak IAM Makes You a Target

Delivering hotfixes and system updates separately will allow manual patching without requiring elevated permissions, Microsoft said.

In a move to ease the process of applying security updates to Exchange Server and help ensure the servers get patched, Microsoft has kicked off new security update packaging for the software.

Previously, elevated admin permissions were required to both update the application as well as install the most urgent "hotfix." The result, according to a new Microsoft Exchange security team blog post, have been servers being left unpatched. 

Moving forward, Exchange server updates will be sent in two packages — one Windows installer patch file (.msp) for automated updates and another (.exe) installer for manual updates. 

"The EXE package is a wrapper for the .msp file that ensures the installation runs with the required permissions," the Exchange security team added. "To install the update, simply double-click the .exe file and follow the instructions. The installation process checks permission prerequisites and if the check fails, it will try to elevate the permissions to the required admin level." 

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Microsoft Simplifies Security Patching Process for Exchange Server

Enterprises can now ship more secure code to production by unifying security across software development, DevOps, and security teams.

PORTLAND, OR – May 11th, 2022 – Orca Security, the cloud security innovation leader, today announced the industry’s first cloud security solution to provide context-aware Shift Left Security for cloud infrastructure and applications. Orca Security helps DevOps teams understand the potential impact of security issues on cloud application production environments, and fix those issues earlier in the software development lifecycle (SDLC), while also providing security teams with automated remediation to prevent security issues from progressing across the SDLC.

Orca’s new command-line interface (CLI) called Orca CLI enables developers and DevOps teams to quickly scan locally hosted images and IaC templates, view results directly in developer tools, and surface findings within the Orca platform. Orca CLI supports any standard CI tool, such as GitHub Actions, Jenkins, CircleCI, Bamboo, or Bitbucket. Developer and DevOps workflows can now include scanning for vulnerabilities, secrets, malware, and compliance issues.

“Organizations continue to adopt cloud-native architectures and want to ship their applications as quickly as possible while ensuring they are secure in production. Previously, organizations needed multiple tools to secure each part of the application lifecycle which resulted in a lack of shared context across each phase of development and runtime,” said Avi Shua, co-founder and CEO for Orca Security. “At Orca Security, we believe that both DevOps and security teams deserve context-aware security across the entire application lifecycle in a single platform - by shifting security left into development and automatically remediating risks in production.”

**Unifying Cloud Security Across the Full Application Lifecycle**

Security leaders are responsible for all aspects of security governance, including ensuring that applications are fully tested and secured in production. Orca Security delivers Shift Left Security capabilities securely across the Build, Deploy, and Run phases of the software development lifecycle to help companies detect critical risks and meet compliance mandates:

**Build:** Container images and IaC templates are scanned for vulnerabilities and misconfigurations on the developer desktop or as part of regular, continuous integration and continuous delivery (CI/CD) workflows. This context-aware process takes into consideration both the current run time environment as well as the deployed code to deliver a dramatic improvement in accuracy.

**Deploy:** Registries are continually monitored to ensure application artifacts are secure before deployment, with guardrail policies in place to prevent insecure deployments. Continuous monitoring also identifies secrets such as when private keys are found as part of a CI scan that could allow lateral movement within a cloud estate.

**Run:** Production environments are also monitored for risks with contextual and prioritized alerts, risks are remediated automatically, and data integrates with modern ticketing and notification tools.

**Additional Resources:**  

Read the blog: Shift Left Security: Addressing Cloud Risks Early in the Development Process  

Download the eBook: 5 Requirements for Integrating Security Across the Full Application Lifecycle

Visit our website: Shift Left Security web page  

Join the webinar: Shift Left: Find and Fix Cloud Security Risks Earlier in the Development Cycle

Note: All of the mentioned features will be available in Q2, 2022.

**About Orca Security**

Orca Security provides instant-on security and compliance for AWS, Azure, and GCP - without the gaps in coverage, alert fatigue, and operational costs of agents or sidecars. Simplify cloud security operations with a single CNAPP platform for workload and data protection, cloud security posture management (CSPM), vulnerability management, and compliance.

Orca Security prioritizes risk based on the severity of the security issue, its accessibility, and business impact. This helps you focus on the critical alerts that matter most. Orca Security is trusted by global innovators, including Databricks, Autodesk, NCR, Gannett, and Robinhood. Connect your first account in minutes: https://orca.security or take the free cloud risk assessment.

Orca Security Unveils Context-Aware Shift Left Security to Identify and Prevent Cloud Application Security Issues Earlier

A Texas man was sentenced today to five years in prison followed by three years of supervised release for his conduct in connection with a scheme to buy 38,000 compromised PayPal account credentials from an illegal online marketplace, and then use those credentials to steal money from the rightful PayPal account owners. In addition to the term of imprisonment, the defendant was ordered to pay $1.4 million in restitution.

