Operations //

Identity & Access Management

1/3/2017
11:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

KPMG to Buy Cyberinc's Global Identity and Access Management Business

KPMG LLP has agreed to acquire the Identity and Access Management business of Silicon Valley-based Cyberinc, which provides cyber security solutions globally. Cyberinc, the largest independent identity and access management (IAM) technology provider in the world, will enhance KPMG’s existing capabilities as a leader in information security consulting services* and expand the firm’s ability to provide clients with emerging and more agile IAM solutions. The transaction also bolsters KPMG’s talent and resources in the rapidly growing area of digital consumer identity and privileged user management, which are evolving security-focused capabilities to enhance important elements of customer-engagement.

“Cyber security remains a top risk to organizations as threats grow in scale and cyber criminals develop new ways to access protected information,” said Lynne Doughtie, U.S. Chairman and CEO of KPMG LLP. “KPMG’s identity and access management solutions team can assist clients, across all industries, protect their information and enable their digital strategies and growth plans.”

Cyberinc’s IAM business is a 190-person global team with significant presence in the U.S., India, Australia and the U.K., with extensive experience providing advisory, strategy, implementation services, and managed services for organizations that need to transform their enterprise or consumer identity capabilities.
*according to The Forrester WaveTM, Information Security Consulting Services, Q3 2017

“Over the last decade, Cyberinc’s IAM business has risen to industry leadership position on the strength of some of the largest IAM deployments globally, investments in IP and an array of premium partnerships. I am very pleased that Cyberinc’s truly world class team will continue this journey with KPMG,” said Samir Shah, CEO, Cyberinc. “Cyber threats continue to accelerate and remain a top business risk. This transaction will allow us to sharply focus on Isla - our industry leading Malware Isolation Platform. ”

KPMG’s strong position with existing information security alliance partners Oracle and Sailpoint, along with KPMG’s recently announced alliance with Ping, will be further enhanced by the transaction with Cyberinc to better enable information protection for large enterprises while pursuing new digital interactions and business transformations.

“As organizations innovate and transform their back, middle and front offices, identity and access management solutions that effectively bridge the gap between risk mitigation and customer experience are key to driving sustainable growth,” said Tony Buffomante, U.S. Leader of KPMG’s Cyber Security Services practice. “The addition of the Cyberinc team and capabilities is yet another example of how KPMG is investing in cyber security and helping clients succeed on their digital journey.”

Cyberinc is a subsidiary of Aurionpro Solutions Limited - a global technology product and solution provider, headquartered in Mumbai, India and San Ramon, California. The Cyberinc transaction is KPMG’s second acquisition in this area, following the October 2014 acquisition of certain assets of Qubera Solutions, a privately-held Redwood City, C.A. - based cyber security firm that provides IAM services.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark Reading,  4/19/2018
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark Reading,  4/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.