Art Coviello, former Executive Chairman of RSA, joins the board.
SecZetta, provider of the most comprehensive non-employee identity risk and lifecycle management platform, today announced that it closed $10M in Series A funding led by ClearSky with participation from Rally Ventures. The funding will enable SecZetta to meet the rapidly growing demand for enterprise organizations to better understand, manage and reduce the risks associated with non-employee populations from third party-party organizations (contractors, affiliates, agents etc.).
“Not all non-employees are created equal,” said David Pignolet, CEO of SecZetta. “Yet, organizations provide these identities with similar access to employees, and quite often with little or no risk analysis or due diligence. A purpose-built system that enables organizations to better manage the full lifecycle process for non-employees is critical for streamlining the use of these resources for the desired line of business, while successfully avoiding the risks associated with misclassification and unchecked access.”
As enterprises’ dependence on partner ecosystems and affiliate relationships grows, so does the potential for breaches and other liabilities caused by third party identities. A Ponemon Institute report, “Data Risk in the Third-Party Ecosystem,” found that more than half (57 percent) of all organizations have recently experienced a data breach caused by a third party, and nearly three out of four (73 percent) enterprises expect third-party related incidents to increase. In addition, Deloitte’s fourth annual extended enterprise risk management (EERM) survey highlights that the lack of appropriate oversight over subcontractors makes it difficult for organizations to determine their strategy and approach to the management of subcontractor-related risk. It is imperative that boards, chief information security officers (CISOs), and business, risk, and human resources leaders better manage and control non-employee system level and physical access in the enterprise.
“When it comes to third parties, unauthorized access means hyper risk, and there is no solution in the market that addresses this problem. There’s not a single company today that doesn’t have this issue. Every company needs SecZetta,” said Art Coviello, former Executive Chairman of RSA.
“The non-employee challenge is often an overlooked and underestimated risk at many organizations, what SecZetta is doing represents a shift in the market for the need to better manage third party identity risk,” said Jay Leek, Managing Director at ClearSky Security.
Despite a growing need for actionable insight and the negative repercussions associated with misclassifying a non-employee, the identification and tracking of non-employees remains a broken, manual, and un-auditable business process. Enterprises need to build actionable systematic relationships through collaboration with partner organizations, and the non-employees themselves, to provide the appropriate context and risk data required to effectively manage these large populations of people. Many organizations assess vendors at the organizational level but do little to manage relationships with the individuals they grant access to. SecZetta solves this challenge.
Additional new board members include Jay Leek, Managing Partner at ClearSky and Zackary King, Founder and former CEO of SHYFT Analytics.
SecZetta is the leading provider of third- party identity risk and lifecycle management software solutions. SecZetta’s solutions are utilized by companies around the globe to manage third- party identity risk: create, control and respond to third- party identity requirements and processes, meet compliance and minimize data breaches. SecZetta products extend IGA programs to include identity life cycle capabilities: NE Profile, which manages identity risk and lifecycle processes for non-employees; NE Access, enables collaboration with partners and vendors; and ID Proxy, which merges identity data from multiple sources to maintain master identities in a single authoritative source.