Marcos Ponce, 37, of Austin, pleaded guilty to conspiracy to commit wire fraud in October 2021. According to court documents, from at least as early as November 2015 and continuing through in or about November 2018, Ponce and his co-conspirators worked together to establish buyer accounts on a particular illegal online marketplace (Marketplace A). Marketplace A functioned as an illegal market for stolen payment account credentials and associated personally identifying information (PII). The co-conspirators purchased over 38,000 stolen PayPal account login credentials.

In addition, Ponce and his co-conspirators developed social engineering techniques in order to trick unwitting third parties into accepting money transfers from the compromised PayPal accounts, and then transferring the money into accounts controlled by members of the conspiracy.

“The Justice Department remains firmly committed to protecting the American people from fraudsters like this defendant,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. “May today’s sentencing send a clear message to would-be thieves: there are real-world consequences for online crimes.”

“This prosecution and sentence send a powerful message that the cyberworld is not a haven for criminals, and law enforcement will work tirelessly to bring cybercriminals to justice,” said U.S. Attorney Ashley C. Hoff for the Western District of Texas.

“Today’s sentencing sends a message that the FBI will pursue cybercriminals across the globe. Hiding behind a computer does not mean you can stay anonymous or out of reach of law enforcement,” said Assistant Director in Charge Steven M. D’Antuono of the FBI’s Washington Field Office. “With the assistance of FBI cyber task forces across the country, the FBI will diligently and aggressively work to identify and locate criminals, regardless of where they operate.”

The case was investigated by the FBI’s Washington Field Office, with significant assistance from the FBI San Antonio - Austin Cyber Task Force.

Senior Counsel Laura-Kate Bernstein of the Justice Department’s Computer Crime and Intellectual Property Section, and Assistant U.S. Attorney Matthew Devlin for the Western District of Texas prosecuted the case, with substantial assistance from Assistant U.S. Attorney Demian Ahn for the District of Columbia.

Man Sentenced for Stealing from PayPal Accounts in Wire Fraud Scheme

NEW YORK, May 11, 2022 /PRNewswire/ -- Six months after news broke about fake, 'bot-driven' student college enrollment in California's community colleges, global cybersecurity company CHEQ released new data suggesting that bot traffic on higher education websites continues to rise.

In December of 2021, the LA Times reported that a Pierce College professor discovered many of those registering for her classes online were bots rather than legitimately enrolled students. During that time, The California Community Colleges Chancellor's Office estimated that about 1 in 5 applications was "malicious and bot-related."

CHEQ's data tells a similar story, indicating that the issue of bot traffic in online higher education may be even larger than originally estimated. Specifically, throughout 2021, bot traffic coming from organic and direct sources hovered around 30%. So far in 2022, that number has jumped to 45% - showing a 50% overall increase. The bot traffic discovered includes malicious scrapers and web crawlers, automation tools, headless browsers and botnets. The data was collected as part of a global study into fake user and bot traffic trends online, conducted across over 50,000 websites.

_"Like with many other industries, higher-education is increasingly transitioning to online models of registration, enrollment, payment and virtual classrooms, opening the door to more online fraud and increased exposure to the Fake Web"_ said Guy Tytuniovich, CHEQ's CEO. _"When you also factor in the sheer size of the economy around higher-education, you realize why it's an appealing target for fraudsters and scammers, as we see in our most recent data."_

Through analyzing their data, CHEQ has found that higher education bot traffic is more common than bot traffic in many other industries. When it comes to organic and direct traffic, the gaming industry typically sees Invalid Traffic (IVT) rates of 15%, and the insurance industry sees 18%. This indicates that the education sector has consistently been a target for fraudulent activity, and may continue to see increases in attacks from fake users.

Fraudulent 'Bot-driven' College Enrollment up 50%, New Study Finds

International cybersecurity authorities issue guidance to help information and communications service providers secure their networks.

The National Security Administration (NSA), along with a coalition of international cybersecurity authorities, today issued an advisory warning managed service providers (MSPs) of an escalating threat of attack from both everyday cybercriminals and state-sponsored threat actors. 

MSPs provide or operate information and communications technology services. 

With input from cybersecurity leaders from Australia, Canada, New Zealand, the UK and the US, the NSA provided recommendations to help bolster their cyber defenses, including: 

*   Finding and disabling dormant accounts.
*   Implementing and enforcing multifactor authentication on accounts.
*   Ensuring contracts clearly map out who owns and is responsible for securing data. 

