Operations //

Identity & Access Management

1/3/2017
11:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

KPMG to Buy Cyberinc's Global Identity and Access Management Business

KPMG LLP has agreed to acquire the Identity and Access Management business of Silicon Valley-based Cyberinc, which provides cyber security solutions globally. Cyberinc, the largest independent identity and access management (IAM) technology provider in the world, will enhance KPMG’s existing capabilities as a leader in information security consulting services* and expand the firm’s ability to provide clients with emerging and more agile IAM solutions. The transaction also bolsters KPMG’s talent and resources in the rapidly growing area of digital consumer identity and privileged user management, which are evolving security-focused capabilities to enhance important elements of customer-engagement.

“Cyber security remains a top risk to organizations as threats grow in scale and cyber criminals develop new ways to access protected information,” said Lynne Doughtie, U.S. Chairman and CEO of KPMG LLP. “KPMG’s identity and access management solutions team can assist clients, across all industries, protect their information and enable their digital strategies and growth plans.”

Cyberinc’s IAM business is a 190-person global team with significant presence in the U.S., India, Australia and the U.K., with extensive experience providing advisory, strategy, implementation services, and managed services for organizations that need to transform their enterprise or consumer identity capabilities.
*according to The Forrester WaveTM, Information Security Consulting Services, Q3 2017

“Over the last decade, Cyberinc’s IAM business has risen to industry leadership position on the strength of some of the largest IAM deployments globally, investments in IP and an array of premium partnerships. I am very pleased that Cyberinc’s truly world class team will continue this journey with KPMG,” said Samir Shah, CEO, Cyberinc. “Cyber threats continue to accelerate and remain a top business risk. This transaction will allow us to sharply focus on Isla - our industry leading Malware Isolation Platform. ”

KPMG’s strong position with existing information security alliance partners Oracle and Sailpoint, along with KPMG’s recently announced alliance with Ping, will be further enhanced by the transaction with Cyberinc to better enable information protection for large enterprises while pursuing new digital interactions and business transformations.

“As organizations innovate and transform their back, middle and front offices, identity and access management solutions that effectively bridge the gap between risk mitigation and customer experience are key to driving sustainable growth,” said Tony Buffomante, U.S. Leader of KPMG’s Cyber Security Services practice. “The addition of the Cyberinc team and capabilities is yet another example of how KPMG is investing in cyber security and helping clients succeed on their digital journey.”

Cyberinc is a subsidiary of Aurionpro Solutions Limited - a global technology product and solution provider, headquartered in Mumbai, India and San Ramon, California. The Cyberinc transaction is KPMG’s second acquisition in this area, following the October 2014 acquisition of certain assets of Qubera Solutions, a privately-held Redwood City, C.A. - based cyber security firm that provides IAM services.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESET,  7/12/2018
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14339
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.
CVE-2018-14340
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
CVE-2018-14341
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.
CVE-2018-14342
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.
CVE-2018-14343
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.