Latest news with #DigitalOperationalResilienceAct
Techday NZ
a day ago
- Business
- Techday NZ
Commvault & Kyndryl partner to boost cyber recovery services
Commvault and Kyndryl have announced a partnership to deliver incident recovery services for organisations aiming to enhance data security and meet regulatory requirements. The two companies will work in collaboration with Pure Storage to provide services intended to help organisations recover faster from cyber incidents, improve cyber resilience, and address complex regulatory demands. Kyndryl's cyber resiliency services portfolio includes Incident Recovery Services, Managed Backup Services, and Hybrid Platform Recovery. Through this new partnership, it will be supported by Commvault and Pure Storage to assist organisations in adhering to regulations such as the European Union's Digital Operational Resilience Act (DORA), NIS2 Directive, Payment Services Directive 2 (PSD2), New York Department of Financial Services (NYDFS) regulation NYCRR 500, and Australia's Prudential Regulation Authority (APRA) CPS 230 standard. Expanding cyber recovery services Under the collaboration, Commvault and Kyndryl plan to enhance support for enterprise customers facing persistent cyber threats and increasing data management complexity, particularly in multi-cloud environments. "Cyber preparedness is no longer regarded as optional for global organizations; it is mandatory," stated Allen Downs, Vice President of Security and Resiliency Services at Kyndryl. "Through this collaboration with Commvault and Pure Storage, we are further positioned to assist some of the world's most esteemed organizations in completely redefining their data protection strategies." The joint approach leverages Pure Storage technology alongside Commvault's cyber resilience and recovery solutions. This combined offering introduces a four-layer architecture designed to streamline compliance and speed up recovery for hybrid cloud customers. Technology and features The four-layered architecture includes the following components: Cyber Resilient Vault—an isolated, immutable data vault, based on zero-trust, to safeguard backup data from unauthorised access and tampering. Clean Recovery Zone—a controlled setting for forensic review and staged recovery using validated clean backups. Production Rapid Restore—capability for swift, reliable dataset restoration by using Pure Storage FlashBlade, with immutability features such as S3 Object Lock and SafeMode. Immutable Snapshot Recovery—enables quick, application-consistent restoration of key workloads through Commvault IntelliSnap and Pure Storage FlashArray. The services are developed to promote automated and ongoing cyber recovery testing. Support extends to Commvault Cleanroom Recovery within both public cloud and on-premises isolated environments overseen by Kyndryl. Organisations are enabled to validate their recovery processes to comply with DORA Chapter II (Risk Management), Chapter IV (Operational Resilience Testing), and related regulation. Meeting regulatory needs The collaboration is set against a backdrop of increasingly rigorous and complex regulatory landscapes. Organisations are now required to demonstrate not only the protection of their critical data, but also the capability to restore operations swiftly following a digital disruption. "Our partnership with Kyndryl is built to address the biggest challenges facing the enterprise today, such as the persistent threat of cyberattacks, including ransomware, and the increasing complexity of managing massive data growth across multi-cloud environments," said Alan Atkinson, Chief Partner Officer at Commvault. "When combined with the innovative Pure Storage platform, the three companies are together helping organizations stay resilient and prepared to act decisively in the face of disruption." As businesses face mounting pressures from both cyber threats and regulatory scrutiny, integrating compliance with resilience strategies is becoming increasingly necessary. "As regulatory frameworks like DORA set higher standards for operational resilience, organizations are implementing strategies that integrate regulatory compliance with the ability to recover swiftly from cyber disruption," said Maciej Kranz, General Manager, Enterprise at Pure Storage. "Together with Commvault and Kyndryl, we're delivering advanced security features and a scalable foundation of layered resilience that helps organizations meet these mandates and restore critical operations quickly and reliably." The services provided by the three companies are typically available across North America, Europe, and the Asia-Pacific region. Clients and partners will have opportunities to engage through existing partner programmes and access supporting resources aimed at enhancing cyber resilience and compliance capabilities. Follow us on: Share on:
Yahoo
29-05-2025
- Business
- Yahoo
Resecurity Unveils AI-Driven Compliance Manager at ISACA 2025 North America Conference
LOS ANGELES, May 29, 2025--(BUSINESS WIRE)--Resecurity, a leading U.S.