“This joint guidance will help MSPs and customers engage in meaningful discussions on the responsibilities of securing networks and data,” said NSA cybersecurity director Rob Joyce in a statement announcing the new cybersecurity guidance. “Our recommendations cover actions such as preventing initial compromises and managing account authentication and authorization.”

The NSA added it partnered with the UK's National Cyber Security Centre (NCSC-UK), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), New Zealand's National Cyber Security Centre (NCSC-NZ), the Cybersecurity and Infrastructure Agency (CISA), and the Federal Bureau of Investigation (FBI) to develop the MSP cybersecurity recommendations. 

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

NSA Warns Managed Service Providers Are Now Prime Targets for Cyberattacks

The partnership integrates Keeper's zero-knowledge, zero-trust enterprise password manager (EPM) into SHI Complete, a comprehensive, fully managed IT service for small and medium-sized businesses (SMBs).

CHICAGO, May 11, 2022 /PRNewswire/ -- Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software covering password management, dark web monitoring, digital file storage and messaging, announces a new partnership with SHI International, one of the world's largest IT solutions providers. The partnership will integrate Keeper's Enterprise Password Manager (EPM) into SHI Complete, a comprehensive managed service that empowers small-and medium-sized businesses (SMBs) to accelerate their IT transformation journey.

The cybersecurity components of SHI Complete incorporate endpoint, cloud, network and identity management protection into a single managed service overseen by a strong governance plan. SHI's comprehensive new offering makes the latest technologies and skills readily available to SMB business and IT leaders without having to invest in a large in-house IT staff or take their eye off business growth.

The integration of Keeper EPM into SHI Complete will enable customers to monitor and control password use across the entire organization, both remote and on-prem, while developing and maintaining security best-practice policies such as multi-factor authentication (MFA), role-based access control (RBAC) and least-privilege access.

"The costs of remediating a data breach or ransomware attack are staggering, enough to put many SMBs out of business, and the overwhelming majority of these attacks involve stolen or compromised passwords," said Mark Cravotta, Chief Revenue Officer at Keeper Security. "Keeper is excited to partner with SHI and enable SMBs to proactively protect themselves from password-related cyberattacks."

"SHI is constantly evaluating new technology partners and solutions who can help us deliver efficient and secure managed services to our customers," said Cory Peters, Vice President of Cloud and Managed Services at SHI. "Keeper Security helps ensure that customers leveraging SHI Complete will continue their IT transformation in a secure and efficiently managed environment."

For more information on the Keeper EPM and the rest of Keeper's security solutions, please visit https://keepersecurity.com.

**About Keeper Security**

Keeper Security, Inc. ("Keeper") is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity security-related cyberattacks while gaining visibility and control. Keeper is the leading provider of zero-trust and zero-knowledge security cloud services trusted by millions of people and thousands of organizations for password management, secrets management, privileged access, secure remote infrastructure access and encrypted messaging.

Keeper's products are the highest-rated in the industry across G2, Trustpilot, PCMag and U.S. News & World Report. For the last several years, Keeper has received several InfoSec Awards from Cyber Defense Magazine for its cybersecurity enterprise software. Keeper is SOC 2 and ISO 27001 certified and FIPS 140-2 validated and Keeper is the only enterprise password management solution listed on the FedRAMP marketplace. Keeper is backed by Insight Partners, a leading venture capital and private equity firm with $90b AUM.

**About SHI International**

SHI International Corp. is a transformational technology solutions provider serving the needs of more than 15,000 corporate, enterprise, public sector, and academic customer organizations around the world. It helps companies achieve business goals through the use of technologies ranging from software licensing and end user computing devices to innovative cloud and edge solutions. With over 5,000 employees worldwide, SHI is the largest Minority and Woman Owned Business Enterprise (MWBE) in the U.S.

Keeper Security Partners with SHI International for New Fully Managed IT Service (SHI Complete)

Remote work is here to stay, which means security teams must ensure that security extends beyond corporate devices and protects employees wherever they are.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Top 6 Security Threats Targeting Remote Workers

Round of $14.5M to support team of AI experts and cybersecurity leaders targeting overshared data with AI-based solutions for data access governance and loss prevention.

SAN JOSE, Calif., May 11, 2022 — Concentric Inc., a leading vendor of intelligent AI-based solutions for protecting business-critical data, announced today it has raised $14.5 million in Series A funding. Led by Ballistic Ventures, a new VC firm solely dedicated to advising and funding early-stage cybersecurity startups, this investment targets the $19B market for data security, access governance, and loss prevention. Citi Ventures also participated in the round as a strategic investment, as did current investors Core Ventures Group, Engineering Capital, and Clear Ventures.

As a result of the investment, Ballistic Ventures’ Barmak Meftah will join Concentric’s Board of Directors. Recognized globally as one of the most successful business leaders in enterprise software and cybersecurity, Mr. Meftah served as the President of AT&T Cybersecurity, a role assumed after the successful acquisition of AlienVault, where he led the company for six years as CEO. Under Mr. Meftah’s leadership, AT&T established itself as a cybersecurity leader and one of the world’s top-five largest managed security services providers (MSSPs).

“Data security and access governance – especially for information hidden in unstructured content – is an enormous unaddressed market,” said Mr. Meftah. “Concentric has the right technology and team to deliver tremendous customer value and take data security to the next level. With the help of Ballistic’s expertise and our extensive network of security contacts, their growth potential is virtually unlimited.”

Concentric serves organizations awash in business-critical data that they can’t protect. Using the company’s autonomous data security solution, security professionals can now discover, evaluate, and remediate security issues without resorting to armies of analysts or asking end-users for help. Automation is a highly effective cybersecurity strategy: According to the 2021 “Cost of a Data Breach” report from IBM, the cost of a data breach continues to climb up 10 percent YOY to $4.24M in 2021, with remote work contributing $1M more in average cost per data breach. However, adopting security AI/automation drove breach costs down by 84.4 percent (from an average per-breach cost of $6.71M to $2.90M). Out of the 26 cost factors evaluated in the report, automation drove the biggest savings.

Citi Ventures’ Vibhor Rastogi, Global Director, AI/ML Investments also sees automation’s potential: “Artificial intelligence and machine learning continue to transform how large global financial institutions can protect their most important asset, their data. Data security professionals face the twin threats of sophisticated cybercriminals and a cybersecurity staff shortage. Concentric has the team and solution needed to capitalize on the need for autonomous data security for better protection with lower costs, and we look forward to supporting them on this journey of continued growth.”

Concentric co-founders Karthik Krishnan (CEO), Madhu Shashanka (Chief Data Scientist), and Shankar Subramaniam (CTO and VP, Engineering) believe emerging deep learning technologies are the answer. Their pioneering Semantic Intelligence™ solution includes patented capabilities such as Risk Distance™ analysis for autonomous risk assessment and Concentric MIND for an AI-assisted deep learning model and policy management/curation. Customers use Semantic Intelligence to meet regulatory requirements, protect sensitive client information, control internal data flows, and more. Learn more about Concentric’s solutions here.

“Our mission is simple: We are remaking the multi-billion dollar data security market with an autonomous solution capable of discovering, evaluating, and protecting structured and unstructured content across the entire cloud and on-premises landscape,” said Krishnan. “The teams at Ballistic and Citi Ventures are packed with high-powered cybersecurity creators and industry luminaries who see our potential and share our vision. Together we’ll establish Concentric as one of the industry’s leading cybersecurity players.”

With these investments, the company will grow its existing roster of corporate customers through expanded sales and marketing efforts and extend its solution to protect an expanding menu of content, locations, and use cases.

**About Ballistic Ventures**

Ballistic Ventures is solely dedicated to early-stage cybersecurity and cyber-related companies. Our partners have spent their entire careers defending against every cyber threat conceivable. Members of the firm have founded, operated, or funded over 90 successful cybersecurity firms, led over ten thousand security professionals globally, and have 40+ years of experience in venture capital. Our experience provides entrepreneurs impactful support from people focused on the same mission. Our networks and relationships open doors for our founders.

Learn more at ballisticventures.com.

Ballistic features a slate of heavyweight co-founders and general partners, including Ted Schlein (Kleiner Perkins, Fortify), Barmak Meftah (AlienVault, AT&T Cybersecurity, Fortify), Jake Seid (Lightspeed Venture Partners), Derek Smith (Oakley Networks, Shape Security) and Roger Thornton, (AlienVault, AT&T Cybersecurity, Fortify).

**About Citi Ventures**

Citi Ventures harnesses the power of Citi to help people, businesses, and communities thrive in a world of technological change. Headquartered in San Francisco with offices in New York, London, Palo Alto, Tel Aviv, and Singapore, Citi Ventures accelerates discovery of new sources of value by exploring, incubating, and investing in new ideas, in partnership with Citi colleagues, clients, and the innovation ecosystem.

**About Concentric AI**

With Concentric, organizations can finally address their unmet data security needs by discovering and protecting business-critical content. Concentric protects intellectual property, financial documents, PII/PCI content, customer data, business confidential data and more, across on-premises and cloud-based data stores. The Concentric Semantic Intelligence™ Data Access Governance solution uses deep learning and Risk Distance™ analysis to accurately categorize data, assess risk, and remediate security issues – without relying on upfront rules or complex configuration. Concentric is venture-backed by leading Silicon Valley VCs and is headquartered in San Jose, Calif. For more information, see https://www.concentric.ai.

Source

DARKReading