-based cybersecurity and threat intelligence company, has officially launched its AI-driven Compliance Manager at ISACA 2025 North America Conference in Orlando, Florida. The cutting-edge solution is engineered to help CISOs and compliance teams manage complex regulatory demands, reduce risk, and maintain alignment with fast-changing global cybersecurity standards. The Compliance Manager delivers centralized visibility, automation, and expert-level guidance to ensure organizations stay audit-ready and resilient in the face of expanding data protection and information security regulations. The platform currently supports over 20 international and regional compliance frameworks, including: GDPR (General Data Protection Regulation - EU) SAMA (Saudi Arabian Monetary Authority) DORA (Digital Operational Resilience Act – EU) PDPL (Saudi Arabia) DPDPA (India) DPA (Philippines) CMMC (Cybersecurity Maturity Model Certification – U.S. DoD) NIS2 Directive (EU) RBI Cybersecurity Guidelines (Reserve Bank of India) PCI DSS v4.0.1 ISO/IEC 27001 NCA ECC (National Cybersecurity Authority's Essential Cybersecurity Controls – Saudi Arabia) To address increasing pressure from regulators and threats, Resecurity's solution introduces a "human-in-the-loop" AI architecture. This empowers cybersecurity leaders with GenAI-driven insights and adaptive compliance recommendations, tailored to evolving standards. The system maps controls, evaluates risk exposure, and enables real-time compliance monitoring — reducing manual workload and audit preparation time. "Regulatory landscapes are evolving faster than ever, and the cost of non-compliance can reach millions in penalties — not to mention reputational damage," said Gene Yoo, CEO of Resecurity. "With our Compliance Manager, we're arming CISOs with a smart, scalable assistant that not only monitors compliance but actively helps close gaps in real time." In some regions, penalties for non-compliance can exceed $10 million, or amount to 2–4% of annual global revenue, placing tremendous pressure on organizations to maintain continuous compliance. The Compliance Manager is fully integrated into the Resecurity platform, enabling unified threat, risk, and compliance (GRC) management under a single pane of glass. About Resecurity Resecurity® is a cybersecurity company that delivers a unified endpoint protection, fraud prevention, risk management, and cyber threat intelligence platform. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, by Inc. Magazine, Resecurity was named one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California. As a member of InfraGard National Members Alliance (INMA), AFCEA, NDIA, SIA, FS-ISAC, and the American Chamber of Commerce in Saudi Arabia (AmChamKSA), Singapore (AmChamSG), Korea (AmChamKorea), Mexico (AmChamMX), Thailand (AmChamThailand), and UAE (AmChamDubai). To learn more about Resecurity, visit View source version on Contacts Gene Yoopress@
Business Wire
29-05-2025
- Business
- Business Wire
Resecurity Unveils AI-Driven Compliance Manager at ISACA 2025 North America Conference
LOS ANGELES--(BUSINESS WIRE)-- Resecurity, a leading U.S.-based cybersecurity and threat intelligence company, has officially launched its AI-driven Compliance Manager at ISACA 2025 North America Conference in Orlando, Florida. The cutting-edge solution is engineered to help CISOs and compliance teams manage complex regulatory demands, reduce risk, and maintain alignment with fast-changing global cybersecurity standards. The Compliance Manager delivers centralized visibility, automation, and expert-level guidance to ensure organizations stay audit-ready and resilient in the face of expanding data protection and information security regulations. The platform currently supports over 20 international and regional compliance frameworks, including: GDPR (General Data Protection Regulation - EU) SAMA (Saudi Arabian Monetary Authority) DORA (Digital Operational Resilience Act – EU) PDPL (Saudi Arabia) DPDPA (India) DPA (Philippines) CMMC (Cybersecurity Maturity Model Certification – U.S. DoD) NIS2 Directive (EU) RBI Cybersecurity Guidelines (Reserve Bank of India) PCI DSS v4.0.1 ISO/IEC 27001 NCA ECC (National Cybersecurity Authority's Essential Cybersecurity Controls – Saudi Arabia) To address increasing pressure from regulators and threats, Resecurity's solution introduces a 'human-in-the-loop' AI architecture. This empowers cybersecurity leaders with GenAI-driven insights and adaptive compliance recommendations, tailored to evolving standards. The system maps controls, evaluates risk exposure, and enables real-time compliance monitoring — reducing manual workload and audit preparation time. 'Regulatory landscapes are evolving faster than ever, and the cost of non-compliance can reach millions in penalties — not to mention reputational damage,' said Gene Yoo, CEO of Resecurity. 'With our Compliance Manager, we're arming CISOs with a smart, scalable assistant that not only monitors compliance but actively helps close gaps in real time.' In some regions, penalties for non-compliance can exceed $10 million, or amount to 2–4% of annual global revenue, placing tremendous pressure on organizations to maintain continuous compliance. The Compliance Manager is fully integrated into the Resecurity platform, enabling unified threat, risk, and compliance (GRC) management under a single pane of glass. About Resecurity Resecurity® is a cybersecurity company that delivers a unified endpoint protection, fraud prevention, risk management, and cyber threat intelligence platform. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, by Inc. Magazine, Resecurity was named one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California. As a member of InfraGard National Members Alliance (INMA), AFCEA, NDIA, SIA, FS-ISAC, and the American Chamber of Commerce in Saudi Arabia (AmChamKSA), Singapore (AmChamSG), Korea (AmChamKorea), Mexico (AmChamMX), Thailand (AmChamThailand), and UAE (AmChamDubai). To learn more about Resecurity, visit
Forbes
28-05-2025
- Business
- Forbes
Why Cybersecurity Is Shifting From Detection To Performance
Shirley Salzman, cofounder and CEO at SeeMetrics. As cyberattacks become more sophisticated and corporate boards and regulators demand more accountability, the conversation around cybersecurity is changing to performance. It's no longer enough to detect threats—companies, especially in sectors like finance and insurance, need to show that their security efforts are making a difference. Chief Information Security Officers (CISOs) are now expected to quantify risk, communicate return on investment, and align security operations with business goals. This new mandate has created a demand for cybersecurity performance management platforms that provide real-time visibility, track KPIs, and deliver board-ready insights. SeeMetrics, co-founded by Shirley Salzman, is at the forefront of this emerging category, helping security leaders move from reactive defense to measurable impact. The cybersecurity market is expanding rapidly and growing more complex by the day. Cybercrime globally is expected to cost $10.5 trillion annually by the end of 2025. The cost pressures companies, especially in high-risk industries like finance and insurance, must now prove that their cybersecurity investments are effective. 'It's not just about having tools—it's about proving they work,' said Salzman, CEO at SeeMetrics. 'CISOs today are under immense pressure to quantify risk, communicate ROI, and maintain transparency with boards and regulators. But until recently, they lacked the systems to manage performance, not just detection.' Banks and insurance companies sit on some of the most sensitive data out there, which makes them prime targets for cyberattacks. That risk—and the potential fallout—means they're subject to intense regulatory oversight and pressure to get cybersecurity right. Cybersecurity spending in financial services is expected to reach $66.1 billion by 2033. The insurance sector is forecast to hit $10.6 billion by the end of 2025. Recent SEC regulations now require companies to publicly disclose material breaches publicly, placing even more pressure on security leaders to show they are in control. CISOs are increasingly faced with tough questions from their boards: Where is risk concentrated? Are we covered? Why are we spending millions, and what's the return? 'Boards are asking: What's the ROI?' Salzman said. 'CISOs need an interface that lets them answer that in business terms.' That gap between security operations and strategic communication is where SeeMetrics is gaining traction. The company's platform provides cybersecurity performance management tools that allow CISOs to track, benchmark, and present real-time data that business leaders understand. Cybersecurity is no longer just about threat detection—it's about proving performance. With AI-powered attacks on the rise, 80% of bank cybersecurity executives say they're struggling to keep up, according to Accenture. New regulations, like the EU's Digital Operational Resilience Act (DORA), require financial and insurance companies to demonstrate risk management and digital resilience. SeeMetrics dashboard Salzman didn't come from cybersecurity, which is precisely what makes her perspective so valuable. With a marketing and business development background across AI, drone tech, and supply chain platforms, she recognized a consistent pain point: cybersecurity leaders were doing critical work, but couldn't explain it in business terms. That disconnect led her to cofound SeeMetrics, a cybersecurity performance management platform that shifts the focus from detection to demonstrable impact. 'CISOs have become stewards of enormous budgets and responsibility,' said Salzman. 'But they often lack the tools to demonstrate effectiveness in business terms.' SeeMetrics fills that gap by aggregating data from across the security stack—compliance tools, incident response systems, and threat intel—and translating it into executive-ready dashboards. The platform provides real-time visibility, tracks KPIs, and eliminates the need for static spreadsheets, enabling CISOs to report clearly to boards and regulators. 'We're not just another security tool—we're a management platform for CISOs who need to communicate in the language of business,' Salzman said. Salzman's outsider status didn't stop her from delivering results. She raised $6 million in seed funding from investors like Work-Bench, 8VC, and K5 Global. SeeMetrics has landed a multi-year deal with a leading U.S. financial institution—all within the company's first year. That traction signals a broader shift: Cybersecurity is no longer just a technical concern—it's a strategic function that demands measurable outcomes. As boards demand more clarity and regulators tighten expectations, platforms like SeeMetrics give security leaders the tools to speak the language of impact. CISOs are no longer just responsible for securing systems—they're expected to lead with the strategic clarity of a CFO and the communication skills of a board chair. As AI-fueled threats intensify, regulatory demands grow, and cyber insurers require proof of resilience, the CISO role is evolving into high-stakes leadership. That evolution mirrors Salzman's path. Breaking into Israel's tightly knit cybersecurity sector wasn't easy. Unlike many peers, she hadn't served in elite military intelligence units like Unit 8200—a standard credential among Israeli tech founders. That absence often translates into skepticism from investors who tend to back those within their established networks. But Salzman was undeterred. Her persistence had already been tested—and proven—when she successfully led Israel's first high-profile equal pay lawsuit in tech, a case that took years of strategic resolve and personal risk. That same determination fueled the founding of SeeMetrics. 'CISOs have become stewards of enormous budgets and responsibility,' Salzman says. 'But they often lack the tools to demonstrate effectiveness in business terms.' SeeMetrics was built to change that. By turning fragmented cybersecurity data into executive-ready dashboards, the platform empowers CISOs to justify ROI, prioritize resources, and align security performance with enterprise goals. As cyber threats grow in sophistication and financial and insurance companies face mounting regulatory and reputational risk, the cybersecurity market is shifting from detection to accountability. That's why cybersecurity performance management is fast becoming a strategic necessity.
Business Post
23-05-2025
- Business
- Business Post
PwC expands cyber defences with new risk management services
PwC Ireland has launched two critical risk management services from its National Cyber Managed Services Centre in Cork, responding to escalating third-party supply chain and cybersecurity threats facing Irish businesses. The firm unveiled its expanded third-party risk management (TPRM) service, addressing fundamental gaps in how organisations protect themselves against risks arising from supplier vulnerabilities. This offering is complemented by a new threat and vulnerability management (TVM) service, focusing on digital attack prevention. Urgent need for TPRM The timing of the TPRM service launch aligns with a pronounced shift in corporate risk management priorities and an urgent market need. With businesses becoming increasingly reliant on external partners, end-to-end risk profiles have intensified substantially. The enhanced TPRM offering provides comprehensive solutions spanning regulatory, financial, strategic and system risks across wider business operations. According to PwC's 2025 Global Digital Trust Insights, 74% of organisations will prioritise cyber risk mitigation in 2025. This underscores a broader transformation in business risk management approaches, with a particular emphasis on third-party risks. Regulatory pressures further accentuate the need for robust TPRM. Key legislation including the Digital Operational Resilience Act (DORA) and the European Network and Information Security Directive (NIS2 Directive) demand far greater vigilance regarding supply chain risks. These regulations require organisations to maintain comprehensive oversight of third-party relationships and demonstrate robust security frameworks. Complementary TVM service While TPRM addresses supply chain vulnerabilities, the threat and vulnerability management service employs industry-leading technology to identify security weaknesses throughout organisations. The TVM solution can integrate with existing in-house security operations, potentially reducing overheads while boosting operational efficiencies. Evolving threat landscape Traditional approaches to supplier risk management and cybersecurity have become increasingly inadequate. With a majority of business leaders identifying exposure to macroeconomic volatility, geopolitical risks, cyber threats, technological disruption and skills shortages in PwC's 2025 CEO Survey, organisations face an unprecedented complexity of interconnected risks. Artificial intelligence presents additional security challenges. PwC's 2024 GenAI Business Leaders Survey found that 91% of respondents believe Generative AI (GenAI) will likely increase cybersecurity risk. This emerging threat vector requires sophisticated detection and response capabilities beyond traditional security measures. Strategic imperative Data from PwC's Global Advisory Thought Leadership Accelerator reveals compelling economic arguments for comprehensive managed services adoption. Businesses that fully embrace managed services as a strategic imperative enjoy a 12.4x performance premium compared to those using such services solely for cost reduction. This performance differential reflects the fundamental shift required in modern risk management. The old methodologies for managing third-party risks and cybersecurity have become obsolete as new threats emerge alongside rapidly evolving technologies. The complexity of managing these risks within regulated environments continues to escalate. Irish CEOs recognise this transformation imperative, with 94% expecting AI to be integrated into business processes and workflows in the next three years according to PwC research. However, ambitious companies face significant obstacles balancing day-to-day operations with long-term strategic objectives. Operational benefits The managed services model allows businesses to redirect resources towards core growth strategies. By outsourcing critical risk management functions, organisations can achieve better focus on strategic objectives while maintaining comprehensive protection against evolving threats. PwC's Managed Services practice provides support across multiple critical areas including operations, regulation and compliance, risk management, financial and strategic risk, innovative technology integration and systemic risk. This comprehensive approach enables businesses to address interconnected risks through a single provider relationship. The Cork-based National Cyber Managed Services Centre serves as the operational hub for these expanded offerings. The facility represents a significant investment in Irish risk management infrastructure and demonstrates PwC's commitment to supporting local businesses facing global threats. As organisations navigate an increasingly complex risk landscape, the integration of comprehensive managed services appears essential for maintaining competitive advantage. The ability to focus on core business activities while ensuring robust protection against third-party and cyber risks may determine which companies thrive in an uncertain environment. Féilim Harvey is a Partner at PwC Ireland.
